SVC: Stereo Service Rootkit: hidden service

Hello,

I was updating windows. It seems to have finished fine, sometime during that process avast has found the exact file name and rootkit as in the subject:

File name: SVC: Stereo Service
Rootkit name: hidden service

Furthermore, when I mouse over it, it says SVC: Stereo Service > C:\Program Files

I haven’t tried to remove it, as I don’t know if it’s necessary or even a real concern or something to do with the windows update. Any feedback or direction is greatly appreciated.

I have no idea what is needed. It’s my first time coming to any anti-virus forum so please feel free to direct as necessary.

Thanks much.

follow guide and attach logs…not copy and paste. http://forum.avast.com/index.php?topic=53253.0

AdwCleaner
Malwarebytes
OTL
aswMBR

then help will arrive later today…be patient

Thanks much. Should I go ahead and hit Ignore for now on the avast Rootkit Found window? Also, if so do I need to go ahead and reboot for the window’s update to take effect?

Okay. Here’s the adwcleaner log file.

Malwarebytes log.

Here is the OTL extra. The OTL itself is too large at 210kb. I’ll have to redo it and click none under the proper option that was set to safelist before I realized it.

It would seem that the file was the same size with the change. I think it’s because it has Windows.old info from a crash and a reinstall. It was able to save the old information and files and I never got around to clean them. I’ll do the last operation now and see what turns up.

Here is the aswmbr log.

you can upload OTL to somenfile share like mediafire and post download link here
or split in two and use two posts

Here’s the first part of the OTL log.

OTL second half.

Edit: I just finished doing an MBAM full system scan and it found a heuristics.reserved.word.exploit. No clue what that actually is. Having looked it up, I wonder if it isn’t related to the SVC problem as it is services.exe.mui file. If it helps any, I have the log, but the file address is C:\Users\Raiden Omega\AppData\Local\Temp\services.exe.mui.

Hello,

Avast also gave me the exact same notification after I updated my NVidia GeForce 8600 GT to the latest update v. 314.22
Is that a false positive ?