Solved Auto typing/clicking and loss of right mouse button menu

[tallandhairy]

Hi my main PC is behaving very oddly.
It is randomly clicking the left mouse button for me and if I leave my cursor in any form of empty text document or a search bar/text box on a web site it starts retyping some comments I made on facebook the other night.

Because I cannot use the right mouse button I was unable to disable my Virgin virus protection/firewall but it didn't seem to interfere with the scans when following your 8 steps.

If it is significant to you. the machine is unusable online so I've dragged and dropped the files onto a usb key and written this on my secondary laptop running ubuntu.

Logs below

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org



Database version: 5684



Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18999



05/02/2011 15:11:23

mbam-log-2011-02-05 (15-11-23).txt



Scan type: Quick scan

Objects scanned: 170900

Time elapsed: 3 minute(s), 50 second(s)



Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0



Memory Processes Infected:

(No malicious items detected)



Memory Modules Infected:

(No malicious items detected)



Registry Keys Infected:

(No malicious items detected)



Registry Values Infected:

(No malicious items detected)



Registry Data Items Infected:

(No malicious items detected)



Folders Infected:

(No malicious items detected)



Files Infected:

(No malicious items detected)




DDS (Ver_10-12-12.02) - NTFS_AMD64

Run by Dan at 16:05:29.40 on 05/02/2011

Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_23

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.8190.5486 [GMT 0:00]



AV: Virgin Media Security Anti-Virus *Enabled/Updated* {A61154FD-4365-E00F-9A33-13A09AD54B56}

SP: Virgin Media Security Anti-Spyware *Enabled/Updated* {1D70B519-655F-EF81-A083-28D2E15201EB}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Virgin Media Security Firewall *Enabled* {9E2AD5D8-090A-E157-B16C-BA9564060C2D}



============== Running Processes ===============



C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files (x86)\Virgin Media\Security\Fws.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Virgin Media\Security\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\SysWOW64\atashost.exe

C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Virgin Media\Security\RpsSecurityAwareR.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Virgin Media\Security\rps.exe

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

C:\Windows\System32\svchost.exe -k bdx

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files (x86)\Virgin Broadband\advisor\Broadbandadvisor.exe

C:\Windows\Samsung\PanelMgr\SSMMgr.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe

C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\System32\notepad.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Dan\Desktop\dds.scr

C:\Windows\system32\wbem\wmiprvse.exe



============== Pseudo HJT Report ===============



uStart Page = hxxp://uk.yahoo.com/

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Google Update] "C:\Users\Dan\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe

uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun: [Broadbandadvisor.exe] "C:\Program Files (x86)\Virgin Broadband\advisor\Broadbandadvisor.exe" /AUTORUN

mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun

mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun-x64: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe

mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

mRun-x64: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

mRun-x64: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

Hosts: 127.0.0.1 www.spywareinfo.com



================= FIREFOX ===================



FF - ProfilePath - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\gywu2n7f.default\

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Virgin Broadband\advisor\nprpspa.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Dan\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}



============= SERVICES / DRIVERS ===============



R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2010-12-7 50672]

R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2010-12-7 58864]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-30 203776]

R2 atashost;WebEx Service Host for Support Center;C:\Windows\SysWOW64\atashost.exe [2010-8-2 20376]

R2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2009-7-15 68136]

R2 Radialpoint Security Services;Virgin Media Security;C:\Program Files (x86)\Virgin Media\Security\RpsSecurityAwareR.exe [2010-1-4 165408]

R2 RadialpointIDSAgent;RadialpointIDSAgent;C:\Program Files (x86)\Virgin Media\Security\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe [2010-6-12 5832712]

R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2010-12-7 821048]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-7-16 1153368]

R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2009-8-12 11576]

R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-10-27 8012288]

R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-10-27 287232]

R3 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 27648]

R3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\System32\drivers\point64k.sys [2009-6-1 33160]

R3 RadialpointIDSDriver;RadialpointIDSDriver;C:\Program Files (x86)\Virgin Media\Security\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys [2010-6-12 132616]

R3 RadialpointIDSFilter;RadialpointIDSFilter;C:\Program Files (x86)\Virgin Media\Security\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys [2010-6-12 35848]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-23 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]

S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-8-8 89920]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]



=============== File Associations ===============



JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*



=============== Created Last 30 ================



2011-02-05 15:06:04 -------- d-----w- C:\Users\Dan\AppData\Roaming\Malwarebytes

2011-02-05 15:05:36 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-02-05 15:05:36 -------- d-----w- C:\PROGRA~3\Malwarebytes

2011-02-05 15:05:32 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-02-05 15:05:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-02-04 20:30:23 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{BC6C5124-073A-4D65-A98C-AA9A35B3CABE}\mpengine.dll

2011-01-15 17:58:14 -------- d-----w- C:\Temp



==================== Find3M ====================



2011-02-05 15:00:33 23080 ----a-w- C:\Windows\gdrv.sys

2010-12-28 16:08:18 466944 ----a-w- C:\Windows\System32\odbc32.dll

2010-12-28 15:55:03 413696 ----a-w- C:\Windows\SysWow64\odbc32.dll

2010-12-14 16:15:49 1251840 ----a-w- C:\Windows\System32\sdclt.exe

2010-11-12 18:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll



============= FINISH: 16:06:03.39 ===============

 

[tallandhairy]

Sorry, missed the attach

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT



DDS (Ver_10-12-12.02)



Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 15/07/2009 17:13:40

System Uptime: 05/02/2011 14:59:49 (2 hours ago)



Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA790X-UD4P

Processor: AMD Athlon(tm) 7850 Dual-Core Processor | Socket M2 | 2800/200mhz



==== Disk Partitions =========================



A: is Removable

C: is FIXED (NTFS) - 466 GiB total, 131.147 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 932 GiB total, 671.597 GiB free.



==== Disabled Device Manager Items =============



==== System Restore Points ===================



RP299: 16/01/2011 11:12:30 - Scheduled Checkpoint

RP300: 20/01/2011 21:23:27 - Windows Update

RP301: 22/01/2011 10:46:06 - Windows Update

RP302: 25/01/2011 20:38:32 - Windows Update

RP303: 27/01/2011 20:10:23 - Scheduled Checkpoint

RP304: 30/01/2011 18:13:08 - Windows Update

RP305: 01/02/2011 22:16:52 - Windows Update

RP306: 03/02/2011 20:36:58 - Scheduled Checkpoint

RP307: 04/02/2011 20:29:32 - Windows Update

RP308: 05/02/2011 14:52:53 - Scheduled Checkpoint

RP310: 05/02/2011 14:55:49 - Windows Defender Checkpoint



==== Installed Programs ======================



7-Zip 4.65

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.3

Age of Chivalry

Age of Empires III

Age of Mythology

Alien Breed Obliteration

Alien Breed: Impact Demo

Application Profiles

ATI Catalyst Registration

Barbarian Invasion

Battlefield 2(TM)

Battlefield: Bad Company™ 2

BBC iPlayer Desktop

Bing Bar

Bing Bar Platform

Boxee

Browser Configuration Utility

Call of Duty: Modern Warfare 2

Call of Duty: Modern Warfare 2 - Multiplayer

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

ccc-core-static

CCC Help English

Cisco Network Magic

Condition Zero

Condition Zero Deleted Scenes

Counter-Strike: Source

D3DX10

Day of Defeat

DigiGuide TV Guide

DogFighter

EasySaver B8.1224.1

Empire: Total War

Free RAR Extract Frog 1.00

GameSpy Arcade

Gigabyte Raid Configurer

Google Chrome

Half-Life 2

Half-Life 2: Episode One

Half-Life 2: Episode Two

Half-Life 2: Lost Coast

Half-Life: Blue Shift

Half-Life: Source

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

IrfanView (remove only)

Java Auto Updater

Java(TM) 6 Update 23

Junk Mail filter update

K-Lite Codec Pack 5.0.5 (Full)

Left 4 Dead

Left 4 Dead 2

Logitech SetPoint

Malwarebytes' Anti-Malware

McAfee Security Scan Plus

Medieval II Total War

Mesh Runtime

Messenger Companion

Microsoft Games for Windows - LIVE

Microsoft Games for Windows - LIVE Redistributable

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Mozilla Firefox (3.6.13)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML4 Parser

Network Magic

Oolite 1.74.2.3712

OpenOffice.org 3.2

Opposing Force

PFPortChecker 1.0.28

PunkBuster Services

Pure Networks Platform

Rapport

Realtek 8169 8168 8101E 8102E Ethernet Driver

Realtek High Definition Audio Driver

Rome - Total War(TM)

Rome Total War - patch 1.3

Rome: Total War - Alexander

Rome: Total War Gold Edition

RPS CRT

RPS PerfectDiskStub

RPS RpsCore

Samsung ML-1610 Series

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Segoe UI

Sid Meier's Civilization 4

Sid Meier's Civilization V

Spybot - Search & Destroy

Steam

Supreme Commander 2

Team Fortress 2

The Lord of the Rings FREE Trial

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Virgin Broadband advisor 1.5.24

Virgin Media Security

Warhammer 40,000: Dawn of War II

WebEx Support Manager for Internet Explorer

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

X-COM: Apocalypse

X-COM: Enforcer

X-COM: Interceptor

X-COM: Terror from the Deep

X-COM: UFO Defense

Zombie Panic! Source



==== Event Viewer Messages From Past Week ========



05/02/2011 15:03:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.

05/02/2011 15:03:07, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

05/02/2011 15:00:37, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt RapportKE64 StarOpen

05/02/2011 15:00:33, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Samsung ML-1610 Series with shared resource name . Error 1215. The printer cannot be used by others on the network.



==== End Of File ===========================

 

[Bobbye]

Welcome to TechSpot!

(Image courtesy animationplayhouse.com)

Sounds more like a system problem. But I will review the logs you left. I understand that part of the problem related to the use of the mouse, but if you have any control over the issue, the logs don't need to be double spaced. We will end up with a very long thread!. The right mouse menu is called the Context Menu. It gives you choice to perform activities easily using a choice on that menu instead of going up to Edit or All Programs. We'll work on that. In the meantime, anything you need to do and can't do with the right mouse button can be found by clicking on Edit at the top of your browser. thread!
================================
Regarding your security: It appears that you are running multiple antivirus programs>Virgin Media uses Radialpoint for security- I'll have to check to see what they use for AV. But I do see AVG loading with Virgin Media. But you also have McAfee Security Scan Plus. Please decide which you want to keep and uninstall the other.

Give me some time to go through these logs. In the meantime, please run the following> use Edit for any copy and space and do not double-space. When you open Notepad> click on Format> Uncheck WordWrap.
=============================
Run Eset NOD32 Online AntiVirus scan HEREhttp://www.eset.eu/online-scanner

1. Tick the box next to YES, I accept the Terms of Use.
2. Click Start
3. When asked, allow the Active X control to install
4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
5. Click Start
6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
7. Click Scan
8. Wait for the scan to finish
9. Re-enable your Antivirus software.
10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

========================================
Download Combofix to your desktop from one of these locations:
Link 1
Link 2http://www.forospyware.com/sUBs/ComboFix.exe

• Double click combofix.exe & follow the prompts.
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
• Query- Recovery Console image
  
  
  
  

  WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

• Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
  
  
• .Click on Yes, to continue scanning for malware
• .If Combofix asks you to update the program, allow
• .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• .Close any open browsers.
• .Double click combofix.exe
  
  & follow the prompts to run.
• When the scan completes it will open a text window. Please paste that log in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

NOTE: If you keep AVG for the AV, you will have to uninstall it to run Combofix. Let me know which you want to keep and I'll give you a tool to help with uninstalling the other.

 

[Bobbye]

A note on disabling the Virgin Media Security: Click on Start> Run> type in taskmgr.exe> enter> find the following process and click to highlight>

RpsSecurityAwareR.exe

Then click on End Task

Since this is a security program, you may get a message telling you you don't have access. But it's worth a try.

 

[tallandhairy]

Thank you very much for looking into this for me.

My other computer is running the on-line scan now.

The McAfee isnt a full blown anti virus, its just the mini check which I think came with the recent flash updates.

Are you happy for me to look for it and remove in add/remove programmes?

Interesting that you found AVG, I don't use it and don't recall ever having installed it previously on this computer.

thanks again

 

[tallandhairy]

I appear to have found the source of the problem.

Somehow my sidewinder mouse had assigned a macro to the right mouse button.

I'll run all the sweeps as a precaution, but please consider the case closed.

Thank you very much for looking into this for me and I am sorry if I have wasted your time.

 

[Bobbye]

You're welcome. Thanks for the update.

Removing all of the tools we used and the files and folders they created

• Uninstall ComboFix and all Backups of the files it deleted
• Click START> then RUN
• Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  
  

• Download OTCleanIt by OldTimer and save it to your Desktop.
• Double click OTCleanIt.exe.
• Click the CleanUp! button.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes.

Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

• You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
• Go to Start > All Programs > Accessories > System Tools
• Click "System Restore".
• Choose "Create a Restore Point" on the first screen then click "Next".
• Give the Restore Point a name> click "Create".
  
• Go back and follow the path to > System Tools.
  [*]Choose Disc Cleanup
  [*]Click "OK" to select the partition or drive you want.
  [*]Click the "More Options" Tab.
  [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.

Empty the Recycle Bin