Solve : eBay "Phishing Scam" ... anyone seen this??

1.	Solve : eBay "Phishing Scam" ... anyone seen this??
Answer» Quote from: evilfantasy on July 10, 2009, 10:58:52 AM I would also recommend that you Defrag the computer. You can use the built in Windows Defrag by clicking Start > Run and then type in dfrg.msc then click OK. Or use a faster FREE program. Defraggler is very effective and easy to use. Note: Be sure to clean out temp files and restart the computer just before beginning a defrag. Actually, I would recommend using IObit's Smart Defrag. Just install, ANALYSE your drive, select Deep Optimize and then start the defrag. http://www.iobit.com/iobitsmartdefrag.htmlIObit is more RAM intensive than Defraggler. The computer is already slow. No need adding to the burden with a "heavier" process.Ran the disc defragmenter .... tried eBay, still asking me for my information. Also, still no sound either. Sounds like this thing is f*d What's funny is that its a SINGLE program somwhere, I tried eBay and Paypal and get the EXACT message and window when I log on, even if I enter the wrong username and/or password it directs me to that screen that says: "We have noticed an increasing fraudulent activity recently. In order to provide your security and protect you from FRAUDSTERS we have introduced a new system of identification that will help us to avoid any kind of fraud or unauthorised access. Please enter as more information as possible to provide your complete identification and to activate all the features of the new system" Any other suggestions?Download GMER and save it to your desktop Unzip (extract) it to your desktop. Disconnect from Internet and close all running programs. There is a small chance this application may crash your computer so save any work you have open. Double-click gmer.exe to run it. Let the gmer.sys DRIVER to load if asked. If it gives you a warning at program start about rootkit activity and asks if you want to run a scan... click NO Click the Rootkit tab. Make sure all the boxes on the right of the screen are checked, EXCEPT for "Show All". Then click the Scan button. Wait for the scan to finish. Once done, click the Copy button. This will copy the results to the clipboard. Open Notepad and press CTRL + V to paste the log, and save it to your desktop. Add this log to your next reply. Here's the RookIt Log: GMER 1.0.15.14972 - http://www.gmer.net Rootkit scan 2009-07-12 12:40:43 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.15 ---- SSDT kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) ZwOpenFile [0xBAAE3080] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\iPod\bin\iPodService.exe[476] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00BA2B80 .text C:\Program Files\iPod\bin\iPodService.exe[476] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00BA2B3D .text C:\Program Files\iPod\bin\iPodService.exe[476] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00BA2B01 .text C:\Program Files\iPod\bin\iPodService.exe[476] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00BA2AE6 .text C:\Program Files\iPod\bin\iPodService.exe[476] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00BA2972 .text C:\Program Files\iPod\bin\iPodService.exe[476] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00BA2A64 .text C:\Program Files\iPod\bin\iPodService.exe[476] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00BA29AA .text C:\Program Files\iPod\bin\iPodService.exe[476] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00BA29E2 .text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00EC2B80 .text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00EC2B3D .text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00EC2B01 .text C:\WINDOWS\system32\wuauclt.exe[1240] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00EC2AE6 .text C:\WINDOWS\system32\wuauclt.exe[1240] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00EC2972 .text C:\WINDOWS\system32\wuauclt.exe[1240] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00EC2A64 .text C:\WINDOWS\system32\wuauclt.exe[1240] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00EC29AA .text C:\WINDOWS\system32\wuauclt.exe[1240] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00EC29E2 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 012E2B80 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 012E2B3D .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 012E2B01 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 012E2AE6 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] WS2_32.dll!send 71AB4C27 5 Bytes JMP 012E2972 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 012E2A64 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] WS2_32.dll!recv 71AB676F 5 Bytes JMP 012E29AA .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 012E29E2 .text C:\WINDOWS\System32\alg.exe[1628] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00AE2B80 .text C:\WINDOWS\System32\alg.exe[1628] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00AE2B3D .text C:\WINDOWS\System32\alg.exe[1628] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00AE2B01 .text C:\WINDOWS\System32\alg.exe[1628] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00AE2AE6 .text C:\WINDOWS\System32\alg.exe[1628] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00AE2972 .text C:\WINDOWS\System32\alg.exe[1628] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00AE2A64 .text C:\WINDOWS\System32\alg.exe[1628] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00AE29AA .text C:\WINDOWS\System32\alg.exe[1628] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00AE29E2 .text C:\Program Files\Azureus\Azureus.exe[1668] ADVAPI32.DLL!CryptDestroyKey 77DE9EBC 7 Bytes JMP 03C02B80 .text C:\Program Files\Azureus\Azureus.exe[1668] ADVAPI32.DLL!CryptDecrypt 77DEA129 7 Bytes JMP 03C02B3D .text C:\Program Files\Azureus\Azureus.exe[1668] ADVAPI32.DLL!CryptEncrypt 77DEE360 7 Bytes JMP 03C02B01 .text C:\Program Files\Azureus\Azureus.exe[1668] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 03C02AE6 .text C:\Program Files\Azureus\Azureus.exe[1668] WS2_32.dll!send 71AB4C27 5 Bytes JMP 03C02972 .text C:\Program Files\Azureus\Azureus.exe[1668] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 03C02A64 .text C:\Program Files\Azureus\Azureus.exe[1668] WS2_32.dll!recv 71AB676F 5 Bytes JMP 03C029AA .text C:\Program Files\Azureus\Azureus.exe[1668] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 03C029E2 .text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00702AE6 .text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00702972 .text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00702A64 .text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] WS2_32.dll!recv 71AB676F 5 Bytes JMP 007029AA .text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 007029E2 .text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00702B80 .text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00702B3D .text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00702B01 .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 01B42B80 .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 01B42B3D .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 01B42B01 .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 01B42AE6 .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] WS2_32.dll!send 71AB4C27 5 Bytes JMP 01B42972 .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 01B42A64 .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] WS2_32.dll!recv 71AB676F 5 Bytes JMP 01B429AA .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 01B429E2 .text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00E02B80 .text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00E02B3D .text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00E02B01 .text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00E02AE6 .text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00E02972 .text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00E02A64 .text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00E029AA .text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00E029E2 .text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 014B2B80 .text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 014B2B3D .text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 014B2B01 .text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 014B2AE6 .text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] WS2_32.dll!send 71AB4C27 5 Bytes JMP 014B2972 .text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 014B2A64 .text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] WS2_32.dll!recv 71AB676F 5 Bytes JMP 014B29AA .text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 014B29E2 .text C:\Program Files\Internet Explorer\iexplore.exe[2488] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 02302B80 .text C:\Program Files\Internet Explorer\iexplore.exe[2488] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 02302B3D .text C:\Program Files\Internet Explorer\iexplore.exe[2488] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 02302B01 .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2151D5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9261 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DC8A9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2ED2C4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254254 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E40B6CB C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E40B5FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E40B668 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E40B4CE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E40B530 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E40B72E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E40B592 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 3E2ED320 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 02303088 .text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 023030DD .text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!HttpOpenRequestA 3D94D5E8 5 Bytes JMP 02302DD5 .text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!InternetConnectA 3D94DF8E 5 Bytes JMP 02302B9B .text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!HttpSendRequestW 3D94FB9E 5 Bytes JMP 02303A57 .text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!HttpSendRequestA 3D95EEB9 5 Bytes JMP 02302F41 .text C:\Program Files\Internet Explorer\iexplore.exe[2488] CRYPT32.dll!CertGetCertificateChain 77A92F67 5 Bytes JMP 023035D4 .text C:\Program Files\Internet Explorer\iexplore.exe[2488] CRYPT32.dll!CertVerifyCertificateChainPolicy 77A9B76F 5 Bytes JMP 023035DD .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00F82B80 .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00F82B3D .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00F82B01 .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00F82AE6 .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00F82972 .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00F82A64 .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00F829AA .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00F829E2 .text C:\WINDOWS\Explorer.EXE[3160] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00E42B80 .text C:\WINDOWS\Explorer.EXE[3160] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00E42B3D .text C:\WINDOWS\Explorer.EXE[3160] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00E42B01 .text C:\WINDOWS\Explorer.EXE[3160] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00E42AE6 .text C:\WINDOWS\Explorer.EXE[3160] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00E42972 .text C:\WINDOWS\Explorer.EXE[3160] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00E42A64 .text C:\WINDOWS\Explorer.EXE[3160] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00E429AA .text C:\WINDOWS\Explorer.EXE[3160] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00E429E2 .text C:\Program Files\iTunes\iTunesHelper.exe[3620] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00BD2B80 .text C:\Program Files\iTunes\iTunesHelper.exe[3620] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00BD2B3D .text C:\Program Files\iTunes\iTunesHelper.exe[3620] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00BD2B01 .text C:\Program Files\iTunes\iTunesHelper.exe[3620] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00BD2AE6 .text C:\Program Files\iTunes\iTunesHelper.exe[3620] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00BD2972 .text C:\Program Files\iTunes\iTunesHelper.exe[3620] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00BD2A64 .text C:\Program Files\iTunes\iTunesHelper.exe[3620] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00BD29AA .text C:\Program Files\iTunes\iTunesHelper.exe[3620] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00BD29E2 .text C:\Program Files\Java\jre6\bin\jusched.exe[3632] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00C42B80 .text C:\Program Files\Java\jre6\bin\jusched.exe[3632] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00C42B3D .text C:\Program Files\Java\jre6\bin\jusched.exe[3632] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00C42B01 .text C:\Program Files\Java\jre6\bin\jusched.exe[3632] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00C42AE6 .text C:\Program Files\Java\jre6\bin\jusched.exe[3632] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00C42972 .text C:\Program Files\Java\jre6\bin\jusched.exe[3632] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00C42A64 .text C:\Program Files\Java\jre6\bin\jusched.exe[3632] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00C429AA .text C:\Program Files\Java\jre6\bin\jusched.exe[3632] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00C429E2 .text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 01042B80 .text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 01042B3D .text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 01042B01 .text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 01042AE6 .text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] WS2_32.dll!send 71AB4C27 5 Bytes JMP 01042972 .text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 01042A64 .text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] WS2_32.dll!recv 71AB676F 5 Bytes JMP 010429AA .text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 010429E2 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 01D02B80 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 01D02B3D .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 01D02B01 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 01D02AE6 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] WS2_32.dll!send 71AB4C27 5 Bytes JMP 01D02972 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 01D02A64 .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] WS2_32.dll!recv 71AB676F 5 Bytes JMP 01D029AA .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 01D029E2 .text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00E02B80 .text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00E02B3D .text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00E02B01 .text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00E02AE6 .text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00E02972 .text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00E02A64 .text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00E029AA .text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00E029E2 .text C:\Program Files\Internet Explorer\iexplore.exe[5416] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 02682B80 .text C:\Program Files\Internet Explorer\iexplore.exe[5416] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 02682B3D .text C:\Program Files\Internet Explorer\iexplore.exe[5416] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 02682B01 .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2151D5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9261 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DC8A9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2ED2C4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254254 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E40B6CB C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E40B5FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E40B668 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E40B4CE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E40B530 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E40B72E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E40B592 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 3E2ED320 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 02683088 .text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 026830DD .text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!HttpOpenRequestA 3D94D5E8 5 Bytes JMP 02682DD5 .text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!InternetConnectA 3D94DF8E 5 Bytes JMP 02682B9B .text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!HttpSendRequestW 3D94FB9E 5 Bytes JMP 02683A57 .text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!HttpSendRequestA 3D95EEB9 5 Bytes JMP 02682F41 .text C:\Program Files\Internet Explorer\iexplore.exe[5416] CRYPT32.dll!CertGetCertificateChain 77A92F67 5 Bytes JMP 026835D4 .text C:\Program Files\Internet Explorer\iexplore.exe[5416] CRYPT32.dll!CertVerifyCertificateChainPolicy 77A9B76F 5 Bytes JMP 026835DD .text C:\Program Files\Internet Explorer\iexplore.exe[5752] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 02A32B80 .text C:\Program Files\Internet Explorer\iexplore.exe[5752] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 02A32B3D .text C:\Program Files\Internet Explorer\iexplore.exe[5752] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 02A32B01 .text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2151D5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2ED2C4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E40B6CB C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E40B5FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E40B668 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E40B4CE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E40B530 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E40B72E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E40B592 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5752] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 02A33088 .text C:\Program Files\Internet Explorer\iexplore.exe[5752] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 02A330DD .text C:\Program Files\Internet Explorer\iexplore.exe[5752] WININET.dll!HttpOpenRequestA 3D94D5E8 5 Bytes JMP 02A32DD5 .text &nbI'm not seeing anything. Download Lop S&D by Eric_71 and save it to your Desktop. Lop S&D will only run on Windows XP and Windows Vista Disable your antivirus and antimalware programs so they do not INTERFERE with the running of Lop S&D. If needed see: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs Double click LopSD.exe - If you are using Windows Vista, right-click on the LopSD icon and select Run as administrator to perform this scan. Choose the language by typing of the corresponding letter and press Enter Click OK at the informative window Type 1, to choose Option 1 (Search) then press Enter Wait until the end of the scan A report will be generated, post the contents of it in your next reply. . A copy of the report can be found at this location: %systemdrive%\lopR.txt, in most cases C:\lopR.txt ---------- Download GooredFix from one of the locations below and save it to your Desktop*. Link #1 Link #2 Double-click GooredFix.exe to run it. * Select 1. Find Goored (no fix) by typing 1 and pressing Enter. * A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt). Note: Do not run Option #2 yet.

Answer»

Quote from: evilfantasy on July 10, 2009, 10:58:52 AM

I would also recommend that you Defrag the computer.

You can use the built in Windows Defrag by clicking Start > Run and then type in dfrg.msc then click OK. Or use a faster FREE program. Defraggler is very effective and easy to use.

Note: Be sure to clean out temp files and restart the computer just before beginning a defrag.

Actually, I would recommend using IObit's Smart Defrag. Just install, ANALYSE your drive, select Deep Optimize and then start the defrag.

http://www.iobit.com/iobitsmartdefrag.htmlIObit is more RAM intensive than Defraggler. The computer is already slow. No need adding to the burden with a "heavier" process.Ran the disc defragmenter .... tried eBay, still asking me for my information. Also, still no sound either. Sounds like this thing is f***d

What's funny is that its a SINGLE program somwhere, I tried eBay and Paypal and get the EXACT message and window when I log on, even if I enter the wrong username and/or password it directs me to that screen that says:

"We have noticed an increasing fraudulent activity recently. In order to provide your security and protect you from FRAUDSTERS we have introduced a new system of identification that will help us to avoid any kind of fraud or unauthorised access.

Please enter as more information as possible to provide your complete identification and to activate all the features of the new system"

Any other suggestions?Download GMER and save it to your desktop

Unzip (extract) it to your desktop.
Disconnect from Internet and close all running programs.
There is a small chance this application may crash your computer so save any work you have open.
Double-click gmer.exe to run it.
Let the gmer.sys DRIVER to load if asked.
If it gives you a warning at program start about rootkit activity and asks if you want to run a scan... click NO
Click the Rootkit tab.
Make sure all the boxes on the right of the screen are checked, EXCEPT for "Show All".
Then click the Scan button. Wait for the scan to finish.
Once done, click the Copy button.
This will copy the results to the clipboard. Open Notepad and press CTRL + V to paste the log, and save it to your desktop.
Add this log to your next reply.

Here's the RookIt Log:

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-07-12 12:40:43
Windows 5.1.2600 Service Pack 3

---- System - GMER 1.0.15 ----

SSDT kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) ZwOpenFile [0xBAAE3080]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\iPod\bin\iPodService.exe[476] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00BA2B80
.text C:\Program Files\iPod\bin\iPodService.exe[476] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00BA2B3D
.text C:\Program Files\iPod\bin\iPodService.exe[476] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00BA2B01
.text C:\Program Files\iPod\bin\iPodService.exe[476] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00BA2AE6
.text C:\Program Files\iPod\bin\iPodService.exe[476] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00BA2972
.text C:\Program Files\iPod\bin\iPodService.exe[476] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00BA2A64
.text C:\Program Files\iPod\bin\iPodService.exe[476] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00BA29AA
.text C:\Program Files\iPod\bin\iPodService.exe[476] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00BA29E2
.text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00EC2B80
.text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00EC2B3D
.text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00EC2B01
.text C:\WINDOWS\system32\wuauclt.exe[1240] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00EC2AE6
.text C:\WINDOWS\system32\wuauclt.exe[1240] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00EC2972
.text C:\WINDOWS\system32\wuauclt.exe[1240] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00EC2A64
.text C:\WINDOWS\system32\wuauclt.exe[1240] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00EC29AA
.text C:\WINDOWS\system32\wuauclt.exe[1240] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00EC29E2
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 012E2B80
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 012E2B3D
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 012E2B01
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 012E2AE6
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] WS2_32.dll!send 71AB4C27 5 Bytes JMP 012E2972
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 012E2A64
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] WS2_32.dll!recv 71AB676F 5 Bytes JMP 012E29AA
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe[1336] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 012E29E2
.text C:\WINDOWS\System32\alg.exe[1628] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00AE2B80
.text C:\WINDOWS\System32\alg.exe[1628] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00AE2B3D
.text C:\WINDOWS\System32\alg.exe[1628] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00AE2B01
.text C:\WINDOWS\System32\alg.exe[1628] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00AE2AE6
.text C:\WINDOWS\System32\alg.exe[1628] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00AE2972
.text C:\WINDOWS\System32\alg.exe[1628] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00AE2A64
.text C:\WINDOWS\System32\alg.exe[1628] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00AE29AA
.text C:\WINDOWS\System32\alg.exe[1628] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00AE29E2
.text C:\Program Files\Azureus\Azureus.exe[1668] ADVAPI32.DLL!CryptDestroyKey 77DE9EBC 7 Bytes JMP 03C02B80
.text C:\Program Files\Azureus\Azureus.exe[1668] ADVAPI32.DLL!CryptDecrypt 77DEA129 7 Bytes JMP 03C02B3D
.text C:\Program Files\Azureus\Azureus.exe[1668] ADVAPI32.DLL!CryptEncrypt 77DEE360 7 Bytes JMP 03C02B01
.text C:\Program Files\Azureus\Azureus.exe[1668] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 03C02AE6
.text C:\Program Files\Azureus\Azureus.exe[1668] WS2_32.dll!send 71AB4C27 5 Bytes JMP 03C02972
.text C:\Program Files\Azureus\Azureus.exe[1668] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 03C02A64
.text C:\Program Files\Azureus\Azureus.exe[1668] WS2_32.dll!recv 71AB676F 5 Bytes JMP 03C029AA
.text C:\Program Files\Azureus\Azureus.exe[1668] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 03C029E2
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00702AE6
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00702972
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00702A64
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] WS2_32.dll!recv 71AB676F 5 Bytes JMP 007029AA
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 007029E2
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00702B80
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00702B3D
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1820] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00702B01
.text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 01B42B80
.text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 01B42B3D
.text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 01B42B01
.text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 01B42AE6
.text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] WS2_32.dll!send 71AB4C27 5 Bytes JMP 01B42972
.text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 01B42A64
.text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] WS2_32.dll!recv 71AB676F 5 Bytes JMP 01B429AA
.text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[1884] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 01B429E2
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00E02B80
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00E02B3D
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00E02B01
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00E02AE6
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00E02972
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00E02A64
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00E029AA
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2028] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00E029E2
.text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 014B2B80
.text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 014B2B3D
.text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 014B2B01
.text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 014B2AE6
.text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] WS2_32.dll!send 71AB4C27 5 Bytes JMP 014B2972
.text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 014B2A64
.text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] WS2_32.dll!recv 71AB676F 5 Bytes JMP 014B29AA
.text C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe[2364] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 014B29E2
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 02302B80
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 02302B3D
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 02302B01
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2151D5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9261 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DC8A9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2ED2C4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254254 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E40B6CB C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E40B5FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E40B668 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E40B4CE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E40B530 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E40B72E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E40B592 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 3E2ED320 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 02303088
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 023030DD
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!HttpOpenRequestA 3D94D5E8 5 Bytes JMP 02302DD5
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!InternetConnectA 3D94DF8E 5 Bytes JMP 02302B9B
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!HttpSendRequestW 3D94FB9E 5 Bytes JMP 02303A57
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] WININET.dll!HttpSendRequestA 3D95EEB9 5 Bytes JMP 02302F41
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] CRYPT32.dll!CertGetCertificateChain 77A92F67 5 Bytes JMP 023035D4
.text C:\Program Files\Internet Explorer\iexplore.exe[2488] CRYPT32.dll!CertVerifyCertificateChainPolicy 77A9B76F 5 Bytes JMP 023035DD
.text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00F82B80
.text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00F82B3D
.text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00F82B01
.text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00F82AE6
.text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00F82972
.text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00F82A64
.text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00F829AA
.text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[2676] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00F829E2
.text C:\WINDOWS\Explorer.EXE[3160] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00E42B80
.text C:\WINDOWS\Explorer.EXE[3160] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00E42B3D
.text C:\WINDOWS\Explorer.EXE[3160] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00E42B01
.text C:\WINDOWS\Explorer.EXE[3160] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00E42AE6
.text C:\WINDOWS\Explorer.EXE[3160] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00E42972
.text C:\WINDOWS\Explorer.EXE[3160] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00E42A64
.text C:\WINDOWS\Explorer.EXE[3160] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00E429AA
.text C:\WINDOWS\Explorer.EXE[3160] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00E429E2
.text C:\Program Files\iTunes\iTunesHelper.exe[3620] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00BD2B80
.text C:\Program Files\iTunes\iTunesHelper.exe[3620] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00BD2B3D
.text C:\Program Files\iTunes\iTunesHelper.exe[3620] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00BD2B01
.text C:\Program Files\iTunes\iTunesHelper.exe[3620] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00BD2AE6
.text C:\Program Files\iTunes\iTunesHelper.exe[3620] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00BD2972
.text C:\Program Files\iTunes\iTunesHelper.exe[3620] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00BD2A64
.text C:\Program Files\iTunes\iTunesHelper.exe[3620] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00BD29AA
.text C:\Program Files\iTunes\iTunesHelper.exe[3620] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00BD29E2
.text C:\Program Files\Java\jre6\bin\jusched.exe[3632] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00C42B80
.text C:\Program Files\Java\jre6\bin\jusched.exe[3632] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00C42B3D
.text C:\Program Files\Java\jre6\bin\jusched.exe[3632] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00C42B01
.text C:\Program Files\Java\jre6\bin\jusched.exe[3632] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00C42AE6
.text C:\Program Files\Java\jre6\bin\jusched.exe[3632] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00C42972
.text C:\Program Files\Java\jre6\bin\jusched.exe[3632] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00C42A64
.text C:\Program Files\Java\jre6\bin\jusched.exe[3632] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00C429AA
.text C:\Program Files\Java\jre6\bin\jusched.exe[3632] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00C429E2
.text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 01042B80
.text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 01042B3D
.text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 01042B01
.text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 01042AE6
.text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] WS2_32.dll!send 71AB4C27 5 Bytes JMP 01042972
.text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 01042A64
.text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] WS2_32.dll!recv 71AB676F 5 Bytes JMP 010429AA
.text C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe[3704] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 010429E2
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 01D02B80
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 01D02B3D
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 01D02B01
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 01D02AE6
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] WS2_32.dll!send 71AB4C27 5 Bytes JMP 01D02972
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 01D02A64
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] WS2_32.dll!recv 71AB676F 5 Bytes JMP 01D029AA
.text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe[3784] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 01D029E2
.text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 00E02B80
.text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 00E02B3D
.text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 00E02B01
.text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 00E02AE6
.text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] WS2_32.dll!send 71AB4C27 5 Bytes JMP 00E02972
.text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 00E02A64
.text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] WS2_32.dll!recv 71AB676F 5 Bytes JMP 00E029AA
.text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3804] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 00E029E2
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 02682B80
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 02682B3D
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 02682B01
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2151D5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9261 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DC8A9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2ED2C4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254254 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E40B6CB C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E40B5FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E40B668 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E40B4CE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E40B530 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E40B72E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E40B592 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 3E2ED320 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 02683088
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 026830DD
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!HttpOpenRequestA 3D94D5E8 5 Bytes JMP 02682DD5
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!InternetConnectA 3D94DF8E 5 Bytes JMP 02682B9B
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!HttpSendRequestW 3D94FB9E 5 Bytes JMP 02683A57
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] WININET.dll!HttpSendRequestA 3D95EEB9 5 Bytes JMP 02682F41
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] CRYPT32.dll!CertGetCertificateChain 77A92F67 5 Bytes JMP 026835D4
.text C:\Program Files\Internet Explorer\iexplore.exe[5416] CRYPT32.dll!CertVerifyCertificateChainPolicy 77A9B76F 5 Bytes JMP 026835DD
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] ADVAPI32.dll!CryptDestroyKey 77DE9EBC 7 Bytes JMP 02A32B80
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 02A32B3D
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] ADVAPI32.dll!CryptEncrypt 77DEE360 7 Bytes JMP 02A32B01
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2151D5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2ED2C4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E40B6CB C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E40B5FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E40B668 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E40B4CE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E40B530 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E40B72E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E40B592 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 02A33088
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 02A330DD
.text C:\Program Files\Internet Explorer\iexplore.exe[5752] WININET.dll!HttpOpenRequestA 3D94D5E8 5 Bytes JMP 02A32DD5
.text &nbI'm not seeing anything.

Download Lop S&D by Eric_71 and save it to your Desktop. Lop S&D will only run on Windows XP and Windows Vista

Disable your antivirus and antimalware programs so they do not INTERFERE with the running of Lop S&D. If needed see: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Double click LopSD.exe - If you are using Windows Vista, right-click on the LopSD icon and select Run as administrator to perform this scan.

Choose the language by typing of the corresponding letter and press Enter
Click OK at the informative window
Type 1, to choose Option 1 (Search) then press Enter
Wait until the end of the scan
A report will be generated, post the contents of it in your next reply.

.
A copy of the report can be found at this location: %systemdrive%\lopR.txt, in most cases C:\lopR.txt

----------

Download GooredFix from one of the locations below and save it to your Desktop.

Link #1
Link #2

* Double-click GooredFix.exe to run it.
* Select 1. Find Goored (no fix) by typing 1 and pressing Enter.
* A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt).

Note: Do not run Option #2 yet.

Solve : eBay "Phishing Scam" ... anyone seen this??

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment