Pardew

I left the MBAM scan only 10 mins approximately. There were no threats found. The scan did not prompt a reboot but unable to copy and paste 'report'. (Can highlight text but unable on right-click to copy and paste) Is there an alternative way of doing this. Sorry.

Just to clarify, the MBAM scan that froze was the first one following the cp screen.

Hi Maurice, Carried out the above. Chameleon activated on the first blue square opening the cp screen. When it came to the MBAM scan, it froze after 58 seconds on - HKCR\Installer\Features\CF454FAAAC2892F4BA13A60149587EE6 Did 'naughty' reboot.

Hi Maurice. Sorry for the delay to replying. I have uninstalled UTorrent from my pc.

Hi Maurice. Thank you. Sorry - Vista Home Premium sp2 & MBAM 2013.01.12.05 The logs - DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16457 Run by popster at 17:34:49 on 2013-01-12 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2045.1151 [GMT 0:00] . AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\SLsvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Intel\IntelDH\CCU\AlertService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2012\avgfws.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe C:\Windows\System32\alg.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\system32\taskeng.exe C:\Windows\ehome\ehtray.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Windows\System32\mobsync.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\taskeng.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmprph.exe C:\Program Files\AVG\AVG2012\avgcfgex.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.co.uk/ mStart Page = hxxp://www.google.com mSearch Bar = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/keyword/%s dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - c:\program files\avg\avg2012\avgdtiex.dll BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\users\popster\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://training.k2ms.com/WebPlayer/authorware_web_player_installers/cab/awswaxd.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll DPF: {4A026B12-94F3-4D2F-A468-96AA55DE20A5} - hxxp://217.41.63.194:65531/img/NetCamPlayerWeb11g.ocx DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.1.254 TCP: Interfaces\{19FD4D38-5258-444F-B48D-F367539B2C4F} : DHCPNameServer = 192.168.1.254 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL AppInit_DLLs= c:\progra~1\google\google~1\googledesktopnetwork3.dll c:\progra~1\google\google~1\GoogleDesktopNetwork3.dll SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.52\installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952] R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2011-5-23 47968] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-7-26 237408] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-8-24 301920] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-12-4 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-12-4 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-12-26 116608] R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2012-6-13 2321560] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288] R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2007-2-12 208896] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-8-9 21504] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-5 398184] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-5 682344] R2 MCLServiceATL;Intel® Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2007-6-27 157912] R2 NMSCore;Intel® NMSCore;c:\program files\common files\intel\inteldh\nms\nmscore\NMSCore.exe [2007-6-27 317656] R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2007-2-18 5376] R2 QualityManager;Intel® Quality Manager;c:\program files\intel\inteldh\intel media server\media server\bin\QualityManager.exe [2007-6-27 272600] R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\homecinema\tv enhance\kernel\tv\TVECapSvc.exe [2007-10-31 290909] R2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\homecinema\tv enhance\kernel\tv\TVESched.exe [2007-10-31 114779] R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [2007-9-26 1242976] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232] R3 IntelDH;IntelDH Driver;c:\windows\system32\drivers\IntelDH.sys [2007-11-8 5632] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-5 21104] R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2007-11-21 569344] R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [2007-10-8 13976] S?2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 DHTRACE;Intel® DHTrace Controller;c:\program files\common files\intel\inteldh\bin\DHTraceController.exe [2007-6-27 39640] S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-7-17 30192] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-12-4 12872] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2013-01-12 11:26:53 -------- d-----w- c:\users\popster\appdata\local\{23C1E158-874F-4017-96F2-0E1C8B1D42CA} 2013-01-09 23:50:16 1400832 ----a-w- c:\windows\system32\msxml6.dll 2013-01-09 23:50:14 2048000 ----a-w- c:\windows\system32\win32k.sys 2013-01-09 23:50:12 204288 ----a-w- c:\windows\system32\ncrypt.dll 2013-01-09 23:38:43 -------- d-----w- c:\users\popster\appdata\local\{D20BAF27-7F5F-440C-AF77-9AA13B13A4D7} 2013-01-07 15:39:45 -------- d-----w- c:\users\popster\appdata\local\{FE3B78B2-A1B9-4BC9-AA25-137CC6DCDB2A} 2013-01-06 20:45:32 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-01-06 20:12:22 -------- d-----w- c:\users\popster\appdata\local\{0353B84D-8359-4634-864F-A403B401BBA7} 2013-01-05 22:35:55 -------- d-----w- c:\users\popster\appdata\local\{DA73D36E-14ED-47FD-BAAB-B205E02B3B5A} 2013-01-05 14:18:07 -------- d-----w- c:\windows\ERUNT 2013-01-05 14:10:18 -------- d-----w- c:\users\popster\appdata\roaming\Malwarebytes 2013-01-05 14:10:04 -------- d-----w- c:\programdata\Malwarebytes 2013-01-05 14:10:03 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-01-05 14:10:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-01-05 07:11:32 -------- d-----w- c:\users\popster\appdata\local\{8C91E7AA-C83C-49FC-A8F9-4819E04A6D39} 2013-01-04 11:08:32 -------- d-----w- C:\JRT 2013-01-04 10:21:36 -------- d-----w- c:\users\popster\appdata\local\{7B251A9B-91BE-4847-AC53-8909C5291605} 2013-01-03 14:21:05 -------- d-----w- c:\users\popster\appdata\local\{EFAF88C7-DAD1-4AFF-BE5E-03708A3D951A} 2013-01-02 15:42:38 -------- d-----w- c:\users\popster\appdata\local\{664603AF-1C2B-4DC2-A7B5-95D82C2A31AE} 2013-01-01 20:36:23 -------- d-----w- c:\users\popster\appdata\local\{8D96743C-6F86-47ED-9980-9B0C8D0EDC07} 2012-12-27 14:23:22 -------- d-----w- c:\users\popster\appdata\local\{A7683EE8-9CBB-475A-8BD1-07D2FB9809F0} 2012-12-26 09:22:20 -------- d-----w- c:\users\popster\appdata\local\{49B0C7F6-90A8-494A-A317-42B5C56AE07D} 2012-12-25 17:14:33 -------- d-----w- c:\users\popster\appdata\local\{FDB3203C-EAF7-49AA-AFEB-1CD828948855} 2012-12-24 14:53:24 -------- d-----w- c:\users\popster\appdata\local\{065BF280-6BE1-43C0-8C85-4C106D879DE9} 2012-12-23 17:44:25 -------- d-----w- c:\users\popster\appdata\local\{2B807B29-0FE1-443C-9881-E1524ECF504D} 2012-12-23 03:19:48 -------- d-----w- c:\users\popster\appdata\local\{2E544CA1-4145-41FA-845C-C6C67D7FCD5E} 2012-12-23 03:12:40 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-23 03:12:40 293376 ----a-w- c:\windows\system32\atmfd.dll 2012-12-22 14:26:32 -------- d-----w- c:\users\popster\appdata\local\{D87E5F51-E2A4-40CB-B3B4-6208405AC528} 2012-12-21 11:16:23 -------- d-----w- c:\users\popster\appdata\local\{57E3105D-2A38-4AA9-9851-AF375FAAC393} 2012-12-20 12:12:32 -------- d-----w- c:\users\popster\appdata\local\{41F54AF3-A858-4651-A60B-678974846643} 2012-12-20 00:50:51 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-12-20 00:50:29 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-12-20 00:50:29 16896 ----a-w- c:\windows\system32\winusb.dll 2012-12-20 00:50:29 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-12-20 00:50:28 73216 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-12-20 00:50:28 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-12-20 00:50:26 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-12-20 00:50:26 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-12-20 00:50:25 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-12-20 00:50:25 196608 ----a-w- c:\windows\system32\WUDFHost.exe 2012-12-20 00:50:24 613888 ----a-w- c:\windows\system32\WUDFx.dll 2012-12-20 00:47:22 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-20 00:47:16 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys 2012-12-20 00:47:13 376320 ----a-w- c:\windows\system32\dpnet.dll 2012-12-20 00:47:13 23040 ----a-w- c:\windows\system32\dpnsvr.exe 2012-12-19 12:35:28 -------- d-----w- c:\users\popster\appdata\local\{60F237C6-5D8C-4808-806A-CC6F47FD4206} 2012-12-18 16:41:34 -------- d-----w- c:\users\popster\appdata\local\{C155CC2D-8CA2-4CA6-B775-311BFE3C2987} 2012-12-15 11:05:57 -------- d-----w- c:\users\popster\appdata\local\{5EBA6C58-7D89-4A4A-8992-FC8148B66805} 2012-12-14 23:05:32 -------- d-----w- c:\users\popster\appdata\local\{9CDAF7DE-87A9-47C8-B352-3B0EF886463C} . ==================== Find3M ==================== . 2013-01-10 00:10:16 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-01-10 00:10:16 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb . ============= FINISH: 17:35:32.46 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 17/07/2008 16:25:03 System Uptime: 12/01/2013 11:23:51 (6 hours ago) . Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | MS-7502 Processor: Intel® Core2 Duo CPU E6750 @ 2.66GHz | Socket 775 | 1992/332mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 446 GiB total, 105.992 GiB free. D: is FIXED (FAT32) - 20 GiB total, 10.383 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1956: 19/12/2012 13:37:42 - Scheduled Checkpoint RP1957: 20/12/2012 00:48:08 - Windows Update RP1958: 20/12/2012 14:03:31 - Scheduled Checkpoint RP1959: 21/12/2012 12:20:42 - Scheduled Checkpoint RP1960: 22/12/2012 16:02:37 - Scheduled Checkpoint RP1961: 23/12/2012 03:09:15 - Windows Update RP1962: 23/12/2012 03:12:29 - Windows Update RP1963: 24/12/2012 16:39:22 - Scheduled Checkpoint RP1964: 25/12/2012 18:09:53 - Scheduled Checkpoint RP1965: 26/12/2012 10:09:41 - Scheduled Checkpoint RP1966: 27/12/2012 00:00:05 - Scheduled Checkpoint RP1967: 27/12/2012 15:27:33 - Scheduled Checkpoint RP1968: 30/12/2012 08:35:36 - Scheduled Checkpoint RP1969: 01/01/2013 19:53:53 - Scheduled Checkpoint RP1970: 02/01/2013 16:37:58 - Scheduled Checkpoint RP1972: 03/01/2013 03:21:24 - Removed Samsung PC Studio 3 RP1973: 03/01/2013 14:34:04 - Windows Update RP1974: 04/01/2013 12:59:38 - Scheduled Checkpoint RP1975: 05/01/2013 15:46:21 - Scheduled Checkpoint RP1976: 06/01/2013 20:43:09 - Installed Java 7 Update 10 RP1977: 06/01/2013 21:37:49 - Removed Java 6 Update 3 RP1978: 06/01/2013 21:41:29 - Removed Java 6 Update 3 RP1979: 06/01/2013 21:47:45 - Removed Java 6 Update 3 RP1980: 06/01/2013 21:48:00 - Removed Java 6 Update 4 RP1981: 06/01/2013 21:48:54 - Removed Java 6 Update 7 RP1982: 06/01/2013 21:49:29 - Removed Java 6 Update 3 RP1983: 06/01/2013 22:02:51 - Removed Java 6 Update 3 RP1984: 07/01/2013 22:15:53 - Scheduled Checkpoint RP1985: 09/01/2013 23:51:02 - Windows Update RP1986: 10/01/2013 00:15:15 - Windows Update RP1987: 10/01/2013 00:21:08 - Windows Update RP1988: 10/01/2013 01:26:26 - Removed Java 6 Update 3 RP1989: 12/01/2013 15:25:24 - Scheduled Checkpoint . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) AAC Decoder Acrobat.com Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Adobe Shockwave Player 11.5 Alcatel SpeedTouch USB Software Apple Application Support Apple Mobile Device Support Apple Software Update µTorrent Audacity 1.2.6 AVG 2012 Bonjour BT Broadband Desktop Help BT Yahoo! Applications BTHomeHub Compatibility Pack for the 2007 Office system D3DX10 DivX Codec DivX Plus DirectShow Filters DivX Version Checker DivX Web Player Epson Easy Photo Print 2 EPSON Printer Software Epson Stylus SX210_SX410_TX210_TX410 Manual EPSON SX410 Series Printer Uninstall Google Chrome Google Desktop Google Earth Google Update Helper Google Updater H.264 Decoder Highlight Viewer (Windows Live Toolbar) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) iCloud Intel® Matrix Storage Manager Intel® PRO Network Connections 12.2.41.0 Intel® Viiv Software iTunes Java 7 Update 10 Java Auto Updater Java 6 Update 3 Junk Mail filter update MakeDisc Malwarebytes Anti-Malware version 1.70.0.1100 Map Button (Windows Live Toolbar) MCE Software Encoder 1.1 MediaShow Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher 2007 Microsoft Office Publisher 2007 Trial Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MKV Splitter MobileMe Control Panel MSVCRT MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 7 Premium neroxml NVIDIA Drivers OGA Notifier 2.0.0048.0 OpenOffice.org 3.3 Opera 12.12 PHOTOfunSTUDIO PhotoNow! 1.0 PIF DESIGNER2.1 PowerDirector PowerProducer QuickTime Real Alternative 1.9.0 Realtek High Definition Audio Driver SAMSUNG Mobile Modem Driver Set Samsung Mobile phone USB driver Software SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio 3 USB Driver Installer ScanToWeb Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Segoe UI Smart Menus (Windows Live Toolbar) Spelling Dictionaries Support For Adobe Reader 8 SSC Service Utility v4.30 SUPERAntiSpyware Free Edition TV Enhance Ulead PhotoImpact 12 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VC80CRTRedist - 8.0.50727.762 VCRedistSetup Windows Live Communications Platform Windows Live Essentials Windows Live Favorites for Windows Live Toolbar Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live Toolbar Extension (Windows Live Toolbar) Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver WMPTagSupportExtender X10 Hardware . ==== Event Viewer Messages From Past Week ======== . 12/01/2013 17:09:26, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack. 12/01/2013 11:27:16, Error: Service Control Manager [7024] - The KtmRm for Distributed Transaction Coordinator service terminated with service-specific error 2147942438 (0x80070026). 12/01/2013 11:25:56, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt 12/01/2013 11:25:56, Error: Service Control Manager [7023] - The Intel® Viiv Media Server service terminated with the following error: Catastrophic failure 10/01/2013 00:33:29, Error: EventLog [6008] - The previous system shutdown at 00:28:18 on 10/01/2013 was unexpected. 10/01/2013 00:00:34, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 10/01/2013 00:00:34, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/01/2013 00:00:34, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 09/01/2013 23:54:48, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Microsoft .NET Framework 3.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 x86 (KB2756919). 09/01/2013 23:54:43, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2756919 (Security Update) into Staging(Staging) state 09/01/2013 23:54:43, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2756919 (Security Update) into Resolved(Resolved) state 06/01/2013 20:13:47, Error: Microsoft-Windows-SharedAccess_NAT [30005] - The DHCP allocator has detected a DHCP server with IP address 192.168.1.254 on the same network as the interface with IP address 192.168.0.1. The allocator has disabled itself on the interface to avoid confusing DHCP clients. 05/01/2013 14:33:45, Error: EventLog [6008] - The previous system shutdown at 14:28:57 on 05/01/2013 was unexpected. . ==== End Of File ===========================

Hi - Over the last couple of weeks or so, the PC has become a little slow. With the fantastic help of Noknojon at BC, we both recommended I post my ills to this forum to acquire more specialist assistance. After running various tools to try and rid me of the suspected cause(may not be): a pup.funmoods, pc 'seemed' ok again. After recently d/l latest Windows updates, I ran MBAM(trial) and it froze after about a minute into QS on - HKLM\SOFTWARE\Microsoft\Installer\User Data\S-1-5-18\Components\0002109511090400000E0239E6F5E85 so had to 'naughty' reboot. This happened about six months ago also before I first posted to BC. It was this exact item MBAM froze on back then also. Your help is much appreciated. Pardew