stonedlabradour

Excellent I'll check it out you can close it out now

Wow that deflix is pretty effective! All clear here. Thanks again Kevin

Sorry Kevin cant see the fixlist.txt file attachment...or is it the old fixlist I should use?

Ok so I installed the new java, tried to verify it online but didnt work. tried it a second time same result. also tried to remove old java but it just stalled. what should I do? Keep going with steps up above? Michael

Cool so nothing found by the antivirus, ran sfc /scannow and it fixed everything it needed to only problem is I cant seem to get the report up. nothing happens when I copy and paste it in...should be grand anyway. Everything's working much better now! Thanks so much Kevin!

Ah Jaysus I wouldn't deprive a man from his bed. Running the scans now. will post the results but won't expect a reply till tomorrow! Thanks very much Kevin

Nothing! Everything seems to be working great - thanks very much! Just one thing if you don't mind - Should I bolster my security and invest in an antivirus to run alongside as well as MBAM or will that slow down my system?

Sorry waiting for reboot. Here is the Adware results and MGA: # AdwCleaner v3.017 - Report created 28/01/2014 at 00:19:26 # Updated 12/01/2014 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : User - USER-PC # Running from : C:\Users\User.User-PC\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Ask Folder Deleted : C:\Program Files (x86)\NCH Software File Deleted : C:\END File Deleted : C:\Windows\System32\roboot64.exe ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softube Acoustic Feedback VST RTAS_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softube Bass Amp Room VST RTAS_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softube FET Compressor VST RTAS_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softube Metal Amp Room VST RTAS_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softube Passive-Active Pack VST RTAS_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softube Spring Reverb VST RTAS_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softube Trident A-Range VST RTAS_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softube Tube Delay VST RTAS_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softube Tube-Tech CL 1B VST RTAS_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softube Vintage Amp Room VST RTAS_is1 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\FLEXnet Key Deleted : HKCU\Software\NCH Software Key Deleted : HKCU\Software\systweak Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\Software\NCH Software Key Deleted : HKLM\Software\PIP ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v17.0 (en-US) -\\ Google Chrome v32.0.1700.76 ************************* AdwCleaner[R0].txt - [3709 octets] - [28/01/2014 00:16:23] AdwCleaner[s0].txt - [3483 octets] - [28/01/2014 00:19:26] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3543 octets] ########## MGA: Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0 Cached Online Validation Code: 0x0 Windows Product Key: *****-*****-TMVMJ-BBMRX-3MBMV Windows Product Key Hash: 55n8g6xdzhe4AOWhmTzdzQoLfa4= Windows Product ID: 00426-292-0000007-85981 Windows Product ID Type: 5 Windows License Type: Retail Windows OS version: 6.1.7601.2.00010100.1.0.001 ID: {D2601EBD-AE32-4DBD-816E-0157581D6538}(1) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Ultimate Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.130828-1532 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files\Internet Explorer\iexplore.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100 Other data--> Office Details: <GenuineResults><MachineData><UGUID>{D2601EBD-AE32-4DBD-816E-0157581D6538}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-3MBMV</PKey><PID>00426-292-0000007-85981</PID><PIDType>5</PIDType><SID>S-1-5-21-1693230404-891570233-2460468753</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>Satellite L300D</Model></SYSTEM><BIOS><Manufacturer>Insyde Corp.</Manufacturer><Version>1.80</Version><SMBIOSVersion major="2" minor="4"/><Date>20090901000000.000000+000</Date></BIOS><HWID>25E53C07018400F6</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>QA09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Input Error: Can not find script file "C:\Windows\system32\slmgr.vbs". Windows Activation Technologies--> HrOffline: 0x00000000 HrOnline: 0x00000000 HealthStatus: 0x0000000000000000 Event Time Stamp: 11:25:2012 04:30 ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Not Registered - 0x80070005 HealthStatus Bitmask Output: HWID Data--> HWID Hash Current: NAAAAAIABAABAAEAAAABAAAAAgABAAEAeqioP3cWnLkQM7CuVPkyy8gr1ErMSczJfqF+KA== OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x20001 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC TOSINV TOSINV00 FACP TOSINV TOSINV00 SRAT AMD AMD CRB MSCT AMD AMD CRB HPET TOSINV TOSINV00 BOOT TOSINV TOSINV00 MCFG TOSINV TOSINV00 SLIC DELL QA09 SSDT AMD PowerNow

Quick Scan results all clear: Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.org Database version: v2014.01.27.09 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476User :: USER-PC [administrator] Protection: Enabled 28/01/2014 00:06:07mbam-log-2014-01-28 (00-06-07).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 251698Time elapsed: 6 minute(s), 45 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end)

Ok so here's the fix: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-01-2014 02Ran by User at 2014-01-28 00:01:40 Run:1Running from C:\Users\User.User-PC\DownloadsBoot Mode: Normal============================================== Content of fixlist:*****************StartC:\Windows\Tasks\At1.jobC:\Windows\Tasks\At2.jobC:\Windows\Tasks\At3.jobC:\Windows\Tasks\At4.jobC:\Windows\Tasks\At5.jobC:\Users\User.User-PC\AppData\Local\Temp\Setup.exeC:\Users\User.User-PC\AppData\Local\Temp\sfamcc00001.dllC:\Users\User.User-PC\AppData\Local\Temp\sfareca00001.dllTask: {15979E1A-7465-47D2-8926-6020840EA063} - System32\Tasks\At2 => C:\Users\USER~1.USE\AppData\Local\Temp\ds2inst.exe <==== ATTENTIONTask: {3DE6E0A1-A42A-4124-95F3-8BCF8E814B4F} - System32\Tasks\At4 => C:\Users\USER~1.USE\AppData\Local\Temp\ds2inst.exe <==== ATTENTIONTask: {710D752B-9BBC-4CB1-B222-5FA25564BB68} - System32\Tasks\At5 => C:\Users\USER~1.USE\AppData\Local\Temp\ds2inst.exe <==== ATTENTIONTask: {BCC4DA0C-1871-42A4-885E-2BA16095F4A1} - System32\Tasks\At3 => C:\Users\USER~1.USE\AppData\Local\Temp\ds2inst.exe <==== ATTENTIONTask: {DE94CEE1-FDF9-4088-8EFC-E7113CC2C6BC} - System32\Tasks\At1 => C:\Users\USER~1.USE\AppData\Local\Temp\ds2inst.exe <==== ATTENTIONEnd***************** C:\Windows\Tasks\At1.job => Moved successfully.C:\Windows\Tasks\At2.job => Moved successfully.C:\Windows\Tasks\At3.job => Moved successfully.C:\Windows\Tasks\At4.job => Moved successfully.C:\Windows\Tasks\At5.job => Moved successfully.C:\Users\User.User-PC\AppData\Local\Temp\Setup.exe => Moved successfully.C:\Users\User.User-PC\AppData\Local\Temp\sfamcc00001.dll => Moved successfully.C:\Users\User.User-PC\AppData\Local\Temp\sfareca00001.dll => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15979E1A-7465-47D2-8926-6020840EA063} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15979E1A-7465-47D2-8926-6020840EA063} => Key deleted successfully.C:\Windows\System32\Tasks\At2 => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At2 => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DE6E0A1-A42A-4124-95F3-8BCF8E814B4F} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DE6E0A1-A42A-4124-95F3-8BCF8E814B4F} => Key deleted successfully.C:\Windows\System32\Tasks\At4 => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At4 => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{710D752B-9BBC-4CB1-B222-5FA25564BB68} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{710D752B-9BBC-4CB1-B222-5FA25564BB68} => Key deleted successfully.C:\Windows\System32\Tasks\At5 => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At5 => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCC4DA0C-1871-42A4-885E-2BA16095F4A1} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCC4DA0C-1871-42A4-885E-2BA16095F4A1} => Key deleted successfully.C:\Windows\System32\Tasks\At3 => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At3 => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE94CEE1-FDF9-4088-8EFC-E7113CC2C6BC} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE94CEE1-FDF9-4088-8EFC-E7113CC2C6BC} => Key deleted successfully.C:\Windows\System32\Tasks\At1 => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At1 => Key deleted successfully. ==== End of Fixlog ==== Just running Quick scan now

Cheers. Addition attached. Michael Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02 Ran by User (administrator) on USER-PC on 27-01-2014 23:24:07 Running from C:\Users\User.User-PC\Downloads Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (AMD) C:\Windows\System32\atieclxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH) HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation) HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation) HKLM\...\Run: [smoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [910136 2009-11-10] (TOSHIBA Corporation) HKLM\...\Run: [bCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1573160 2008-08-14] (Synaptics, Inc.) HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor) HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] () HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.entru.com/?s=21982 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB68264A890CACD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.entru.com/?s=21982 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 89.101.160.4 89.101.160.5 FireFox: ======== FF ProfilePath: C:\Users\User.User-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ugjzqyeo.default FF user.js: detected! => C:\Users\User.User-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ugjzqyeo.default\user.js FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @meadco.com/neptune plugin,version=2.0.0.29 - C:\PROGRA~2\MEADCO~1\npmeadax.dll (MeadCo Corp.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-18] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-26] Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Extension: (Google Drive) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-25] CHR Extension: (YouTube) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-25] CHR Extension: (Hide My Ass! Web Proxy) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2013-12-23] CHR Extension: (Google Search) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-25] CHR Extension: (Don't track me Google) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbofhhdmcladcmmfjolgndfkpobecpg [2013-07-28] CHR Extension: (AdBlock) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-01] CHR Extension: (Hola Better Internet) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2013-11-11] CHR Extension: (Trustwave SecureBrowsing) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcghfieafojgpngcjbkbbjfecjbahhif [2013-04-27] CHR Extension: (Traffic Slam 3) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfjmailnmofkkffoemgmdbemmohldhe [2013-08-14] CHR Extension: (Skype Click to Call) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-04-19] CHR Extension: (Google Wallet) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26] CHR Extension: (Gmail) - C:\Users\User.User-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-25] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14] ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.) R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC) S4 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH) ==================== Drivers (Whitelisted) ==================== R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-06] (AVAST Software) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-24] (DT Soft Ltd) S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [133632 2009-11-04] (Huawei Technologies Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation ) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-27 23:24 - 2014-01-27 23:24 - 00017265 _____ C:\Users\User.User-PC\Downloads\FRST.txt 2014-01-27 23:23 - 2014-01-27 23:23 - 02079232 _____ (Farbar) C:\Users\User.User-PC\Downloads\FRST64.exe 2014-01-27 23:23 - 2014-01-27 23:23 - 00000000 ____D C:\FRST 2014-01-27 23:22 - 2014-01-27 23:22 - 01622528 _____ (Farbar) C:\Users\User.User-PC\Downloads\FRST.exe 2014-01-27 22:58 - 2014-01-27 23:02 - 00021454 _____ C:\Users\User.User-PC\Desktop\dds.txt 2014-01-27 22:58 - 2014-01-27 23:02 - 00013333 _____ C:\Users\User.User-PC\Desktop\attach.txt 2014-01-27 22:50 - 2014-01-27 22:51 - 00688992 ____R (Swearware) C:\Users\User.User-PC\Downloads\dds.com 2014-01-27 22:50 - 2014-01-27 22:50 - 00688992 ____R (Swearware) C:\Users\User.User-PC\Downloads\dds.scr 2014-01-27 18:13 - 2014-01-27 18:27 - 00000000 ____D C:\Users\User.User-PC\Desktop\What have we got to do basslines 2014-01-26 23:57 - 2014-01-26 23:57 - 02605768 _____ (Sandboxie Holdings, LLC) C:\Users\User.User-PC\Downloads\SandboxieInstall.exe 2014-01-26 21:27 - 2014-01-27 18:28 - 00051702 _____ C:\Users\User.User-PC\Desktop\What have we got to do.cpr 2014-01-26 18:10 - 2014-01-09 16:47 - 524116823 _____ C:\Users\User.User-PC\Desktop\thescretlifeowaltermitydvdscr-SHULiBAN.mkv 2014-01-26 17:39 - 2014-01-26 18:07 - 524118515 _____ C:\Users\User.User-PC\Downloads\SLWM.SC5-SHULiBAN.rar 2014-01-26 16:56 - 2014-01-26 16:56 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2014-01-26 16:55 - 2014-01-26 16:55 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2014-01-26 16:55 - 2014-01-26 16:55 - 00000000 ____D C:\Program Files\Realtek 2014-01-26 16:54 - 2013-11-05 19:47 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2014-01-26 16:54 - 2013-11-05 18:54 - 38385664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2014-01-26 16:54 - 2013-11-05 15:48 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-01-26 16:54 - 2013-11-04 19:26 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2014-01-26 16:54 - 2013-11-04 11:11 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2014-01-26 16:54 - 2013-10-30 16:31 - 00929080 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2014-01-26 16:54 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2014-01-26 16:54 - 2013-10-25 10:49 - 05751576 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2014-01-26 16:54 - 2013-10-18 16:41 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2014-01-26 16:54 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2014-01-26 16:54 - 2013-10-09 20:13 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2014-01-26 16:54 - 2013-10-09 20:13 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2014-01-26 16:54 - 2013-10-09 20:13 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2014-01-26 16:54 - 2013-10-09 20:12 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2014-01-26 16:54 - 2013-10-09 20:12 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2014-01-26 16:54 - 2013-10-09 20:12 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll 2014-01-26 16:54 - 2013-10-09 20:12 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2014-01-26 16:54 - 2013-10-09 20:12 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2014-01-26 16:54 - 2013-10-09 20:12 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2014-01-26 16:54 - 2013-10-07 11:05 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2014-01-26 16:54 - 2013-10-02 17:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2014-01-26 16:54 - 2013-09-09 15:32 - 05681192 _____ C:\Windows\system32\Drivers\rtvienna.dat 2014-01-26 16:54 - 2013-08-24 03:14 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2014-01-26 16:54 - 2013-08-24 03:14 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2014-01-26 16:54 - 2013-08-24 03:14 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2014-01-26 16:54 - 2013-08-24 03:14 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2014-01-26 16:54 - 2013-08-14 16:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2014-01-26 16:54 - 2013-08-14 16:35 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2014-01-26 16:54 - 2013-08-14 16:35 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2014-01-26 16:54 - 2013-08-14 16:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2014-01-26 16:54 - 2013-07-23 15:39 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll 2014-01-26 16:54 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2014-01-26 16:54 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2014-01-26 16:54 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2014-01-26 16:54 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2014-01-26 16:54 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2014-01-26 16:54 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2014-01-26 16:54 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2014-01-26 16:54 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2014-01-26 16:54 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2014-01-26 16:54 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2014-01-26 16:54 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2014-01-26 16:54 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2014-01-26 16:54 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2014-01-26 16:54 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2014-01-26 16:54 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2014-01-26 16:54 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2014-01-26 16:54 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2014-01-26 16:54 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2014-01-26 16:54 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2014-01-26 16:54 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2014-01-26 16:54 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2014-01-26 16:54 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2014-01-26 16:54 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2014-01-26 16:54 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2014-01-26 16:54 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2014-01-26 16:54 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2014-01-26 16:54 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-01-26 16:54 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2014-01-26 16:54 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2014-01-26 16:54 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2014-01-26 16:54 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2014-01-26 16:54 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2014-01-26 16:53 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2014-01-26 16:53 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2014-01-26 16:53 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2014-01-26 16:53 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2014-01-26 16:53 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2014-01-26 16:53 - 2013-09-10 04:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2014-01-26 16:53 - 2013-09-10 04:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2014-01-26 16:53 - 2013-09-10 04:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2014-01-26 16:53 - 2013-09-10 04:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2014-01-26 16:53 - 2013-08-20 17:37 - 00605496 _____ C:\Windows\system32\audioLibVc.dll 2014-01-26 16:53 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2014-01-26 16:53 - 2013-06-21 11:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2014-01-26 16:53 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2014-01-26 16:53 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2014-01-26 16:53 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2014-01-26 15:40 - 2014-01-26 15:40 - 00000000 ____D C:\Program Files (x86)\Realtek 2014-01-26 15:39 - 2014-01-26 15:39 - 00000000 ____D C:\Users\USER~1~USE 2014-01-26 14:24 - 2014-01-26 15:37 - 108956093 _____ (Realtek Semiconductor Corp.) C:\Users\User.User-PC\Downloads\64bit_Win7_Win8_Win81_R273.exe 2014-01-25 23:04 - 2014-01-26 20:05 - 00000000 ____D C:\Windows\pss 2014-01-21 17:41 - 2014-01-21 17:42 - 18126032 _____ (Adobe Systems Inc.) C:\Users\User.User-PC\Downloads\AdobeAIRInstaller.exe 2014-01-20 01:04 - 2014-01-20 01:04 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\4Front 2014-01-19 19:57 - 2014-01-19 19:53 - 00000000 ____D C:\Users\User.User-PC\Desktop\Oddsocks Album PrePro 2014-01-19 19:53 - 2014-01-19 19:53 - 41085786 _____ C:\Users\User.User-PC\Downloads\Oddsocks Album PrePro.zip 2014-01-19 19:27 - 2014-01-19 19:48 - 2174826508 _____ C:\Users\User.User-PC\Downloads\Tunes.zip 2014-01-19 15:36 - 2014-01-19 15:36 - 00001267 _____ C:\Users\Public\Desktop\Rapture.lnk 2014-01-19 03:19 - 2014-01-19 03:19 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software 2014-01-19 03:18 - 2014-01-19 03:18 - 00000000 ____D C:\Program Files\Common Files\VST3 2014-01-19 03:18 - 2014-01-19 03:18 - 00000000 ____D C:\Program Files\Common Files\VST2 2014-01-19 03:18 - 2014-01-19 03:18 - 00000000 ____D C:\Program Files\Common Files\Avid 2014-01-19 03:18 - 2014-01-19 03:18 - 00000000 ____D C:\Program Files\Celemony 2014-01-19 03:18 - 2014-01-19 03:18 - 00000000 ____D C:\Program Files (x86)\Celemony 2014-01-18 14:00 - 2014-01-18 14:00 - 00001321 _____ C:\Users\Public\Desktop\SONAR X3 Producer.lnk 2014-01-18 14:00 - 2014-01-18 14:00 - 00000000 ____D C:\Users\User.User-PC\Documents\Cakewalk 2014-01-18 13:46 - 2014-01-18 13:46 - 00000000 ____D C:\Users\User.User-PC\Documents\Nomad Factory 2014-01-18 12:40 - 2014-01-18 12:40 - 00000000 ____D C:\Users\User.User-PC\AppData\Local\Cakewalk 2014-01-18 12:28 - 2014-01-27 19:00 - 00000386 _____ C:\Windows\Tasks\At5.job 2014-01-18 12:28 - 2014-01-18 12:28 - 00001834 _____ C:\Windows\System32\Tasks\At5 2014-01-18 12:26 - 2014-01-18 12:26 - 00118784 _____ C:\Windows\dsdxirmv.exe 2014-01-18 03:57 - 2014-01-27 19:00 - 00000386 _____ C:\Windows\Tasks\At4.job 2014-01-18 03:57 - 2014-01-18 03:57 - 00001834 _____ C:\Windows\System32\Tasks\At4 2014-01-18 03:55 - 2014-01-27 19:00 - 00000386 _____ C:\Windows\Tasks\At3.job 2014-01-18 03:55 - 2014-01-18 03:55 - 00001834 _____ C:\Windows\System32\Tasks\At3 2014-01-18 03:52 - 2014-01-27 19:00 - 00000386 _____ C:\Windows\Tasks\At2.job 2014-01-18 03:52 - 2014-01-18 03:52 - 00001834 _____ C:\Windows\System32\Tasks\At2 2014-01-18 03:19 - 2014-01-18 13:11 - 00000000 ____D C:\Program Files (x86)\u-he 2014-01-18 03:18 - 2014-01-27 19:00 - 00000386 _____ C:\Windows\Tasks\At1.job 2014-01-18 03:18 - 2014-01-18 03:18 - 00001834 _____ C:\Windows\System32\Tasks\At1 2014-01-18 03:06 - 2014-01-18 03:06 - 00014290 _____ C:\Users\User.User-PC\Downloads\[kickass.to]celemony.melodyne.studio.edition.v3.torrent 2014-01-18 02:22 - 2014-01-26 20:11 - 00006656 _____ C:\Users\User.User-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-18 01:52 - 2014-01-26 21:14 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Celemony Software GmbH 2014-01-18 01:52 - 2014-01-18 01:52 - 00000000 ____D C:\Users\User.User-PC\TruePianos Settings 2014-01-18 01:52 - 2014-01-18 01:52 - 00000000 ____D C:\Users\User.User-PC\Documents\Celemony 2014-01-18 01:51 - 2014-01-18 01:52 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Applied Acoustics Systems 2014-01-18 01:51 - 2014-01-18 01:51 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Overloud 2014-01-18 01:47 - 2014-01-18 12:35 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Cakewalk 2014-01-17 23:58 - 2014-01-19 03:18 - 00000000 ____D C:\ProgramData\Celemony Software GmbH 2014-01-17 23:57 - 2014-01-19 03:18 - 00000000 ____D C:\Program Files\Common Files\Celemony 2014-01-17 23:54 - 2014-01-17 23:54 - 00000000 ____D C:\ProgramData\Temporary 2014-01-17 23:51 - 2014-01-17 23:51 - 00038415 _____ C:\Users\User.User-PC\Downloads\[kickass.to]cakewalk.sonar.x3.producer.edition.x3c.update.r2r.ex23.torrent 2014-01-17 23:49 - 2014-01-26 12:29 - 00000000 ____D C:\Cakewalk Projects 2014-01-17 23:36 - 2014-01-19 03:23 - 00770228 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2014-01-17 23:30 - 2012-06-20 17:38 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll 2014-01-17 23:30 - 2012-06-20 17:38 - 01047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll 2014-01-17 23:30 - 2012-06-20 17:38 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2014-01-17 23:30 - 2012-06-20 17:38 - 00487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll 2014-01-17 23:30 - 2012-06-20 17:38 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2014-01-17 23:30 - 2012-06-20 17:38 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll 2014-01-17 23:29 - 2014-01-17 23:29 - 00000000 ____D C:\ProgramData\Package Cache 2014-01-17 23:24 - 2014-01-18 13:41 - 00000000 ____D C:\Cakewalk Content 2014-01-17 23:21 - 2014-01-19 15:36 - 00000000 ____D C:\Program Files (x86)\Cakewalk 2014-01-17 23:21 - 2014-01-18 13:47 - 00000000 ____D C:\ProgramData\Cakewalk 2014-01-17 23:21 - 2014-01-18 13:31 - 00000000 ____D C:\ProgramData\Overloud 2014-01-17 20:42 - 2014-01-18 03:17 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Azureus 2014-01-17 20:39 - 2014-01-17 20:39 - 00018434 _____ C:\Users\User.User-PC\Downloads\[kickass.to]cakewalk.sonar.x3.producer.union (1).torrent 2014-01-17 20:32 - 2014-01-17 20:32 - 01050092 _____ C:\Users\User.User-PC\Downloads\[kickass.to]cakewalk.sonar.x3.producer.edition.dvdr.r2r.paz (1).torrent 2014-01-17 19:35 - 2014-01-17 19:35 - 00000196 _____ C:\Users\User.User-PC\Downloads\7a3ff2be-11f9-400a-b005-6f9c7b7a540a.htm 2014-01-17 19:33 - 2014-01-17 20:01 - 00000000 ____D C:\Program Files (x86)\JDownloader 2014-01-17 19:31 - 2014-01-17 19:31 - 00081488 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\User.User-PC\Downloads\WebInstaller.exe 2014-01-17 01:21 - 2014-01-17 05:03 - 943718400 _____ C:\Users\User.User-PC\Downloads\Cakewalk123.part06.rar 2014-01-16 11:38 - 2014-01-16 11:38 - 01050092 _____ C:\Users\User.User-PC\Downloads\[kickass.to]cakewalk.sonar.x3.producer.edition.dvdr.r2r.paz.torrent 2014-01-15 23:08 - 2014-01-16 04:16 - 943718400 _____ C:\Users\User.User-PC\Downloads\Cakewalk123.part01.rar 2014-01-15 23:07 - 2014-01-16 02:58 - 658645936 _____ C:\Users\User.User-PC\Downloads\Cakewalk.SONAR.X3.Producer.Edition.X3d.Update-R2R.rar 2014-01-15 23:02 - 2014-01-15 23:02 - 02347384 _____ (ESET) C:\Users\User.User-PC\Downloads\esetsmartinstaller_enu.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 00018434 _____ C:\Users\User.User-PC\Downloads\[kickass.to]cakewalk.sonar.x3.producer.union.torrent 2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Malwarebytes 2014-01-15 21:11 - 2014-01-26 19:44 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-01-15 21:11 - 2014-01-26 19:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-15 21:11 - 2014-01-15 21:11 - 00000000 ____D C:\ProgramData\Malwarebytes 2014-01-15 21:11 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-01-15 09:06 - 2013-11-27 01:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 09:06 - 2013-11-27 01:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 09:06 - 2013-11-27 01:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 09:06 - 2013-11-27 01:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 09:06 - 2013-11-27 01:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 09:06 - 2013-11-27 01:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 09:06 - 2013-11-27 01:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 09:06 - 2013-11-26 11:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 09:06 - 2013-11-26 10:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-08 23:42 - 2014-01-09 13:08 - 00000000 ____D C:\Users\User.User-PC\Desktop\8th Jan 2014 2014-01-07 12:53 - 2014-01-07 17:51 - 00000000 ____D C:\Users\User.User-PC\Desktop\Show me what to do ==================== One Month Modified Files and Folders ======= 2014-01-27 23:24 - 2014-01-27 23:24 - 00017265 _____ C:\Users\User.User-PC\Downloads\FRST.txt 2014-01-27 23:23 - 2014-01-27 23:23 - 02079232 _____ (Farbar) C:\Users\User.User-PC\Downloads\FRST64.exe 2014-01-27 23:23 - 2014-01-27 23:23 - 00000000 ____D C:\FRST 2014-01-27 23:22 - 2014-01-27 23:22 - 01622528 _____ (Farbar) C:\Users\User.User-PC\Downloads\FRST.exe 2014-01-27 23:19 - 2012-11-24 21:38 - 01645107 _____ C:\Windows\WindowsUpdate.log 2014-01-27 23:18 - 2012-11-24 22:14 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8D852255-65B2-428E-9DFA-48D99F82DB19} 2014-01-27 23:02 - 2014-01-27 22:58 - 00021454 _____ C:\Users\User.User-PC\Desktop\dds.txt 2014-01-27 23:02 - 2014-01-27 22:58 - 00013333 _____ C:\Users\User.User-PC\Desktop\attach.txt 2014-01-27 22:55 - 2012-11-24 22:13 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-27 22:51 - 2014-01-27 22:50 - 00688992 ____R (Swearware) C:\Users\User.User-PC\Downloads\dds.com 2014-01-27 22:50 - 2014-01-27 22:50 - 00688992 ____R (Swearware) C:\Users\User.User-PC\Downloads\dds.scr 2014-01-27 22:41 - 2012-11-25 16:10 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-27 22:41 - 2012-11-25 15:32 - 00000000 ____D C:\Program Files (x86)\SpeedFan 2014-01-27 22:40 - 2013-11-13 16:01 - 00016262 _____ C:\Windows\setupact.log 2014-01-27 22:40 - 2012-11-24 23:29 - 00175036 _____ C:\Windows\PFRO.log 2014-01-27 22:40 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-27 22:35 - 2012-11-25 16:10 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-27 22:11 - 2009-07-14 04:45 - 00010128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-27 22:11 - 2009-07-14 04:45 - 00010128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-27 21:17 - 2013-03-30 02:26 - 00001692 _____ C:\Windows\Sandboxie.ini 2014-01-27 19:00 - 2014-01-18 12:28 - 00000386 _____ C:\Windows\Tasks\At5.job 2014-01-27 19:00 - 2014-01-18 03:57 - 00000386 _____ C:\Windows\Tasks\At4.job 2014-01-27 19:00 - 2014-01-18 03:55 - 00000386 _____ C:\Windows\Tasks\At3.job 2014-01-27 19:00 - 2014-01-18 03:52 - 00000386 _____ C:\Windows\Tasks\At2.job 2014-01-27 19:00 - 2014-01-18 03:18 - 00000386 _____ C:\Windows\Tasks\At1.job 2014-01-27 18:28 - 2014-01-26 21:27 - 00051702 _____ C:\Users\User.User-PC\Desktop\What have we got to do.cpr 2014-01-27 18:28 - 2013-12-13 11:12 - 00000000 ____D C:\Users\User.User-PC\Desktop\Audio 2014-01-27 18:27 - 2014-01-27 18:13 - 00000000 ____D C:\Users\User.User-PC\Desktop\What have we got to do basslines 2014-01-27 18:06 - 2013-12-13 11:13 - 00000000 ____D C:\Users\User.User-PC\Desktop\Images 2014-01-26 23:57 - 2014-01-26 23:57 - 02605768 _____ (Sandboxie Holdings, LLC) C:\Users\User.User-PC\Downloads\SandboxieInstall.exe 2014-01-26 21:14 - 2014-01-18 01:52 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Celemony Software GmbH 2014-01-26 20:11 - 2014-01-18 02:22 - 00006656 _____ C:\Users\User.User-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-26 20:05 - 2014-01-25 23:04 - 00000000 ____D C:\Windows\pss 2014-01-26 19:54 - 2012-11-25 16:09 - 00000000 ____D C:\ProgramData\AVAST Software 2014-01-26 19:44 - 2014-01-15 21:11 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-01-26 19:44 - 2014-01-15 21:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-26 18:12 - 2012-11-25 15:40 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\vlc 2014-01-26 18:07 - 2014-01-26 17:39 - 524118515 _____ C:\Users\User.User-PC\Downloads\SLWM.SC5-SHULiBAN.rar 2014-01-26 16:56 - 2014-01-26 16:56 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2014-01-26 16:55 - 2014-01-26 16:55 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2014-01-26 16:55 - 2014-01-26 16:55 - 00000000 ____D C:\Program Files\Realtek 2014-01-26 16:52 - 2012-11-24 22:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2014-01-26 15:40 - 2014-01-26 15:40 - 00000000 ____D C:\Program Files (x86)\Realtek 2014-01-26 15:39 - 2014-01-26 15:39 - 00000000 ____D C:\Users\USER~1~USE 2014-01-26 15:37 - 2014-01-26 14:24 - 108956093 _____ (Realtek Semiconductor Corp.) C:\Users\User.User-PC\Downloads\64bit_Win7_Win8_Win81_R273.exe 2014-01-26 12:29 - 2014-01-17 23:49 - 00000000 ____D C:\Cakewalk Projects 2014-01-25 22:39 - 2012-11-25 15:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2014-01-21 17:44 - 2012-11-25 11:33 - 00000000 ____D C:\Users\User.User-PC\AppData\Local\Adobe 2014-01-21 17:44 - 2012-11-24 22:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-01-21 17:44 - 2012-11-24 22:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-21 17:44 - 2012-11-24 22:13 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-01-21 17:42 - 2014-01-21 17:41 - 18126032 _____ (Adobe Systems Inc.) C:\Users\User.User-PC\Downloads\AdobeAIRInstaller.exe 2014-01-20 01:04 - 2014-01-20 01:04 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\4Front 2014-01-19 19:53 - 2014-01-19 19:57 - 00000000 ____D C:\Users\User.User-PC\Desktop\Oddsocks Album PrePro 2014-01-19 19:53 - 2014-01-19 19:53 - 41085786 _____ C:\Users\User.User-PC\Downloads\Oddsocks Album PrePro.zip 2014-01-19 19:48 - 2014-01-19 19:27 - 2174826508 _____ C:\Users\User.User-PC\Downloads\Tunes.zip 2014-01-19 15:36 - 2014-01-19 15:36 - 00001267 _____ C:\Users\Public\Desktop\Rapture.lnk 2014-01-19 15:36 - 2014-01-17 23:21 - 00000000 ____D C:\Program Files (x86)\Cakewalk 2014-01-19 03:23 - 2014-01-17 23:36 - 00770228 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2014-01-19 03:23 - 2009-07-14 05:13 - 00770228 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-19 03:19 - 2014-01-19 03:19 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software 2014-01-19 03:18 - 2014-01-19 03:18 - 00000000 ____D C:\Program Files\Common Files\VST3 2014-01-19 03:18 - 2014-01-19 03:18 - 00000000 ____D C:\Program Files\Common Files\VST2 2014-01-19 03:18 - 2014-01-19 03:18 - 00000000 ____D C:\Program Files\Common Files\Avid 2014-01-19 03:18 - 2014-01-19 03:18 - 00000000 ____D C:\Program Files\Celemony 2014-01-19 03:18 - 2014-01-19 03:18 - 00000000 ____D C:\Program Files (x86)\Celemony 2014-01-19 03:18 - 2014-01-17 23:58 - 00000000 ____D C:\ProgramData\Celemony Software GmbH 2014-01-19 03:18 - 2014-01-17 23:57 - 00000000 ____D C:\Program Files\Common Files\Celemony 2014-01-19 03:18 - 2012-12-06 17:02 - 00000000 ____D C:\Program Files (x86)\Steinberg 2014-01-18 14:00 - 2014-01-18 14:00 - 00001321 _____ C:\Users\Public\Desktop\SONAR X3 Producer.lnk 2014-01-18 14:00 - 2014-01-18 14:00 - 00000000 ____D C:\Users\User.User-PC\Documents\Cakewalk 2014-01-18 13:47 - 2014-01-17 23:21 - 00000000 ____D C:\ProgramData\Cakewalk 2014-01-18 13:46 - 2014-01-18 13:46 - 00000000 ____D C:\Users\User.User-PC\Documents\Nomad Factory 2014-01-18 13:41 - 2014-01-17 23:24 - 00000000 ____D C:\Cakewalk Content 2014-01-18 13:31 - 2014-01-17 23:21 - 00000000 ____D C:\ProgramData\Overloud 2014-01-18 13:25 - 2009-07-14 04:45 - 04978576 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-18 13:24 - 2012-11-24 22:26 - 00112480 _____ C:\Users\User.User-PC\AppData\Local\GDIPFONTCACHEV1.DAT 2014-01-18 13:11 - 2014-01-18 03:19 - 00000000 ____D C:\Program Files (x86)\u-he 2014-01-18 12:40 - 2014-01-18 12:40 - 00000000 ____D C:\Users\User.User-PC\AppData\Local\Cakewalk 2014-01-18 12:35 - 2014-01-18 01:47 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Cakewalk 2014-01-18 12:28 - 2014-01-18 12:28 - 00001834 _____ C:\Windows\System32\Tasks\At5 2014-01-18 12:26 - 2014-01-18 12:26 - 00118784 _____ C:\Windows\dsdxirmv.exe 2014-01-18 03:57 - 2014-01-18 03:57 - 00001834 _____ C:\Windows\System32\Tasks\At4 2014-01-18 03:55 - 2014-01-18 03:55 - 00001834 _____ C:\Windows\System32\Tasks\At3 2014-01-18 03:52 - 2014-01-18 03:52 - 00001834 _____ C:\Windows\System32\Tasks\At2 2014-01-18 03:18 - 2014-01-18 03:18 - 00001834 _____ C:\Windows\System32\Tasks\At1 2014-01-18 03:17 - 2014-01-17 20:42 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Azureus 2014-01-18 03:06 - 2014-01-18 03:06 - 00014290 _____ C:\Users\User.User-PC\Downloads\[kickass.to]celemony.melodyne.studio.edition.v3.torrent 2014-01-18 01:52 - 2014-01-18 01:52 - 00000000 ____D C:\Users\User.User-PC\TruePianos Settings 2014-01-18 01:52 - 2014-01-18 01:52 - 00000000 ____D C:\Users\User.User-PC\Documents\Celemony 2014-01-18 01:52 - 2014-01-18 01:51 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Applied Acoustics Systems 2014-01-18 01:52 - 2012-11-24 22:08 - 00000000 ____D C:\Users\User.User-PC 2014-01-18 01:51 - 2014-01-18 01:51 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Overloud 2014-01-17 23:54 - 2014-01-17 23:54 - 00000000 ____D C:\ProgramData\Temporary 2014-01-17 23:51 - 2014-01-17 23:51 - 00038415 _____ C:\Users\User.User-PC\Downloads\[kickass.to]cakewalk.sonar.x3.producer.edition.x3c.update.r2r.ex23.torrent 2014-01-17 23:29 - 2014-01-17 23:29 - 00000000 ____D C:\ProgramData\Package Cache 2014-01-17 20:44 - 2013-03-29 18:16 - 00000000 ____D C:\Program Files\Vuze 2014-01-17 20:43 - 2013-03-29 18:15 - 00000000 _____ C:\END 2014-01-17 20:39 - 2014-01-17 20:39 - 00018434 _____ C:\Users\User.User-PC\Downloads\[kickass.to]cakewalk.sonar.x3.producer.union (1).torrent 2014-01-17 20:32 - 2014-01-17 20:32 - 01050092 _____ C:\Users\User.User-PC\Downloads\[kickass.to]cakewalk.sonar.x3.producer.edition.dvdr.r2r.paz (1).torrent 2014-01-17 20:01 - 2014-01-17 19:33 - 00000000 ____D C:\Program Files (x86)\JDownloader 2014-01-17 19:35 - 2014-01-17 19:35 - 00000196 _____ C:\Users\User.User-PC\Downloads\7a3ff2be-11f9-400a-b005-6f9c7b7a540a.htm 2014-01-17 19:31 - 2014-01-17 19:31 - 00081488 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\User.User-PC\Downloads\WebInstaller.exe 2014-01-17 05:03 - 2014-01-17 01:21 - 943718400 _____ C:\Users\User.User-PC\Downloads\Cakewalk123.part06.rar 2014-01-16 11:38 - 2014-01-16 11:38 - 01050092 _____ C:\Users\User.User-PC\Downloads\[kickass.to]cakewalk.sonar.x3.producer.edition.dvdr.r2r.paz.torrent 2014-01-16 04:16 - 2014-01-15 23:08 - 943718400 _____ C:\Users\User.User-PC\Downloads\Cakewalk123.part01.rar 2014-01-16 02:58 - 2014-01-15 23:07 - 658645936 _____ C:\Users\User.User-PC\Downloads\Cakewalk.SONAR.X3.Producer.Edition.X3d.Update-R2R.rar 2014-01-15 23:02 - 2014-01-15 23:02 - 02347384 _____ (ESET) C:\Users\User.User-PC\Downloads\esetsmartinstaller_enu.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 00018434 _____ C:\Users\User.User-PC\Downloads\[kickass.to]cakewalk.sonar.x3.producer.union.torrent 2014-01-15 22:26 - 2013-08-20 16:14 - 00000000 ____D C:\Users\User.User-PC\recordings 2014-01-15 22:06 - 2013-12-16 12:11 - 00000000 ____D C:\Windows\system32\MRT 2014-01-15 22:02 - 2012-11-24 23:50 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-15 22:00 - 2012-11-25 20:25 - 00000000 ____D C:\PDFZilla 2014-01-15 21:55 - 2012-11-25 11:30 - 00000000 ____D C:\ProgramData\Adobe 2014-01-15 21:54 - 2012-11-25 11:30 - 00000000 ____D C:\Program Files (x86)\Adobe 2014-01-15 21:52 - 2012-11-25 11:49 - 00000000 ____D C:\Program Files\Common Files\Adobe 2014-01-15 21:48 - 2012-11-24 22:13 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Adobe 2014-01-15 21:12 - 2014-01-15 21:12 - 00000000 ____D C:\Users\User.User-PC\AppData\Roaming\Malwarebytes 2014-01-15 21:11 - 2014-01-15 21:11 - 00000000 ____D C:\ProgramData\Malwarebytes 2014-01-09 16:47 - 2014-01-26 18:10 - 524116823 _____ C:\Users\User.User-PC\Desktop\thescretlifeowaltermitydvdscr-SHULiBAN.mkv 2014-01-09 13:08 - 2014-01-08 23:42 - 00000000 ____D C:\Users\User.User-PC\Desktop\8th Jan 2014 2014-01-09 12:45 - 2013-12-05 19:11 - 00000000 ____D C:\Users\User.User-PC\Desktop\5th dec 13 2014-01-07 17:51 - 2014-01-07 12:53 - 00000000 ____D C:\Users\User.User-PC\Desktop\Show me what to do 2013-12-29 19:41 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache Files to move or delete: ==================== C:\Windows\Tasks\At1.job C:\Windows\Tasks\At2.job C:\Windows\Tasks\At3.job C:\Windows\Tasks\At4.job C:\Windows\Tasks\At5.job Some content of TEMP: ==================== C:\Users\User.User-PC\AppData\Local\Temp\Setup.exe C:\Users\User.User-PC\AppData\Local\Temp\sfamcc00001.dll C:\Users\User.User-PC\AppData\Local\Temp\sfareca00001.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-19 00:41 ==================== End Of Log ============================ Addition.txt

Hi, I hope you can help me. Laptop has slowed down significantly and even after running MBAM Quick Scan I still get popup messages. Anyway here are my details: Quick scan results: Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.org Database version: v2014.01.27.01 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476User :: USER-PC [administrator] Protection: Enabled 27/01/2014 22:31:56mbam-log-2014-01-27 (22-31-56).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 251869Time elapsed: 7 minute(s), 2 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 1HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Quarantined and deleted successfully. Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 3C:\Users\User.User-PC\AppData\Local\Temp\is1070216317\163117453_stp\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.C:\Users\User.User-PC\AppData\Local\Temp\is1070216317\163117549_stp\JumpFlipSetup.exe (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.C:\Users\User.User-PC\Local Settings\Temporary Internet Files\Content.IE5\UUFPGPCC\Setup[1].exe (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully. (end) I cleaned all of these infections. Attach: .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1Install Date: 24/11/2012 21:39:23System Uptime: 27/01/2014 22:40:27 (0 hours ago).Motherboard: TOSHIBA | | Portable PCProcessor: AMD Turion X2 Dual-Core Mobile RM-70 | Socket M2/S1G1 | 2000/1800mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 149 GiB total, 35.569 GiB free.D: is CDROM ()E: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: Description: Device ID: ACPI\TOS1901\2&DABA3FF&1Manufacturer: Name: PNP Device ID: ACPI\TOS1901\2&DABA3FF&1Service: .==== System Restore Points ===================.RP167: 19/01/2014 03:00:12 - Windows UpdateRP168: 25/01/2014 13:30:16 - Windows UpdateRP169: 26/01/2014 19:52:21 - avast! Free Antivirus Setup.==== Installed Programs ======================.7-Zip 9.20 (x64 edition)Adobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 12 PluginAdobe Reader XI (11.0.06)AMD Accelerated Video TranscodingAMD APP SDK RuntimeAMD Catalyst Install ManagerAMD Drag and Drop TranscodingAMD FuelAMD Media Foundation DecodersAMD VISION Engine Control CenterAntares Autotune VST RTAS TDM v5.08aTube CatcherAudacity 1.2.6AVS Screen Capture version 2.0.1AVS Video Editor 5AVS Video Recorder 2.4Blue Cat's Chorus VST 4.01Blue Cat's Flanger VST 3.01Blue Cat's Freeware Pack VST 2.01Blue Cat's FreqAnalyst VST 2.01Blue Cat's Gain Suite VST 3.01Blue Cat's Phaser VST 3.01Blue Cat's Triple EQ VST 4.01Catalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCompatibility Pack for the 2007 Office systemD3DX10DAEMON Tools LiteDefinition Update for Microsoft Office 2010 (KB982726) 64-Bit EditionDreamStation DXi2DVD Shrink 3.2eLicenser ControlEPSON Printer SoftwareFre(a)koscopeGoogle ChromeGoogle EarthGoogle Update HelperHigh-Definition Video PlaybackJava 7 Update 45Java Auto UpdaterJava 7 Update 1 (64-bit)Malwarebytes Anti-Malware version 1.75.0.1300MediaMonkey 4.0Melodyne singletrackMicrosoft .NET Framework 4.5Microsoft Application Error ReportingMicrosoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 32-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office PowerPoint Viewer 2007 (English)Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 32-bit MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106Microsoft WorksMicrosoft_VC80_ATL_x86Microsoft_VC80_ATL_x86_x64Microsoft_VC80_CRT_x86Microsoft_VC80_CRT_x86_x64Microsoft_VC80_MFC_x86Microsoft_VC80_MFC_x86_x64Microsoft_VC80_MFCLOC_x86Microsoft_VC80_MFCLOC_x86_x64Microsoft_VC90_ATL_x86Microsoft_VC90_ATL_x86_x64Microsoft_VC90_CRT_x86Microsoft_VC90_CRT_x86_x64Microsoft_VC90_MFC_x86Microsoft_VC90_MFC_x86_x64Movie MakerMozilla Firefox 17.0 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMSVCRT110MSVCRT110_amd64Nero 11Nero 11 ClipartsNero 11 Disc Menus 1Nero 11 Disc Menus 2Nero 11 Disc Menus 3Nero 11 Disc Menus BasicNero 11 Effects BasicNero 11 Image SamplesNero 11 Kwik Themes 1Nero 11 Kwik Themes 2Nero 11 Kwik Themes 3Nero 11 Kwik Themes 4Nero 11 Kwik Themes BasicNero 11 PiP Effects 1Nero 11 PiP Effects BasicNero 11 Video SamplesNero 11 Video Transitions 1Nero Audio Pack 1Nero BackItUp 11 Help (CHM)Nero Burning ROM 11Nero Burning ROM 11 Help (CHM)Nero ControlCenter 11Nero ControlCenter 11 Help (CHM)Nero Core Components 11Nero CoverDesigner 11Nero CoverDesigner 11 Help (CHM)Nero Express 11Nero Express 11 Help (CHM)Nero Kwik Media Help (CHM)Nero Recode 11Nero Recode 11 Help (CHM)Nero RescueAgent 11 Help (CHM)Nero SoundTrax 11Nero SoundTrax 11 Help (CHM)Nero Video 11Nero Video 11 Help (CHM)Nero WaveEditor 11Nero WaveEditor 11 Help (CHM)nero.prerequisites.msiPhoto CommonPhoto GalleryPicasa 3QuickTimeRapture 1.2.2Realtek High Definition Audio DriverSandboxie 4.08 (64-bit)Security Update for Microsoft .NET Framework 4.5 (KB2737083)Security Update for Microsoft .NET Framework 4.5 (KB2742613)Security Update for Microsoft .NET Framework 4.5 (KB2789648)Security Update for Microsoft .NET Framework 4.5 (KB2833957)Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)Security Update for Microsoft .NET Framework 4.5 (KB2861208)Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553284) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2850016) 64-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2837597) 64-Bit EditionService Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit EditionSkype Click to CallSkype™ 6.6Softube Acoustic Feedback VST RTAS v1.0.7Softube Bass Amp Room VST RTAS v1.0.2Softube FET Compressor VST RTAS v1.0.3Softube Metal Amp Room VST RTAS v1.1.5Softube Passive-Active Pack VST RTAS v1.0.2Softube Spring Reverb VST RTAS v1.0.4Softube Trident A-Range VST RTAS v1.0.2Softube Tube-Tech CL 1B VST RTAS v1.0.3Softube Tube Delay VST RTAS v1.0.5Softube Vintage Amp Room VST RTAS v1.0.8SONAR X3 ProducerSpeedFan (remove only)Steinberg Cubase SX 3swMSMSynaptics Pointing Device DriverTomTom HOMETomTom HOME Visual Studio Merge ModulesTOSHIBA TEMPROTOSHIBA Value Added PackageTotal Commander 64-bit (Remove or Repair)Update for Microsoft .NET Framework 4.5 (KB2750147)Update for Microsoft .NET Framework 4.5 (KB2805221)Update for Microsoft .NET Framework 4.5 (KB2805226)Update for Microsoft Access 2010 (KB2553446) 64-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2589298) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2589352) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2597087) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2850079) 64-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 64-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 64-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit EditionUpdate for Microsoft Word 2010 (KB2837593) 64-Bit EditionVLC media player 2.0.4WaveLab 6Wavpack4Wavelab6welcomeWindows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWinRAR archiver.==== Event Viewer Messages From Past Week ========.27/01/2014 16:46:04, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.27/01/2014 14:15:11, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding26/01/2014 16:54:22, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.26/01/2014 16:54:22, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.26/01/2014 10:56:23, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.26/01/2014 10:56:23, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.25/01/2014 22:39:57, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error: An instance of the service is already running.25/01/2014 22:39:12, Error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.25/01/2014 22:38:57, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.25/01/2014 22:38:57, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.25/01/2014 22:38:57, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.25/01/2014 22:38:57, Error: Service Control Manager [7031] - The Remote Desktop Services UserMode Port Redirector service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.25/01/2014 22:38:57, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.25/01/2014 22:38:57, Error: Service Control Manager [7031] - The Offline Files service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.25/01/2014 22:38:57, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.25/01/2014 22:38:57, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.25/01/2014 22:38:57, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service..==== End Of File =========================== DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2Run by User at 22:56:33 on 2014-01-27Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.2814.1529 [GMT 0:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\AUDIODG.EXEC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\atieclxx.exeC:\Program Files\Sandboxie\SbieSvc.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Windows\Explorer.EXEC:\Windows\system32\Dwm.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\svchost.exe -k LPDServiceC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\System32\tcpsvcs.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\rundll32.exeC:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exeC:\Program Files\TOSHIBA\Power Saver\TPwrMain.exeC:\Program Files\TOSHIBA\SmoothView\SmoothView.exeC:\Program Files\TOSHIBA\FlashCards\TCrdMain.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\SpeedFan\speedfan.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskeng.exeC:\Windows\SysWOW64\NOTEPAD.EXEC:\Windows\system32\taskeng.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllmRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" amlmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0mPolicies-System: SynchronousMachineGroupPolicy = dword:0mPolicies-System: SynchronousUserGroupPolicy = dword:0mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllTCP: NameServer = 89.101.160.4 89.101.160.5TCP: Interfaces\{038C5CD2-800E-4C16-8482-7B47D3832207} : DHCPNameServer = 89.101.160.4 89.101.160.5TCP: Interfaces\{038C5CD2-800E-4C16-8482-7B47D3832207}\175796E6E6 : DHCPNameServer = 192.168.178.1TCP: Interfaces\{038C5CD2-800E-4C16-8482-7B47D3832207}\35B4959353544413 : DHCPNameServer = 192.168.0.1TCP: Interfaces\{038C5CD2-800E-4C16-8482-7B47D3832207}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141TCP: Interfaces\{038C5CD2-800E-4C16-8482-7B47D3832207}\94D6167696E656027596D61687021333D465 : DHCPNameServer = 192.168.15.1TCP: Interfaces\{4BE24489-F1D0-403E-BB21-6789766D4FB8} : DHCPNameServer = 89.19.64.36 89.19.64.164TCP: Interfaces\{7F13909A-D426-4CC4-84D7-37D6B8B72B8A} : DHCPNameServer = 192.168.137.1TCP: Interfaces\{A2A43CE3-833A-4B3A-901F-4EDDABC5C2BA} : DHCPNameServer = 172.30.140.69 172.31.140.69TCP: Interfaces\{C5755F77-13C0-4DC0-98FB-AB03773C12FA} : DHCPNameServer = 172.30.140.69 172.31.140.69Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exex64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exex64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXEx64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exex64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exex64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServicesx64-Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exex64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -sx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.================= FIREFOX ===================.FF - ProfilePath - C:\Users\User.User-PC\AppData\Roaming\Mozilla\Firefox\Profiles\ugjzqyeo.default\FF - plugin: C:\PROGRA~2\MEADCO~1\npmeadax.dllFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll.============= SERVICES / DRIVERS ===============.R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-3-27 22600]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-11-24 283200]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-4 238080]R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-7-4 361984]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-15 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-15 701512]R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-11-24 46136]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-15 25928]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187B.sys [2010-3-31 450048]R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2014-1-17 202600]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2013-4-20 133632]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-13 111616]S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2012-3-26 22528]S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-8-17 171008]S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-25 19456]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-25 57856]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-25 1255736]S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-4-15 3289208]S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]S4 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]S4 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-8-27 93072].=============== Created Last 30 ================.2014-01-26 19:53:03 -------- d-s---w- C:\Windows\SysWow64\Microsoft2014-01-26 16:55:47 -------- d-----w- C:\Windows\SysWow64\RTCOM2014-01-26 16:55:47 -------- d-----w- C:\Program Files\Realtek2014-01-26 16:53:56 603984 ----a-w- C:\Windows\System32\KAAPORT64.dll2014-01-26 16:52:17 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe2014-01-26 15:40:36 -------- d-----w- C:\Program Files (x86)\Realtek2014-01-25 23:04:28 -------- d-----w- C:\Windows\pss2014-01-25 13:31:11 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDCC5FBB-3A1D-4C36-9E02-45CB312B07E1}\mpengine.dll2014-01-20 01:04:55 -------- d-----w- C:\Users\User.User-PC\AppData\Roaming\4Front2014-01-19 03:19:02 -------- d-----w- C:\Program Files\Common Files\Propellerhead Software2014-01-19 03:18:51 -------- d-----w- C:\Program Files\Common Files\VST32014-01-19 03:18:49 -------- d-----w- C:\Program Files\Common Files\VST22014-01-19 03:18:33 -------- d-----w- C:\Program Files\Common Files\Avid2014-01-19 03:18:20 -------- d-----w- C:\Program Files\Celemony2014-01-19 03:18:19 -------- d-----w- C:\Program Files (x86)\Celemony2014-01-18 13:45:38 -------- d-----w- C:\Program Files (x86)\Common Files\Propellerhead Software2014-01-18 12:40:38 -------- d-----w- C:\Users\User.User-PC\AppData\Local\Cakewalk2014-01-18 12:26:05 118784 ----a-w- C:\Windows\dsdxirmv.exe2014-01-18 03:19:33 -------- d-----w- C:\Program Files (x86)\u-he2014-01-18 01:52:28 -------- d-----w- C:\Users\User.User-PC\AppData\Roaming\Celemony Software GmbH2014-01-18 01:52:20 -------- d-----w- C:\Users\User.User-PC\TruePianos Settings2014-01-18 01:51:46 -------- d-----w- C:\Users\User.User-PC\AppData\Roaming\Applied Acoustics Systems2014-01-18 01:51:32 -------- d-----w- C:\Users\User.User-PC\AppData\Roaming\Overloud2014-01-18 01:47:11 -------- d-----w- C:\Users\User.User-PC\AppData\Roaming\Cakewalk2014-01-17 23:58:54 -------- d-----w- C:\ProgramData\Celemony Software GmbH2014-01-17 23:57:58 -------- d-----w- C:\Program Files (x86)\Common Files\Celemony2014-01-17 23:57:57 -------- d-----w- C:\Program Files\Common Files\Celemony2014-01-17 23:54:56 -------- d-----w- C:\ProgramData\Temporary2014-01-17 23:49:03 -------- d-----w- C:\Cakewalk Projects2014-01-17 23:30:43 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll2014-01-17 23:30:43 487424 ----a-w- C:\Windows\SysWow64\msvcp70.dll2014-01-17 23:30:43 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll2014-01-17 23:30:43 344064 ----a-w- C:\Windows\SysWow64\msvcr70.dll2014-01-17 23:30:43 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll2014-01-17 23:30:43 1047552 ----a-w- C:\Windows\SysWow64\mfc71u.dll2014-01-17 23:29:28 -------- d-----w- C:\ProgramData\Package Cache2014-01-17 23:24:25 -------- d-----w- C:\Cakewalk Content2014-01-17 23:21:13 -------- d-----w- C:\ProgramData\Overloud2014-01-17 23:21:13 -------- d-----w- C:\ProgramData\Cakewalk2014-01-17 23:21:13 -------- d-----w- C:\Program Files (x86)\Cakewalk2014-01-17 19:33:37 -------- d-----w- C:\Program Files (x86)\JDownloader2014-01-15 21:12:43 -------- d-----w- C:\Users\User.User-PC\AppData\Roaming\Malwarebytes2014-01-15 21:11:43 -------- d-----w- C:\ProgramData\Malwarebytes2014-01-15 21:11:35 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2014-01-15 21:11:34 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-01-15 09:06:32 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys2014-01-15 09:06:32 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2014-01-15 09:06:31 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2014-01-15 09:06:31 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2014-01-15 09:06:31 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2014-01-15 09:06:30 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2014-01-15 09:06:30 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2014-01-15 09:06:28 3156480 ----a-w- C:\Windows\System32\win32k.sys2014-01-15 09:06:25 376768 ----a-w- C:\Windows\System32\drivers\netio.sys.==================== Find3M ====================.2014-01-21 17:44:35 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2014-01-21 17:44:35 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-12-18 06:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-11-05 19:47:54 3707864 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys2013-11-05 18:54:54 38385664 ----a-w- C:\Windows\System32\RCoRes64.dat2013-11-04 19:26:24 153304 ----a-w- C:\Windows\System32\RCoInstII64.dll2013-11-04 11:11:44 2587864 ----a-w- C:\Windows\System32\RtkAPO64.dll2013-10-30 16:31:04 929080 ----a-w- C:\Windows\System32\NAHIMICAPOSettingsIPC.dll2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll.============= FINISH: 22:57:46.60 =============== Thanks, Michael

Cool man cheers!

Hi. My machine has started to slow down big time. not half as fast as it was. anyway heres the details: MBAM log: Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Database version: v2012.09.28.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Conefry :: CONEFRY-LAPTOP [administrator] 29/09/2012 11:42:35 mbam-log-2012-09-29 (11-42-35).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 190766 Time elapsed: 8 minute(s), 55 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.7.2 Run by Conefry at 12:06:24 on 2012-09-29 Microsoft Windows XP Professional 5.1.2600.3.1252.353.1033.18.1790.1355 [GMT 1:00] . AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\S3Trayp.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe D:\My Documents\Downloads\Volume2_1_1_2_159_Portable\Volume2\Volume2.exe C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\WINDOWS\system32\S3LoadSv.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\notepad.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.ie/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll uRun: [Volume2] d:\my documents\downloads\volume2_1_1_2_159_portable\volume2\Volume2.exe mRun: [VTTimer] ;;; VTTimer.exe mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [s3Trayp] S3Trayp.exe mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1341942296000 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} - hxxp://utilities.pcpitstop.com/DiskMD3/DiskMD3Ctrl.dll TCP: DhcpNameServer = 89.101.160.4 89.101.160.5 TCP: Interfaces\{44E2C206-B6F5-407C-A352-8071FB753924} : DhcpNameServer = 89.101.160.4 89.101.160.5 SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 193552] R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2012-4-13 22168] R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2012-6-6 11264] R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2009-4-3 1680704] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-27 399432] R2 S3LoadSv;S3LoadSv;c:\windows\system32\s3loadsv.exe [2009-1-20 69632] R3 fspad;AVC Finger-sensing Pad Driver for Windows 2000/XP;c:\windows\system32\drivers\fspad.sys [2006-7-1 19584] R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2009-9-17 561152] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176] S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-17 676936] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-11 250056] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-8-14 13224] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys --> c:\windows\system32\drivers\ewusbdev.sys [?] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-17 22856] S3 WinDefend;Windows Defender;c:\windows\system32\svchost.exe -k secsvcs [2004-8-3 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\wpro_40_1340.sys --> c:\windows\system32\drivers\WPRO_40_1340.sys [?] . =============== Created Last 30 ================ . 2012-09-28 21:00:35 6980552 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c995101f-3db3-4079-841c-c7ac038adad9}\mpengine.dll 2012-09-27 20:32:25 6980552 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-09-06 18:01:48 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-09-06 18:01:36 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-09-03 21:25:36 -------- d-----w- c:\documents and settings\conefry\application data\HandBrake 2012-09-03 20:45:07 -------- d-----w- c:\program files\Handbrake . ==================== Find3M ==================== . 2012-09-07 16:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-06 18:01:09 821736 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-09-06 18:01:09 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-30 21:03:50 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14:53 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07:15 385024 ------w- c:\windows\system32\html.iec 2012-07-12 15:31:22 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-12 15:31:22 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys . ============= FINISH: 12:07:09.46 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 17/09/2009 19:51:54 System Uptime: 29/09/2012 11:38:53 (1 hours ago) . Motherboard: FUJITSU SIEMENS | | AMILO PRO V3515 Processor: Intel® Core Duo CPU T2450 @ 2.00GHz | mPGA 479M | 1595/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 50 GiB total, 25.018 GiB free. D: is FIXED (NTFS) - 62 GiB total, 2.566 GiB free. E: is CDROM () F: is CDROM () I: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: MAC Bridge Miniport Device ID: ROOT\MS_BRIDGEMP\0000 Manufacturer: Microsoft Name: MAC Bridge Miniport PNP Device ID: ROOT\MS_BRIDGEMP\0000 Service: BridgeMP . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.4) Adobe Shockwave Player 11.5 ASAPI Update Atheros Driver Installation Program Audacity 1.2.6 AVC Finger-sensing PAD Driver CodeMeter Runtime Kit v4.01 Conexant HD Audio DAEMON Tools Lite DC-Bass Source 1.1.1 ERUNT 1.1j Google Chrome Google Drive Google Earth Plug-in Google Update Helper HandBrake 0.9.8 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976002-v5) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) Java 7 Update 7 Java Auto Updater JavaFX 2.1.1 Malwarebytes Anti-Malware version 1.65.0.1400 Microsoft .NET Framework 2.0 Language Pack - DEU Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Calculator Plus Microsoft Compression Client Pack 1.0 for Windows XP Microsoft DirectX Transform optional components Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 OGA Notifier 2.0.0048.0 Picasa 3 Reason 4.0 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2722913) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972260) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Soft Data Fax Modem with SmartCP Steinberg WaveLab 5.01b TempoPerfect Metronome Software TweetDeck Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2641690) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Update for Windows XP (KB978207) VC80CRTRedist - 8.0.50727.6195 Veoh Web Player VIA Chrome9 HC IGP Family Display 6.14.10.0193 VIA Rhine-Family Fast-Ethernet Adapter VLC media player 2.0.2 Volume Control 1.2 WebFldrs XP Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 Windows PowerShell 1.0 Windows XP Service Pack 3 WinRAR archiver Worms Armageddon - New Edition . ==== Event Viewer Messages From Past Week ======== . 28/09/2012 22:54:05, error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s). 28/09/2012 22:54:03, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File ===========================

all sorted! Thanks very much again.