Auto typing/clicking and loss of right mouse button menu

By tallandhairy · 6 replies
Feb 5, 2011
  1. Hi my main PC is behaving very oddly.
    It is randomly clicking the left mouse button for me and if I leave my cursor in any form of empty text document or a search bar/text box on a web site it starts retyping some comments I made on facebook the other night.

    Because I cannot use the right mouse button I was unable to disable my Virgin virus protection/firewall but it didn't seem to interfere with the scans when following your 8 steps.

    If it is significant to you. the machine is unusable online so I've dragged and dropped the files onto a usb key and written this on my secondary laptop running ubuntu.

    Logs below

    Malwarebytes' Anti-Malware

    Database version: 5684

    Windows 6.0.6002 Service Pack 2

    Internet Explorer 8.0.6001.18999

    05/02/2011 15:11:23

    mbam-log-2011-02-05 (15-11-23).txt

    Scan type: Quick scan

    Objects scanned: 170900

    Time elapsed: 3 minute(s), 50 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 0

    Registry Values Infected: 0

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 0

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    (No malicious items detected)

    Registry Values Infected:

    (No malicious items detected)

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    (No malicious items detected)

    DDS (Ver_10-12-12.02) - NTFS_AMD64

    Run by Dan at 16:05:29.40 on 05/02/2011

    Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_23

    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.8190.5486 [GMT 0:00]

    AV: Virgin Media Security Anti-Virus *Enabled/Updated* {A61154FD-4365-E00F-9A33-13A09AD54B56}

    SP: Virgin Media Security Anti-Spyware *Enabled/Updated* {1D70B519-655F-EF81-A083-28D2E15201EB}

    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    FW: Virgin Media Security Firewall *Enabled* {9E2AD5D8-090A-E157-B16C-BA9564060C2D}

    ============== Running Processes ===============



    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k rpcss

    C:\Windows\System32\svchost.exe -k secsvcs

    C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe


    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k GPSvcGroup


    C:\Windows\system32\svchost.exe -k LocalService

    C:\Program Files (x86)\Virgin Media\Security\Fws.exe


    C:\Windows\system32\svchost.exe -k NetworkService


    C:\Program Files (x86)\Virgin Media\Security\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork


    C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE


    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Program Files (x86)\Virgin Media\Security\RpsSecurityAwareR.exe

    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Windows\System32\svchost.exe -k WerSvcGroup

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE


    C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe




    C:\Program Files (x86)\Virgin Media\Security\rps.exe

    C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

    C:\Windows\System32\svchost.exe -k bdx

    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

    C:\Program Files\Microsoft IntelliPoint\ipoint.exe

    C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

    C:\Program Files\Windows Sidebar\sidebar.exe


    C:\Program Files\Logitech\SetPoint\SetPoint.exe

    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

    C:\Program Files (x86)\Virgin Broadband\advisor\Broadbandadvisor.exe


    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe

    C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe

    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe


    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

    C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe

    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Program Files\Windows Media Player\wmpnscfg.exe






    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://

    mWinlogon: Userinit=userinit.exe

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

    BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

    uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    uRun: [Google Update] "C:\Users\Dan\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

    mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

    mRun: [Broadbandadvisor.exe] "C:\Program Files (x86)\Virgin Broadband\advisor\Broadbandadvisor.exe" /AUTORUN

    mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun

    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

    mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

    mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

    mRunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent

    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe

    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

    mPolicies-explorer: NoActiveDesktop = 1 (0x1)

    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://

    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://


    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://

    DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://

    Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll

    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

    mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    mRun-x64: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe

    mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

    mRun-x64: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

    mRun-x64: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun


    ================= FIREFOX ===================

    FF - ProfilePath - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\gywu2n7f.default\

    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

    FF - plugin: C:\Program Files (x86)\Virgin Broadband\advisor\nprpspa.dll

    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    FF - plugin: C:\Users\Dan\AppData\Local\Google\Update\\npGoogleOneClick8.dll

    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

    FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

    FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}

    ============= SERVICES / DRIVERS ===============

    R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2010-12-7 50672]

    R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2010-12-7 58864]

    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-30 203776]

    R2 atashost;WebEx Service Host for Support Center;C:\Windows\SysWOW64\atashost.exe [2010-8-2 20376]

    R2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2009-7-15 68136]

    R2 Radialpoint Security Services;Virgin Media Security;C:\Program Files (x86)\Virgin Media\Security\RpsSecurityAwareR.exe [2010-1-4 165408]

    R2 RadialpointIDSAgent;RadialpointIDSAgent;C:\Program Files (x86)\Virgin Media\Security\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe [2010-6-12 5832712]

    R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2010-12-7 821048]

    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-7-16 1153368]

    R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2009-8-12 11576]

    R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-10-27 8012288]

    R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-10-27 287232]

    R3 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 27648]

    R3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\System32\drivers\point64k.sys [2009-6-1 33160]

    R3 RadialpointIDSDriver;RadialpointIDSDriver;C:\Program Files (x86)\Virgin Media\Security\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys [2010-6-12 132616]

    R3 RadialpointIDSFilter;RadialpointIDSFilter;C:\Program Files (x86)\Virgin Media\Security\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys [2010-6-12 35848]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-23 48488]

    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]

    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

    S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]

    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]

    S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-8-8 89920]

    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

    =============== File Associations ===============

    JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

    =============== Created Last 30 ================

    2011-02-05 15:06:04 -------- d-----w- C:\Users\Dan\AppData\Roaming\Malwarebytes

    2011-02-05 15:05:36 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

    2011-02-05 15:05:36 -------- d-----w- C:\PROGRA~3\Malwarebytes

    2011-02-05 15:05:32 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys

    2011-02-05 15:05:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

    2011-02-04 20:30:23 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{BC6C5124-073A-4D65-A98C-AA9A35B3CABE}\mpengine.dll

    2011-01-15 17:58:14 -------- d-----w- C:\Temp

    ==================== Find3M ====================

    2011-02-05 15:00:33 23080 ----a-w- C:\Windows\gdrv.sys

    2010-12-28 16:08:18 466944 ----a-w- C:\Windows\System32\odbc32.dll

    2010-12-28 15:55:03 413696 ----a-w- C:\Windows\SysWow64\odbc32.dll

    2010-12-14 16:15:49 1251840 ----a-w- C:\Windows\System32\sdclt.exe

    2010-11-12 18:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

    ============= FINISH: 16:06:03.39 ===============
  2. tallandhairy

    tallandhairy TS Rookie Topic Starter

    Sorry, missed the attach



    DDS (Ver_10-12-12.02)

    Microsoft® Windows Vista™ Home Premium

    Boot Device: \Device\HarddiskVolume2

    Install Date: 15/07/2009 17:13:40

    System Uptime: 05/02/2011 14:59:49 (2 hours ago)

    Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA790X-UD4P

    Processor: AMD Athlon(tm) 7850 Dual-Core Processor | Socket M2 | 2800/200mhz

    ==== Disk Partitions =========================

    A: is Removable

    C: is FIXED (NTFS) - 466 GiB total, 131.147 GiB free.

    D: is CDROM ()

    E: is FIXED (NTFS) - 932 GiB total, 671.597 GiB free.

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP299: 16/01/2011 11:12:30 - Scheduled Checkpoint

    RP300: 20/01/2011 21:23:27 - Windows Update

    RP301: 22/01/2011 10:46:06 - Windows Update

    RP302: 25/01/2011 20:38:32 - Windows Update

    RP303: 27/01/2011 20:10:23 - Scheduled Checkpoint

    RP304: 30/01/2011 18:13:08 - Windows Update

    RP305: 01/02/2011 22:16:52 - Windows Update

    RP306: 03/02/2011 20:36:58 - Scheduled Checkpoint

    RP307: 04/02/2011 20:29:32 - Windows Update

    RP308: 05/02/2011 14:52:53 - Scheduled Checkpoint

    RP310: 05/02/2011 14:55:49 - Windows Defender Checkpoint

    ==== Installed Programs ======================

    7-Zip 4.65

    Adobe AIR

    Adobe Flash Player 10 ActiveX

    Adobe Flash Player 10 Plugin

    Adobe Reader 9.3

    Age of Chivalry

    Age of Empires III

    Age of Mythology

    Alien Breed Obliteration

    Alien Breed: Impact Demo

    Application Profiles

    ATI Catalyst Registration

    Barbarian Invasion

    Battlefield 2(TM)

    Battlefield: Bad Company™ 2

    BBC iPlayer Desktop

    Bing Bar

    Bing Bar Platform


    Browser Configuration Utility

    Call of Duty: Modern Warfare 2

    Call of Duty: Modern Warfare 2 - Multiplayer

    Catalyst Control Center - Branding

    Catalyst Control Center Graphics Previews Common

    Catalyst Control Center Graphics Previews Vista

    Catalyst Control Center InstallProxy


    CCC Help English

    Cisco Network Magic

    Condition Zero

    Condition Zero Deleted Scenes

    Counter-Strike: Source


    Day of Defeat

    DigiGuide TV Guide


    EasySaver B8.1224.1

    Empire: Total War

    Free RAR Extract Frog 1.00

    GameSpy Arcade

    Gigabyte Raid Configurer

    Google Chrome

    Half-Life 2

    Half-Life 2: Episode One

    Half-Life 2: Episode Two

    Half-Life 2: Lost Coast

    Half-Life: Blue Shift

    Half-Life: Source

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

    IrfanView (remove only)

    Java Auto Updater

    Java(TM) 6 Update 23

    Junk Mail filter update

    K-Lite Codec Pack 5.0.5 (Full)

    Left 4 Dead

    Left 4 Dead 2

    Logitech SetPoint

    Malwarebytes' Anti-Malware

    McAfee Security Scan Plus

    Medieval II Total War

    Mesh Runtime

    Messenger Companion

    Microsoft Games for Windows - LIVE

    Microsoft Games for Windows - LIVE Redistributable

    Microsoft Search Enhancement Pack

    Microsoft Silverlight

    Microsoft SQL Server 2005 Compact Edition [ENU]

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Mozilla Firefox (3.6.13)



    MSXML 4.0 SP2 (KB927978)

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    MSXML4 Parser

    Network Magic

    Oolite 3.2

    Opposing Force

    PFPortChecker 1.0.28

    PunkBuster Services

    Pure Networks Platform


    Realtek 8169 8168 8101E 8102E Ethernet Driver

    Realtek High Definition Audio Driver

    Rome - Total War(TM)

    Rome Total War - patch 1.3

    Rome: Total War - Alexander

    Rome: Total War Gold Edition


    RPS PerfectDiskStub

    RPS RpsCore

    Samsung ML-1610 Series

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

    Segoe UI

    Sid Meier's Civilization 4

    Sid Meier's Civilization V

    Spybot - Search & Destroy


    Supreme Commander 2

    Team Fortress 2

    The Lord of the Rings FREE Trial

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

    Virgin Broadband advisor 1.5.24

    Virgin Media Security

    Warhammer 40,000: Dawn of War II

    WebEx Support Manager for Internet Explorer

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Installer

    Windows Live Mail

    Windows Live Mesh

    Windows Live Mesh ActiveX Control for Remote Connections

    Windows Live Messenger

    Windows Live Messenger Companion Core

    Windows Live Movie Maker

    Windows Live Photo Common

    Windows Live Photo Gallery

    Windows Live PIMT Platform

    Windows Live SOXE

    Windows Live SOXE Definitions

    Windows Live Sync

    Windows Live UX Platform

    Windows Live UX Platform Language Pack

    Windows Live Writer

    Windows Live Writer Resources

    X-COM: Apocalypse

    X-COM: Enforcer

    X-COM: Interceptor

    X-COM: Terror from the Deep

    X-COM: UFO Defense

    Zombie Panic! Source

    ==== Event Viewer Messages From Past Week ========

    05/02/2011 15:03:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.

    05/02/2011 15:03:07, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

    05/02/2011 15:00:37, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt RapportKE64 StarOpen

    05/02/2011 15:00:33, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Samsung ML-1610 Series with shared resource name . Error 1215. The printer cannot be used by others on the network.

    ==== End Of File ===========================
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Welcome to TechSpot![​IMG]
    (Image courtesy

    Sounds more like a system problem. But I will review the logs you left. I understand that part of the problem related to the use of the mouse, but if you have any control over the issue, the logs don't need to be double spaced. We will end up with a very long thread!. The right mouse menu is called the Context Menu. It gives you choice to perform activities easily using a choice on that menu instead of going up to Edit or All Programs. We'll work on that. In the meantime, anything you need to do and can't do with the right mouse button can be found by clicking on Edit at the top of your browser. thread!
    Regarding your security: It appears that you are running multiple antivirus programs>Virgin Media uses Radialpoint for security- I'll have to check to see what they use for AV. But I do see AVG loading with Virgin Media. But you also have McAfee Security Scan Plus. Please decide which you want to keep and uninstall the other.

    Give me some time to go through these logs. In the meantime, please run the following> use Edit for any copy and space and do not double-space. When you open Notepad> click on Format> Uncheck WordWrap.
    Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
    Download Combofix to your desktop from one of these locations:
    Link 1
    Link 2
    • Double click combofix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Query- Recovery Console image
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes it will open a text window. Please paste that log in your next reply.
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

    NOTE: If you keep AVG for the AV, you will have to uninstall it to run Combofix. Let me know which you want to keep and I'll give you a tool to help with uninstalling the other.
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    A note on disabling the Virgin Media Security: Click on Start> Run> type in taskmgr.exe> enter> find the following process and click to highlight>


    Then click on End Task

    Since this is a security program, you may get a message telling you you don't have access. But it's worth a try.
  5. tallandhairy

    tallandhairy TS Rookie Topic Starter

    Thank you very much for looking into this for me.

    My other computer is running the on-line scan now.

    The McAfee isnt a full blown anti virus, its just the mini check which I think came with the recent flash updates.

    Are you happy for me to look for it and remove in add/remove programmes?

    Interesting that you found AVG, I don't use it and don't recall ever having installed it previously on this computer.

    thanks again
  6. tallandhairy

    tallandhairy TS Rookie Topic Starter

    I appear to have found the source of the problem.

    Somehow my sidewinder mouse had assigned a macro to the right mouse button.

    I'll run all the sweeps as a precaution, but please consider the case closed.

    Thank you very much for looking into this for me and I am sorry if I have wasted your time.
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    You're welcome. Thanks for the update.

    Removing all of the tools we used and the files and folders they created
    • Uninstall ComboFix and all Backups of the files it deleted
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    • Download OTCleanIt by OldTimer and save it to your Desktop.
    • Double click OTCleanIt.exe.
    • Click the CleanUp! button.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes.

    Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.
    • You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
    • Go to Start > All Programs > Accessories > System Tools
    • Click "System Restore".
    • Choose "Create a Restore Point" on the first screen then click "Next".
    • Give the Restore Point a name> click "Create".
    • Go back and follow the path to > System Tools.
      [*]Choose Disc Cleanup
      [*]Click "OK" to select the partition or drive you want.
      [*]Click the "More Options" Tab.
      [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.

    Empty the Recycle Bin
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...