TechSpot

Adverts everywhere including on buttons im trying to click

By markfw
Sep 21, 2012
  1. First time user so apologies for rookie errors. I've run through Julio's diagnostic programs and these are the three logs:

    1) MWB: DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 16/05/2011 18:51:08
    System Uptime: 21/09/2012 04:12:09 (10 hours ago)
    .
    Motherboard: Hewlett-Packard | | 164D
    Processor: AMD Phenom(tm) II P960 Quad-Core Processor | Socket S1G4 | 1800/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 683 GiB total, 328.579 GiB free.
    D: is FIXED (NTFS) - 15 GiB total, 1.867 GiB free.
    E: is CDROM ()
    F: is FIXED (FAT32) - 0 GiB total, 0.087 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft Virtual WiFi Miniport Adapter
    Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&23B98AFD&0&01
    Manufacturer: Microsoft
    Name: Microsoft Virtual WiFi Miniport Adapter
    PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&23B98AFD&0&01
    Service: vwifimp
    .
    ==== System Restore Points ===================
    .
    RP160: 07/09/2012 18:11:04 - HPSF Restore Point
    RP161: 07/09/2012 20:34:17 - HPSF Restore Point
    RP162: 13/09/2012 09:26:56 - Windows Update
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.5.1 MUI
    Adobe Shockwave Player 11.5
    Agatha Christie - Peril at End House
    AMD VISION Engine Control Center
    Apple Application Support
    Apple Software Update
    Bejeweled 2 Deluxe
    BitTorrent
    Blackhawk Striker 2
    Blasterball 3
    Bounce Symphony
    Cake Mania
    Catalyst Control Center - Branding
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Chuzzle Deluxe
    Counter-Strike: Source
    CyberLink DVD Suite
    CyberLink YouCam
    D3DX10
    Dora's World Adventure
    Empire: Total War
    Energy Star Digital Logo
    ESU for Microsoft Windows 7
    Expat Shield 2.25
    Expat Shield Toolbar
    Farm Frenzy
    FATE
    Final Drive Nitro
    Football Manager 2011
    Free FLAC to MP3 Converter 1.0
    Google Chrome
    Hewlett-Packard ACLM.NET v1.1.2.0
    HP CloudDrive
    HP Customer Experience Enhancements
    HP Documentation
    HP DVB-T TV Tuner 8.0.64.43
    HP Game Console
    HP Games
    HP On Screen Display
    HP Power Manager
    HP Quick Launch
    HP Setup
    HP Setup Manager
    HP SimplePass 2011
    HP Software Framework
    HP Support Assistant
    IDT Audio
    Java Auto Updater
    Java(TM) 6 Update 22
    Java(TM) 6 Update 32
    Junk Mail filter update
    LabelPrint
    LaCie Genie Timeline 2.1
    LightScribe System Software
    Magic Desktop
    Malwarebytes Anti-Malware version 1.65.0.1400
    Medieval II Total War
    Mesh Runtime
    Microsoft Office 2010
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    MSVCRT
    MSVCRT_amd64
    Multimedia Mouse Driver
    Mystery P.I. - The London Caper
    Norton 360
    OpenOffice.org 3.3
    Penguins!
    PictureMover
    Plants vs. Zombies
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    Power2Go
    QuickTime
    Ralink RT5390 802.11b/g/n WiFi Adapter
    Rapport
    Realtek Ethernet Controller Driver
    Realtek PCIE Card Reader
    Recovery Manager
    RemoteComms driver
    Renesas Electronics USB 3.0 Host Controller Driver
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Sid Meier's Civilization 4 Complete
    Sid Meier's Civilization V
    Skype Click to Call
    Skype™ 5.10
    Spotify
    Steam
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Virtual Villagers 4 - The Tree of Life
    VLC media player 1.1.11
    VoiceOver Kit
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    World Cup Cricket 20-20
    Wuala
    Wuala CBFS
    Wuala OverlayIcons
    Zuma Deluxe
    .
    ==== Event Viewer Messages From Past Week ========
    .
    21/09/2012 14:30:58, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
    21/09/2012 14:30:58, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
    21/09/2012 14:30:58, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
    21/09/2012 10:21:38, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
    20/09/2012 18:23:43, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Wireless Assistant Service service to connect.
    20/09/2012 18:23:43, Error: Service Control Manager [7000] - The HP Wireless Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    20/09/2012 18:22:16, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    20/09/2012 18:20:22, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Genie Timeline Service service to connect.
    19/09/2012 18:44:07, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
    19/09/2012 18:42:14, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000006, 0xfffffa8007bb5b20). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 091912-74599-01.
    19/09/2012 18:23:13, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IconMan_R service.
    17/09/2012 10:11:50, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.
    17/09/2012 10:10:50, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    17/09/2012 10:10:16, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    17/09/2012 09:40:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.
    17/09/2012 09:40:11, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    .
    ==== End Of File ===========================
    2) GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-09-21 14:31:48
    Windows 6.1.7601 Service Pack 1
    Running: 70zpis0y.exe


    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ec55f9d1c4b4
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ec55f9d1c4b4 (not active ControlSet)

    ---- Files - GMER 1.0.15 ----

    File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\Art Cache\LocalMLS\{2B766914-71A9-4DE0-9D4B-1E21E4EC8938}.jpg 50399 bytes
    File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\Art Cache\LocalMLS\{DE7043CE-5BB5-48D8-8096-88892E6752AE}.jpg 34114 bytes
    File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\Art Cache\LocalMLS\{AA925213-89A3-4AD6-983F-3E055EEBEDD0}.jpg 32061 bytes

    ---- EOF - GMER 1.0.15 ----

    3) DDS
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7601.17514
    Run by Mark at 14:32:40 on 2012-09-21
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.5883.2080 [GMT 1:00]
    .
    AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files\IDT\WDM\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\Hpservice.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k WbioSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\IDT\WDM\AESTSr64.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
    C:\Program Files\Motorola\Bluetooth\audiosrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
    C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
    C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
    C:\Windows\SysWOW64\ezSharedSvcHost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Motorola\Bluetooth\obexsrv.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files\BitTorrent\BitTorrent.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Multimedia Mouse Driver\V5\StartAutorun.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    C:\Program Files (x86)\Multimedia Mouse Driver\V5\KMConfig.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files (x86)\Multimedia Mouse Driver\V5\KMProcess.exe
    C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
    C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    C:\Windows\system32\conhost.exe
    C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\notepad.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
    C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
    mURLSearchHooks: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Expat Shield Class: {3706ee7c-3cad-445d-8a43-03ebc3b75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
    BHO: Virtual Storage Mount Notification: {5ff49fe8-b332-4cb9-b102-fb6951629e55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
    BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
    BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: TrueSuite Website Log On: {8590886e-ec8c-43c1-a32c-e4c2b0b6395b} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
    uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    uRun: [Google Update] "C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe" /MINIMIZED
    uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
    mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    mRun: [<NO NAME>]
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    mRun: [KMConfig] "C:\Program Files (x86)\Multimedia Mouse Driver\V5\StartAutorun.exe" KMConfig.exe
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [Genie TimeLine Tray] C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto
    mRun: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    StartupFolder: C:\Users\Mark\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: EnableLinkedConnections = 1 (0x1)
    IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22} : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\35B4954313133313 : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\37771353F523 : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\56C616A757C6 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\6475 : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\75C414E4F544144334 : DhcpNameServer = 80.58.61.250 80.58.61.254
    TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\75C414E4F56373 : DhcpNameServer = 80.58.61.250 80.58.61.254
    TCP: Interfaces\{EF2D88E9-C6AC-431A-B406-545CC971BF22}\84F44554C4F51425D4354525F4E474 : DhcpNameServer = 192.168.1.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
    STS: Virtual Storage Mount Notification: {5ff49fe8-b332-4cb9-b102-fb6951629e55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
    SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
    BHO-X64: Virtual Storage Mount Notification: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
    BHO-X64: Virtual Storage Mount Notification - No File
    BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
    BHO-X64: Norton Identity Protection - No File
    BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL
    BHO-X64: Norton Vulnerability Protection - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
    BHO-X64: TSBHO Class - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
    BHO-X64: Expat Shield - No File
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
    TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
    mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    mRun-x64: [(Default)]
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    mRun-x64: [KMConfig] "C:\Program Files (x86)\Multimedia Mouse Driver\V5\StartAutorun.exe" KMConfig.exe
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [Genie TimeLine Tray] C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto
    mRun-x64: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    IE-X64: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
    SSODL-X64: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
    STS-X64: Virtual Storage Mount Notification: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
    SEH-X64: EasyBits ShellExecute Hook: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 RapportKE64;RapportKE64;C:\Windows\system32\Drivers\RapportKE64.sys --> C:\Windows\system32\Drivers\RapportKE64.sys [?]
    R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS [?]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS [?]
    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120919.001\BHDrvx64.sys [2012-9-20 1385120]
    R1 cbfs3;cbfs3;\??\C:\Windows\system32\drivers\cbfs3.sys --> C:\Windows\system32\drivers\cbfs3.sys [?]
    R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys [?]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120919.001\IDSviA64.sys [2012-9-20 513184]
    R1 RapportCerberus_42020;RapportCerberus_42020;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_42020.sys [2012-8-7 397720]
    R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-7-29 55096]
    R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2012-7-29 297240]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS [?]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0603000.00E\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0603000.00E\SYMNETS.SYS [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-6-14 89600]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-5 365568]
    R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2011-11-8 1193040]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2011-11-8 783704]
    R2 ExpatShieldService;Expat Shield Service;C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [2012-1-17 331608]
    R2 ExpatSrv;Expat Shield Routing Service;C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [2012-1-5 363336]
    R2 ExpatWd;Expat Shield Monitoring Service;C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat --> C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat [?]
    R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe [2011-1-6 514232]
    R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2010-12-16 249672]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
    R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
    R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-6-14 2375168]
    R2 LaCieDesktopManagerService;LaCieDesktopManagerService;C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe [2012-9-4 1227776]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-20 399432]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-20 676936]
    R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccsvchst.exe [2012-8-15 138272]
    R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-7-29 976728]
    R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
    R3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2011-11-8 4180824]
    R3 BTMUSB;Motorola Bluetooth Radio Service;C:\Windows\system32\Drivers\btmusb.sys --> C:\Windows\system32\Drivers\btmusb.sys [?]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-24 138912]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-8 1028096]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
    R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 GenieTimelineService;Genie Timeline Service;C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe [2011-2-2 468096]
    S2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-20 250056]
    S3 BTMCOM;Bluetooth Serial Port;C:\Windows\system32\Drivers\btmcom.sys --> C:\Windows\system32\Drivers\btmcom.sys [?]
    S3 ExpatTrayService;Expat Shield Tray Service;C:\Program Files (x86)\Expat Shield\bin\EXPATTrayService.exe [2012-1-17 77520]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
    S3 OXSDIDRV_x64;Oxford Semi eSATA Filter (x64);C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys --> C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys [?]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
    .
    =============== Created Last 30 ================
    .
    2012-09-20 21:32:38--------d-----w-C:\Users\Mark\AppData\Roaming\Malwarebytes
    2012-09-20 21:32:11--------d-----w-C:\ProgramData\Malwarebytes
    2012-09-20 21:32:0725928----a-w-C:\Windows\System32\drivers\mbam.sys
    2012-09-20 21:32:07--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-09-17 09:18:1933240----a-w-C:\Windows\System32\drivers\GEARAspiWDM.sys
    2012-09-17 09:16:42--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2012-09-17 09:16:42--------d-----w-C:\Program Files\iTunes
    2012-09-17 09:16:42--------d-----w-C:\Program Files\iPod
    2012-09-12 10:42:39950128----a-w-C:\Windows\System32\drivers\ndis.sys
    2012-09-12 10:42:3941472----a-w-C:\Windows\System32\drivers\RNDISMP.sys
    2012-09-12 10:42:37574464----a-w-C:\Windows\System32\d3d10level9.dll
    2012-09-12 10:42:37490496----a-w-C:\Windows\SysWow64\d3d10level9.dll
    2012-09-12 10:42:35376688----a-w-C:\Windows\System32\drivers\netio.sys
    2012-09-12 10:42:35288624----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
    2012-09-12 10:42:351913200----a-w-C:\Windows\System32\drivers\tcpip.sys
    2012-09-09 09:25:17--------d-----w-C:\Program Files\CCleaner
    2012-09-04 14:17:17--------d-----w-C:\Program Files (x86)\Wuala OverlayIcons
    2012-09-04 14:17:14191504----a-w-C:\Windows\System32\CbFsMntNtf3.dll
    2012-09-04 14:17:13223760----a-w-C:\Windows\SysWow64\CbFsNetRdr3.dll
    2012-09-04 14:17:13158224----a-w-C:\Windows\SysWow64\CbFsMntNtf3.dll
    2012-09-04 14:17:13142352----a-w-C:\Windows\System32\CbFsNetRdr3.dll
    2012-09-04 14:17:11348560----a-w-C:\Windows\System32\drivers\cbfs3.sys
    2012-09-04 14:17:10--------d-----w-C:\Program Files (x86)\Wuala CBFS
    2012-09-04 14:17:05--------d-----w-C:\Users\Mark\AppData\Roaming\Wuala
    2012-09-04 14:17:05--------d-----w-C:\Users\Mark\AppData\Local\Wuala
    2012-09-04 14:16:40--------d-----w-C:\Program Files (x86)\Oxford Semiconductor
    2012-09-04 14:16:30--------d-----w-C:\Program Files\LaCie
    2012-09-04 14:13:00--------d-----w-C:\Users\Mark\AppData\Roaming\Genie-Soft
    2012-09-04 14:12:38--------d-----w-C:\Program Files\Genie-Soft
    2012-08-28 10:43:26--------d-----w-C:\Users\Mark\AppData\Local\{1684B29B-40B0-4CC5-BB78-AFF79EB6B852}
    2012-08-25 12:45:30--------d-----w-C:\Users\Mark\AppData\Roaming\2K Games
    2012-08-24 09:20:31--------d-----w-C:\Expat Shield
    2012-08-24 09:19:58--------d-----w-C:\Program Files (x86)\Expat Shield
    2012-08-23 14:24:08--------d-----w-C:\Users\Mark\AppData\Local\ElevatedDiagnostics
    .
    ==================== Find3M ====================
    .
    2012-08-21 12:01:20125872----a-w-C:\Windows\System32\GEARAspi64.dll
    2012-08-21 12:01:20106928----a-w-C:\Windows\SysWow64\GEARAspi.dll
    2012-08-15 11:09:3170344----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-08-15 11:09:31426184----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-07-29 18:52:38101688----a-w-C:\Windows\System32\drivers\RapportKE64.sys
    2012-07-26 10:26:21175736----a-w-C:\Windows\System32\drivers\SYMEVENT64x86.SYS
    2012-07-18 18:15:063148800----a-w-C:\Windows\System32\win32k.sys
    2012-07-09 12:42:564547984----a-w-C:\Windows\System32\usbaaplrc.dll
    2012-07-09 12:42:5452736----a-w-C:\Windows\System32\drivers\usbaapl64.sys
    2012-07-06 20:07:42552960----a-w-C:\Windows\System32\drivers\bthport.sys
    2012-07-06 02:17:5837536----a-w-C:\Windows\System32\drivers\N360x64\0603000.00E\srtspx64.sys
    2012-07-06 02:17:57737952----a-w-C:\Windows\System32\drivers\N360x64\0603000.00E\srtsp64.sys
    2012-07-04 22:13:2759392----a-w-C:\Windows\System32\browcli.dll
    2012-07-04 22:13:27136704----a-w-C:\Windows\System32\browser.dll
    2012-07-04 21:14:3441984----a-w-C:\Windows\SysWow64\browcli.dll
    2012-06-27 07:06:531188864----a-w-C:\Windows\System32\wininet.dll
    2012-06-27 05:53:07981504----a-w-C:\Windows\SysWow64\wininet.dll
    2012-06-27 04:53:101638912----a-w-C:\Windows\System32\mshtml.tlb
    2012-06-27 04:10:551638912----a-w-C:\Windows\SysWow64\mshtml.tlb
    .
     
  2. markfw

    markfw TS Rookie Topic Starter

    To be more specific, I've had several problems lately. 1) page called something like itlitlitlitl opening up when I click on any link, along with the page im trying to view, 2) a small window with deals opening up randomly when I click a link, trying to persuade me to buy various products, its not linked to any specific websites so must be on my pc, 3) facebook has been taken over with a whole load of ads, including ones which say "this advert is not one of ours, facebook" or words to that effect and 4) I recently tried to buy some football tickets but when I put my cursor over the "buy" button, something appeared between my cursor and the button, which took me to a site where I could buy football paraphenalia

    I had a day or two between expiry and renewal of my antivirus program so I suspect this stuff snuck in at that stage

    I'd greatly appreciate help with this, thank you!
     
  3. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,282   +49

    Hello, and welcome to TechSpot.

    Thanks for the fine details.

    [​IMG] Please see here for the board rules and other FAQ.

    Please feel free to introduce yourself, after you follow the steps below to get started.

    Information
    • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
    • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
    • If you have already asked for help somewhere, please post the link to the topic you were helped.
    • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
    • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

    This should take care of most adware:

    Download AdwCleaner by Xplode onto your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your reply.
    • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

    avast! aswMBR

    Please download aswMBR from here

    • Save aswMBR.exe to your Desktop
    • Double click aswMBR.exe to run it
    • Click the Scan button to start the scan as illustrated below

    [​IMG]

    Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

    • Once the scan finishes click Save log to save the log to your Desktop
      [​IMG]
    • Copy and paste the contents of aswMBR.txt back here for review
     
  4. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,282   +49

    Hi! Are you still with us?

    Update us on the status of your computer, we'd still like to help.

    Topic marked inactive.
     
  5. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,282   +49

    Hi! This is the last check-in for you. Please update us on your situation here. We'd love to help!
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...