Solved Win32:adware-gen[Adw] need help

this file points to an untranslated Japanese game

---- Directory of C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹ ----

 

Hi

OK, so you know what it is and installed it yourself?

Can you start it manually? Don't understand why that would happen.

Let me know.

 

Yes I know what that program is and yes I installed it myself...

as for my AV... I can run and manual AV scan but the AV program has been REMOVED from my startup list not just disabled..

 

Hi
We are talking about Avast correct?

Startup list from where?

Because this shows as running automaticlly.
R2 avast! Antivirus
R2 aswUpdSv;avast! iAVS4 Control Service < update service.


This as manual scans.
R3 avast! Mail Scanner
R3 avast! Web Scanner

 

Start - control panel - change setup programs.... it always used to show up there, its gone now, and I do not have my avast Icon on my toolbar any more.

 

Hi
OK, Try a reboot again and see if they come back.

Let me know.

 

Geri I did the restart... still no luck with the AV. It doe not show up in my startup program list and still no Icon on my tool bar. I did ran a new RSIT log and it shows its running there. Big thing for me right now is to make sure I have all the "BAD FILES" removed.

 

Hi

I'm not seeing anything in the logs, but we will need to run a on line scan.

I still want to see if combofix did something to Avast.
Please Post the contents of this folder. C:\QOOBOX

thanks

 

ok there are four folders, do you need the contents of these folders as well?

BackEnv
Quarantine
Test
TestC

besides that there are like 6 log files


Add-Remove Programs
CFScript_used_2008-10-19@14.35
ComboFix2
ComboFix3
ComboFix4
ComboFix-quarantined-files


Then there are two snapshot files


snapshot@2008-10-19_ 9.02.02.56.dat
snapshot@2008-10-19_ 9.02.02.56_B.dat

 

Hi
No
Please do this.

Highlight and copy the contents of the code box below.

Code:

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v  "avast!" /t REG_SZ /d C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe /f
exit
cls

Click Start>Run and type cmd then hit enter to open a command window. Right click in the command window and select paste. The command window will close on it's own. Restart the computer.

Let me know if it came back.

Thanks

 

Geri, no luck with that. checked my list of startup Programs and avast is still not showing there and still no Icon on my tool bar.

ran a RSIT log avast does show up there and running with all of its services.

 

Hi
OK please post a new RSIT's log.txt

Thanks

 

Logfile of random's system information tool 1.04 (written by random/random)
Run by Slips at 2008-10-19 17:37:27
Microsoft® Windows Vistaâ„¢ Home Premium Service Pack 1
System drive C: has 119 GB (68%) free of 175 GB
Total RAM: 3069 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:37:29, on 10/19/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\atwtusb.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\WTMKM.exe
C:\Program Files\windows defender\MSASCui.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Users\Slips\Documents\Vuze\Azureus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Slips\Downloads\RSIT.exe
C:\Program Files\trend micro\Slips.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.devryu.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

--
End of file - 4375 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NvCplDaemon "=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
"NvMediaCenter "=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
"SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"atwtusb "=C:\Windows\system32\atwtusb.exe [2007-05-29 360096]
"Ulead AutoDetector v2 "=C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2006-11-29 90112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176]
"WMPNSCFG "=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"EnableUIADesktopToggle "=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives "=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=
"NoDrives "=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-10-25 17:02:46 ----A---- C:\Windows\AVerTV.ini
2008-10-19 14:43:02 ----A---- C:\ComboFix.txt
2008-10-19 14:39:12 ----D---- C:\Windows\temp
2008-10-19 14:34:42 ----D---- C:\ComboFix
2008-10-19 08:57:09 ----A---- C:\Windows\zip.exe
2008-10-19 08:57:09 ----A---- C:\Windows\VFIND.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWXCACLS.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWSC.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWREG.exe
2008-10-19 08:57:09 ----A---- C:\Windows\sed.exe
2008-10-19 08:57:09 ----A---- C:\Windows\NIRCMD.exe
2008-10-19 08:57:09 ----A---- C:\Windows\grep.exe
2008-10-19 08:57:09 ----A---- C:\Windows\fdsv.exe
2008-10-19 08:57:06 ----D---- C:\Windows\ERDNT
2008-10-19 08:57:06 ----D---- C:\Qoobox
2008-10-18 13:46:06 ----D---- C:\Users\Slips\AppData\Roaming\Malwarebytes
2008-10-18 13:46:02 ----D---- C:\ProgramData\Malwarebytes
2008-10-18 13:46:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-17 06:36:00 ----A---- C:\Windows\Wininit.INI
2008-10-17 06:31:53 ----D---- C:\rsit
2008-10-17 06:20:31 ----D---- C:\Program Files\Trend Micro
2008-10-17 02:11:34 ----A---- C:\Windows\unins000.exe
2008-10-17 01:59:03 ----A---- C:\Windows\system32\cont_adzgalore-remove.exe
2008-10-17 01:17:09 ----D---- C:\Users\Slips\AppData\Roaming\Math Mechanixs
2008-10-17 01:17:09 ----D---- C:\ProgramData\Math Mechanixs
2008-10-17 01:16:46 ----D---- C:\Program Files\Math Mechanixs
2008-10-16 15:20:49 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Users\Slips\AppData\Roaming\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-16 15:14:20 ----A---- C:\Windows\UNBOC.EXE
2008-10-16 15:14:19 ----A---- C:\Windows\CMDLIC.DLL
2008-10-16 15:14:06 ----D---- C:\Program Files\Comodo
2008-10-16 15:02:12 ----A---- C:\Windows\system32\tmp.txt
2008-10-16 15:02:02 ----A---- C:\Windows\system32\WS2Fix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VCCLSID.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VACFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\SrchSTS.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\Process.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\o4Patch.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.C.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\dumphive.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\AntiXPVSTFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\404Fix.exe
2008-10-16 03:18:21 ----D---- C:\Users\Slips\AppData\Roaming\vlc
2008-10-16 03:18:01 ----D---- C:\Program Files\VideoLAN
2008-10-16 02:45:43 ----AD---- C:\ProgramData\TEMP
2008-10-16 02:08:31 ----A---- C:\Windows\system32\uxtuneup.dll
2008-10-16 02:08:31 ----A---- C:\Windows\system32\authuitu.dll
2008-10-16 02:08:30 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2008-10-16 02:07:55 ----D---- C:\ProgramData\TuneUp Software
2008-10-16 02:07:42 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-10-16 01:31:19 ----D---- C:\Users\Slips\AppData\Roaming\TuneUp Software
2008-10-14 18:48:41 ----D---- C:\Users\Slips\AppData\Roaming\Ulead Systems
2008-10-14 18:12:42 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 18:12:35 ----A---- C:\Windows\system32\EncDec.dll
2008-10-14 18:12:34 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 09:12:35 ----D---- C:\ProgramData\AppData
2008-10-14 08:45:05 ----D---- C:\Users\Slips\AppData\Roaming\Autodesk
2008-10-14 08:42:35 ----D---- C:\ProgramData\InstallShield
2008-10-14 08:40:49 ----N---- C:\Windows\system32\ROBOEX32.DLL
2008-10-14 08:40:49 ----N---- C:\Windows\system32\INETWH32.dll
2008-10-14 08:40:47 ----D---- C:\Program Files\Ulead Systems
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files\Ulead Systems
2008-10-14 08:40:37 ----D---- C:\ProgramData\Ulead Systems
2008-10-14 08:37:37 ----D---- C:\ProgramData\Tablet
2008-10-14 08:37:29 ----D---- C:\Windows\udtablet
2008-10-14 08:37:29 ----A---- C:\Windows\system32\WINTAB32.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\UTBLFILT.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TblRes.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TBLMOUSE.EXE
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Tblfunc.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\InstallService.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Funckey.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\atwtusb.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\ATWinLog.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\WTMKM.exe
2008-10-14 08:37:28 ----A---- C:\Windows\system32\BCGCBPRO730.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\ATWTINK.DLL
2008-10-14 08:37:28 ----A---- C:\Windows\RmTablet.exe
2008-10-14 08:37:27 ----D---- C:\Windows\calib_da
2008-10-14 08:37:27 ----A---- C:\Windows\system32\XP_2000.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Vista.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Photoshop Elements.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\PhotoImpact XL SE.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\MKProfile.ini
2008-10-14 08:37:27 ----A---- C:\Windows\aiptbl.ini
2008-10-14 08:32:12 ----D---- C:\Program Files\Autodesk
2008-10-14 08:31:29 ----D---- C:\ProgramData\Autodesk
2008-10-14 08:31:29 ----D---- C:\Program Files\Common Files\Autodesk Shared
2008-10-14 07:21:05 ----D---- C:\ProgramData\SITEguard
2008-10-14 07:20:39 ----D---- C:\ProgramData\STOPzilla!
2008-10-14 07:20:39 ----D---- C:\Program Files\Common Files\iS3
2008-10-11 23:22:07 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-10 16:07:24 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-10-10 16:07:20 ----D---- C:\Program Files\Windows Live
2008-10-10 16:07:06 ----D---- C:\ProgramData\WLInstaller
2008-10-10 15:07:57 ----D---- C:\ProgramData\GRAW2
2008-10-10 15:05:01 ----D---- C:\ProgramData\Media Center Programs
2008-10-10 01:45:40 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-10 01:45:35 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-09 22:37:19 ----D---- C:\Users\Slips\AppData\Roaming\teamspeak2
2008-10-09 22:37:09 ----D---- C:\Program Files\Teamspeak2_RC2
2008-10-09 22:30:34 ----D---- C:\ProgramData\America's Army Deploy Client
2008-10-09 22:30:26 ----D---- C:\Program Files\America's Army Deploy Client
2008-10-09 08:23:51 ----D---- C:\Users\Slips\AppData\Roaming\LimeWire
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaws.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaw.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\java.exe
2008-10-09 08:22:29 ----D---- C:\Program Files\Java
2008-10-09 08:22:15 ----D---- C:\Program Files\Common Files\Java
2008-10-09 08:19:45 ----D---- C:\Program Files\LimeWire
2008-10-04 20:21:57 ----D---- C:\Program Files\—zŽË‚µâ€šÃŒâ€™â€ â€šÃŒÆ’Å Æ’Aƒ‹
2008-09-29 12:29:34 ----D---- C:\Windows\system32\AGEIA
2008-09-29 12:29:34 ----D---- C:\Program Files\AGEIA Technologies
2008-09-29 12:29:29 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-29 12:29:21 ----A---- C:\Windows\system32\nvcplui.exe
2008-09-29 12:28:41 ----A---- C:\Windows\system32\NVUNINST.EXE
2008-09-24 22:41:14 ----D---- C:\Users\Slips\AppData\Roaming\InstallShield
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAudio2_2.dll
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\xactengine3_2.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DX9_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\d3dx10_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx9_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xinput1_3.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx10_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_6.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_5.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx10.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_4.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-09-21 13:01:31 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-09-21 13:01:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-09-21 13:00:40 ----D---- C:\Windows\system32\directx
2008-09-21 12:10:38 ----D---- C:\Users\Slips\AppData\Roaming\My Games
2008-09-21 11:42:01 ----D---- C:\Program Files\DAEMON Tools Lite
2008-09-21 11:39:45 ----D---- C:\Users\Slips\AppData\Roaming\DAEMON Tools
2008-09-21 11:34:50 ----D---- C:\Users\Slips\AppData\Roaming\Uniblue
2008-09-21 11:01:48 ----D---- C:\ProgramData\Azureus
2008-09-21 11:01:47 ----D---- C:\Users\Slips\AppData\Roaming\Azureus

======List of files/folders modified in the last 1 months======

2008-10-19 17:14:49 ----D---- C:\Windows\System32
2008-10-19 17:14:49 ----D---- C:\Windows\inf
2008-10-19 17:14:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-10-19 15:16:24 ----D---- C:\Windows\Prefetch
2008-10-19 14:43:03 ----D---- C:\Windows\system32\drivers
2008-10-19 14:43:02 ----D---- C:\Windows
2008-10-19 14:41:05 ----A---- C:\Windows\system.ini
2008-10-19 14:39:28 ----D---- C:\Windows\system32\config
2008-10-19 14:36:23 ----D---- C:\Windows\AppPatch
2008-10-19 14:36:23 ----D---- C:\Program Files\Common Files
2008-10-19 14:35:13 ----SHD---- C:\System Volume Information
2008-10-19 14:34:42 ----D---- C:\Windows\system32\en-US
2008-10-18 13:46:02 ----RD---- C:\Program Files
2008-10-18 13:46:02 ----HD---- C:\ProgramData
2008-10-17 04:41:40 ----D---- C:\Windows\system32\Tasks
2008-10-17 03:38:30 ----SD---- C:\ProgramData\Microsoft
2008-10-17 03:37:24 ----A---- C:\Windows\ntbtlog.txt
2008-10-17 03:16:30 ----D---- C:\Windows\system32\catroot2
2008-10-17 01:59:03 ----D---- C:\Program Files\Mozilla Firefox
2008-10-16 15:20:44 ----SHD---- C:\Windows\Installer
2008-10-16 05:18:10 ----D---- C:\Windows\system32\WDI
2008-10-16 02:08:33 ----D---- C:\Windows\Tasks
2008-10-14 19:01:51 ----SD---- C:\Users\Slips\AppData\Roaming\Microsoft
2008-10-14 18:31:42 ----D---- C:\Windows\Microsoft.NET
2008-10-14 18:31:39 ----RSD---- C:\Windows\assembly
2008-10-14 18:27:45 ----D---- C:\Windows\winsxs
2008-10-14 18:17:41 ----D---- C:\Windows\system32\catroot
2008-10-14 18:15:41 ----D---- C:\Windows\ehome
2008-10-14 18:15:41 ----D---- C:\Program Files\Windows Mail
2008-10-14 18:15:40 ----D---- C:\Windows\system32\migration
2008-10-14 18:13:56 ----D---- C:\ProgramData\Microsoft Help
2008-10-14 08:42:33 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-14 08:40:49 ----RSD---- C:\Windows\Fonts
2008-10-14 08:40:47 ----SD---- C:\Windows\Downloaded Program Files
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files\InstallShield
2008-10-14 08:37:37 ----A---- C:\Windows\win.ini
2008-10-11 23:40:26 ----D---- C:\Windows\rescache
2008-10-11 23:16:35 ----D---- C:\Program Files\Common Files\microsoft shared
2008-10-10 01:45:35 ----D---- C:\Windows\system32\LogFiles
2008-10-07 15:19:40 ----A---- C:\Windows\system32\mrt.exe
2008-10-06 04:27:51 ----D---- C:\Windows\Minidump
2008-09-29 12:30:55 ----D---- C:\ProgramData\NVIDIA
2008-09-29 03:01:30 ----D---- C:\Windows\LiveKernelReports
2008-09-21 13:00:40 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2008-09-03 8944]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2008-09-03 55024]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 BT848;AVerMedia AVerTV WDM Video Capture (878); C:\Windows\system32\drivers\Bt848.sys [2004-07-06 163840]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-19 220672]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 a9349gcc;a9349gcc; C:\Windows\system32\drivers\a9349gcc.sys []
S3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-14 79360]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit; D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-10 66872]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-05 33800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-10-16 355584]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

 

Hmmm
OK lets try it this way.

Open “Notepad” Copy the contents of the code box below to the blank Notepad.
Click "File" > "Save as "
In the "Save In" box at the top click the down arrow and select DeskTop

In the “File name” type in: fix.reg
In the “Save As Type” select: All Files
Once saved, Go to your desktop right click on “fix.reg file” > run as adminstrator and let it merge with the registry.

Code:

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 "avast! "= "C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe "

Restart the computer.

Post a new RSIT log.

Thanks

I have to run my Grandson home, so it will be a while be for I get back.

Geri

 

Geri thank you for your time.

ok I followed the above post. Now it did not give me the option to "run as admin ", I checked my other programs and I can still run them as Admin.

the only option it gave me was "Merge ". I want ahead and tried to merge the file and got this error...
"Cannot import c:\users\slips\desktop\fix.reg: not all data was successfully written to the registry. Some keys are open by system or other processes."

 

Hi
OK please try it in safe mode. It would not work because Avast was running.

Thanks

 

Geri you are the man... are there any problems you cant fix. Again thank you for all your time and hard work.

 

Hi
OK
I need to see a new RSIT log, if it's OK then we'll go for the on line scan.

Well. to be honest I had a little help with this problem. Thanks Dave.

 

here's the RSIT log file



Logfile of random's system information tool 1.04 (written by random/random)
Run by Slips at 2008-10-19 20:33:43
Microsoft® Windows Vistaâ„¢ Home Premium Service Pack 1
System drive C: has 119 GB (68%) free of 175 GB
Total RAM: 3069 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:33:49, on 10/19/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\atwtusb.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\WTMKM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Users\Slips\Documents\Vuze\Azureus.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Slips\Downloads\RSIT.exe
C:\Program Files\trend micro\Slips.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.devryu.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

--
End of file - 4408 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NvCplDaemon "=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
"NvMediaCenter "=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
"SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"atwtusb "=C:\Windows\system32\atwtusb.exe [2007-05-29 360096]
"Ulead AutoDetector v2 "=C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2006-11-29 90112]
"avast! "=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176]
"WMPNSCFG "=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"EnableUIADesktopToggle "=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives "=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=
"NoDrives "=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-10-25 17:02:46 ----A---- C:\Windows\AVerTV.ini
2008-10-19 14:43:02 ----A---- C:\ComboFix.txt
2008-10-19 14:39:12 ----D---- C:\Windows\temp
2008-10-19 14:34:42 ----D---- C:\ComboFix
2008-10-19 08:57:09 ----A---- C:\Windows\zip.exe
2008-10-19 08:57:09 ----A---- C:\Windows\VFIND.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWXCACLS.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWSC.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWREG.exe
2008-10-19 08:57:09 ----A---- C:\Windows\sed.exe
2008-10-19 08:57:09 ----A---- C:\Windows\NIRCMD.exe
2008-10-19 08:57:09 ----A---- C:\Windows\grep.exe
2008-10-19 08:57:09 ----A---- C:\Windows\fdsv.exe
2008-10-19 08:57:06 ----D---- C:\Windows\ERDNT
2008-10-19 08:57:06 ----D---- C:\Qoobox
2008-10-18 13:46:06 ----D---- C:\Users\Slips\AppData\Roaming\Malwarebytes
2008-10-18 13:46:02 ----D---- C:\ProgramData\Malwarebytes
2008-10-18 13:46:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-17 06:36:00 ----A---- C:\Windows\Wininit.INI
2008-10-17 06:31:53 ----D---- C:\rsit
2008-10-17 06:20:31 ----D---- C:\Program Files\Trend Micro
2008-10-17 02:11:34 ----A---- C:\Windows\unins000.exe
2008-10-17 01:59:03 ----A---- C:\Windows\system32\cont_adzgalore-remove.exe
2008-10-17 01:17:09 ----D---- C:\Users\Slips\AppData\Roaming\Math Mechanixs
2008-10-17 01:17:09 ----D---- C:\ProgramData\Math Mechanixs
2008-10-17 01:16:46 ----D---- C:\Program Files\Math Mechanixs
2008-10-16 15:20:49 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Users\Slips\AppData\Roaming\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-16 15:14:20 ----A---- C:\Windows\UNBOC.EXE
2008-10-16 15:14:19 ----A---- C:\Windows\CMDLIC.DLL
2008-10-16 15:14:06 ----D---- C:\Program Files\Comodo
2008-10-16 15:02:12 ----A---- C:\Windows\system32\tmp.txt
2008-10-16 15:02:02 ----A---- C:\Windows\system32\WS2Fix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VCCLSID.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VACFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\SrchSTS.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\Process.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\o4Patch.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.C.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\dumphive.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\AntiXPVSTFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\404Fix.exe
2008-10-16 03:18:21 ----D---- C:\Users\Slips\AppData\Roaming\vlc
2008-10-16 03:18:01 ----D---- C:\Program Files\VideoLAN
2008-10-16 02:45:43 ----AD---- C:\ProgramData\TEMP
2008-10-16 02:08:31 ----A---- C:\Windows\system32\uxtuneup.dll
2008-10-16 02:08:31 ----A---- C:\Windows\system32\authuitu.dll
2008-10-16 02:08:30 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2008-10-16 02:07:55 ----D---- C:\ProgramData\TuneUp Software
2008-10-16 02:07:42 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-10-16 01:31:19 ----D---- C:\Users\Slips\AppData\Roaming\TuneUp Software
2008-10-14 18:48:41 ----D---- C:\Users\Slips\AppData\Roaming\Ulead Systems
2008-10-14 18:12:42 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 18:12:35 ----A---- C:\Windows\system32\EncDec.dll
2008-10-14 18:12:34 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 09:12:35 ----D---- C:\ProgramData\AppData
2008-10-14 08:45:05 ----D---- C:\Users\Slips\AppData\Roaming\Autodesk
2008-10-14 08:42:35 ----D---- C:\ProgramData\InstallShield
2008-10-14 08:40:49 ----N---- C:\Windows\system32\ROBOEX32.DLL
2008-10-14 08:40:49 ----N---- C:\Windows\system32\INETWH32.dll
2008-10-14 08:40:47 ----D---- C:\Program Files\Ulead Systems
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files\Ulead Systems
2008-10-14 08:40:37 ----D---- C:\ProgramData\Ulead Systems
2008-10-14 08:37:37 ----D---- C:\ProgramData\Tablet
2008-10-14 08:37:29 ----D---- C:\Windows\udtablet
2008-10-14 08:37:29 ----A---- C:\Windows\system32\WINTAB32.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\UTBLFILT.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TblRes.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TBLMOUSE.EXE
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Tblfunc.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\InstallService.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Funckey.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\atwtusb.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\ATWinLog.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\WTMKM.exe
2008-10-14 08:37:28 ----A---- C:\Windows\system32\BCGCBPRO730.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\ATWTINK.DLL
2008-10-14 08:37:28 ----A---- C:\Windows\RmTablet.exe
2008-10-14 08:37:27 ----D---- C:\Windows\calib_da
2008-10-14 08:37:27 ----A---- C:\Windows\system32\XP_2000.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Vista.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Photoshop Elements.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\PhotoImpact XL SE.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\MKProfile.ini
2008-10-14 08:37:27 ----A---- C:\Windows\aiptbl.ini
2008-10-14 08:32:12 ----D---- C:\Program Files\Autodesk
2008-10-14 08:31:29 ----D---- C:\ProgramData\Autodesk
2008-10-14 08:31:29 ----D---- C:\Program Files\Common Files\Autodesk Shared
2008-10-14 07:21:05 ----D---- C:\ProgramData\SITEguard
2008-10-14 07:20:39 ----D---- C:\ProgramData\STOPzilla!
2008-10-14 07:20:39 ----D---- C:\Program Files\Common Files\iS3
2008-10-11 23:22:07 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-10 16:07:24 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-10-10 16:07:20 ----D---- C:\Program Files\Windows Live
2008-10-10 16:07:06 ----D---- C:\ProgramData\WLInstaller
2008-10-10 15:07:57 ----D---- C:\ProgramData\GRAW2
2008-10-10 15:05:01 ----D---- C:\ProgramData\Media Center Programs
2008-10-10 01:45:40 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-10 01:45:35 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-09 22:37:19 ----D---- C:\Users\Slips\AppData\Roaming\teamspeak2
2008-10-09 22:37:09 ----D---- C:\Program Files\Teamspeak2_RC2
2008-10-09 22:30:34 ----D---- C:\ProgramData\America's Army Deploy Client
2008-10-09 22:30:26 ----D---- C:\Program Files\America's Army Deploy Client
2008-10-09 08:23:51 ----D---- C:\Users\Slips\AppData\Roaming\LimeWire
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaws.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaw.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\java.exe
2008-10-09 08:22:29 ----D---- C:\Program Files\Java
2008-10-09 08:22:15 ----D---- C:\Program Files\Common Files\Java
2008-10-09 08:19:45 ----D---- C:\Program Files\LimeWire
2008-10-04 20:21:57 ----D---- C:\Program Files\—zŽË‚µâ€šÃŒâ€™â€ â€šÃŒÆ’Å Æ’Aƒ‹
2008-09-29 12:29:34 ----D---- C:\Windows\system32\AGEIA
2008-09-29 12:29:34 ----D---- C:\Program Files\AGEIA Technologies
2008-09-29 12:29:29 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-29 12:29:21 ----A---- C:\Windows\system32\nvcplui.exe
2008-09-29 12:28:41 ----A---- C:\Windows\system32\NVUNINST.EXE
2008-09-24 22:41:14 ----D---- C:\Users\Slips\AppData\Roaming\InstallShield
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAudio2_2.dll
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\xactengine3_2.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DX9_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\d3dx10_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx9_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xinput1_3.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx10_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_6.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_5.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx10.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_4.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-09-21 13:01:31 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-09-21 13:01:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-09-21 13:00:40 ----D---- C:\Windows\system32\directx
2008-09-21 12:10:38 ----D---- C:\Users\Slips\AppData\Roaming\My Games
2008-09-21 11:42:01 ----D---- C:\Program Files\DAEMON Tools Lite
2008-09-21 11:39:45 ----D---- C:\Users\Slips\AppData\Roaming\DAEMON Tools
2008-09-21 11:34:50 ----D---- C:\Users\Slips\AppData\Roaming\Uniblue
2008-09-21 11:01:48 ----D---- C:\ProgramData\Azureus
2008-09-21 11:01:47 ----D---- C:\Users\Slips\AppData\Roaming\Azureus

======List of files/folders modified in the last 1 months======

2008-10-19 20:26:54 ----D---- C:\Windows\System32
2008-10-19 20:26:54 ----D---- C:\Windows\inf
2008-10-19 20:26:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-10-19 20:20:57 ----A---- C:\Windows\ntbtlog.txt
2008-10-19 15:16:24 ----D---- C:\Windows\Prefetch
2008-10-19 14:43:03 ----D---- C:\Windows\system32\drivers
2008-10-19 14:43:02 ----D---- C:\Windows
2008-10-19 14:41:05 ----A---- C:\Windows\system.ini
2008-10-19 14:39:28 ----D---- C:\Windows\system32\config
2008-10-19 14:36:23 ----D---- C:\Windows\AppPatch
2008-10-19 14:36:23 ----D---- C:\Program Files\Common Files
2008-10-19 14:35:13 ----SHD---- C:\System Volume Information
2008-10-19 14:34:42 ----D---- C:\Windows\system32\en-US
2008-10-18 13:46:02 ----RD---- C:\Program Files
2008-10-18 13:46:02 ----HD---- C:\ProgramData
2008-10-17 04:41:40 ----D---- C:\Windows\system32\Tasks
2008-10-17 03:38:30 ----SD---- C:\ProgramData\Microsoft
2008-10-17 03:16:30 ----D---- C:\Windows\system32\catroot2
2008-10-17 01:59:03 ----D---- C:\Program Files\Mozilla Firefox
2008-10-16 15:20:44 ----SHD---- C:\Windows\Installer
2008-10-16 05:18:10 ----D---- C:\Windows\system32\WDI
2008-10-16 02:08:33 ----D---- C:\Windows\Tasks
2008-10-14 19:01:51 ----SD---- C:\Users\Slips\AppData\Roaming\Microsoft
2008-10-14 18:31:42 ----D---- C:\Windows\Microsoft.NET
2008-10-14 18:31:39 ----RSD---- C:\Windows\assembly
2008-10-14 18:27:45 ----D---- C:\Windows\winsxs
2008-10-14 18:17:41 ----D---- C:\Windows\system32\catroot
2008-10-14 18:15:41 ----D---- C:\Windows\ehome
2008-10-14 18:15:41 ----D---- C:\Program Files\Windows Mail
2008-10-14 18:15:40 ----D---- C:\Windows\system32\migration
2008-10-14 18:13:56 ----D---- C:\ProgramData\Microsoft Help
2008-10-14 08:42:33 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-14 08:40:49 ----RSD---- C:\Windows\Fonts
2008-10-14 08:40:47 ----SD---- C:\Windows\Downloaded Program Files
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files\InstallShield
2008-10-14 08:37:37 ----A---- C:\Windows\win.ini
2008-10-11 23:40:26 ----D---- C:\Windows\rescache
2008-10-11 23:16:35 ----D---- C:\Program Files\Common Files\microsoft shared
2008-10-10 01:45:35 ----D---- C:\Windows\system32\LogFiles
2008-10-07 15:19:40 ----A---- C:\Windows\system32\mrt.exe
2008-10-06 04:27:51 ----D---- C:\Windows\Minidump
2008-09-29 12:30:55 ----D---- C:\ProgramData\NVIDIA
2008-09-29 03:01:30 ----D---- C:\Windows\LiveKernelReports
2008-09-21 13:00:40 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2008-09-03 8944]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2008-09-03 55024]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 BT848;AVerMedia AVerTV WDM Video Capture (878); C:\Windows\system32\drivers\Bt848.sys [2004-07-06 163840]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-19 220672]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 ab1ejg7a;ab1ejg7a; C:\Windows\system32\drivers\ab1ejg7a.sys []
S3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-14 79360]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit; D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-10 66872]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-05 33800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-10-16 355584]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

 

Hi
OK great.

Now the scan.

Download ATF Cleaner by Atribune and save it to your Desktop.
This is a good tool to get rid of the temporary garbage you pick up while surfing the net.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Java Cache
Recycle bin

The rest are optional - if you want it to remove everything check "Select All ".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.


Please do an online scan with Kaspersky WebScanner

Click on "Accept" If your pop "“up blocker blocks any windows from opening.

Click Run on the window that opens.
Windows Vista users you must open the web browser using the Run as Administrator command.

• The program will launch and then begin downloading the latest definition files:
• Under Scan on the left side.Click on My Computer
• This will start the program and scan your system.
• Click the "Scan Report" On the left side.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Click the Save Report As button, and in the Browse dialog box, type a name for the scan report file that you want to create and select its type Text file. Click OK to save the file.:
• Save the text file to your desktop.
• Copy and paste that information in your next post.

Please post the Kaspersky results.

Thanks
Geri