help with possible security issue.

i am using avast and spybot on the laptop which is a gateway mt6451. running vista home. i had some virus issue. but lately i was asking to validate my window copy..
i ran atf. then Malwarebytes' Anti-Malware then combo fix.
malware loglooking for it
Malwarebytes' Anti-Malware 1.24
Database version: 1038
Windows 6.0.6000

3:38:43 PM 8/10/2008
mbam-log-8-10-2008 (15-38-43).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 137986
Time elapsed: 59 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\System32\ci.dll (Trojan.BHO) -> Quarantined and deleted successfully.






combo log
ComboFix 08-08-10.01 - Jessy 2008-08-10 15:58:10.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1004 [GMT -4:00]
Running from: C:\Users\Jessy\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\Jessy\AppData\Roaming\macromedia\Flash Player\#SharedObjects\VBMRTB2F\interclick.com
C:\Users\Jessy\AppData\Roaming\macromedia\Flash Player\#SharedObjects\VBMRTB2F\interclick.com\ud.sol
C:\Users\Jessy\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Users\Jessy\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-07-10 to 2008-08-10 )))))))))))))))))))))))))))))))
.

2008-08-10 13:48 . 2008-08-10 13:48 <DIR> d-------- C:\Users\Jessy\AppData\Roaming\Malwarebytes
2008-08-10 13:48 . 2008-08-10 13:48 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-08-10 13:48 . 2008-08-10 13:48 <DIR> d-------- C:\ProgramData\Malwarebytes
2008-08-10 13:48 . 2008-08-10 15:38 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-10 13:48 . 2008-07-30 20:07 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-08-10 13:48 . 2008-07-30 20:07 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-07-31 16:21 . 2008-07-31 16:22 <DIR> d-------- C:\Program Files\iTunes
2008-07-31 16:21 . 2008-07-31 16:21 <DIR> d-------- C:\Program Files\iPod
2008-07-25 21:37 . 2008-07-25 21:37 <DIR> d-------- C:\Windows\Sun
2008-07-24 15:32 . 2008-07-24 15:32 <DIR> d-------- C:\Program Files\Bonjour
2008-07-24 15:31 . 2008-07-24 15:32 <DIR> d-------- C:\Program Files\QuickTime
2008-07-24 15:25 . 2008-07-24 15:26 <DIR> d-------- C:\Program Files\Safari
2008-07-24 07:28 . 2008-07-24 07:28 <DIR> d-------- C:\Users\Jessy\AppData\Roaming\Auslogics
2008-07-24 07:28 . 2008-07-24 07:28 <DIR> d-------- C:\Program Files\Auslogics
2008-07-23 06:51 . 2008-07-23 06:51 <DIR> d-------- C:\Program Files\CCleaner
2008-07-22 21:26 . 2008-08-10 15:54 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-07-22 21:26 . 2008-08-10 15:54 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-07-22 21:26 . 2008-07-22 21:26 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-07-21 21:04 . 2008-07-21 21:04 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-21 21:04 . 2008-07-19 10:36 51,280 --a------ C:\Windows\System32\drivers\aswMonFlt.sys
2008-07-18 00:47 . 2008-06-25 20:33 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-07-18 00:47 . 2008-06-25 20:33 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-07-18 00:45 . 2008-06-25 20:33 11,722,752 --a------ C:\Windows\System32\NlsLexicons0001.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-06 20:39 6,238 ----a-w C:\Users\Jessy\AppData\Roaming\wklnhst.dat
2008-07-24 11:31 --------- d-----w C:\Program Files\BigFix
2008-07-24 11:30 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-24 11:24 --------- d-----w C:\Program Files\Google
2008-07-22 01:02 --------- d-----w C:\ProgramData\Microsoft Help
2008-07-09 07:09 174 --sha-w C:\Program Files\desktop.ini
2008-07-09 07:01 --------- d-----w C:\Program Files\Windows Mail
2008-07-02 16:18 --------- d-----w C:\Users\Jessy\AppData\Roaming\FileZilla
2008-06-26 00:34 7,964,672 ----a-w C:\Windows\System32\NlsLexicons0024.dll
2008-06-26 00:33 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-05-10 03:30 14,848 ----a-w C:\Windows\System32\wshrm.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 16:35 90112]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [2006-12-19 16:18 1429504]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-17 17:58 815104]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-10 00:43 729088]
"NapsterShell"="C:\Program Files\Napster\napster.exe" [2006-09-06 16:12 323216]
"HostManager"="C:\Program Files\Common Files\AOL\1194657096\ee\AOLSoftware.exe" [2007-05-25 13:16 42032]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-26 12:09 185896]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 10:38 78008]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 09:47 116040]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064]

C:\Users\Jessy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-299215726-2030545507-1186659468-1000]
"EnableNotificationsRef"=dword:00000002

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-299215726-2030545507-1186659468-500]
"EnableNotificationsRef"=dword:00000002

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{AA8D6ED4-3CA2-41B3-AD01-98C323FE42F4}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{AC860C06-C484-46B0-BB86-0F58061A895B}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{BE163E75-2DE7-4173-B43B-CFD83A33D3EB}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{F9A0001D-D222-444D-BD5A-68020565FDC8}"= UDP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{82AE3B2E-25AB-4265-8069-DEAABC624047}"= TCP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{30C388AE-DBEC-40E9-AAF4-41F7185137C2}"= UDP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"{9EBABBD8-4883-47A8-A1FD-3FBE61B5FEDD}"= TCP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"{DD228E12-B4E7-4D87-B293-9A46B740EF9C}"= UDP:C:\Program Files\Common Files\aol\1194657096\ee\aolsoftware.exe:AOL Shared Components
"{2E5FC8FA-7EC9-4C62-AD34-97735060C060}"= TCP:C:\Program Files\Common Files\aol\1194657096\ee\aolsoftware.exe:AOL Shared Components
"{BE0D2DBD-5C9C-4314-B6C6-1A8A7949A245}"= UDP:C:\Program Files\AOL 9.1\waol.exe:AOL
"{54B2586A-7920-49FC-BAA7-2F307A7FD206}"= TCP:C:\Program Files\AOL 9.1\waol.exe:AOL
"{779B2357-03F9-4D8D-9B05-45EAFF262A24}"= UDP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{3438ACFA-925B-4EB0-AA19-513E13453BE7}"= TCP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{6F7B60E6-3704-4A4E-A4C7-526840908B5A}"= UDP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{BBC78EDE-439B-4744-BB42-057F1317543D}"= TCP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{185FF1D1-EAB0-49C4-9AA1-6A776DC919C5}"= UDP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{81EBBDB1-EA5D-4971-89CC-9EA11E1B6124}"= TCP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{336C471A-2606-4E83-8821-1ABF1D53AEAC}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{12BDACF0-123E-4EFC-B8D9-C731C8FA554C}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{D8BF2A06-9557-4AA2-9B20-7B56006114E3}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{C84F0733-DB05-4672-8CA1-5A7C453D6F62}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 10:35]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 10:37]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 10:36]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 03:30]

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {9EB1C655-331C-5034-CCF8-436FA4B4A3DA} /qb
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Jessy\AppData\Roaming\Mozilla\Firefox\Profiles\24qpix6x.default\


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-10 16:01:13
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-10 16:02:36
ComboFix-quarantined-files.txt 2008-08-10 20:02:25

Pre-Run: 103,039,148,032 bytes free
Post-Run: 103,011,848,192 bytes free

135 --- E O F --- 2008-08-07 19:29:46


going to run a hijack log next

 

Hi again, born2ride.

Post your HijackThis Log also....

 

2OG
hello again..
HiJack log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:34, on 2008-08-10
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Common Files\aol\1194657096\ee\aolsoftware.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6451
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6451
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6451
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1194657096\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 7442 bytes

 

You are CLEAN - no problems that I can see...

 

2OG
thanks for looking.
off to seach for some answers.