[The_Snowman]

2 LONG ----------->


HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{00011268-E188-40DF-A514-835FCD78B1BF}C:\Program Files\IEPro\iepro.dll = C:\Program Files\IEPro\iepro.dll
@{00C6482D-C502-44C8-8409-FCE54AD9C208}C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll = C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
@{18DF081C-E8AD-4283-A596-FA578C2EBDC3}C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
@{22BF413B-C6D2-4d91-82A9-A0F997BA588C}C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll = C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
@{3049C3E9-B461-4BC5-8870-4C09146192CA}C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll = C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
@{43C6D902-A1C5-45c9-91F6-FD9E90337E18}C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll = C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
@{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll = C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}C:\Program Files\Java\jre6\bin\jp2ssv.dll = C:\Program Files\Java\jre6\bin\jp2ssv.dll
@{ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7}C:\Program Files\Google\Chrome Frame\Application\4.0.211.7\npchrome_tab.dll = C:\Program Files\Google\Chrome Frame\Application\4.0.211.7\npchrome_tab.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Local PageC:\Windows\System32\blank.htm = C:\Windows\System32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.yahoo.com.au/ = http://www.yahoo.com.au/
@Local PageC:\Windows\system32\blank.htm = C:\Windows\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
bwfile-8876480@CLSID = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
cf@CLSID = C:\Program Files\Google\Chrome Frame\Application\4.0.211.7\npchrome_tab.dll
dvd@CLSID = C:\Windows\System32\msvidctl.dll
its@CLSID = %SystemRoot%\System32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-help@CLSID = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
ms-its@CLSID = %SystemRoot%\System32\itss.dll
skype4com@CLSID = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
tmtb@CLSID = C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll
tv@CLSID = C:\Windows\System32\msvidctl.dll
wlmailhtml@CLSID = C:\Program Files\Windows Live\Mail\mailcomm.dll

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{85EA8BC F-C9FF-4499-ACA9-0732EB5F4B0A} /*Wireless Network Connection*/ >>>
@IPAddress =
@NameServer =
@Domain =

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalo g5\Catalog_Entries\ >>>
000000000001@LibraryPath = %SystemRoot%\system32\NLAapi.dll
000000000002@LibraryPath = %SystemRoot%\system32\napinsp.dll
000000000003@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000004@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000005@LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalo g5\Catalog_Entries\000000000006@LibraryPath = %SystemRoot%\system32\wshbth.dll

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup >>>
Logitech Desktop Messenger.lnk = Logitech Desktop Messenger.lnk
Logitech SetPoint.lnk = Logitech SetPoint.lnk

---- EOF - GMER 1.0.15 ----

[dvk01]

it doesn't look malware related now

see if this helps

http://winhlp.com/node/10

[The_Snowman]

Thanks to all who helped. I went to the latest website suggested, and while it didn't directly help, I guess it was a combination of things.

I ran thru most of the stuff they said, but sometimes my results were not the same as what they were saying, if you know what I mean?

Anyway, from reading between the lines over there, I also ran my Driver Detective and updated a few DELL drivers and after that and quite a few re-boots, all seems to back as normal as can be, much appreciated, John

[dvk01]

sorry for late reply to this

*Follow these steps to uninstall Combofix and the other tools it downloaded to remove the malware*
* Click START then RUN
* Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the /U, it needs to be there.


This will also purge the restore folder and clear any malware that has been put in there. Now Empty Recycle bin on desktop Then reboot.

go here http://www.thespykiller.co.uk/index.php?page=3 for info on how to tighten your security settings and how to help prevent future attacks.

and scan here http://secunia.com/software_inspector/ for out of date & vulnerable common applications on your computer and update whatever it suggests

Then pay an urgent visit to windows update & make sure you are fully updated, that will help to plug the security holes that let these pests on in the first place