Welcome aboard! 

 Lets check for malware first...

Download ComboFix from the any of the locations given in this website:

• • http://www.bleepingcomputer.com/download/anti-viru​s/combofix
    IMPORTANT !!! You need to Save ComboFix.exe to your Desktop
    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you are still unsure on how to do this, see here
    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • If you already have the Recovery Console preinstalled, it will not ask for the following. If it does prompt, allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    
    
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    
    
    
    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    
    
    
    Click Yes, to continue scanning for malware. Please be patient and don't use the PC whilst it is scanning.
    
    When finished, it shall produce a log for you. Please copy & paste the contents of this log (also found at C:\ComboFix.txt) in your next reply at your topic.

I have run the ComboFix program, pasted and attached log, as requested.

ComboFix 12-02-06.01 - Rodders 06/02/2012  13:38:20.1.2 - x86 Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.44.1033.18.3062.1441 [GMT 0:00] Running from: c:\users\Rodders\Documents\Downloads\OpenOffice.org 3.1 (en-US) Installation Files\Downloads\ComboFix.exe AV: Trend Micro Titanium Internet Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92} SP: Trend Micro Titanium Internet Security 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Anti-Virus Professional c:\program files\Anti-Virus Professional\noadware4_092009.na c:\program files\proscan c:\program files\proscan\CommBase.dll c:\program files\proscan\DGChart.dll c:\program files\proscan\DGDyno.dll c:\program files\proscan\DiagnosticReport.dll c:\program files\proscan\dtc.dat c:\program files\proscan\FreezeFrameData.dll c:\program files\proscan\O2TestResults.dll c:\program files\proscan\O2Waveform.dll c:\program files\proscan\pid.dat c:\program files\proscan\ProScan_Help.chm c:\program files\proscan\ProScan5-2.exe c:\program files\proscan\RichTextBoxPrintCtrl.dll c:\program files\proscan\SensorDisplay.dll c:\program files\proscan\settings.dat c:\program files\proscan\setup.log c:\program files\proscan\uninstall.exe c:\program files\proscan\vehicles.dat c:\programdata\xml95AA.tmp c:\programdata\xmlA1FA.tmp c:\programdata\xmlAB6B.tmp c:\programdata\xmlB53C.tmp c:\programdata\xmlB5BA.tmp c:\programdata\xmlB7EB.tmp c:\programdata\xmlB869.tmp c:\programdata\xmlCAED.tmp c:\programdata\xmlCAEE.tmp c:\programdata\xmlCB4D.tmp c:\windows\system32\system . . (((((((((((((((((((((((((   Files Created from 2012-01-06 to 2012-02-06  ))))))))))))))))))))))))))))))) . . 2012-02-06 14:25 . 2012-02-06 14:25 -------- d-----w- c:\users\TEMP.Rodders-PC\AppData\Local\temp 2012-02-06 14:25 . 2012-02-06 14:25 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-06 14:25 . 2012-02-06 14:26 -------- d-----w- c:\users\Rodders\AppData\Local\temp 2012-02-06 14:25 . 2012-02-06 14:25 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2012-02-06 14:25 . 2012-02-06 14:25 -------- d-----w- c:\users\Administrator.Rodders-PC\AppData\Local\temp 2012-02-06 14:25 . 2012-02-06 14:25 -------- d-----w- c:\users\Administrator.Rodders-PC.000\AppData\Local\temp 2012-02-06 09:26 . 2012-02-06 09:26 -------- d-sh--w- c:\windows\ftpcache 2012-01-30 20:43 . 2012-01-30 20:43 -------- d-----w- c:\program files\iPod 2012-01-22 14:46 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-22 14:46 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll 2012-01-22 14:46 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll 2012-01-22 14:46 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll 2012-01-22 14:46 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-22 14:46 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe 2012-01-14 18:33 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll 2012-01-14 18:33 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll 2012-01-14 18:33 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll 2012-01-14 18:33 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll 2012-01-14 18:33 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll 2012-01-14 18:33 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-01-14 18:33 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll 2012-01-14 18:33 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll . . . ((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-06 12:31 . 2009-09-20 23:35 45056 ----a-w- c:\windows\system32\acovcnt.exe 2012-02-01 10:03 . 2011-06-02 19:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-01 15:42 . 2012-01-01 15:42 56 ----a-w- c:\windows\system32\SupportTool.exe.bat 2012-01-01 15:30 . 2012-01-01 15:45 55056 ----a-w- c:\windows\system32\drivers\tmeevw.sys 2012-01-01 15:30 . 2012-01-01 15:45 171280 ----a-w- c:\windows\system32\drivers\tmnciesc.sys 2012-01-01 15:30 . 2012-01-01 15:45 92432 ----a-w- c:\windows\system32\drivers\tmtdi.sys 2012-01-01 15:30 . 2012-01-01 15:44 81168 ----a-w- c:\windows\system32\drivers\tmactmon.sys 2012-01-01 15:30 . 2012-01-01 15:44 68368 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys 2012-01-01 15:30 . 2012-01-01 15:44 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2011-11-23 13:37 . 2011-12-15 21:39 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-11-21 10:47 . 2011-12-30 19:02 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0FD6937-C8C0-42EB-8D60-67F9E370B944}\mpengine.dll 2011-11-08 14:42 . 2011-12-15 21:38 2048 ----a-w- c:\windows\system32\tzres.dll . . (((((((((((((((((((((((((((((((((((((   Reg Loading Points   )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Power2GoExpress"="NA" [X] "Akamai NetSession Interface"="c:\users\Rodders\AppData\Local\Akamai\netsession_win.exe" [2011-12-23 3334432] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-12 98304] "ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240] "ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-18 7737344] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-22 133656] "RtHDVCpl"="RtHDVCpl.exe" [2008-08-21 6265376] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920] "EaseUs Watch"="d:\program files\Todo Backup\bin\EuWatch.exe" [2011-04-22 69000] "EaseUs Tray"="d:\program files\Todo Backup\bin\TrayNotify.exe" [2011-04-25 733576] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "NetFxUpdate_v1.1.4322"="c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" [2004-08-10 106496] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2012-01-01 129304] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-05 1300672] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABJADMALQBOAFoAWgBLAFoALQBHAE4AQQBNAE..." [?] . c:\users\Administrator.Rodders-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Audible Download Manager.lnk - d:\audio books\Audible\Bin\AudibleDownloadHelper.exe [2011-3-14 2125472] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ    scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk backup=c:\windows\pss\Audible Download Manager.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Rodders^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk] path=c:\users\Rodders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk backup=c:\windows\pss\OpenOffice.org 3.1.lnk.Startup backupExtension=.Startup . [HKLM\~\startupfolder\C:^Users^Rodders^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Auto Backup Guage.lnk] path=c:\users\Rodders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk backup=c:\windows\pss\Samsung Auto Backup Guage.lnk.Startup backupExtension=.Startup . [HKLM\~\startupfolder\C:^Users^Rodders^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Auto Backup Real-Time Daemon.lnk] path=c:\users\Rodders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk backup=c:\windows\pss\Samsung Auto Backup Real-Time Daemon.lnk.Startup backupExtension=.Startup . [HKLM\~\startupfolder\C:^Users^Rodders^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Auto Backup Scheduler.lnk] path=c:\users\Rodders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk backup=c:\windows\pss\Samsung Auto Backup Scheduler.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-08-31 01:57 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2011-11-02 07:51 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2008-02-22 18:34 166424 ----a-w- c:\windows\System32\hkcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2008-02-22 18:35 141848 ----a-w- c:\windows\System32\igfxtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] 2008-02-22 10:19 62760 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-10-24 14:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2008-08-21 17:36 1833504 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut] 2008-01-04 10:02 222504 ------w- c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe . --- Other Services/Drivers In Memory --- . *NewlyCreated* - RAPPORTIASO *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ    PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ    FontCache Akamai REG_MULTI_SZ    Akamai . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-03-17 16:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.co.uk/ uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421; IE: Add to Video Converter... - c:\program files\Media Player Utilities 5.15\AVIConverter\grab.html TCP: DhcpNameServer = 191.168.0.1 . - - - - ORPHANS REMOVED - - - - . Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-AdobeCS4ServiceManager - c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe MSConfigStartUp-Nokia Home Server Manager - c:\program files\Nokia\Nokia Home Media Server\NHSM.exe MSConfigStartUp-NokiaMusic FastStart - c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe AddRemove-ProScan - c:\program files\ProScan\uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-02-06 14:26 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ...  . scanning hidden autostart entries ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run   EaseUs Tray = "d:\program files\Todo Backup\bin\TrayNotify.exe"?????????????????????????????????????????????????? . scanning hidden files ...  . . C:\ADSM_PData_0150 . scan completed successfully hidden files: 1 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Akamai] "ServiceDll"="c:\program files\common files\akamai/netsession_win_e286960.dll" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'lsass.exe'(760) c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll . Completion time: 2012-02-06  14:35:53 ComboFix-quarantined-files.txt  2012-02-06 14:35 . Pre-Run: 26,412,703,744 bytes free Post-Run: 26,189,115,392 bytes free . - - End Of File - - 17D0639975F7FA9E7CE4A9EEF61A50CB

Rod

• Download RogueKiller and save it on your desktop.  
•     Quit all programs 
•     Start RogueKiller.exe.  
•     Wait until Prescan has finished ... 
•     Click on Scan

• Wait for the end of the scan.   
•     The report has been created on the desktop.   
•     Click on the Delete button.

• The report has been created on the desktop.

• Next click on the ShortcutsFix  
    
    
• The report has been created on the desktop.

Please post:  
  
All RKreport.txt text files located on your desktop.

NEXT

Download AVPTool from Here to your desktop  
   
Run the programme you have just downloaded to your desktop (it will be randomly named )  
  
First we will run a virus scan   
 
Click the cog in the upper right

 Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threats report from the left and press Save button
Save it to your desktop and attach to your next post 

Ran the Kiler prog and the report is attached.

RogueKiller V7.0.3 [02/06/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User: Rodders [Admin rights] Mode: Shortcuts HJfix -- Date : 02/06/2012 19:35:47

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤ Desktop: Success 1 / Fail 0 Quick launch: Success 0 / Fail 0 Programs: Success 6 / Fail 0 Start menu: Success 0 / Fail 0 User folder: Success 98 / Fail 0 My documents: Success 2 / Fail 0 My favorites: Success 5 / Fail 0 My pictures: Success 0 / Fail 0 My music: Success 2 / Fail 0 My videos: Success 0 / Fail 0 Local drives: Success 181 / Fail 0 Backup: [NOT FOUND]

Drives: [C:] \Device\HarddiskVolume2 -- 0x3 --> Restored [D:] \Device\HarddiskVolume3 -- 0x3 --> Restored [E:] \Device\CdRom0 -- 0x5 --> Skipped [F:] \Device\HarddiskVolume4 -- 0x2 --> Restored

¤¤¤ Infection :  ¤¤¤

Finished : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

 The Kaspersky program ran for about 10 hours, found no problems and would only put out the full log  (130MB +).

No I will not be pasting thes.

It looks to be running better, only using 40-50%cpu, but that may be wishfull thinking.

Rod.

OK...can u please attach the Rkreports

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

The RK report is in the last posting, but I have attached the file here.

Rod

U shoud have 4 RKreports on your desktop please attach them and run Malwarebytes...

Appologies, i had missed these 3 - only 3 reports listed, possibly as there were no problems found.

They are attached.

Download aswmbr.exe ( 1.8mb ) to your desktop. 

http://public.avast.com/~gmerek/aswMBR.htm
 Double click the aswMBR.exe to run it  Click the "Scan" button to start scan.

• 

• Click the [Scan] button to start scan

  

• On completion of the scan click [Save log], save it to your desktop and post in your next reply.