nicdigby

OK, here is the Quick Scan Malwarebytes log. Thank you in advance. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.07.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Nicola :: HOME-LAPTOP [administrator] 07/09/2013 16:48:46 mbam-log-2013-09-07 (16-48-46).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 242690 Time elapsed: 10 minute(s), 36 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 4 HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully. HKCR\CLSID\{DEDAF650-12B8-48f5-A843-BBA100716106} (PUP.SweetIM) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.SweetIM) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.SweetIM) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

hmmm, it won't let me post the Malwarebytes full log as it's too long. Thank you in advance for your help.

And the Malwarebytes full scan log: Hi, To cut a long story short, I've been told someone has installed a key logger on my computer, one which doesn't show up on the Programs list. The computer appears to be running as normal but the person concerned is very technically-minded so I think it's well hidden. I wonder if you could help me to track it down please? So many thanks for helping me. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.21.2 Run by Nicola at 12:55:36 on 2013-09-07 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3070.1244 [GMT 1:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\SLsvc.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Nicola\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uProxyServer = :0 BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe uRun: [Driver Detective] c:\program files\driver manager\driver manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC mRun: [Conime] c:\windows\system32\conime.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [sMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [serviceManager.exe] "c:\program files\virgin media\service manager\ServiceManager.exe" /AUTORUN mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime dRunOnce: [KodakHomeCenter] "c:\program files\kodak\aio\center\AiOHomeCenter.exe" StartupFolder: c:\users\nicola\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\nicola\appdata\roaming\dropbox\bin\Dropbox.exe mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.0.1 TCP: Interfaces\{90D5FC30-DF39-4006-BB55-7B629BE237B9} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{9CFF570F-9BA6-4E2D-B262-7FB6DE0994AA} : NameServer = 192.168.0.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.66\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-17 49376] R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-17 175176] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-4-27 20624] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-4-6 770344] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-4-6 369584] R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files\adobe\elements 11 organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-4-6 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-4-6 66336] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-4-6 46808] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-10-13 21504] R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2009-8-5 284016] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-8-16 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-8-16 701512] R2 ServicepointService;ServicepointService;c:\program files\virgin media\service manager\ServicepointService.exe [2012-4-17 689464] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-8-16 22856] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-9-7 40776] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2009-9-16 27632] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S2 Updater By Sweetpacks;Updater By Sweetpacks;c:\program files\updater by sweetpacks\extensionupdaterservice.exe --> c:\program files\updater by sweetpacks\ExtensionUpdaterService.exe [?] S3 HpGmb001;USB Mobile Packet Filter Driver;c:\windows\system32\drivers\HpGmb001.sys [2010-10-29 11264] S3 Leapfrog-USBLAN;Leapfrog-USBLAN;c:\windows\system32\drivers\btblan.sys [2011-8-23 33792] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2009-9-16 86824] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2009-9-16 15016] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2009-9-16 114728] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2009-9-16 106208] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2009-9-16 26024] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2009-9-16 104744] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2009-9-16 109864] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2011-9-29 252416] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2011-9-29 398720] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856] . =============== Created Last 30 ================ . 2013-09-07 08:26:45 7166848 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b802d9c0-377e-4eea-b3ad-65104beed290}\mpengine.dll 2013-09-07 08:19:28 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2013-08-31 17:13:53 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-08-25 14:23:18 -------- d-----w- c:\users\nicola\appdata\roaming\OpenOffice 2013-08-24 17:42:28 -------- d-----w- c:\program files\NT Registry Optimizer 2013-08-23 13:45:08 -------- d-----w- c:\program files\OpenOffice 4 2013-08-23 13:24:33 -------- d-----w- c:\users\nicola\appdata\local\Conduit 2013-08-23 08:50:01 770384 ----a-w- c:\windows\system32\msvcr100.dll 2013-08-23 08:50:01 632656 ----a-w- c:\windows\system32\msvcr80.dll 2013-08-23 08:50:01 554832 ----a-w- c:\windows\system32\msvcp80.dll 2013-08-23 08:50:01 479232 ----a-w- c:\windows\system32\msvcm80.dll 2013-08-23 08:50:01 421200 ----a-w- c:\windows\system32\msvcp100.dll 2013-08-23 08:48:57 -------- d-----w- c:\users\nicola\appdata\local\ShieldApps 2013-08-23 08:48:42 -------- d-----w- c:\program files\PC Registry Shield 2013-08-23 08:47:39 -------- d-----w- c:\program files\wrapper_inst 2013-08-22 17:45:47 -------- d-----w- c:\program files\FileOpenerPro 2013-08-22 17:45:20 -------- d-----w- c:\program files\MyPC Backup 2013-08-22 17:44:41 -------- d-----w- c:\users\nicola\appdata\roaming\Uniblue 2013-08-22 17:44:35 -------- d-----w- c:\program files\Uniblue 2013-08-22 17:43:13 -------- d-----w- c:\users\nicola\appdata\local\avgchrome 2013-08-22 17:42:32 -------- d-----w- c:\users\nicola\appdata\local\Smartbar 2013-08-22 17:41:17 -------- d-----w- c:\programdata\BrowserDefender 2013-08-22 17:40:17 -------- d-----w- c:\users\nicola\appdata\roaming\Babylon 2013-08-22 17:40:17 -------- d-----w- c:\programdata\Babylon 2013-08-21 15:13:55 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-08-16 17:48:26 -------- d-----w- c:\windows\system32\MRT 2013-08-16 13:38:10 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-16 13:38:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-08-15 20:30:53 41584 ----a-w- c:\windows\system32\drivers\gfiark.sys 2013-08-15 20:24:48 783360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-08-15 20:14:00 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-15 20:14:00 15872 ----a-w- c:\windows\system32\icaapi.dll 2013-08-15 20:13:46 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-08-15 20:12:27 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-15 20:08:13 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-15 20:08:12 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-08-15 20:08:12 1205168 ----a-w- c:\windows\system32\ntdll.dll 2013-08-15 20:07:38 172544 ----a-w- c:\windows\system32\wintrust.dll 2013-08-15 20:07:37 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-15 20:07:36 992768 ----a-w- c:\windows\system32\crypt32.dll 2013-08-15 20:07:36 98304 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-15 20:00:48 -------- d-----w- c:\windows\F34D9A5F484A4E31A9D3908CB265B289.TMP 2013-08-15 20:00:45 -------- d-----w- c:\program files\common files\Wise Installation Wizard 2013-08-15 19:58:59 15224 ----a-w- c:\windows\system32\sdnclean.exe 2013-08-15 19:58:37 -------- d-----w- c:\program files\Spybot - Search & Destroy 2 2013-08-15 19:38:54 -------- d-----w- c:\users\nicola\appdata\roaming\SoftwareDetectionScripts 2013-08-15 19:11:38 -------- d-----w- c:\program files\Sunbelt Software 2013-08-15 18:35:58 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1(100) . ==================== Find3M ==================== . 2013-08-21 08:40:39 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-08-21 08:40:39 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-07-25 02:32:35 1800704 ----a-w- c:\windows\system32\jscript9.dll 2013-07-25 02:26:10 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-07-25 02:25:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-07-25 02:23:59 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2013-07-25 02:23:58 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-07-25 02:22:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-06-28 18:57:40 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-06-28 18:57:40 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2008-05-29 20:46:45 4372992 ----a-w- c:\program files\openofficeorg24.msi 2008-02-08 20:33:18 323584 ----a-w- c:\program files\setup.exe 2002-03-11 09:06:30 1822520 ----a-w- c:\program files\instmsiw.exe 2002-03-11 08:45:04 1708856 ----a-w- c:\program files\instmsia.exe . ============= FINISH: 12:56:19.48 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 20/05/2008 01:22:29 System Uptime: 07/09/2013 09:16:02 (3 hours ago) . Motherboard: Quanta | | 30D2 Processor: Intel® Core2 Duo CPU T8100 @ 2.10GHz | U2E1 | 2100/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 221 GiB total, 75.897 GiB free. D: is FIXED (NTFS) - 12 GiB total, 2.098 GiB free. E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0000 Manufacturer: Microsoft Name: 6TO4 Adapter PNP Device ID: ROOT\*6TO4MP\0000 Service: tunnel . ==== System Restore Points =================== . RP981: 22/08/2013 20:32:33 - Removed Skype Click to Call RP983: 23/08/2013 09:51:41 - Before PC Registry Shield fix RP984: 23/08/2013 10:10:19 - Removed PC Registry Shield RP985: 23/08/2013 10:12:13 - Removed Internet Explorer Toolbar 4.9 by SweetPacks RP986: 23/08/2013 14:22:35 - Removed OpenOffice.org 3.2 RP987: 23/08/2013 14:44:37 - Installed OpenOffice 4.0.0 RP989: 23/08/2013 18:13:50 - Configured Microsoft Office Home and Student 2007 RP991: 23/08/2013 18:14:39 - Configured Microsoft Office Home and Student 2007 RP992: 23/08/2013 18:21:31 - Windows Update RP993: 24/08/2013 13:20:13 - Scheduled Checkpoint RP994: 24/08/2013 18:57:32 - after uninstallation of emisoft + defrag RP995: 24/08/2013 19:29:43 - after all cleaning, all de-fragging, should be working best! RP996: 25/08/2013 16:56:41 - Scheduled Checkpoint RP997: 27/08/2013 14:05:14 - Windows Update RP998: 28/08/2013 12:32:13 - Scheduled Checkpoint RP999: 29/08/2013 14:25:18 - Windows Update RP1000: 31/08/2013 18:13:45 - Windows Update RP1001: 01/09/2013 15:06:31 - Windows Update RP1002: 05/09/2013 21:52:03 - Scheduled Checkpoint RP1003: 07/09/2013 09:24:31 - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Updater Acrobat.com Activation Assistant for the 2007 Microsoft Office suites Adobe AIR Adobe Download Assistant Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop Elements 11 Adobe Reader 9.5.5 Adobe Shockwave Player Adobe Shockwave Player 11.5 aiofw aioprnt aioscnnr Amazon MP3 Downloader 1.0.17 Apple Application Support Apple Mobile Device Support Apple Software Update Auslogics Disk Defrag Avanquest update avast! Free Antivirus AVG PC Tuneup AVS DVD Copy 4.1.2.283 AVS Update Manager 1.0 AVS4YOU Software Navigator 1.4 Bonjour Broadcom 802.11 Wireless LAN Adapter CCleaner center CleanUp! Compatibility Pack for the 2007 Office system DHTML Editing Component Dropbox EA Link EasyCleaner Elements 11 Organizer ESU for Microsoft Vista Google Chrome Google Toolbar for Internet Explorer Google Update Helper Hauppauge MCE XP/Vista Software Encoder (2.0.25149) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Experience Enhancements HP Doc Viewer HP Easy Setup - Frontend HP Help and Support HP Product Detection HP QuickPlay 3.6 HP QuickTouch 1.00 C4 HP Update HP User Guides 0087 HP Wireless Assistant HP Wireless Comfort Mobile Mouse HPAsset component for HP Active Support Library iCloud Intel® Matrix Storage Manager Java 7 Update 21 Java Auto Updater KODAK AiO Home Centre ksDIP LightScribe System Software 1.10.13.1 Malwarebytes Anti-Malware version 1.75.0.1300 Media Go Video Playback Engine 1.88.116.12060 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office Word Viewer 2003 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MobileMe Control Panel Motorola SM56 Speakerphone Modem MSCU for Microsoft Vista MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NVIDIA Drivers OGA Notifier 2.0.0048.0 OpenOffice 4.0.0 PlayStation®Network Downloader PlayStation®Store PreReq PSE11 STI Installer PVSonyDll QuickTime Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Skype™ 5.10 Spelling Dictionaries Support For Adobe Reader 9 SpywareBlaster 5.0 Synaptics Pointing Device Driver Turbo Lister 2 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VC 9.0 Runtime VidCoder 1.3.4 (x86) Viewpoint Media Player Vimicro USB2.0 UVC PC Camera Virgin Media Service Manager 3.7.47 . ==== Event Viewer Messages From Past Week ======== . 31/08/2013 18:08:10, Error: Microsoft-Windows-Windows Defender [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.157.478.0 Loading engine version: 1.1.9800.0 07/09/2013 09:18:04, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 07/09/2013 09:16:30, Error: Microsoft-Windows-HttpEvent [15021] - An error occured while using SSL configuration for socket address 0.0.0.0:4482. The error status code is contained within the returned data. 07/09/2013 07:00:43, Error: Service Control Manager [7022] - The QuickPlay Background Capture Service (QBCS) service hung on starting. 07/09/2013 07:00:43, Error: Service Control Manager [7001] - The QuickPlay Task Scheduler (QTS) service depends on the QuickPlay Background Capture Service (QBCS) service which failed to start because of the following error: After starting, the service hung in a start-pending state. . ==== End Of File ===========================

Hi, To cut a long story short, I've been told someone has installed a key logger on my computer, one which doesn't show up on the Programs list. The computer appears to be running as normal but the person concerned is very technically-minded so I think it's well hidden. I wonder if you could help me to track it down please? So many thanks for helping me. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.21.2 Run by Nicola at 12:55:36 on 2013-09-07 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3070.1244 [GMT 1:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\SLsvc.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Nicola\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uProxyServer = :0 BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe uRun: [Driver Detective] c:\program files\driver manager\driver manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC mRun: [Conime] c:\windows\system32\conime.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [sMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [serviceManager.exe] "c:\program files\virgin media\service manager\ServiceManager.exe" /AUTORUN mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime dRunOnce: [KodakHomeCenter] "c:\program files\kodak\aio\center\AiOHomeCenter.exe" StartupFolder: c:\users\nicola\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\nicola\appdata\roaming\dropbox\bin\Dropbox.exe mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.0.1 TCP: Interfaces\{90D5FC30-DF39-4006-BB55-7B629BE237B9} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{9CFF570F-9BA6-4E2D-B262-7FB6DE0994AA} : NameServer = 192.168.0.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.66\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-17 49376] R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-17 175176] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-4-27 20624] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-4-6 770344] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-4-6 369584] R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files\adobe\elements 11 organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-4-6 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-4-6 66336] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-4-6 46808] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-10-13 21504] R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2009-8-5 284016] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-8-16 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-8-16 701512] R2 ServicepointService;ServicepointService;c:\program files\virgin media\service manager\ServicepointService.exe [2012-4-17 689464] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-8-16 22856] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-9-7 40776] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2009-9-16 27632] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S2 Updater By Sweetpacks;Updater By Sweetpacks;c:\program files\updater by sweetpacks\extensionupdaterservice.exe --> c:\program files\updater by sweetpacks\ExtensionUpdaterService.exe [?] S3 HpGmb001;USB Mobile Packet Filter Driver;c:\windows\system32\drivers\HpGmb001.sys [2010-10-29 11264] S3 Leapfrog-USBLAN;Leapfrog-USBLAN;c:\windows\system32\drivers\btblan.sys [2011-8-23 33792] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2009-9-16 86824] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2009-9-16 15016] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2009-9-16 114728] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2009-9-16 106208] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2009-9-16 26024] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2009-9-16 104744] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2009-9-16 109864] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2011-9-29 252416] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2011-9-29 398720] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856] . =============== Created Last 30 ================ . 2013-09-07 08:26:45 7166848 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b802d9c0-377e-4eea-b3ad-65104beed290}\mpengine.dll 2013-09-07 08:19:28 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2013-08-31 17:13:53 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-08-25 14:23:18 -------- d-----w- c:\users\nicola\appdata\roaming\OpenOffice 2013-08-24 17:42:28 -------- d-----w- c:\program files\NT Registry Optimizer 2013-08-23 13:45:08 -------- d-----w- c:\program files\OpenOffice 4 2013-08-23 13:24:33 -------- d-----w- c:\users\nicola\appdata\local\Conduit 2013-08-23 08:50:01 770384 ----a-w- c:\windows\system32\msvcr100.dll 2013-08-23 08:50:01 632656 ----a-w- c:\windows\system32\msvcr80.dll 2013-08-23 08:50:01 554832 ----a-w- c:\windows\system32\msvcp80.dll 2013-08-23 08:50:01 479232 ----a-w- c:\windows\system32\msvcm80.dll 2013-08-23 08:50:01 421200 ----a-w- c:\windows\system32\msvcp100.dll 2013-08-23 08:48:57 -------- d-----w- c:\users\nicola\appdata\local\ShieldApps 2013-08-23 08:48:42 -------- d-----w- c:\program files\PC Registry Shield 2013-08-23 08:47:39 -------- d-----w- c:\program files\wrapper_inst 2013-08-22 17:45:47 -------- d-----w- c:\program files\FileOpenerPro 2013-08-22 17:45:20 -------- d-----w- c:\program files\MyPC Backup 2013-08-22 17:44:41 -------- d-----w- c:\users\nicola\appdata\roaming\Uniblue 2013-08-22 17:44:35 -------- d-----w- c:\program files\Uniblue 2013-08-22 17:43:13 -------- d-----w- c:\users\nicola\appdata\local\avgchrome 2013-08-22 17:42:32 -------- d-----w- c:\users\nicola\appdata\local\Smartbar 2013-08-22 17:41:17 -------- d-----w- c:\programdata\BrowserDefender 2013-08-22 17:40:17 -------- d-----w- c:\users\nicola\appdata\roaming\Babylon 2013-08-22 17:40:17 -------- d-----w- c:\programdata\Babylon 2013-08-21 15:13:55 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-08-16 17:48:26 -------- d-----w- c:\windows\system32\MRT 2013-08-16 13:38:10 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-16 13:38:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-08-15 20:30:53 41584 ----a-w- c:\windows\system32\drivers\gfiark.sys 2013-08-15 20:24:48 783360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-08-15 20:14:00 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-15 20:14:00 15872 ----a-w- c:\windows\system32\icaapi.dll 2013-08-15 20:13:46 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-08-15 20:12:27 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-15 20:08:13 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-15 20:08:12 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-08-15 20:08:12 1205168 ----a-w- c:\windows\system32\ntdll.dll 2013-08-15 20:07:38 172544 ----a-w- c:\windows\system32\wintrust.dll 2013-08-15 20:07:37 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-15 20:07:36 992768 ----a-w- c:\windows\system32\crypt32.dll 2013-08-15 20:07:36 98304 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-15 20:00:48 -------- d-----w- c:\windows\F34D9A5F484A4E31A9D3908CB265B289.TMP 2013-08-15 20:00:45 -------- d-----w- c:\program files\common files\Wise Installation Wizard 2013-08-15 19:58:59 15224 ----a-w- c:\windows\system32\sdnclean.exe 2013-08-15 19:58:37 -------- d-----w- c:\program files\Spybot - Search & Destroy 2 2013-08-15 19:38:54 -------- d-----w- c:\users\nicola\appdata\roaming\SoftwareDetectionScripts 2013-08-15 19:11:38 -------- d-----w- c:\program files\Sunbelt Software 2013-08-15 18:35:58 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1(100) . ==================== Find3M ==================== . 2013-08-21 08:40:39 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-08-21 08:40:39 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-07-25 02:32:35 1800704 ----a-w- c:\windows\system32\jscript9.dll 2013-07-25 02:26:10 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-07-25 02:25:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-07-25 02:23:59 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2013-07-25 02:23:58 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-07-25 02:22:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-06-28 18:57:40 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-06-28 18:57:40 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2008-05-29 20:46:45 4372992 ----a-w- c:\program files\openofficeorg24.msi 2008-02-08 20:33:18 323584 ----a-w- c:\program files\setup.exe 2002-03-11 09:06:30 1822520 ----a-w- c:\program files\instmsiw.exe 2002-03-11 08:45:04 1708856 ----a-w- c:\program files\instmsia.exe . ============= FINISH: 12:56:19.48 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 20/05/2008 01:22:29 System Uptime: 07/09/2013 09:16:02 (3 hours ago) . Motherboard: Quanta | | 30D2 Processor: Intel® Core2 Duo CPU T8100 @ 2.10GHz | U2E1 | 2100/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 221 GiB total, 75.897 GiB free. D: is FIXED (NTFS) - 12 GiB total, 2.098 GiB free. E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0000 Manufacturer: Microsoft Name: 6TO4 Adapter PNP Device ID: ROOT\*6TO4MP\0000 Service: tunnel . ==== System Restore Points =================== . RP981: 22/08/2013 20:32:33 - Removed Skype Click to Call RP983: 23/08/2013 09:51:41 - Before PC Registry Shield fix RP984: 23/08/2013 10:10:19 - Removed PC Registry Shield RP985: 23/08/2013 10:12:13 - Removed Internet Explorer Toolbar 4.9 by SweetPacks RP986: 23/08/2013 14:22:35 - Removed OpenOffice.org 3.2 RP987: 23/08/2013 14:44:37 - Installed OpenOffice 4.0.0 RP989: 23/08/2013 18:13:50 - Configured Microsoft Office Home and Student 2007 RP991: 23/08/2013 18:14:39 - Configured Microsoft Office Home and Student 2007 RP992: 23/08/2013 18:21:31 - Windows Update RP993: 24/08/2013 13:20:13 - Scheduled Checkpoint RP994: 24/08/2013 18:57:32 - after uninstallation of emisoft + defrag RP995: 24/08/2013 19:29:43 - after all cleaning, all de-fragging, should be working best! RP996: 25/08/2013 16:56:41 - Scheduled Checkpoint RP997: 27/08/2013 14:05:14 - Windows Update RP998: 28/08/2013 12:32:13 - Scheduled Checkpoint RP999: 29/08/2013 14:25:18 - Windows Update RP1000: 31/08/2013 18:13:45 - Windows Update RP1001: 01/09/2013 15:06:31 - Windows Update RP1002: 05/09/2013 21:52:03 - Scheduled Checkpoint RP1003: 07/09/2013 09:24:31 - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Updater Acrobat.com Activation Assistant for the 2007 Microsoft Office suites Adobe AIR Adobe Download Assistant Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop Elements 11 Adobe Reader 9.5.5 Adobe Shockwave Player Adobe Shockwave Player 11.5 aiofw aioprnt aioscnnr Amazon MP3 Downloader 1.0.17 Apple Application Support Apple Mobile Device Support Apple Software Update Auslogics Disk Defrag Avanquest update avast! Free Antivirus AVG PC Tuneup AVS DVD Copy 4.1.2.283 AVS Update Manager 1.0 AVS4YOU Software Navigator 1.4 Bonjour Broadcom 802.11 Wireless LAN Adapter CCleaner center CleanUp! Compatibility Pack for the 2007 Office system DHTML Editing Component Dropbox EA Link EasyCleaner Elements 11 Organizer ESU for Microsoft Vista Google Chrome Google Toolbar for Internet Explorer Google Update Helper Hauppauge MCE XP/Vista Software Encoder (2.0.25149) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Experience Enhancements HP Doc Viewer HP Easy Setup - Frontend HP Help and Support HP Product Detection HP QuickPlay 3.6 HP QuickTouch 1.00 C4 HP Update HP User Guides 0087 HP Wireless Assistant HP Wireless Comfort Mobile Mouse HPAsset component for HP Active Support Library iCloud Intel® Matrix Storage Manager Java 7 Update 21 Java Auto Updater KODAK AiO Home Centre ksDIP LightScribe System Software 1.10.13.1 Malwarebytes Anti-Malware version 1.75.0.1300 Media Go Video Playback Engine 1.88.116.12060 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office Word Viewer 2003 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MobileMe Control Panel Motorola SM56 Speakerphone Modem MSCU for Microsoft Vista MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NVIDIA Drivers OGA Notifier 2.0.0048.0 OpenOffice 4.0.0 PlayStation®Network Downloader PlayStation®Store PreReq PSE11 STI Installer PVSonyDll QuickTime Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Skype™ 5.10 Spelling Dictionaries Support For Adobe Reader 9 SpywareBlaster 5.0 Synaptics Pointing Device Driver Turbo Lister 2 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VC 9.0 Runtime VidCoder 1.3.4 (x86) Viewpoint Media Player Vimicro USB2.0 UVC PC Camera Virgin Media Service Manager 3.7.47 . ==== Event Viewer Messages From Past Week ======== . 31/08/2013 18:08:10, Error: Microsoft-Windows-Windows Defender [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.157.478.0 Loading engine version: 1.1.9800.0 07/09/2013 09:18:04, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 07/09/2013 09:16:30, Error: Microsoft-Windows-HttpEvent [15021] - An error occured while using SSL configuration for socket address 0.0.0.0:4482. The error status code is contained within the returned data. 07/09/2013 07:00:43, Error: Service Control Manager [7022] - The QuickPlay Background Capture Service (QBCS) service hung on starting. 07/09/2013 07:00:43, Error: Service Control Manager [7001] - The QuickPlay Task Scheduler (QTS) service depends on the QuickPlay Background Capture Service (QBCS) service which failed to start because of the following error: After starting, the service hung in a start-pending state. . ==== End Of File ===========================

Hi, I deleted the items you said. While I was there I deleted some stuff out of the StartUp Folder so that hopefully the computer will speed up its startup process (long delay between initial view of windows and the computer being 'ready' to actually use). Will AVS anti-virus and Malwarebytes Anti-Malware be enough to keep my computer safe from now on from everything? If not, what else should I download / use to scan for future infections?

Ok, here it is: C:\Users\All Users\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js Win32/bProtector.F application C:\Users\All Users\Spybot - Search & Destroy\Recovery\myPCBackup.zip Win32/Bagle.gen.zip worm C:\Users\All Users\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC.zip Win32/Bagle.gen.zip worm C:\Users\All Users\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC1.zip Win32/Bagle.gen.zip worm C:\Users\All Users\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC2.zip Win32/Bagle.gen.zip worm C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO10.zip Win32/Bagle.gen.zip worm C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO16.zip Win32/Bagle.gen.zip worm C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO4.zip Win32/Bagle.gen.zip worm C:\Program Files\Updater By Sweetpacks\Extension32.dll a variant of Win32/Toolbar.Perion.A application cleaned by deleting - quarantined C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe a variant of Win32/Toolbar.BitCocktail.B application cleaned by deleting (after the next restart) - quarantined C:\Program Files\Updater By Sweetpacks\InstallerHelper.dll a variant of Win32/Toolbar.BitCocktail.A application cleaned by deleting - quarantined C:\Program Files\wrapper_inst\file_to_run.exe a variant of MSIL/Rebrand.LittleRegClean.A application cleaned by deleting - quarantined C:\Program Files\wrapper_inst\service.exe Win32/ChatZum.A application cleaned by deleting - quarantined C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js Win32/bProtector.F application cleaned by deleting - quarantined C:\ProgramData\Spybot - Search & Destroy\Recovery\myPCBackup.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined C:\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined C:\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined C:\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC2.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO10.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO16.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO4.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined C:\Users\Nicola\AppData\Local\Temp\bundlesweetimsetup.exe probably a variant of Win32/SweetIM.C application cleaned by deleting - quarantined C:\Users\Nicola\AppData\Local\Temp\file_to_run2.exe Win32/ChatZum.A application cleaned by deleting - quarantined C:\Users\Nicola\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe probably a variant of Win32/SweetIM.C application cleaned by deleting - quarantined C:\Users\Nicola\AppData\Local\Temp\spacksyahoo_717_active.exe multiple threats cleaned by deleting - quarantined C:\Users\Nicola\Downloads\ARO2012_bt.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined C:\Users\Nicola\Downloads\cbsidlm-tr1_11-Free_Window_Registry_Repair-ORG-10606555.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined

Hello Spybot and Emisoft would not uninstall, but I finally got rid of them. Computer appears to be working a whole lot faster, especially the internet browser. Is there a way of checking how fast it is actually running and whether I might improve it please? Also, how do I get rid of the original Trojan virus that Ad-Aware originally detected? Many thanks for your help.

Good morning, computer started up this morning so slowly, and everything is working very very slowly. Please can you tell me what my next step should be? Many thanks

well, overall, my computer is very slow to respond and also keeps switching itself completely off - it goes from running ok to being completely off in one second, with no warning. I am not sure whether that is linked but it is why I started to look at viruses and malware and I'm grateful for your help. I am not finding it the Torjan.Win32.Generic!BT when scanning on Malwarebytes, but it comes up when I used the "Ad-Aware programme"; that gives me the name (given above) and says it is High Risk. If you let me know exactly what other info I can give you, I'd be happy to do so.

Thanks for your reply. Malwarebytes doesn't find it, but AdAware does...still there now. It's called Trojan.Win32.generic!BT Here are the logs as requested: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.16.03 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Nicola :: HOME-LAPTOP [administrator] 21/08/2013 16:22:16 mbam-log-2013-08-21 (16-22-16).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 268461 Time elapsed: 10 minute(s), 48 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 20/05/2008 01:22:29 System Uptime: 21/08/2013 14:59:13 (2 hours ago) . Motherboard: Quanta | | 30D2 Processor: Intel® Core2 Duo CPU T8100 @ 2.10GHz | U2E1 | 2101/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 221 GiB total, 74.282 GiB free. D: is FIXED (NTFS) - 12 GiB total, 2.098 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0000 Manufacturer: Microsoft Name: 6TO4 Adapter PNP Device ID: ROOT\*6TO4MP\0000 Service: tunnel . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Updater Acrobat.com Activation Assistant for the 2007 Microsoft Office suites Ad-Aware Antivirus Adobe AIR Adobe Download Assistant Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop Elements 11 Adobe Reader 9.5.5 Adobe Shockwave Player Adobe Shockwave Player 11.5 aiofw aioprnt aioscnnr Amazon MP3 Downloader 1.0.17 Apple Application Support Apple Mobile Device Support Apple Software Update Auslogics Disk Defrag Avanquest update avast! Free Antivirus AVG PC Tuneup AVS DVD Copy 4.1.2.283 AVS Update Manager 1.0 AVS4YOU Software Navigator 1.4 Bonjour Broadcom 802.11 Wireless LAN Adapter CCleaner center CleanUp! Compatibility Pack for the 2007 Office system DHTML Editing Component Dropbox EA Link EasyCleaner Elements 11 Organizer Emsisoft Anti-Malware ESU for Microsoft Vista Google Chrome Google Toolbar for Internet Explorer Google Update Helper Hauppauge MCE XP/Vista Software Encoder (2.0.25149) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Experience Enhancements HP Doc Viewer HP Easy Setup - Frontend HP Help and Support HP Product Detection HP QuickPlay 3.6 HP QuickTouch 1.00 C4 HP Update HP User Guides 0087 HP Wireless Assistant HP Wireless Comfort Mobile Mouse HPAsset component for HP Active Support Library iCloud Intel® Matrix Storage Manager Java 7 Update 21 Java Auto Updater KODAK AiO Home Centre ksDIP LightScribe System Software 1.10.13.1 Malwarebytes Anti-Malware version 1.75.0.1300 McAfee Security Scan Plus Media Go Video Playback Engine 1.88.116.12060 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office Word Viewer 2003 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MobileMe Control Panel Motorola SM56 Speakerphone Modem MSCU for Microsoft Vista MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NVIDIA Drivers OGA Notifier 2.0.0048.0 OpenOffice.org 3.2 PlayStation®Network Downloader PlayStation®Store PreReq PSE11 STI Installer PVSonyDll QuickTime Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Skype Click to Call Skype™ 5.10 Spelling Dictionaries Support For Adobe Reader 9 Spybot - Search & Destroy SpywareBlaster 5.0 Synaptics Pointing Device Driver Turbo Lister 2 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VC 9.0 Runtime VidCoder 1.3.4 (x86) Viewpoint Media Player Vimicro USB2.0 UVC PC Camera Virgin Media Service Manager 3.7.47 . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.21.2 Run by Nicola at 16:13:12 on 2013-08-21 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3070.1453 [GMT 1:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Emsisoft Anti-Malware *Enabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA} AV: Lavasoft Ad-Aware *Enabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} AV: Spybot - Search and Destroy *Disabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Aware *Enabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A} SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Emsisoft Anti-Malware *Enabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367} FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\SLsvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files\McAfee Security Scan\3.0.287\SSScheduler.exe C:\Users\Nicola\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\PROGRA~1\AD-AWA~1\AdAware.exe C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Windows\explorer.exe C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Users\Nicola\Downloads\RogueKiller.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\notepad.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\Nicola\Downloads\mbar-1.06.1.1005.exe C:\Users\Nicola\Desktop\mbar\mbar.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uProxyServer = localhost:21320 BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe uRun: [Driver Detective] c:\program files\driver manager\driver manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC mRun: [Conime] c:\windows\system32\conime.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [sMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [serviceManager.exe] "c:\program files\virgin media\service manager\ServiceManager.exe" /AUTORUN mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [sDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe" mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run mRun: [emsisoft anti-malware] "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60 dRunOnce: [KodakHomeCenter] "c:\program files\kodak\aio\center\AiOHomeCenter.exe" StartupFolder: c:\users\nicola\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\nicola\appdata\roaming\dropbox\bin\Dropbox.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.287\SSScheduler.exe mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.0.1 TCP: Interfaces\{90D5FC30-DF39-4006-BB55-7B629BE237B9} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{9CFF570F-9BA6-4E2D-B262-7FB6DE0994AA} : NameServer = 192.168.0.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: SDWinLogon - SDWinLogon.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-17 49376] R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-17 175176] R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\emsisoft anti-malware\a2ddax86.sys [2013-8-15 22056] R1 a2injectiondriver;a2injectiondriver;c:\program files\emsisoft anti-malware\a2dix86.sys [2013-8-15 37856] R1 a2util;a-squared Malware-IDS utility driver;c:\program files\emsisoft anti-malware\a2util32.sys [2013-8-15 14432] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-4-27 20624] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-4-6 770344] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-4-6 369584] R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2013-8-15 4159976] R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2013-6-13 1236336] R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files\adobe\elements 11 organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-4-6 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-4-6 66336] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-4-6 46808] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-10-13 21504] R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2009-8-5 284016] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-8-16 701512] R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2012-9-20 3677000] R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2012-9-12 66344] R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-8-15 171928] R2 ServicepointService;ServicepointService;c:\program files\virgin media\service manager\ServicepointService.exe [2012-4-17 689464] R3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2013-8-15 57432] R3 cleanhlp;cleanhlp;c:\program files\emsisoft anti-malware\cleanhlp32.sys [2013-8-15 50200] R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-8-21 31560] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-8-16 22856] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2009-9-16 27632] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-8-16 418376] S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-8-15 1817560] S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-8-15 1033688] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2013-8-15 41584] S3 HpGmb001;USB Mobile Packet Filter Driver;c:\windows\system32\drivers\HpGmb001.sys [2010-10-29 11264] S3 Leapfrog-USBLAN;Leapfrog-USBLAN;c:\windows\system32\drivers\btblan.sys [2011-8-23 33792] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.287\McCHSvc.exe [2012-9-11 234776] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2009-9-16 86824] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2009-9-16 15016] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2009-9-16 114728] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2009-9-16 106208] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2009-9-16 26024] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2009-9-16 104744] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2009-9-16 109864] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2011-9-29 252416] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2011-9-29 398720] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856] . =============== Created Last 30 ================ . 2013-08-21 14:49:31 31560 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2013-08-21 09:20:40 15616 ----a-w- c:\windows\system32\TrueSight.sys 2013-08-16 17:48:26 -------- d-----w- c:\windows\system32\MRT 2013-08-16 13:38:10 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-16 13:38:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-08-15 20:30:53 41584 ----a-w- c:\windows\system32\drivers\gfiark.sys 2013-08-15 20:24:48 783360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-08-15 20:14:00 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-15 20:14:00 15872 ----a-w- c:\windows\system32\icaapi.dll 2013-08-15 20:13:46 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-08-15 20:12:27 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-15 20:08:47 -------- d-----w- c:\users\nicola\appdata\roaming\Ad-Aware Antivirus 2013-08-15 20:08:46 -------- d-----w- c:\programdata\Ad-Aware Antivirus 2013-08-15 20:08:13 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-15 20:08:12 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-08-15 20:08:12 1205168 ----a-w- c:\windows\system32\ntdll.dll 2013-08-15 20:07:38 172544 ----a-w- c:\windows\system32\wintrust.dll 2013-08-15 20:07:37 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-15 20:07:36 992768 ----a-w- c:\windows\system32\crypt32.dll 2013-08-15 20:07:36 98304 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-15 20:03:24 -------- d-----w- c:\windows\system32\drivers\VDD 2013-08-15 20:03:24 -------- d-----w- c:\program files\Ad-Aware Antivirus 2013-08-15 20:00:48 -------- d-----w- c:\windows\F34D9A5F484A4E31A9D3908CB265B289.TMP 2013-08-15 20:00:45 -------- d-----w- c:\program files\common files\Wise Installation Wizard 2013-08-15 19:58:59 15224 ----a-w- c:\windows\system32\sdnclean.exe 2013-08-15 19:58:37 -------- d-----w- c:\program files\Spybot - Search & Destroy 2 2013-08-15 19:44:16 7143960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{df7030c4-e2a2-4db9-86a9-46c8eb143b73}\mpengine.dll 2013-08-15 19:38:54 -------- d-----w- c:\users\nicola\appdata\roaming\SoftwareDetectionScripts 2013-08-15 19:11:38 -------- d-----w- c:\program files\Sunbelt Software 2013-08-15 18:35:58 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1(100) . ==================== Find3M ==================== . 2013-08-21 08:40:39 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-08-21 08:40:39 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-07-25 02:32:35 1800704 ----a-w- c:\windows\system32\jscript9.dll 2013-07-25 02:26:10 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-07-25 02:25:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-07-25 02:23:59 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2013-07-25 02:23:58 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-07-25 02:22:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-06-28 18:57:40 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-06-28 18:57:40 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-06-04 01:50:43 2049024 ----a-w- c:\windows\system32\win32k.sys 2013-06-01 04:06:08 505344 ----a-w- c:\windows\system32\qedit.dll 2008-05-29 20:46:45 4372992 ----a-w- c:\program files\openofficeorg24.msi 2008-02-08 20:33:18 323584 ----a-w- c:\program files\setup.exe 2002-03-11 09:06:30 1822520 ----a-w- c:\program files\instmsiw.exe 2002-03-11 08:45:04 1708856 ----a-w- c:\program files\instmsia.exe . ============= FINISH: 16:20:21.64 ===============

Hi there. Please can you help me. My computer is very slow. Ad-Aware has found Trojan.Win32.Generic!BT and I hope you can help me to get rid of it please? I have downloaded RogueKiller and have scanned. This is the report. I'd be so grateful for any help. RogueKiller V8.6.6 [Aug 19 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : Nicola [Admin rights] Mode : Scan -- Date : 08/21/2013 14:56:57 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤ [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (localhost:21320) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [bROK VAL] HKCR\[...]\command : () -> MISSING ¤¤¤ Scheduled tasks : 1 ¤¤¤ [V2][ROGUE ST] 4779 : wscript.exe - C:\Users\Nicola\AppData\Local\Temp\launchie.vbs //B -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK2546GSX +++++ --- User --- [MBR] efa88a892737f647921dbe8d1652883c [bSP] 6d47074340c8535b487762410b274ae3 : MBR Code unknown Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 226423 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 463716225 | Size: 12048 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_08212013_145657.txt >>