Open Radix again. Make sure Internet Explorer is running to do this step.
Click the Tools tab, then click the Memory Dumper button. Next to "Dump memory of process" use the dropdown box to bring the following into that window:
IEXPLORE.EXE
Then next to "Dump memory region", type in this information:
01020000
In the area to the right of that, type in this information:
01045000
Make no other changes in that display.
Then under "Save As" click the small folder icon, click the Desktop icon in the display that opens, and name the dumped information as jimmy.dog, and save that to your desktop.
Zip a copy of that file, then send that to me as an attachment, using the same email address and subject please.
-----------
Still in Radix - Tools, use the Browse option (the open folder icon) next to File to check, and see if you can navigate to that:
C:\WINDOWS\system32\vwsrv.exe
If it does show in that view, click the file, then click the Dump hidden file button, and save that .dmp file to your desktop. If you are able to do that, please upload it as per the previous instructions.
----------
If Radix does not show that file, open Gmer again. Once it completes it's own initial scan say No to any messages about running a scan with it, if suggested. Instead click the >>> at the top, then click the Files tab (this will be a slow procedure, so patience is needed).
Place a check next to Only hidden, then again see if you can navigate to that:
C:\WINDOWS\system32\vwsrv.exe
If it shows then, click to hilight the file, then click the Copy button, and save that to your desktop as larry.dog
Then upload that file please.