I’ve sent the zip files to the email id u provided in the pm.
Give this a whirl and let me know how it goes
AVZ FIX
[*] Double click on AVZ.exe
[*] Click File > Custom scripts
[*] Copy & paste the contents of the following codebox in the box in the program (start with begin and end with end )
begin
SetServiceStart('RemoteRegistry', 4);
SetAVZGuardStatus(True);
SearchRootkit(true, true);
DeleteFile('rocServer32.exe');
DeleteFile('C:\Documents and Settings\D B Joshi\Local Settings\Temporary Internet Files\Content.IE5\C1I3G5YB\aa23[1].exe');
DeleteFile('C:\Documents and Settings\D B Joshi\Local Settings\Temporary Internet Files\Content.IE5\C1I3G5YB\aa13[1].exe');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
[*] Note: When you run the script, your PC will be restarted
[*] Click Run
[*] Restart your PC if it doesn't do it automatically.
ON COMPLETION
[*] Start AVZ.
[] Choose from the menu “File” => “Standard scripts " and mark the “Advanced System Investigation” check box.
[] Click on the “Execute selected scripts”.
[*] A system check will be automatically performed, and the created logfile (avz_sysinfo.htm) will be saved in the LOG folder in the AVZ directory as virusinfo_syscheck.zip.
Mail the zip file to your next post
@essexboy
Have again sent the new zip file to ur email id.
C:\WINDOWS\system32\drivers\comint32.sysThis file was not exhibiting rootkit tendancies however, it was running two disparate services
AVZ FIX
[*] Double click on AVZ.exe
[*] Click File > Custom scripts
[*] Copy & paste the contents of the following codebox in the box in the program (start with begin and end with end )
begin
SetAVZGuardStatus(True);
SearchRootkit(true, true);
DeleteService('comint32');
StopService('comint32');
DeleteService('AsyncMac');
StopService('AsyncMac');
DeleteFile('C:\WINDOWS\system32\DRIVERS\comint32.sys');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
[*] Note: When you run the script, your PC will be restarted
[*] Click Run
[*] Restart your PC if it doesn't do it automatically.
ON COMPLETION
[*] Start AVZ.
[] Choose from the menu “File” => “Standard scripts " and mark the “Advanced System Investigation” check box.
[] Click on the “Execute selected scripts”.
[*] A system check will be automatically performed, and the created logfile (avz_sysinfo.htm) will be saved in the LOG folder in the AVZ directory as virusinfo_syscheck.zip.
Attach the zip file to your next post
How is your system running now ?
Executed the scripts u suggested and sent the log file to ur email.
Thank u.
That looked OK how is your computer now ?
My comp is perfectly fine now.
Thank u all for all the help.
Now the best part of the day ----- Your log now appears clean 
You may now delete all the programmes we had you download
Now to get you off to a good start we will re-set your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your your restore point but this is my method:
- Select Start > All Programs > Accessories > System tools > System Restore.
- On the dialogue box that appears select Create a Restore Point
- Click NEXT
- Enter a name e.g. Clean
- Click CREATE
You now have a clean restore point, to get rid of the bad ones:
- Select Start > All Programs > Accessories > System tools > Disk Cleanup.
- In the Drop down box that appears select your main drive e.g. C
- Click OK
- The System will do some calculation and the display a dialogue box with TABS
- Select the More Options Tab.
- At the bottom will be a system restore box with a CLEANUP button click this
- Accept the Warning and select OK again, the program will close and you are done
Now that you are clean, to help protect your computer in the future I recommend that you get the following free program:
[*]SpywareBlaster to help prevent spyware from installing in the first place.
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
To keep your operating system up to date visit
[*]Microsoft Windows Update
To learn more about how to protect yourself while on the internet read this article by Tony Klien: So how did I get infected in the first place?
Keep safe 