Hi MeDIeVaL,
Fix using HJT:
O4 - HKUS\S-1-5-19\..\RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User 'LOCAL SERVICE')
Unknown application could be a leftover of a Nlite installation...
O4 - HKUS\S-1-5-19\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'Default user')
Nasty (2.77 / 5.00)
Survey of active tasks:
smss.exe
System task
Session Manager Subsystem
winlogon.exe
System task
Microsoft Windows Logon Process
services.exe
System task
Windows Service Controller
lsass.exe
System task
Local Security Authority Service
svchost.exe
System task
Microsoft Service Host Process
svchost.exe
System task
Microsoft Service Host Process
aswUpdSv.exe
Virusscan
Avast Anti-Virus Component
ashServ.exe
Virusscan
Avast
Explorer.EXE
System task
Microsoft Windows Explorer
volume.exe check against virustotal.com
malicious task
http://www.bleepingcomputer.com/startups/volume.exe-10362.htmladded by Win32.RBOT
ashDisp.exe
Virusscan
Avast AntiVirus
MobileConnect.exe
Background task
MobileConnect.exe
lcacc.exe check against virustotal.com
malicious task
http://www.threatexpert.com/report.aspx?md5=c67ffb8af96518dcea19c643116fc8ebtypically added by W32.Bifrose.DN
ctfmon.exe
System task
Alternative User Input Services
VistaDrv.exe
Driver
VistaDrv.exe
spoolsv.exe
System task
Microsoft Printer Spooler Service
emo.exe Version nummer
MD5 Hash van emo.exe
Risk
0.0.0.0
0802023F66C216B4571FD314ABAB0DB6
Virus
AGOBOT-AGE WORM!
VMCService.exe
Backgroud task
Vodafone Mobile Connect
ashMaiSv.exe
Virusscan
Avast Anti-Virus Component
ashWebSv.exe
Virusscan
avast! Web Scanner
firefox.exe
Application
Mozilla Firefox
HijackThis.exe
Application
Hijackthis
polonus