unwanted ads are playing on my speakers, and i hate it

for the past couple of days, ive had a bug cause a problem on my system its making ads come in on my speakers, sometimes they are repeating and at least one time it was several at once, playing concurrently(eek! big words i hate those), ive tried running the latest adaware, let it run for hours and hours, told it to kill the infections it found and it still happens, ive already run defogger even though i dont think i have any emulation software(i dont know what that would be but if its listed here http://www.bleepingcomputer.com/forums/topic34773.html its gotta be helpful), ive run dds which ill paste the results of below, and i would have run gmer, but that page said its for 32 bit and i am currently using a winblows 7 64 bit operating system, ive attached the attach.txt file as the page instructed

dds.txt:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by adamlogan06092012 at 22:57:31 on 2012-07-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3579.1634 [GMT -5:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
E:\ThunderbirdPortable\ThunderbirdPortable.exe
E:\ThunderbirdPortable\App\thunderbird\thunderbird.exe
-netsvcs
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://aol.com/
uDefault_Page_URL = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mWinlogon: Userinit=userinit.exe,
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Yahoo! Pager] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe -update activex
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
LSP: mswsock.dll
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.254.254
TCP: Interfaces\{5BF06F2B-2EE1-4FD2-B36B-B636EA8571EB} : DhcpNameServer = 192.168.254.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun-x64: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 SbFw;SbFw;C:\Windows\system32\drivers\SbFw.sys --> C:\Windows\system32\drivers\SbFw.sys [?]
R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-10-26 101112]
R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-5-3 1226096]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-5-29 36456]
R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\system32\DRIVERS\SBFWIM.sys --> C:\Windows\system32\DRIVERS\SBFWIM.sys [?]
R3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-4-2 173424]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;C:\Windows\system32\DRIVERS\sbfwim.sys --> C:\Windows\system32\DRIVERS\sbfwim.sys [?]
S3 sbwtis;sbwtis;C:\Windows\system32\DRIVERS\sbwtis.sys --> C:\Windows\system32\DRIVERS\sbwtis.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
.
=============== Created Last 30 ================
.
2012-07-07 02:59:55 -------- d-----w- C:\Users\adamlogan06092012\AppData\Roaming\GetRightToGo
2012-07-06 09:27:56 -------- d-----w- C:\Users\adamlogan06092012\AppData\Local\adaware
2012-07-06 09:27:54 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2012-07-06 09:27:30 60536 ----a-w- C:\Windows\System32\drivers\sbhips.sys
2012-07-06 09:27:23 256632 ----a-w- C:\Windows\System32\drivers\SbFw.sys
2012-07-06 09:27:23 119416 ----a-w- C:\Windows\System32\drivers\SbFwIm.sys
2012-07-06 09:27:20 57976 ----a-w- C:\Windows\System32\drivers\sbredrv.sys
2012-07-06 09:27:20 45936 ----a-w- C:\Windows\System32\sbbd.exe
2012-07-06 09:27:08 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
2012-07-06 09:22:33 -------- d-----w- C:\Users\adamlogan06092012\AppData\Roaming\Ad-Aware Antivirus
2012-07-06 03:50:21 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-06 03:50:21 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-05 13:33:00 -------- d-----w- C:\Program Files (x86)\ESET
2012-07-05 12:04:40 -------- d-----w- C:\Program Files\Unlocker
2012-07-05 11:28:25 16200 ----a-w- C:\Windows\stinger.sys
2012-07-05 11:27:51 -------- d-----w- C:\Program Files (x86)\stinger
2012-07-05 10:42:45 -------- d-----w- C:\Users\adamlogan06092012\AppData\Local\ElevatedDiagnostics
2012-07-05 07:59:20 -------- d-----w- C:\Program Files (x86)\Unlocker
2012-07-05 07:48:08 388096 ----a-r- C:\Users\adamlogan06092012\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-07-05 07:48:08 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-07-05 07:36:13 -------- d-----w- C:\Users\adamlogan06092012\AppData\Roaming\Diubq
2012-07-05 07:11:04 20480 ----a-w- C:\Windows\svchost.exe
2012-07-05 04:01:05 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-07-03 23:04:58 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E0356C53-A949-452A-8C15-162F113F2D92}\mpengine.dll
2012-06-29 03:07:22 -------- d-----w- C:\Users\adamlogan06092012\AppData\Local\Ilivid Player
2012-06-29 03:06:48 -------- d-----w- C:\Program Files (x86)\iLivid
2012-06-24 01:44:12 -------- d-----w- C:\Users\adamlogan06092012\AppData\Local\Adobe
2012-06-22 02:07:06 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-22 02:06:54 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-22 02:06:45 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-22 02:06:45 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-14 09:58:46 -------- d-----w- C:\Program Files (x86)\Microsoft Application Compatibility Toolkit
2012-06-14 09:11:00 -------- d-----w- C:\Users\adamlogan06092012\AppData\Local\WinZip
2012-06-13 02:06:46 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-13 02:06:45 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-13 02:06:45 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-13 02:06:45 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-13 02:06:45 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-13 02:06:45 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-13 01:54:04 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-06-13 01:54:04 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-06-13 01:34:56 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-13 01:34:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-13 01:34:56 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-13 01:34:09 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-06-13 01:34:05 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-13 01:34:04 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-09 13:19:05 -------- d-----w- C:\Users\adamlogan06092012\AppData\Roaming\ParetoLogic
2012-06-09 13:19:05 -------- d-----w- C:\Users\adamlogan06092012\AppData\Roaming\DriverCure
2012-06-09 13:19:01 -------- d-----w- C:\ProgramData\ParetoLogic
2012-06-09 11:35:14 -------- d-----w- C:\Users\adamlogan06092012\AppData\Roaming\Malwarebytes
2012-06-09 11:34:59 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-09 11:34:58 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-09 11:34:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-09 08:51:10 -------- d-----w- C:\Users\adamlogan06092012\AppData\Local\Microsoft Games
2012-06-09 08:31:27 -------- d-----w- C:\Users\adamlogan06092012\AppData\Local\EgisTec IPS
2012-06-09 08:31:01 -------- d-----w- C:\Users\adamlogan06092012\AppData\Local\VirtualStore
.
==================== Find3M ====================
.
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-04-22 00:55:48 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-04-17 14:12:05 0 ----a-w- C:\Windows\ativpsrm.bin
.
============= FINISH: 23:02:53.70 ===============

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

• Please do not run any tools unless instructed to do so.
  
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
• Please do not attach logs or use code boxes, just copy and paste the text.
  
  • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
• Please read every post completely before doing anything.
  
  • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
• Please provide feedback about your experience as we go.
  
  • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

• Download Security Check by screen317 from here.
• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

• In your next post I need the following
  
• Log from Combofix
• let me know of any problems you may have had
  
• How is the computer doing now?

Gringo

i tried to turn off the firewall but for some reason it wouldnt let me, when i click the thing that says turn firewall on or off(the windows firewall, only one i have because i was told that for once windows made a good firewall for this OS), below is an image of what i see
http://img.photobucket.com/albums/v472/loganadam/firewall.png
below is the text from checkup.txt:
Results of screen317's Security Check version 0.99.42
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Malwarebytes Anti-Malware version 1.61.0.1400
Java™ 6 Update 31
Java version out of Date!
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Ad-Aware Antivirus AdAwareService.exe
Ad-Aware Antivirus SBAMSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 7%
````````````````````End of Log``````````````````````

when i tried to run combofix, it got about halfway into the setup and then the pc went to one of those blue screens of death with all that text on it where it says "collecting information for crash dump" or something

Hello

download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

• Insert the installation disc.
• Restart your computer.
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
• Click Repair your computer.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
Gringo[/b]

i tried to follow your instructions but it seems acer was able to make some changes to how windows 7 is on systems they make, when i did the f8 thing i didnt have that feature you mentioned and the only one i could see close to it was directory services restore mode im currently on my old and unstable dell xp machine because my acer, the one we are working on is pretty much bricked it wont get past a certain screen i might have to edit this to get all my infor in because the xp machine has bad caps in it and might crash any time
acer must have made changes to that screen where the f8 feature would be because all it had for me was directory services restore mode, and then it made me get my recovery dvd's out because acer never gave me a cd with the operating system, and after it gets done with all 3 revery dvd's that had worked before when i have to redo the os for a different issue, on this time it freezes on the screen that says "setup is starting services" and its been like that for hours with no change, i cant hardboot because this it gest stuck in a loop of saying it has to restart the machine and when it gets up to that point it never gets anywhere, just loops and loops, please tell me you have a trick for this to get past this issue, something i can transfer to the pc on a cdr taht i can use to push it past or something, it would make my day

Greetings


let me understand where you are at.


You could not follow my instructions so you started to reload the OS and now it is stuck in a boot loop?



Gringo

i might have made you a little ticked at me, i dont mean to, i apologize, please allow me to explain:

its not that i couldnt understand your instructions, i guess i just communicate poorly in my last post, the problem was that there seems to be differences in how acer must have configured things, because when i tried to follow the instructions. i never had the installation disk, acer never sent it because of some media reduction bs, just the recovery dvd's that the pc had me make, i guess i made the mistake of thinking those would count.

it had a recovery option that would let me retain my data it wouldnt affect malware, and the part of selecting the language did match up, so i thought i was on the repair path*punches self repeatedly-no sarcasm in that, if i could id kick my own backside left and right*.
i guess i just messed up, is there any way we can get back on track? it gets on this screen that says "setup is starting services, but it never moves from there, its been hours, and when i had tried to turn it off and back on, it gets to that point and says it needs to reboot and it continues this cycle until i catch it with f12 and tell it to go back to the dvd and repeat what i thought was the recovery which leads back to being stuck on that screen for hours and hours, i never intended to try to reload the os but i must have made some kind of mistake

you seem to have moved on to another issue, well i i managed to get this acer piece of crap straightened out(might be helpful to have it posted on the site somethere that recovery discs are not able to function as the installation cd, i wish i had known that, might not have got stuck in a boot loop, fortunately i have a friend who is dang good at pc stuff and there isnt much he cant get past on things like that), well i thank you for your efforts to help me before you moved on, you might pass that suggestion of what i said about recovery and oem discs to the site admin to avoid confusion for others in the future, and before i forget, it seems ive run across a site that i think is telling others to use combofix and not having someone to help them, ive done that before (a couple years ago i think) and it messed my system up(an earlier system, xp operating system), id hate for someone to risk causing their system to foul up, is there a way to mention this to the creator of combofix?

greetings


actually I had not moved on - I have been in contact with one of our windows tech about your issue just have not been able to get something concrete to work with you yet.

What was your friend able to do to get you back up and running and how is the computer doing at this time? did you end up having to do a full install?

I would like to know the web site you mentioned about telling their readers to use combofix without help as we are always trying to get that practice stopped.

I am sorry I was not able to get back to fast enough - but I am glad that you are up and running again and that you came by to let me know.



Gringo

with the "setup is starting services" screen, he told me to hit shift f10 and that brought up a command prompt, i didnt know that was even possible at that point, had me surprised and made my day(i was having passing thoughts of taking my .410 shotgun and giving it a permanent fix tommy jordan style) then he had me type regedit, and i went to the following path: HKEY_LOCAL_MACHINE/SYSTEM/SETUP/STATUS/ChildCompletion and in that childcompletion i doubleclicked the setup.exe file, and changed the value from 1 to 3, i exited out of the editor and command prompt, he said there should be a dialog box there but there wasnt, it just sat there as usual so he said power down and back on, and then he ended up making my day a second time because it moved forward in its progress, all the way to where it had the acer screen that wouldnt go down for anything(it had a desktop behind it, kinda i just couldnt access it) it had "isntalling cleanup" with the progress indicator of 28/29, and it wouldnt move past that,,,,,i think i have a snapshot in my cell phone *checks phone* yeah i do, id be happy to upload it if want to see, he told me then to reboot and at the part of it saying "setup is starting services" do the shift f10 again and this time type "msconfig" i didnt know i could access it there but i could, and here is where i had to fiddle with it:

i went to hte startup tab and unchecked "alaunchx", i think that was what the entry was, and exited out and let it reboot, well that didnt work, so i did it again and this time i saw it had made another entry of alaunchx and it was checked so i unchecked it, and took a peek in the services tab, i unchecked anything that had acer as its maker, including gregservice and exited and let it reboot, then it rolled along, it wasnt perfect but it was enough that i could access my files, it moved them, by making the profiles into folders so i just went in and burned what i wanted to cdr's and my 2 usb drives and the sd card my email is on, then since it was still going through everything like the "starting services" thing, i broke down and did a full restore, i hate doing that, i had to do it one other time because this piece of junk(as all acers are i think) wouldnt hold a stable profile, they got corrupted on an increasing frequency from 3 weeks to lasting only 4 days, only to have it still happen afterwards only they lasted longer(by corrupting profiles it got to where the histories folder of ie9 wouldnt record anything anymore, id have to change to a new profile to see histories getting recorded, and the "tech support" at acer was as useless as mammaries on a boar hog, they couldnt be bothered to do anything, including reading a message, and i intend to give it to them with both barrels- figuratively speaking of course, in a very angry email, makes me wish my dell didnt have bad caps because then i would never have had an acer.

i think the site was tomshardware, i saw it on the dell one before it crashed the last time(capacitor plague, got 3 bad ones and i think i can fix it if i can find the right replacement caps, i saw how to solder on youtube, id rather have someone who is better with an iron but no place here will replace components), ill look tonight and come back with a url, where (and i could have seen it wrong but i think i saw it right)it looked like someone was saying to use combofix for that audio adware problem that brought me here this time(im surprised how common that problem seems), the person was saying to use it like it was a tool like housecall or something, and i know from personal experience that it can be dangerous to a system if not done with help(first time i used it, i didnt have a helper from here but did have my buddy helping me, and he is one of the few people that managed to earn my trust, and that is nearly impossible, and it turned out ok, the second time is when my dell ended up needing its os fixed with a nondestructive reinstall, one of those things where all the data was kept)

my buddy(the guy who owns castlegrayskull.org) has yet to meet a pc issue he cant find some kind of workaround for, ive been considering advising him that he should come here and help out others as you helped me in the past(i came here for a popunder thing back in either 09 or very early 2010, i was ready to put a foot through the pc but you helped me kill the rootkit hiding in the atapi.sys file)how would he get listed as a helper here, if he would consider helping others on this forum?

i looked on the dell for the link in the histories for the site that told someone to use combofix without having a helper, i think it was tomshardware, but i cant remember, and one of the many crashes the machine had seems to have prevented that site from being stored in the histories, if i run across it later(eventually i likely will) ill post it.

OK no problem - I will have a responce to your post tonight or tomarrow and thank you for taking the time to explain what you did



gringo

OK no problem - I will have a responce to your post tonight or tomarrow and thank you for taking the time to explain what you did



gringo

my pleasure, if it helps someone with a similar problem, let me know, i like helping when i can, too bad most of my knowledge is in martial arts and woodwork instead of pc's anymore:)

Greetings

Sorry for taking so long to come back to this - wife is on vacation and does not want to be at home so when I am at home I am trying to play catchup

That is strange that we could not get into the recovery environment as I have been doing 100's lately.

I am glad your friend was able to get you going again and he does sound like he knows his stuff

as a windows tech or a hardware tech all he has to do is to start helping people in any of the forums except the malware forum (this ones needs special training) and if gives good advice he may be asked to become an adviser

Gringo

wife on vacation eh? nuthin wrong with that, a little relaxation is always a good thing, and if keeps the wife happy that is even better, makes me think of the line "if momma(or in this case, the wife) aint happy aint nobody happy"


it may have been an issue with acer, i think its because they dont give the oem cd's anymore, if acer ever did, at least dell did have an oem cd and i could shame them into giving it, but acer is crap, ill never buy an acer again, they cant even be made to give any kind of support, and it was only after i literally ripped them a new one in an email that they offered to send me recovery dvd's for free, but FAILING to see where i had said already that i have recovery dvd's, they just act like i never made them even when i did. when they programmed the recovery things, i think some programmer must not have been drinkin their coffee when they came to the part where it sets the registry settings, i dont understand why they want to fool with such a boneheaded concept as recovery in the first place when the oem cd's could have and would have been better, i miss oem's being given with the systems.


i plan to chew them out again, hehe i think ill paste what i said to them and then their reply, let everyone reading get a laugh at how bad they are at their job: have a laugh:

what they said that got me to give it to them with both barrels:
"Dear Adam Logan,

Thank you for contacting Acer America. I apologize for the inconvenience that you have experienced. The recovery cds are offered within the first 90 days of purchase. Since your system is outside the 90 day period we are unable to send you recovery cds free of charge. We can bring the system is for service and have the system serviced but, we are unable to provide free recovery disc. Would you like to setup a repair?

Respectfully,
Acer America
Online Technical Support "

what i said to them:
"no! i would NOT like to schedual a repair because if i did you would send it back even more crappy than it was before, and the blasted thing was MADE defective from the start! in fact the only accomplishment your company can really claim is that if there is any way to make something worse, you as a company would find a way, whether its a botched operating system that makes a user have to make their own recovery discs because you are to d*** cheap to give the blasted install cd, or making the recovery discs so glitchy that an average person cant use them when they screw up, and i really wanted to use the "f" word there, but im holding back, and its taking everything i have not to really cuss you out, you as in the company.


and for your information, i was able to get around the problem myself, my buddy who has some IT training, clearly more than any moron you have in your facilites put together, managed to get it working by saying to go into the registry editor, even telling me how through a means i didnt know was possible or existed, and telling to change 1 value of a file, and to go into msconfig to deal with a later problem of it not moving past 28 of 29 steps in the acer screen where it claims to be installing cleanup, which it never followed through with without his considerably more knowledgeable help, and it was enough that i could get all my data off which i was otherwise going to end up losing, because your company is so d*** incompetent that you cant even give simple tech support or even a suggestion, hell DELL gave me suggestions after my warranty expired, so as much as i have issues with their work, they are LEAPS AND BOUNDS above you in customer service, where as all ive gotten from you is nothing but DISSERVICE! ive dealt with one other really crappy computer manufacturer, it was CTX, and heard of one other that was equally as crappy, emachines, you are no better than either of them, oh wait, i saw on your site that you took over emachines so no wonder your systems are so mucked up!



i would really love for your executives to read this message, in its entirety, if that is too much trouble for you, which i sarcastically say it must be because you obviously couldnt have just said what would have gotten this piece of junk in a working state again, if its too much trouble for you, id be more than extremely happy to give them this message myself, just give me contact information for them, if you can manage that, an email address would do nicely. id love to tell them how boneheaded it is to try to sell copies of discs ive made myself, and ive mentioned as much in the past that i DID ALREADY MAKE THEM, thats like selling water to a drowning man! its like you make them faulty from the start so you can sell "repairs"! i really really REALLY miss tech support being back here in the united states, instead of overseas, because then i likely would have gotten some REAL help, instead of having to rely on a friend to do YOUR job! and by the way, the information on accessing the registry that helped me, he got off reading how another person fixed their computer, ANOTHER ACER!

and for the record, the only response i want from anyone there is the contact information of your executives to tell them about my experience with this piece of s***! "


what they said back:
"Dear Adam Logan,

After doing more research on this issue we will send you the recover cds free of charge for customer satisfaction. I will need the following information so I can register the system. Please note that the address and phone must be US or Canadian only.
Contact Name, First and Last
Address (street, city, zip/postal code) No PO Boxes
Phone Number
E-mail Address
Date of Purchase

Respectfully,
Acer America
Online Technical Support "