1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Problem with Dell Vostro laptop

Discussion in 'Virus & Other Malware Removal' started by justdontgetit2, Jan 19, 2013.

Thread Status:
Not open for further replies.
  1. justdontgetit2

    justdontgetit2 Thread Starter

    Joined:
    Jan 19, 2013
    Messages:
    1
    Hi,
    I have a Dell Vostro running Windows Vista. I've had several issues lately. I've tried Malware Bytes but that really didn't help. Here's what's happenning:
    The computer is running very slow, when I click on a link or page tab (in any browser) I have to wait several seconds for the page to change. Closing brower windows takes several minutes. I've had the blue screen of death a couple of times that last few months. When I try to open a program, the response is very slow and I have to wait several minutes for it to start and at times it stops working. I don't know if I have too many things running or not and I wouldn't know what to disable so I didn't mess around with that stuff.
    I'm not sure if my best bet is to dump this laptop and get another or try to fix these problems.
    Here's the files I have(as stated in the 'everyone must read section')
    Hijacjk this:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:11:16 PM, on 1/19/2013
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal
    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Ask.com\Updater\Updater.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\SafeConnect\scClient.exe
    C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.smashingmagazine.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.google.com/small...n&client=dell-usuk&channel=us-smb&ibd=6080212
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.2.2.3\IPS\IPSBHO.DLL
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
    O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: Dropbox.lnk = C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Global Startup: SafeConnect.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: WebEx Service Host for Support Center (atashost) - WebEx Communications, Inc. - C:\Windows\system32\atashost.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: DellAMBrokerService - Unknown owner - C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate1ca76a6cb696f8e) (gupdate1ca76a6cb696f8e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: RemotePC Host (remotepc) - Unknown owner - C:\Program Files\Remote Access Host\RemotePCM.exe
    O23 - Service: SafeConnect Manager (SCManager) - Unknown owner - C:\Program Files\SafeConnect\scManager.sys servicestart (file missing)
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    --
    End of file - 10511 bytes

    DDS Files:
    Attach
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume3
    Install Date: 2/11/2008 11:47:01 PM
    System Uptime: 1/15/2013 6:46:55 PM (92 hours ago)
    .
    Motherboard: Dell Inc. | |
    Processor: Intel(R) Core(TM)2 Duo CPU T5270 @ 1.40GHz | Microprocessor | 1401/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 220 GiB total, 4.003 GiB free.
    D: is FIXED (NTFS) - 10 GiB total, 5.662 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP1591: 1/8/2013 7:00:34 AM - Scheduled Checkpoint
    RP1592: 1/9/2013 2:14:41 AM - Scheduled Checkpoint
    RP1593: 1/10/2013 1:49:07 AM - Scheduled Checkpoint
    RP1594: 1/10/2013 3:01:00 AM - Windows Update
    RP1595: 1/12/2013 1:08:59 AM - Scheduled Checkpoint
    RP1596: 1/16/2013 1:46:37 AM - Scheduled Checkpoint
    RP1597: 1/17/2013 12:32:15 AM - Scheduled Checkpoint
    RP1598: 1/18/2013 12:00:07 AM - Scheduled Checkpoint
    RP1599: 1/19/2013 12:57:17 AM - Scheduled Checkpoint
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    Acrobat.com
    Add or Remove Adobe Creative Suite 3 Web Premium
    Adobe AIR
    Adobe Anchor Service CS3
    Adobe Asset Services CS3
    Adobe Bridge CS3
    Adobe Bridge Start Meeting
    Adobe BridgeTalk Plugin CS3
    Adobe Camera Raw 4.0
    Adobe CMaps
    Adobe Color - Photoshop Specific
    Adobe Color Common Settings
    Adobe Color EU Extra Settings
    Adobe Color JA Extra Settings
    Adobe Color NA Recommended Settings
    Adobe Community Help
    Adobe Contribute CS3
    Adobe Creative Suite 3 Web Premium
    Adobe Default Language CS3
    Adobe Device Central CS3
    Adobe Download Assistant
    Adobe Dreamweaver CS3
    Adobe ExtendScript Toolkit 2
    Adobe Extension Manager CS3
    Adobe Fireworks CS3
    Adobe Flash CS3
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Flash Video Encoder
    Adobe Fonts All
    Adobe Help Viewer CS3
    Adobe Illustrator CS3
    Adobe Linguistics CS3
    Adobe MotionPicture Color Files
    Adobe PDF Library Files
    Adobe Photoshop CS3
    Adobe Reader 9.5.2
    Adobe Setup
    Adobe Shockwave Player 11
    Adobe Stock Photos CS3
    Adobe SVG Viewer 3.0
    Adobe Type Support
    Adobe Update Manager CS3
    Adobe Version Cue CS3 Client
    Adobe Version Cue CS3 Server {ko_KR}
    Adobe WAS CS3
    Adobe Widget Browser
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS3
    AHV content for Acrobat and Flash
    Amazon Kindle For PC v1.1
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Aptana Studio 3
    Ask Toolbar
    Ask Toolbar Updater
    Audible Download Manager
    AudibleManager
    Bonjour
    Broadcom Management Programs
    Browser Address Error Redirector
    Business Tools Launcher
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Color Schemer Studio
    Conexant HDA D330 MDC V.92 Modem
    Corel Graphics - Windows Shell Extension
    D3DX10
    Dell Automated PC TuneUp
    Dell Driver Download Manager
    Dell Getting Started Guide
    Dell Network Assistant
    Dell Support Center (Support Software)
    Dell Touchpad
    Dell Wireless WLAN Card Utility
    DHTML Editing Component
    Digital Line Detect
    Dropbox
    FileZilla Client 3.6.0.2
    Google Chrome
    Google Desktop
    Google Talk (remove only)
    Google Toolbar for Internet Explorer
    Google Update Helper
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    IBP 10.1.2
    Intel® Matrix Storage Manager
    Internet Explorer Developer Toolbar
    iTunes
    Java 7 Update 10
    Java Auto Updater
    Java(TM) 6 Update 29
    Java(TM) SE Runtime Environment 6
    Junk Mail filter update
    jxProject_2.5.1.0
    jZip
    LogMeIn
    Malwarebytes Anti-Malware version 1.65.1.1000
    MediaDirect
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Fix it Center
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Basic 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Live Add-in 1.5
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual Studio Tools for Applications 2.0 Runtime
    Microsoft_VC80_ATL_x86
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC90_ATL_x86
    Microsoft_VC90_CRT_x86
    Microsoft_VC90_MFC_x86
    Microsoft_VC90_MFCLOC_x86
    MobileMe Control Panel
    Modem Diagnostic Tool
    Mozilla Firefox 16.0.2 (x86 en-US)
    Mozilla Maintenance Service
    Mozilla Thunderbird 17.0.2 (x86 en-US)
    MSVCRT
    NetWaiting
    Norton Security Suite
    NVIDIA Drivers
    OGA Notifier 2.0.0048.0
    Opera 12.02
    OutlookAddinSetup
    PCNow Mobile Access
    PDF Settings
    Personal Entertainment Launcher
    Poedit
    Product Support Launcher
    Python 2.5.4
    QuickSet
    QuickTime
    Remote Access Host Ver 4.4.5
    Rhapsody Player Engine
    Safari
    SafeConnect
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Segoe UI
    Spelling Dictionaries Support For Adobe Reader 8
    SUPERAntiSpyware
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    User's Guides
    Web Image Studio
    Windows Installer Clean Up
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR archiver
    Xvid 1.2.1 final uninstall
    ZipItFree 1.85
    .
    ==== Event Viewer Messages From Past Week ========
    .
    1/18/2013 2:48:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.
    1/18/2013 11:03:07 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
    1/15/2013 6:41:16 PM, Error: Service Control Manager [7022] - The Diagnostic System Host service hung on starting.
    1/15/2013 6:41:13 PM, Error: Service Control Manager [7022] - The Diagnostic Service Host service hung on starting.
    1/15/2013 6:39:14 PM, Error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.
    1/15/2013 6:38:58 PM, Error: EventLog [6008] - The previous system shutdown at 6:35:45 PM on 1/15/2013 was unexpected.
    .
    ==== End Of File ===========================
    dds
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
    Run by Kevin at 14:16:38 on 2013-01-19
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2045.256 [GMT -5:00]
    .
    AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\WLTRYSVC.EXE
    C:\Windows\System32\bcmwltry.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    C:\Windows\System32\alg.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\atashost.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\data\database\bin\x86\mysqld-nt.exe
    C:\Program Files\Dell Network Assistant\hnm_svc.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
    C:\Program Files\LogMeIn\x86\RaMaint.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
    C:\Program Files\Remote Access Host\RemotePCM.exe
    C:\Windows\system32\locator.exe
    C:\Program Files\Remote Access Host\RemoteAM.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Windows\system32\STacSV.exe
    C:\Program Files\Remote Access Host\RemoteAHC.exe
    C:\Program Files\SafeConnect\Uninstall.exe
    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
    C:\Windows\System32\vds.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\wbem\WmiApSrv.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Ask.com\Updater\Updater.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\SafeConnect\scClient.exe
    C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\Remote Access Host\RemoteAH.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k apphost
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k iissvcs
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.smashingmagazine.com/
    uWindow Title = Internet Explorer provided by Dell
    uSearch Bar = hxxp://www.google.com/ie
    uSearch Page = hxxp://www.google.com
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
    BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\5.2.2.3\coieplg.dll
    BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\5.2.2.3\ips\ipsbho.dll
    BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
    BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
    BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
    BHO: IE Developer Toolbar BHO: {CC7E636D-39AA-49b6-B511-65413DA137A1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
    BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\5.2.2.3\coieplg.dll
    TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - c:\program files\internet explorer\iedvtool.dll
    EB: IE Developer Toolbar: {A202B231-EF71-4a08-BDB9-4CE5AE8BDE0A} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
    mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
    StartupFolder: c:\users\kevin\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\kevin\appdata\roaming\dropbox\bin\Dropbox.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\safeco~1.lnk - c:\program files\safeconnect\scClient.exe
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1
    TCP: Interfaces\{6C110F0E-E7DB-4845-8AC2-B417E846D8F6} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.52\installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\kevin\appdata\roaming\mozilla\firefox\profiles\ikvl0uzv.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FF - prefs.js: browser.startup.homepage - hxxp://www.smashingmagazine.com | http://wp.tutsplus.com/
    FF - prefs.js: browser.search.selectedEngine - Ask.com
    FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=0B01D6CC-1991-4397-928F-0DE33BC2FB40&apn_ptnrs=TV&apn_sauid=B2F66D6C-2AE9-4B79-98D5-E82CF4690542&apn_dtid=OSJ000YYUS&&q=
    FF - component: c:\program files\adobe\acrobat 10.0\acrobat\browser\wcfirefoxextn\components\WCFirefox3Extn.dll
    FF - component: c:\programdata\white sky, inc\id vault\xpcom3\components\IdVault.XPCOM3.dll
    FF - component: c:\users\kevin\appdata\roaming\mozilla\firefox\profiles\ikvl0uzv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
    FF - component: c:\users\kevin\appdata\roaming\mozilla\firefox\profiles\ikvl0uzv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
    FF - component: c:\users\kevin\appdata\roaming\mozilla\firefox\profiles\ikvl0uzv.default\extensions\{6ac85730-7d0f-4de0-b3fa-21142dd85326}\platform\winnt\components\ColorZilla.dll
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npContribute.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npRACtrl.dll
    FF - plugin: c:\program files\opera\program\plugins\np_gp.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\kevin\appdata\roaming\mozilla\firefox\profiles\ikvl0uzv.default\extensions\[email protected]m\plugins\npLMI64.dll
    FF - plugin: c:\users\kevin\appdata\roaming\mozilla\firefox\profiles\ikvl0uzv.default\extensions\[email protected]\plugins\npRACtrl.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
    FF - plugin: c:\windows\system32\npDeployJava1.dll
    FF - plugin: c:\windows\system32\npmproxy.dll
    FF - plugin: c:\windows\system32\NPSWF32.dll
    FF - ExtSQL: !HIDDEN! 2008-02-19 13:43; {3112ca9c-de6d-4884-a869-9855de68056c}; c:\program files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF - ExtSQL: !HIDDEN! 2009-09-02 03:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502020.003\symds.sys [2012-7-16 340088]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502020.003\symefa.sys [2012-7-16 744568]
    R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20130111.001\BHDrvx86.sys [2013-1-15 995488]
    R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20130118.001\IDSvix86.sys [2013-1-18 386720]
    R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-4-28 214664]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502020.003\ironx86.sys [2012-7-16 136312]
    R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0502020.003\symtdiv.sys [2012-7-16 331384]
    R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-8-3 12856]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-2-24 47640]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-10-8 106656]
    R3 mv2;mv2;c:\windows\system32\drivers\mv2.sys [2010-7-7 10200]
    S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-4-28 79816]
    S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-4-28 35272]
    S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-4-28 34248]
    S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-4-28 40552]
    .
    =============== File Associations ===============
    .
    FileExt: .js: jsfile="c:\program files\AptanaStudio3.exe" "%1"
    ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
    .
    =============== Created Last 30 ================
    .
    2013-01-09 17:01:18 2048000 ----a-w- c:\windows\system32\win32k.sys
    2013-01-09 16:57:23 204288 ----a-w- c:\windows\system32\ncrypt.dll
    2013-01-09 16:57:21 1400832 ----a-w- c:\windows\system32\msxml6.dll
    2012-12-28 23:33:31 -------- d-----w- c:\program files\Dropbox
    2012-12-25 22:03:58 -------- d-----w- c:\users\kevin\appdata\local\APN
    2012-12-25 22:03:57 -------- d-----w- c:\program files\Ask.com
    2012-12-25 21:51:57 -------- d-----w- c:\programdata\Ask
    2012-12-25 21:50:26 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2012-12-21 08:01:10 34304 ----a-w- c:\windows\system32\atmlib.dll
    2012-12-21 08:01:10 293376 ----a-w- c:\windows\system32\atmfd.dll
    .
    ==================== Find3M ====================
    .
    2013-01-09 13:21:39 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-01-09 13:21:39 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-12-25 21:49:52 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
    2012-12-25 21:49:52 779704 ----a-w- c:\windows\system32\deployJava1.dll
    2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-11-13 01:29:51 2048 ----a-w- c:\windows\system32\tzres.dll
    2012-11-02 10:18:17 376320 ----a-w- c:\windows\system32\dpnet.dll
    2012-11-02 08:26:06 23040 ----a-w- c:\windows\system32\dpnsvr.exe
    2012-11-01 03:27:42 83912 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
    2012-11-01 03:27:41 52648 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
    2012-11-01 03:27:41 31144 ----a-w- c:\windows\system32\LMIport.dll
    2012-11-01 03:27:40 92072 ----a-w- c:\windows\system32\LMIinit.dll
    2012-09-20 02:50:21 489384 ----a-w- c:\program files\uninstall.exe
    2012-08-20 17:25:38 53248 ----a-w- c:\program files\AptanaStudio3.exe
    2012-08-07 08:08:56 117 ----a-w- c:\program files\studio3.bat
    .
    ============= FINISH: 14:21:06.43 ===============

    and ark.txt
    GMER 2.0.18444 - http://www.gmer.net
    Rootkit scan 2013-01-19 14:57:52
    Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.LB01 232.89GB
    Running: bh24kjy9.exe; Driver: C:\Users\Kevin\AppData\Local\Temp\pgloqpod.sys

    ---- System - GMER 2.0 ----
    SSDT 863A71D8 ZwAlertResumeThread
    SSDT 863A5C38 ZwAlertThread
    SSDT 863A7A68 ZwAllocateVirtualMemory
    SSDT 8705C1F8 ZwAlpcConnectPort
    SSDT 863A46C0 ZwAssignProcessToJobObject
    SSDT 863A4CA8 ZwCreateMutant
    SSDT 863A43D8 ZwCreateSymbolicLinkObject
    SSDT 863A7FB0 ZwCreateThread
    SSDT 863A48A0 ZwDebugActiveProcess
    SSDT 863A7C28 ZwDuplicateObject
    SSDT 863A7820 ZwFreeVirtualMemory
    SSDT 863A7330 ZwImpersonateAnonymousToken
    SSDT 863A73F0 ZwImpersonateThread
    SSDT 8705C160 ZwLoadDriver
    SSDT 863A4F08 ZwMapViewOfSection
    SSDT 863A4BE8 ZwOpenEvent
    SSDT 863A7DF0 ZwOpenProcess
    SSDT 863A7B38 ZwOpenProcessToken
    SSDT 863A4A68 ZwOpenSection
    SSDT 863A7CF8 ZwOpenThread
    SSDT 863A45F0 ZwProtectVirtualMemory
    SSDT 863A5FD0 ZwResumeThread
    SSDT 863A5560 ZwSetContextThread
    SSDT 863A4D78 ZwSetInformationProcess
    SSDT 863A4960 ZwSetSystemInformation
    SSDT 863A4B28 ZwSuspendProcess
    SSDT 863A3458 ZwSuspendThread
    SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ZwTerminateProcess [0x99247640]
    SSDT 862F1630 ZwTerminateThread
    SSDT 863A4E48 ZwUnmapViewOfSection
    SSDT 863A7950 ZwWriteVirtualMemory
    SSDT 863A44A8 ZwCreateThreadEx
    ---- Kernel code sections - GMER 2.0 ----
    .text ntkrnlpa.exe!KeSetEvent + 11D 81EE97E0 8 Bytes [D8, 71, 3A, 86, 38, 5C, 3A, ...]
    .text ntkrnlpa.exe!KeSetEvent + 131 81EE97F4 4 Bytes [68, 7A, 3A, 86]
    .text ntkrnlpa.exe!KeSetEvent + 13D 81EE9800 4 Bytes [F8, C1, 05, 87]
    .text ntkrnlpa.exe!KeSetEvent + 191 81EE9854 4 Bytes [C0, 46, 3A, 86] {ROL BYTE [ESI+0x3a], 0x86}
    .text ntkrnlpa.exe!KeSetEvent + 1F5 81EE98B8 4 Bytes [A8, 4C, 3A, 86]
    .text ...
    ---- User code sections - GMER 2.0 ----
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] kernel32.dll!CreateThread 775ECB0E 5 Bytes JMP 6BB175DB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!CreateDialogParamW 778472A2 5 Bytes JMP 6BCA9320 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!GetAsyncKeyState 7784863C 5 Bytes JMP 6BAFDED5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!SetWindowsHookExW 778487AD 5 Bytes JMP 6BB525AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!CallNextHookEx 77848E3B 5 Bytes JMP 6BB77FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!UnhookWindowsHookEx 778498DB 5 Bytes JMP 6BB9ED00 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!EnableWindow 7784CD8B 5 Bytes JMP 6BB59EB4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!DefWindowProcA 7784DB88 7 Bytes JMP 6BB19805 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!CreateWindowExA 7784DC2A 5 Bytes JMP 6BB2363B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!CreateWindowExW 77851305 5 Bytes JMP 6BB803CF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!GetKeyState 77858CB1 5 Bytes JMP 6BAFDDAB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!DefWindowProcW 778603B4 7 Bytes JMP 6BB78042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!IsDialogMessageW 77860745 5 Bytes JMP 6BCA9A7A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!CreateDialogParamA 778617AA 5 Bytes JMP 6BCA92E8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!IsDialogMessage 77861847 5 Bytes JMP 6BCA9A52 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!CreateDialogIndirectParamA 778626F1 5 Bytes JMP 6BCA9358 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!CreateDialogIndirectParamW 77869A62 5 Bytes JMP 6BCA9390 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!SetKeyboardState 77870987 5 Bytes JMP 6BCAA341 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!DialogBoxParamW 778710B0 5 Bytes JMP 6BAB1893 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!DialogBoxIndirectParamW 77872EF5 5 Bytes JMP 6BCA8FB6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!SendInput 77872F75 5 Bytes JMP 6BCAA2E9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!EndDialog 7787326E 5 Bytes JMP 6BCA9D26 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!SetCursorPos 77886FB2 5 Bytes JMP 6BCAA3C2 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!DialogBoxParamA 77888152 5 Bytes JMP 6BCA8F51 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!DialogBoxIndirectParamA 7788847D 5 Bytes JMP 6BCA901B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!MessageBoxIndirectA 7789D4D9 5 Bytes JMP 6BCA8ED8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!MessageBoxIndirectW 7789D5D3 5 Bytes JMP 6BCA8E5F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!MessageBoxExA 7789D639 5 Bytes JMP 6BCA8DFB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!MessageBoxExW 7789D65D 5 Bytes JMP 6BCA8D97 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] USER32.dll!keybd_event 7789D972 5 Bytes JMP 6BCAA2A6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] SHELL32.dll!SHRestricted + D95 764B89A8 4 Bytes [CF, 01, 5E, 64] {IRET ; ADD [ESI+0x64], EBX}
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] SHELL32.dll!SHRestricted + D9D 764B89B0 8 Bytes [E0, 61, 5D, 64, 79, F7, 5D, ...]
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] ole32.dll!OleLoadFromStream 761B1E80 1 Byte [E9]
    .text C:\Program Files\Internet Explorer\iexplore.exe[2148] ole32.dll!OleLoadFromStream 761B1E80 5 Bytes JMP 6BCA9784 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] kernel32.dll!CreateThread 775ECB0E 5 Bytes JMP 6BB175DB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!CreateDialogParamW 778472A2 5 Bytes JMP 6BCA9320 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!GetAsyncKeyState 7784863C 5 Bytes JMP 6BAFDED5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!SetWindowsHookExW 778487AD 5 Bytes JMP 6BB525AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!CallNextHookEx 77848E3B 5 Bytes JMP 6BB77FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!UnhookWindowsHookEx 778498DB 5 Bytes JMP 6BB9ED00 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!EnableWindow 7784CD8B 5 Bytes JMP 6BB59EB4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!DefWindowProcA 7784DB88 7 Bytes JMP 6BB19805 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!CreateWindowExA 7784DC2A 5 Bytes JMP 6BB2363B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!CreateWindowExW 77851305 5 Bytes JMP 6BB803CF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!GetKeyState 77858CB1 5 Bytes JMP 6BAFDDAB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!DefWindowProcW 778603B4 7 Bytes JMP 6BB78042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!IsDialogMessageW 77860745 5 Bytes JMP 6BCA9A7A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!CreateDialogParamA 778617AA 5 Bytes JMP 6BCA92E8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!IsDialogMessage 77861847 5 Bytes JMP 6BCA9A52 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!CreateDialogIndirectParamA 778626F1 5 Bytes JMP 6BCA9358 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!CreateDialogIndirectParamW 77869A62 5 Bytes JMP 6BCA9390 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!SetKeyboardState 77870987 5 Bytes JMP 6BCAA341 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!DialogBoxParamW 778710B0 5 Bytes JMP 6BAB1893 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!DialogBoxIndirectParamW 77872EF5 5 Bytes JMP 6BCA8FB6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!SendInput 77872F75 5 Bytes JMP 6BCAA2E9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!EndDialog 7787326E 5 Bytes JMP 6BCA9D26 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!SetCursorPos 77886FB2 5 Bytes JMP 6BCAA3C2 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!DialogBoxParamA 77888152 5 Bytes JMP 6BCA8F51 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!DialogBoxIndirectParamA 7788847D 5 Bytes JMP 6BCA901B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!MessageBoxIndirectA 7789D4D9 5 Bytes JMP 6BCA8ED8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!MessageBoxIndirectW 7789D5D3 5 Bytes JMP 6BCA8E5F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!MessageBoxExA 7789D639 5 Bytes JMP 6BCA8DFB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!MessageBoxExW 7789D65D 5 Bytes JMP 6BCA8D97 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] USER32.dll!keybd_event 7789D972 5 Bytes JMP 6BCAA2A6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] SHELL32.dll!SHRestricted + D95 764B89A8 4 Bytes [CF, 01, 5E, 64] {IRET ; ADD [ESI+0x64], EBX}
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] SHELL32.dll!SHRestricted + D9D 764B89B0 8 Bytes [E0, 61, 5D, 64, 79, F7, 5D, ...]
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] ole32.dll!OleLoadFromStream 761B1E80 1 Byte [E9]
    .text C:\Program Files\Internet Explorer\iexplore.exe[4364] ole32.dll!OleLoadFromStream 761B1E80 5 Bytes JMP 6BCA9784 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!EnableWindow 7784CD8B 5 Bytes JMP 6BB59EB4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxParamW 778710B0 5 Bytes JMP 6BAB1893 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxIndirectParamW 77872EF5 5 Bytes JMP 6BCA8FB6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxParamA 77888152 5 Bytes JMP 6BCA8F51 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxIndirectParamA 7788847D 5 Bytes JMP 6BCA901B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxIndirectA 7789D4D9 5 Bytes JMP 6BCA8ED8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxIndirectW 7789D5D3 5 Bytes JMP 6BCA8E5F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxExA 7789D639 5 Bytes JMP 6BCA8DFB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxExW 7789D65D 5 Bytes JMP 6BCA8D97 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] kernel32.dll!CreateThread 775ECB0E 5 Bytes JMP 6BB175DB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!CreateDialogParamW 778472A2 5 Bytes JMP 6BCA9320 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!GetAsyncKeyState 7784863C 5 Bytes JMP 6BAFDED5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!SetWindowsHookExW 778487AD 5 Bytes JMP 6BB525AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!CallNextHookEx 77848E3B 5 Bytes JMP 6BB77FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!UnhookWindowsHookEx 778498DB 5 Bytes JMP 6BB9ED00 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!EnableWindow 7784CD8B 5 Bytes JMP 6BB59EB4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!DefWindowProcA 7784DB88 7 Bytes JMP 6BB19805 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!CreateWindowExA 7784DC2A 5 Bytes JMP 6BB2363B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!CreateWindowExW 77851305 5 Bytes JMP 6BB803CF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!GetKeyState 77858CB1 5 Bytes JMP 6BAFDDAB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!DefWindowProcW 778603B4 7 Bytes JMP 6BB78042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!IsDialogMessageW 77860745 5 Bytes JMP 6BCA9A7A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!CreateDialogParamA 778617AA 5 Bytes JMP 6BCA92E8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!IsDialogMessage 77861847 5 Bytes JMP 6BCA9A52 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!CreateDialogIndirectParamA 778626F1 5 Bytes JMP 6BCA9358 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!CreateDialogIndirectParamW 77869A62 5 Bytes JMP 6BCA9390 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!SetKeyboardState 77870987 5 Bytes JMP 6BCAA341 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!DialogBoxParamW 778710B0 5 Bytes JMP 6BAB1893 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!DialogBoxIndirectParamW 77872EF5 5 Bytes JMP 6BCA8FB6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!SendInput 77872F75 5 Bytes JMP 6BCAA2E9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!EndDialog 7787326E 5 Bytes JMP 6BCA9D26 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!SetCursorPos 77886FB2 5 Bytes JMP 6BCAA3C2 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!DialogBoxParamA 77888152 5 Bytes JMP 6BCA8F51 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!DialogBoxIndirectParamA 7788847D 5 Bytes JMP 6BCA901B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!MessageBoxIndirectA 7789D4D9 5 Bytes JMP 6BCA8ED8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!MessageBoxIndirectW 7789D5D3 5 Bytes JMP 6BCA8E5F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!MessageBoxExA 7789D639 5 Bytes JMP 6BCA8DFB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!MessageBoxExW 7789D65D 5 Bytes JMP 6BCA8D97 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] USER32.dll!keybd_event 7789D972 5 Bytes JMP 6BCAA2A6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] SHELL32.dll!SHRestricted + D95 764B89A8 4 Bytes [CF, 01, 5E, 64] {IRET ; ADD [ESI+0x64], EBX}
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] SHELL32.dll!SHRestricted + D9D 764B89B0 8 Bytes [E0, 61, 5D, 64, 79, F7, 5D, ...]
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] ole32.dll!OleLoadFromStream 761B1E80 1 Byte [E9]
    .text C:\Program Files\Internet Explorer\iexplore.exe[5968] ole32.dll!OleLoadFromStream 761B1E80 5 Bytes JMP 6BCA9784 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    ---- EOF - GMER 2.0 ----

    Thanks for any help/ suggestions
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1085991

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice