1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Screen black after log-in

Discussion in 'Virus & Other Malware Removal' started by Serisu, Feb 21, 2013.

Thread Status:
Not open for further replies.
  1. Serisu

    Serisu Thread Starter

    Joined:
    Feb 21, 2013
    Messages:
    4
    I'm running Windows 7, and I've been having some issues on this laptop, which is my main laptop that I use to do my online classes and homework. At first I wasn't able to connect to the internet at all, and the sound on my laptop was disabled. I've run Comodo Cleaning Essentials and found that my Security Center has been disabled. I can only log into safe mode, as when I log in normally, I'll type in my password and it'll start to log in, but then it'll show my cursor on a black background and then the screen will go totally black, but the laptop is still on. Since I'm in Safe Mode, I'm unable to post the bit for the dds file.

    HiJackThis

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 5:04:48 PM, on 2/21/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16455)
    Boot mode: Safe mode with network support
    Running processes:
    C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
    C:\Users\Kelsey\Desktop\TDSSKiller.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\Kelsey\Downloads\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3220468
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
    F2 - REG:system.ini: UserInit=userinit.exe,
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
    O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111223110250.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    O4 - HKLM\..\Run: [WTClient] WTClient.exe
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\BambooCore.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
    O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Kelsey\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: HPMonitor.exe.lnk = C:\Program Files (x86)\Hewlett-Packard\HP Mouse Suite\hpMonitor.exe
    O4 - Global Startup: hpwjd.exe.lnk = C:\ProgramData\HP Mouse Suite Config\hpwjd.exe
    O4 - Global Startup: hpwmsd.exe.lnk = C:\ProgramData\HP Mouse Suite Config\hpwmsd.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
    O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - (no file)
    O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - (no file)
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: McAfee Online Backup (MOBKbackup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
    O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: vToolbarUpdater11.1.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: WinTab Service (WinTabService) - Unknown owner - C:\Windows\System32\Drivers\WTSRV.EXE (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    --
    End of file - 20918 bytes


    GMER

    GMER 2.1.19081 - http://www.gmer.net
    Rootkit scan 2013-02-21 18:15:18
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000007a SAMSUNG_ rev.2AJ1 596.17GB
    Running: 6n132xro.exe; Driver: C:\Users\Kelsey\AppData\Local\Temp\pfldypog.sys

    ---- User code sections - GMER 2.1 ----
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe[1208] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075751465 2 bytes [75, 75]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe[1208] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000757514bb 2 bytes [75, 75]
    .text ... * 2
    .text C:\Users\Kelsey\Documents\virus stuff\cce_2.5.242177.201_x64\CCE\CCE.exe[1276] C:\Windows\SYSTEM32\ntdll.dll!KiUserApcDispatcher 0000000077621100 5 bytes JMP 000000016fff0110
    .text C:\Users\Kelsey\Documents\virus stuff\cce_2.5.242177.201_x64\CCE\CCE.exe[1276] C:\Windows\SYSTEM32\ntdll.dll!KiUserCallbackDispatcher 0000000077621206 5 bytes JMP 000000016fff00d8
    .text C:\Program Files\AVAST Software\Avast\AvastUI.exe[1656] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075751465 2 bytes [75, 75]
    .text C:\Program Files\AVAST Software\Avast\AvastUI.exe[1656] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000757514bb 2 bytes [75, 75]
    .text ... * 2
    .text C:\Program Files (x86)\AVG Secure Search\vprot.exe[832] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000075751465 2 bytes [75, 75]
    .text C:\Program Files (x86)\AVG Secure Search\vprot.exe[832] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000757514bb 2 bytes [75, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000075032da4 5 bytes JMP 000000016e139ebc
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 000000007504cbf3 5 bytes JMP 000000016e28902e
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007504cfca 5 bytes JMP 000000016e091893
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 000000007506cb0c 5 bytes JMP 000000016e288fc9
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 000000007506ce64 5 bytes JMP 000000016e289093
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 000000007507fbd1 5 bytes JMP 000000016e288f50
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 000000007507fc9d 5 bytes JMP 000000016e288ed7
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\USER32.dll!MessageBoxExA 000000007507fcd6 5 bytes JMP 000000016e288e73
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\USER32.dll!MessageBoxExW 000000007507fcfa 5 bytes JMP 000000016e288e0f
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 00000000753193ec 5 bytes JMP 000000016e289248
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075751465 2 bytes [75, 75]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000757514bb 2 bytes [75, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheetW 000000007237388e 5 bytes JMP 000000016e2890f8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheet 0000000072417922 5 bytes JMP 000000016e2891a0
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2240] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 00000000758c2694 5 bytes JMP 000000016e289440
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W 00000000777e25fd 6 bytes JMP 000000016e158042
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A 00000000777f2a63 6 bytes JMP 000000016e0f980d
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\kernel32.dll!CreateThread 00000000769934a5 5 bytes JMP 000000016e0f75e3
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075028a29 5 bytes JMP 000000016e1603cf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!CreateWindowExA 000000007502d22e 5 bytes JMP 000000016e103643
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000075032da4 5 bytes JMP 000000016e139ebc
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!CallNextHookEx 0000000075036285 5 bytes JMP 000000016e157fdf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075037603 5 bytes JMP 000000016e1325b4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 000000007504cbf3 5 bytes JMP 000000016e28902e
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007504cfca 5 bytes JMP 000000016e091893
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 000000007504f52b 5 bytes JMP 000000016e17ed00
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 000000007506cb0c 5 bytes JMP 000000016e288fc9
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 000000007506ce64 5 bytes JMP 000000016e289093
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 000000007507fbd1 5 bytes JMP 000000016e288f50
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 000000007507fc9d 5 bytes JMP 000000016e288ed7
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!MessageBoxExA 000000007507fcd6 5 bytes JMP 000000016e288e73
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\USER32.dll!MessageBoxExW 000000007507fcfa 5 bytes JMP 000000016e288e0f
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 0000000076d36143 5 bytes JMP 000000016e2897fc
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 00000000752b3e59 5 bytes JMP 000000016e2898f4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 00000000752b3eae 5 bytes JMP 000000016e289972
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 00000000752b4731 5 bytes JMP 000000016e289866
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 00000000752b5dee 5 bytes JMP 000000016e289912
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 00000000753193ec 5 bytes JMP 000000016e289248
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075751465 2 bytes [75, 75]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000757514bb 2 bytes [75, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheetW 000000007237388e 5 bytes JMP 000000016e2890f8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheet 0000000072417922 5 bytes JMP 000000016e2891a0
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2888] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 00000000758c2694 5 bytes JMP 000000016e289440
    .text C:\Users\Kelsey\Downloads\HijackThis.exe[312] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075751465 2 bytes [75, 75]
    .text C:\Users\Kelsey\Downloads\HijackThis.exe[312] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000757514bb 2 bytes [75, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W 00000000777e25fd 6 bytes JMP 000000016e158042
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A 00000000777f2a63 6 bytes JMP 000000016e0f980d
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\kernel32.dll!CreateThread 00000000769934a5 5 bytes JMP 000000016e0f75e3
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075028a29 5 bytes JMP 000000016e1603cf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!CreateWindowExA 000000007502d22e 5 bytes JMP 000000016e103643
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000075032da4 5 bytes JMP 000000016e139ebc
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!CallNextHookEx 0000000075036285 5 bytes JMP 000000016e157fdf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075037603 5 bytes JMP 000000016e1325b4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 000000007504cbf3 5 bytes JMP 000000016e28902e
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007504cfca 5 bytes JMP 000000016e091893
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 000000007504f52b 5 bytes JMP 000000016e17ed00
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 000000007506cb0c 5 bytes JMP 000000016e288fc9
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 000000007506ce64 5 bytes JMP 000000016e289093
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 000000007507fbd1 5 bytes JMP 000000016e288f50
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 000000007507fc9d 5 bytes JMP 000000016e288ed7
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!MessageBoxExA 000000007507fcd6 5 bytes JMP 000000016e288e73
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\USER32.dll!MessageBoxExW 000000007507fcfa 5 bytes JMP 000000016e288e0f
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 0000000076d36143 5 bytes JMP 000000016e2897fc
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 00000000752b3e59 5 bytes JMP 000000016e2898f4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 00000000752b3eae 5 bytes JMP 000000016e289972
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 00000000752b4731 5 bytes JMP 000000016e289866
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 00000000752b5dee 5 bytes JMP 000000016e289912
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 00000000753193ec 5 bytes JMP 000000016e289248
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075751465 2 bytes [75, 75]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000757514bb 2 bytes [75, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheetW 000000007237388e 5 bytes JMP 000000016e2890f8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheet 0000000072417922 5 bytes JMP 000000016e2891a0
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2244] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 00000000758c2694 5 bytes JMP 000000016e289440
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W 00000000777e25fd 6 bytes JMP 000000016e158042
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A 00000000777f2a63 6 bytes JMP 000000016e0f980d
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\kernel32.dll!CreateThread 00000000769934a5 5 bytes JMP 000000016e0f75e3
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075028a29 5 bytes JMP 000000016e1603cf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!CreateWindowExA 000000007502d22e 5 bytes JMP 000000016e103643
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000075032da4 5 bytes JMP 000000016e139ebc
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!CallNextHookEx 0000000075036285 5 bytes JMP 000000016e157fdf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075037603 5 bytes JMP 000000016e1325b4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 000000007504cbf3 5 bytes JMP 000000016e28902e
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007504cfca 5 bytes JMP 000000016e091893
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 000000007504f52b 5 bytes JMP 000000016e17ed00
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 000000007506cb0c 5 bytes JMP 000000016e288fc9
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 000000007506ce64 5 bytes JMP 000000016e289093
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 000000007507fbd1 5 bytes JMP 000000016e288f50
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 000000007507fc9d 5 bytes JMP 000000016e288ed7
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!MessageBoxExA 000000007507fcd6 5 bytes JMP 000000016e288e73
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\USER32.dll!MessageBoxExW 000000007507fcfa 5 bytes JMP 000000016e288e0f
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 0000000076d36143 5 bytes JMP 000000016e2897fc
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 00000000752b3e59 5 bytes JMP 000000016e2898f4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 00000000752b3eae 5 bytes JMP 000000016e289972
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 00000000752b4731 5 bytes JMP 000000016e289866
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 00000000752b5dee 5 bytes JMP 000000016e289912
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 00000000753193ec 5 bytes JMP 000000016e289248
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075751465 2 bytes [75, 75]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000757514bb 2 bytes [75, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheetW 000000007237388e 5 bytes JMP 000000016e2890f8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheet 0000000072417922 5 bytes JMP 000000016e2891a0
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2636] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 00000000758c2694 5 bytes JMP 000000016e289440
    ---- EOF - GMER 2.1 ----
     
  2. Serisu

    Serisu Thread Starter

    Joined:
    Feb 21, 2013
    Messages:
    4
    Alright, I booted into Normal after waiting for a good long time at the blank screen. However, DDS still cannot run. All of my programs are slowed and I can't use some of them or maybe it's just that they're taking forever to load. I can't really switch over to the other programs I have open either. But the internet is up and so is my sound. I still can't update virus scanners though.
     
  3. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    First thing that jumps out from the logs is that you have three Anti Virus programs running and two firewalls. You should never have more than one so you will need to uninstall two of the three installed: McAfee, AVG2012 or Avast.

    Then run the appropriate clean up tool for the ones you have uninstalled:

    AVG Removal tool
    Avast removal tool
    McAfee Removal Tool

    DO NOT run the tool for the one you wish to keep. You should be able to do all of this in "Safe Mode with Networking".

    I would also advise you to uninstall Spybot Search and Destroy as it is no longer a recommended program and you have SuperAntiSpyware which is far better.

    Let me know if it will then boot into Normal Mode without the Black screen appearing for such a long time.

    Please then run these two programs and post the logs, it would be preferable to run these both in Normal Mode if you can get there, Safe Mode will do if you have any problems.


    SCAN 1
    Click on this link to download : ADWCleaner and save it to your desktop.

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and click on this icon on your desktop: [​IMG]

    You will then see the screen below, click on the Delete button (as indicated), accept any prompts that appear and allow it to reboot the PC. When the PC has rebooted you will be presented with the report, copy & paste it into your next post.

    [​IMG]



    SCAN 2
    Download RogueKiller (by tigzy) and save direct to your Desktop.
    On the web page select the 32bit or 64bit button to match the bit rate of your version of Windows.

    • Quit all running programs.
    • Start RogueKiller.exe by double clicking on the icon.
    • Wait until Prescan has finished.
    • Ensure all boxes are ticked under "Report" tab.
    • Click on Scan.
    • Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
    • NOTE: DO NOT attempt to remove anything that the scan detects.

    [​IMG]
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1090515

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice