Inactive Adverts everywhere including on buttons im trying to click

M

markfw

First time user so apologies for rookie errors. I've run through Julio's diagnostic programs and these are the three logs:

1) MWB: DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 16/05/2011 18:51:08
System Uptime: 21/09/2012 04:12:09 (10 hours ago)
.
Motherboard: Hewlett-Packard | | 164D
Processor: AMD Phenom(tm) II P960 Quad-Core Processor | Socket S1G4 | 1800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 683 GiB total, 328.579 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 1.867 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.087 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&23B98AFD&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&23B98AFD&0&01
Service: vwifimp
.
==== System Restore Points ===================
.
RP160: 07/09/2012 18:11:04 - HPSF Restore Point
RP161: 07/09/2012 20:34:17 - HPSF Restore Point
RP162: 13/09/2012 09:26:56 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.1 MUI
Adobe Shockwave Player 11.5
Agatha Christie - Peril at End House
AMD VISION Engine Control Center
Apple Application Support
Apple Software Update
Bejeweled 2 Deluxe
BitTorrent
Blackhawk Striker 2
Blasterball 3
Bounce Symphony
Cake Mania
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Counter-Strike: Source
CyberLink DVD Suite
CyberLink YouCam
D3DX10
Dora's World Adventure
Empire: Total War
Energy Star Digital Logo
ESU for Microsoft Windows 7
Expat Shield 2.25
Expat Shield Toolbar
Farm Frenzy
FATE
Final Drive Nitro
Football Manager 2011
Free FLAC to MP3 Converter 1.0
Google Chrome
Hewlett-Packard ACLM.NET v1.1.2.0
HP CloudDrive
HP Customer Experience Enhancements
HP Documentation
HP DVB-T TV Tuner 8.0.64.43
HP Game Console
HP Games
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Setup
HP Setup Manager
HP SimplePass 2011
HP Software Framework
HP Support Assistant
IDT Audio
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 32
Junk Mail filter update
LabelPrint
LaCie Genie Timeline 2.1
LightScribe System Software
Magic Desktop
Malwarebytes Anti-Malware version 1.65.0.1400
Medieval II Total War
Mesh Runtime
Microsoft Office 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSVCRT
MSVCRT_amd64
Multimedia Mouse Driver
Mystery P.I. - The London Caper
Norton 360
OpenOffice.org 3.3
Penguins!
PictureMover
Plants vs. Zombies
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
QuickTime
Ralink RT5390 802.11b/g/n WiFi Adapter
Rapport
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
Recovery Manager
RemoteComms driver
Renesas Electronics USB 3.0 Host Controller Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Sid Meier's Civilization 4 Complete
Sid Meier's Civilization V
Skype Click to Call
Skype™ 5.10
Spotify
Steam
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Virtual Villagers 4 - The Tree of Life
VLC media player 1.1.11
VoiceOver Kit
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
World Cup Cricket 20-20
Wuala
Wuala CBFS
Wuala OverlayIcons
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
21/09/2012 14:30:58, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
21/09/2012 14:30:58, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
21/09/2012 14:30:58, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
21/09/2012 10:21:38, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
20/09/2012 18:23:43, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Wireless Assistant Service service to connect.
20/09/2012 18:23:43, Error: Service Control Manager [7000] - The HP Wireless Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
20/09/2012 18:22:16, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
20/09/2012 18:20:22, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Genie Timeline Service service to connect.
19/09/2012 18:44:07, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
19/09/2012 18:42:14, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000006, 0xfffffa8007bb5b20). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 091912-74599-01.
19/09/2012 18:23:13, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IconMan_R service.
17/09/2012 10:11:50, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.
17/09/2012 10:10:50, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
17/09/2012 10:10:16, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
17/09/2012 09:40:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.
17/09/2012 09:40:11, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
2) GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-09-21 14:31:48
Windows 6.1.7601 Service Pack 1
Running: 70zpis0y.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ec55f9d1c4b4
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ec55f9d1c4b4 (not active ControlSet)

---- Files - GMER 1.0.15 ----

File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\Art Cache\LocalMLS\{2B766914-71A9-4DE0-9D4B-1E21E4EC8938}.jpg 50399 bytes
File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\Art Cache\LocalMLS\{DE7043CE-5BB5-48D8-8096-88892E6752AE}.jpg 34114 bytes
File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\Art Cache\LocalMLS\{AA925213-89A3-4AD6-983F-3E055EEBEDD0}.jpg 32061 bytes

---- EOF - GMER 1.0.15 ----

3) DDS
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514
Run by Mark at 14:32:40 on 2012-09-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.5883.2080 [GMT 1:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
C:\Program Files\Motorola\Bluetooth\audiosrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Motorola\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Multimedia Mouse Driver\V5\StartAutorun.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Multimedia Mouse Driver\V5\KMConfig.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Multimedia Mouse Driver\V5\KMProcess.exe
C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\system32\conhost.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\notepad.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
mURLSearchHooks: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Expat Shield Class: {3706ee7c-3cad-445d-8a43-03ebc3b75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
BHO: Virtual Storage Mount Notification: {5ff49fe8-b332-4cb9-b102-fb6951629e55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886e-ec8c-43c1-a32c-e4c2b0b6395b} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Google Update] "C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe" /MINIMIZED
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [<NO NAME>]
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [KMConfig] "C:\Program Files (x86)\Multimedia Mouse Driver\V5\StartAutorun.exe" KMConfig.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Genie TimeLine Tray] C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto
mRun: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Mark\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\35B4954313133313 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\37771353F523 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\56C616A757C6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\6475 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\75C414E4F544144334 : DhcpNameServer = 80.58.61.250 80.58.61.254
TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\75C414E4F56373 : DhcpNameServer = 80.58.61.250 80.58.61.254
TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\84F44554C4F51425D4354525F4E474 : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification: {5ff49fe8-b332-4cb9-b102-fb6951629e55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
BHO-X64: Virtual Storage Mount Notification: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
BHO-X64: Virtual Storage Mount Notification - No File
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO-X64: TSBHO Class - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
BHO-X64: Expat Shield - No File
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [(Default)]
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun-x64: [KMConfig] "C:\Program Files (x86)\Multimedia Mouse Driver\V5\StartAutorun.exe" KMConfig.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Genie TimeLine Tray] C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto
mRun-x64: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
IE-X64: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
SSODL-X64: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
STS-X64: Virtual Storage Mount Notification: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
SEH-X64: EasyBits ShellExecute Hook: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 RapportKE64;RapportKE64;C:\Windows\system32\Drivers\RapportKE64.sys --> C:\Windows\system32\Drivers\RapportKE64.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120919.001\BHDrvx64.sys [2012-9-20 1385120]
R1 cbfs3;cbfs3;\??\C:\Windows\system32\drivers\cbfs3.sys --> C:\Windows\system32\drivers\cbfs3.sys [?]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120919.001\IDSviA64.sys [2012-9-20 513184]
R1 RapportCerberus_42020;RapportCerberus_42020;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_42020.sys [2012-8-7 397720]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-7-29 55096]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2012-7-29 297240]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0603000.00E\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0603000.00E\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-6-14 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-5 365568]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2011-11-8 1193040]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2011-11-8 783704]
R2 ExpatShieldService;Expat Shield Service;C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [2012-1-17 331608]
R2 ExpatSrv;Expat Shield Routing Service;C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [2012-1-5 363336]
R2 ExpatWd;Expat Shield Monitoring Service;C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat --> C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat [?]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe [2011-1-6 514232]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2010-12-16 249672]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-6-14 2375168]
R2 LaCieDesktopManagerService;LaCieDesktopManagerService;C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe [2012-9-4 1227776]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-20 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-20 676936]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccsvchst.exe [2012-8-15 138272]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-7-29 976728]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2011-11-8 4180824]
R3 BTMUSB;Motorola Bluetooth Radio Service;C:\Windows\system32\Drivers\btmusb.sys --> C:\Windows\system32\Drivers\btmusb.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-24 138912]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-8 1028096]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 GenieTimelineService;Genie Timeline Service;C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe [2011-2-2 468096]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-20 250056]
S3 BTMCOM;Bluetooth Serial Port;C:\Windows\system32\Drivers\btmcom.sys --> C:\Windows\system32\Drivers\btmcom.sys [?]
S3 ExpatTrayService;Expat Shield Tray Service;C:\Program Files (x86)\Expat Shield\bin\EXPATTrayService.exe [2012-1-17 77520]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 OXSDIDRV_x64;Oxford Semi eSATA Filter (x64);C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys --> C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-09-20 21:32:38--------d-----w-C:\Users\Mark\AppData\Roaming\Malwarebytes
2012-09-20 21:32:11--------d-----w-C:\ProgramData\Malwarebytes
2012-09-20 21:32:0725928----a-w-C:\Windows\System32\drivers\mbam.sys
2012-09-20 21:32:07--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-09-17 09:18:1933240----a-w-C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-09-17 09:16:42--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-17 09:16:42--------d-----w-C:\Program Files\iTunes
2012-09-17 09:16:42--------d-----w-C:\Program Files\iPod
2012-09-12 10:42:39950128----a-w-C:\Windows\System32\drivers\ndis.sys
2012-09-12 10:42:3941472----a-w-C:\Windows\System32\drivers\RNDISMP.sys
2012-09-12 10:42:37574464----a-w-C:\Windows\System32\d3d10level9.dll
2012-09-12 10:42:37490496----a-w-C:\Windows\SysWow64\d3d10level9.dll
2012-09-12 10:42:35376688----a-w-C:\Windows\System32\drivers\netio.sys
2012-09-12 10:42:35288624----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 10:42:351913200----a-w-C:\Windows\System32\drivers\tcpip.sys
2012-09-09 09:25:17--------d-----w-C:\Program Files\CCleaner
2012-09-04 14:17:17--------d-----w-C:\Program Files (x86)\Wuala OverlayIcons
2012-09-04 14:17:14191504----a-w-C:\Windows\System32\CbFsMntNtf3.dll
2012-09-04 14:17:13223760----a-w-C:\Windows\SysWow64\CbFsNetRdr3.dll
2012-09-04 14:17:13158224----a-w-C:\Windows\SysWow64\CbFsMntNtf3.dll
2012-09-04 14:17:13142352----a-w-C:\Windows\System32\CbFsNetRdr3.dll
2012-09-04 14:17:11348560----a-w-C:\Windows\System32\drivers\cbfs3.sys
2012-09-04 14:17:10--------d-----w-C:\Program Files (x86)\Wuala CBFS
2012-09-04 14:17:05--------d-----w-C:\Users\Mark\AppData\Roaming\Wuala
2012-09-04 14:17:05--------d-----w-C:\Users\Mark\AppData\Local\Wuala
2012-09-04 14:16:40--------d-----w-C:\Program Files (x86)\Oxford Semiconductor
2012-09-04 14:16:30--------d-----w-C:\Program Files\LaCie
2012-09-04 14:13:00--------d-----w-C:\Users\Mark\AppData\Roaming\Genie-Soft
2012-09-04 14:12:38--------d-----w-C:\Program Files\Genie-Soft
2012-08-28 10:43:26--------d-----w-C:\Users\Mark\AppData\Local\{1684B29B-40B0-4CC5-BB78-AFF79EB6B852}
2012-08-25 12:45:30--------d-----w-C:\Users\Mark\AppData\Roaming\2K Games
2012-08-24 09:20:31--------d-----w-C:\Expat Shield
2012-08-24 09:19:58--------d-----w-C:\Program Files (x86)\Expat Shield
2012-08-23 14:24:08--------d-----w-C:\Users\Mark\AppData\Local\ElevatedDiagnostics
.
==================== Find3M ====================
.
2012-08-21 12:01:20125872----a-w-C:\Windows\System32\GEARAspi64.dll
2012-08-21 12:01:20106928----a-w-C:\Windows\SysWow64\GEARAspi.dll
2012-08-15 11:09:3170344----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 11:09:31426184----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-29 18:52:38101688----a-w-C:\Windows\System32\drivers\RapportKE64.sys
2012-07-26 10:26:21175736----a-w-C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-07-18 18:15:063148800----a-w-C:\Windows\System32\win32k.sys
2012-07-09 12:42:564547984----a-w-C:\Windows\System32\usbaaplrc.dll
2012-07-09 12:42:5452736----a-w-C:\Windows\System32\drivers\usbaapl64.sys
2012-07-06 20:07:42552960----a-w-C:\Windows\System32\drivers\bthport.sys
2012-07-06 02:17:5837536----a-w-C:\Windows\System32\drivers\N360x64\0603000.00E\srtspx64.sys
2012-07-06 02:17:57737952----a-w-C:\Windows\System32\drivers\N360x64\0603000.00E\srtsp64.sys
2012-07-04 22:13:2759392----a-w-C:\Windows\System32\browcli.dll
2012-07-04 22:13:27136704----a-w-C:\Windows\System32\browser.dll
2012-07-04 21:14:3441984----a-w-C:\Windows\SysWow64\browcli.dll
2012-06-27 07:06:531188864----a-w-C:\Windows\System32\wininet.dll
2012-06-27 05:53:07981504----a-w-C:\Windows\SysWow64\wininet.dll
2012-06-27 04:53:101638912----a-w-C:\Windows\System32\mshtml.tlb
2012-06-27 04:10:551638912----a-w-C:\Windows\SysWow64\mshtml.tlb
.
 
To be more specific, I've had several problems lately. 1) page called something like itlitlitlitl opening up when I click on any link, along with the page im trying to view, 2) a small window with deals opening up randomly when I click a link, trying to persuade me to buy various products, its not linked to any specific websites so must be on my pc, 3) facebook has been taken over with a whole load of ads, including ones which say "this advert is not one of ours, facebook" or words to that effect and 4) I recently tried to buy some football tickets but when I put my cursor over the "buy" button, something appeared between my cursor and the button, which took me to a site where I could buy football paraphenalia

I had a day or two between expiry and renewal of my antivirus program so I suspect this stuff snuck in at that stage

I'd greatly appreciate help with this, thank you!
 
Hello, and welcome to TechSpot.

Thanks for the fine details.

rulesx.png
Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

This should take care of most adware:

Download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

avast! aswMBR

Please download aswMBR from here

  • Save aswMBR.exe to your Desktop
  • Double click aswMBR.exe to run it
  • Click the Scan button to start the scan as illustrated below

aswMBR_Scan.jpg


Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

  • Once the scan finishes click Save log to save the log to your Desktop
    aswMBR_SaveLog.png

  • Copy and paste the contents of aswMBR.txt back here for review
 
Hi! Are you still with us?

Update us on the status of your computer, we'd still like to help.

Topic marked inactive.
 
Hi! This is the last check-in for you. Please update us on your situation here. We'd love to help!
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
774
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back