Hi there,
Computer effected by numerous Trojan Horses, have tried using a number of spyware, virus and Trojan Horse removers, but none are effective.
Sireref.AH and .AC is the main problem. Info as requested below. Please help me someone...

DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Mark Farmer 1 at 16:01:47 on 2012-04-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2815.1215 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Nuance\dgnsvc.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\System Control Manager\MSIService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\NLSSRV32.EXE
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k HPService
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\NCH Software\Talk\talk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\Mark Farmer 1\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://www.aldi.com
mStart Page = about:blank
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Do-Not-Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0357.1\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0357.1\npwinext.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [KiesTrayAgent]
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe" -s
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [Google Update] "c:\users\mark farmer 1\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Spotify] "c:\users\mark farmer 1\appdata\roaming\spotify\spotify.exe" /uri spotify:autostart
uRun: [4F1A88D1F60001C8FB17F68265AF572A1BD5547B._service_run] "c:\users\mark farmer 1\appdata\local\google\chrome\application\chrome.exe" --type=service
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /s
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0357.1\mswinext.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Corel File Shell Monitor] c:\program files\corel\corel paintshop photo pro\x3\pspclassic\CorelIOMonitor.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [DNS7reminder] "c:\program files\nuance\naturallyspeaking11\ereg\ereg.exe" -r "c:\programdata\nuance\naturallyspeaking11\Ereg.ini
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Talk] "c:\program files\nch software\talk\talk.exe" -logon
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRunOnce: [SPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: c:\users\markfa~2\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\markfa~2\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\citrix~1.lnk - c:\program files\citrix\secure access client\nsload.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-72741-17534-1/4
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DA58ACA7-18A6-403A-93DA-6E4172D43709} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: mswsock.dll
DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} - hxxps://download.yahoo.com/dl/installs/bt/yregucfg.cab
DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} - hxxp://www.auctiva.com/Aurigma/ImageUploader57.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {A8B02DCA-7648-46D6-95A8-B84EC80CA49D} - hxxp://sitemonsterpro.domainmonster.com/Downloads/SWHTTPUploaderProj.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.tescophoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} - hxxps://register.btinternet.com/templates/btwebcontrol028.cab
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{4825EAED-17EA-4EAB-A0CC-4AE78EA087D3} : DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{4825EAED-17EA-4EAB-A0CC-4AE78EA087D3}\244564F4E4 : DhcpNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{4825EAED-17EA-4EAB-A0CC-4AE78EA087D3}\2445F40756E6A7F6E656 : DhcpNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{4825EAED-17EA-4EAB-A0CC-4AE78EA087D3}\4586F6D637F6E6736383836333 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{4825EAED-17EA-4EAB-A0CC-4AE78EA087D3}\75962756C6563737 : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\avgidsehx.sys [2011-12-23 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R0 szkg5;szkg5;c:\windows\system32\drivers\SZKG.sys [2012-2-24 99728]
R0 szkgfs;szkgfs;c:\windows\system32\drivers\SZKGFS.sys [2012-3-29 72080]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2011-5-23 47968]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-2-22 299472]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-6-19 176128]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2012-2-14 2316624]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 DragonSvc;Dragon Service;c:\program files\common files\nuance\dgnsvc.exe [2010-7-23 296808]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-11-14 217088]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-4-10 654408]
R2 Micro Star SCM;Micro Star SCM;c:\program files\system control manager\MSIService.exe [2010-6-24 160768]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NLSSRV32.EXE [2012-3-12 69640]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-6-19 5551104]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-6-19 176128]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-11-14 36640]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-3-6 22344]
R3 Net6IM;Net6;c:\windows\system32\drivers\net6im51.sys [2009-7-23 73880]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-3-21 362600]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-4-1 1009184]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-6-23 30392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2012-2-24 99728]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-2-14 5104992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-28 136176]
S2 mclogmanagerservice;Atimtag;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S2 pavatscheduler;Unrealircd;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-4-11 1153368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-11-23 78136]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-28 136176]
S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2010-6-18 136304]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\netr28u.sys [2009-9-15 807936]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-11-24 181432]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-6 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-24 1343400]
.
=============== Created Last 30 ================
.
2012-04-11 14:42:23 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{11f41e10-0f11-4a6a-aaa5-d7f75172f917}\offreg.dll
2012-04-11 14:23:30 101112 ----a-r- c:\windows\system32\drivers\SBREDrv.sys
2012-04-11 14:23:13 -------- d-----w- c:\program files\STOPzilla!
2012-04-11 14:23:10 -------- d-----w- c:\program files\common files\iS3
2012-04-11 14:23:06 -------- d-----w- c:\programdata\STOPzilla!
2012-04-11 11:28:43 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-04-11 11:28:43 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-04-11 10:19:30 -------- d-----w- c:\users\mark farmer 1\appdata\roaming\AVG2012
2012-04-11 10:19:10 -------- d--h--w- c:\programdata\Common Files
2012-04-11 10:17:49 -------- d--h--w- C:\$AVG
2012-04-11 10:17:48 -------- d-----w- c:\windows\system32\drivers\AVG
2012-04-11 10:17:48 -------- d-----w- c:\programdata\AVG2012
2012-04-11 09:58:54 -------- d-----w- c:\program files\AVG
2012-04-11 09:58:04 335504 ----a-w- c:\windows\system32\drivers\TrufosAlt.sys
2012-04-11 09:50:52 -------- d-----w- c:\programdata\MFAData
2012-04-11 09:44:04 -------- d-----w- c:\users\mark farmer 1\appdata\local\{14B4618C-FA6D-43C8-A7CC-30CA1882EE6F}
2012-04-11 09:43:49 -------- d-----w- c:\users\mark farmer 1\appdata\local\{36B34D1D-88E6-4857-BACE-C7B5F5071B73}
2012-04-11 09:40:33 3867720 ----a-w- c:\users\mark farmer 1\avg_isct_stb_all_2012_2127_free.exe
2012-04-11 09:19:26 -------- d-----w- c:\windows\en
2012-04-11 09:09:16 89944 ----a-w- c:\program files\common files\windows live\.cache\c51a62181cd17c201\DSETUP.dll
2012-04-11 09:09:16 537432 ----a-w- c:\program files\common files\windows live\.cache\c51a62181cd17c201\DXSETUP.exe
2012-04-11 09:09:16 1801048 ----a-w- c:\program files\common files\windows live\.cache\c51a62181cd17c201\dsetup32.dll
2012-04-11 09:04:46 -------- d-----w- c:\users\mark farmer 1\appdata\local\{7AC99984-C657-426A-BC26-C59481CC011A}
2012-04-11 09:02:53 -------- d-----w- c:\users\mark farmer 1\appdata\local\{B13490C7-6FE4-4DEA-B70C-389A9454CCD1}
2012-04-11 08:42:07 -------- d-----w- c:\users\mark farmer 1\appdata\local\{E872289A-7DB3-406C-BBB6-743C16FE609B}
2012-04-11 08:40:26 -------- d-----w- c:\users\mark farmer 1\appdata\local\{AB1F747A-8C02-4DC1-BBF3-C33950758490}
2012-04-11 08:01:19 -------- d-----w- c:\users\mark farmer 1\appdata\local\{10D69062-5DCE-4F85-8602-EDFD80D6A8F9}
2012-04-11 07:41:46 6582328 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{11f41e10-0f11-4a6a-aaa5-d7f75172f917}\mpengine.dll
2012-04-10 15:38:02 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-04-10 15:18:51 711240 ----a-w- c:\windows\isRS-000.tmp
2012-04-10 12:26:00 -------- d-----w- c:\users\mark farmer 1\appdata\local\{F5BA1F5C-3F22-4CF1-B47F-0E6170230144}
2012-04-06 09:54:18 -------- d-----w- c:\users\mark farmer 1\appdata\local\Skybound
2012-04-05 22:11:32 -------- d-----w- c:\users\mark farmer 1\appdata\local\{44B5FC50-625D-45A2-8658-36106CCF1707}
2012-04-05 16:15:29 49152 ----a-w- c:\windows\system32\INETWH32.DLL
2012-04-05 16:15:29 28672 ----a-w- c:\windows\system32\nnr.dll
2012-04-05 16:15:29 1056768 ----a-w- c:\windows\system32\ROBOEX32.DLL
2012-04-05 14:04:14 -------- d-----w- c:\users\mark farmer 1\appdata\roaming\TeamViewer
2012-04-05 07:08:16 -------- d-----w- c:\program files\iPod
2012-04-04 12:13:38 23376 ----a-r- c:\windows\system32\SZIO5.dll
2012-04-04 12:13:26 546640 ----a-r- c:\windows\system32\SZComp5.dll
2012-04-04 12:13:22 481104 ----a-r- c:\windows\system32\SZBase5.dll
2012-03-29 15:36:48 72080 ----a-r- c:\windows\system32\drivers\SZKGFS.sys
2012-03-27 16:29:04 -------- d-----w- c:\users\mark farmer 1\website work
2012-03-27 08:20:09 -------- d-----w- c:\users\mark farmer 1\appdata\local\{07834C60-DF10-4152-860B-0EDDE580AC16}
2012-03-26 20:19:27 -------- d-----w- c:\users\mark farmer 1\appdata\local\{E4D90F30-4397-49BA-B087-ABEF8C1587A3}
2012-03-26 20:19:03 -------- d-----w- c:\users\mark farmer 1\appdata\local\{39D66003-F953-4563-8F2E-3C5A2CA73E87}
2012-03-26 08:18:18 -------- d-----w- c:\users\mark farmer 1\appdata\local\{AA4127E7-11ED-4E18-87A1-8B1AC172ED39}
2012-03-25 18:27:37 -------- d-----w- c:\users\mark farmer 1\appdata\local\{4C0B02EB-0144-4F2D-B19D-4BEA6A193325}
2012-03-24 16:33:03 -------- d-----w- c:\users\mark farmer 1\appdata\local\{7AA57D26-C994-419A-8AC3-AFC24DA5EF61}
2012-03-23 08:11:38 -------- d-----w- c:\users\mark farmer 1\appdata\local\{4F73EE87-9224-42B8-9C5D-7CD6BE94CC0F}
2012-03-22 09:58:39 -------- d-----w- c:\windows\Cache
2012-03-22 09:54:41 -------- d-----w- c:\users\mark farmer 1\appdata\local\{F965A277-30A6-44EE-9442-4DEED6C953FF}
2012-03-20 16:54:50 -------- d-----w- c:\users\mark farmer 1\appdata\local\{576BA438-C90B-47D6-8E83-78AA7DBE6F70}
2012-03-20 16:53:55 -------- d-----w- c:\users\mark farmer 1\appdata\local\{B3A4D515-1E90-4A3A-85EA-2A3540EA9F7A}
2012-03-19 17:39:14 -------- d-----w- c:\users\mark farmer 1\appdata\roaming\KeyingTool
2012-03-19 17:14:52 -------- d-----w- c:\programdata\Ancestry.com
2012-03-19 17:12:56 -------- d-----w- c:\users\mark farmer 1\appdata\local\Downloaded Installations
2012-03-19 08:45:25 -------- d-----w- c:\users\mark farmer 1\appdata\local\{E7DAE62E-B180-4F5B-9261-170D8935B011}
2012-03-19 08:44:59 -------- d-----w- c:\users\mark farmer 1\appdata\local\{EACC384E-62DC-4E84-80AF-B2EA8963E913}
2012-03-18 14:49:26 -------- d-----w- c:\users\mark farmer 1\appdata\local\{55B73ABD-619A-423A-AB7C-47AA2E7E3220}
2012-03-17 09:09:17 -------- d-----w- c:\users\mark farmer 1\appdata\local\{BC428FAC-615F-4AA7-A776-C690C48E67D1}
2012-03-16 11:26:49 -------- d-----w- c:\users\mark farmer 1\appdata\local\{6C076E6D-0D0B-410D-B4F6-0088CFB1049C}
2012-03-16 11:26:24 -------- d-----w- c:\users\mark farmer 1\appdata\local\{C1BE37C1-F88D-45C2-8FEC-3888FE57A29E}
2012-03-15 11:10:47 -------- d-----w- c:\users\mark farmer 1\appdata\local\{0349B272-6579-465D-9C0A-7C65D3AAAD0E}
2012-03-15 11:10:25 -------- d-----w- c:\users\mark farmer 1\appdata\local\{B4DFDD4D-7ACE-4D21-8886-44A94A1AB718}
2012-03-15 10:12:34 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-15 10:12:32 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 20:43:08 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 20:43:05 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 20:42:33 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 20:42:33 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 20:42:32 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 20:42:29 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 20:42:29 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 20:42:28 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 17:16:36 27144 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-03-13 17:16:36 18440 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-03-13 17:13:35 -------- d-----w- c:\users\mark farmer 1\appdata\roaming\Downloaded Installations
2012-03-12 22:02:26 69640 ----a-w- c:\windows\system32\NLSSRV32.EXE
2012-03-12 22:00:40 508224 ----a-w- c:\windows\system32\ICCProfiles.dll
.
==================== Find3M ====================
.
2012-04-10 20:38:31 1890 --sha-w- c:\programdata\KGyGaAvL.sys
2012-04-04 14:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-08 17:50:28 49016 ----a-w- c:\windows\system32\sirenacm.dll
2012-03-08 17:37:20 302448 ----a-w- c:\windows\WLXPGSS.SCR
2012-03-05 09:10:14 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-24 14:28:26 99728 ----a-r- c:\windows\system32\drivers\SZKG.sys
2012-02-24 14:28:26 99728 ----a-r- c:\windows\system32\drivers\is3srv.sys
2012-02-23 13:09:44 29008 ----a-r- c:\windows\system32\IS3XDat5.dll
2012-02-23 13:09:42 390992 ----a-r- c:\windows\system32\IS3UI5.dll
2012-02-23 13:09:42 231248 ----a-r- c:\windows\system32\IS3Win325.dll
2012-02-23 13:09:40 100176 ----a-r- c:\windows\system32\IS3Svc5.dll
2012-02-23 13:09:34 132944 ----a-r- c:\windows\system32\IS3HTUI5.dll
2012-02-23 13:09:34 104272 ----a-r- c:\windows\system32\IS3Inet5.dll
2012-02-23 13:09:32 67408 ----a-r- c:\windows\system32\IS3Hks5.dll
2012-02-23 13:09:32 456528 ----a-r- c:\windows\system32\IS3DBA5.dll
2012-02-23 13:09:30 808784 ----a-r- c:\windows\system32\IS3Base5.dll
2012-02-22 04:25:52 299472 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-02-22 04:25:32 235216 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-02-15 11:01:50 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-15 11:01:50 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-31 03:46:50 31952 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2012-01-19 09:22:20 42864 ----a-r- c:\windows\system32\SBBD.EXE
.
============= FINISH: 16:07:24.57 ===============

Also having problems with Tojan horse Hider.QFR

:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.

Running programs with Vista or Windows 7 , you need to Right Click on the program and select RUN AS ADMINISTATOR


You have Microsoft Security Essentials installed, but I am also looking at AVG Anti Virus, more than one AV is overkill and will severely hamper system performance, I would suggest you uninstall AVG

You also have a marker on your log for BitTorrentBar, file sharing of any kind is not recommended, your downloading that file from an unknown source and not all but the better percentage of them contain malware of one form or another, I would never allow any type of file sharing on any of my systems so I suggest you uninstall this one also.


Download TFC (http://oldtimer.geekstogo.com/TFC.exe) to your desktop

Close any open windows.
Double click the TFC icon to run the program
TFC will close all open programs itself in order to run,
Click the Start button to begin the process.
Allow TFC to run uninterrupted.
The program should not take long to finish it's job
Once its finished it should automatically reboot your machine,
if it doesn't, manually reboot to ensure a complete clean





Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)


Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please

Hi Malwarebytes was installed, but removed due to it not finding anything!
Stopzilla reports as attached.

Good Morning,

ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop.

Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button.
Accept any security warnings from your browser.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png
Make sure that the option "Remove found threats" is Unchecked
Push the Start button.
ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time.
When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as
ESETScan. Include the contents of this report in your next reply.
Push the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button.
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png
Please make sure you include the following items in your next post:
The log that was produced after running ESET Online Scanner.

I started the scan five hours ago and it is only 43 per cent of the way through!!
Is this normal?
How long does it usually take??
Thanks for the help so far,
Cheers,
Mark

Mark, depending on your system and can take an hour and sometimes much more, did you disable all the onboard AVs and any Spyware programs that you have ?

Mark, depending on your system and can take an hour and sometimes much more, did you disable all the onboard AVs and any Spyware programs that you have ?

Disabled everything.
Is still only on 43 per cent, but is still scanning, very slowly!
Has so found five viruses.
Mark

OK Mark, just let it run, what it found may be just bad cookies, we can see when its done and we look at the report

Scan report:
C:\TDSSKiller_Quarantine\12.04.2012_10.39.48\rtkt0000\svc0000\tsk0000.dta Win32/Sirefef.DA trojan
C:\TDSSKiller_Quarantine\12.04.2012_10.39.48\rtkt0000\zafs0000\tsk0008.dta Win32/Sirefef.ES trojan
C:\Users\Mark Farmer 1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\6c2d36ca-2f1259f9 multiple threats
C:\Users\Mark Farmer 1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\36c7bc60-72359298 a variant of Java/Exploit.CVE-2010-0842.L trojan
C:\Users\Mark Farmer 1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\4507c520-456ba6cd multiple threats
C:\Users\Mark Farmer 1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\72fb7720-754f77ac a variant of Java/Agent.BP trojan
C:\Users\Mark Farmer 1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\5a2772b6-267aaffc a variant of Java/TrojanDownloader.Agent.NDJ trojan

Mark,

Two of those files are in the Quarantine folder from when TDSSKiller was run and can safely be removed, just go to that folder and oprn it and delete it all.

The rest are in your Java Cache and can be removed


Click on "Start", then on "Control Panel" and then on the Java icon (looks like a coffee cup). If you do not see the icon, look to your left and click "Switch to Classic View".
On the "General" tab, under "Temporary Internet Files", click the "Settings" button.
Next, click on the "Delete Files" button.
There are two options in the window to clear the cache - ("Applications and Applets" and "Trace and Log Files").
Leave BOTH Checked
Click "OK" on Delete Temporary Files Window.
Note: This deletes all of the Downloaded Applications and Applets from the Cache.
Click "OK" to leave the Temporary Files Window.
Click "OK" to leave the Java Control Panel.



How are things running now, we can dig deeper if need be

Hi many thanks for this, have now followed those steps and will see how things are. One thing I have noticed is that a load of windows updates seem to been deleted how the virus removal process and now when I try to update them, it downloads and updates them, but a few minutes after doing this says that they need to download and update again...not sure why this is happening???

Why dont you post here in there windows forum for help with Windows Updates.

http://forums.whatthetech.com/index.php?showforum=119

Like Safer this site is free but you will have to register, you can link them to this thread if you wish so they can see what we have done, I will leave this thread open for you for about a week so post back and let me know if they fixed it. And at that point if you feel your still having issues we can check further