Solved Security Tool Removal Not Working

[Resolved] Security Tool Removal Not Working

Hello,

I have recently been infected with the virus that shows up like an antivirus software called security tool. I have tried to get rid of it, and it just comes back. I first ran combofix, then malwarebytes. This worked for a day then it all came back. So i tried again and it did the same thing. Now I am not able to run malwarebytes. I just ran combo fix to buy sometime to ask you guys for some help. I would greatly appreciate it. I have included the combofix log from the last time I ran it and the dds and attach logs you request for new posts. Thanks again.

ComboFix 09-10-12.02 - Me 10/12/2009 22:25.3.2 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.734 [GMT -4:00]
Running from: c:\documents and settings\Me\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\76395737
c:\documents and settings\All Users\Application Data\76395737\76395737.exe
c:\documents and settings\Me\Desktop\Security Tool.lnk
c:\documents and settings\Me\Start Menu\Programs\Security Tool.lnk
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\system32\lebenesa.dll
c:\windows\system32\nuzeriko.dll
c:\windows\system32\sogidona.dll

.
((((((((((((((((((((((((( Files Created from 2009-09-13 to 2009-10-13 )))))))))))))))))))))))))))))))
.

2009-10-13 01:08 . 2009-10-13 02:19 -------- d-----w- c:\windows\BDOSCAN8
2009-10-11 21:14 . 2009-09-10 18:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-11 21:14 . 2009-10-12 00:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-11 21:14 . 2009-09-10 18:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-11 21:05 . 2009-10-11 21:05 -------- d-----w- c:\documents and settings\Me\Application Data\Malwarebytes
2009-10-11 20:59 . 2009-10-11 20:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-11 20:44 . 2009-10-11 22:56 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-30 03:36 . 2009-09-30 03:36 -------- d-----w- c:\documents and settings\Me\Application Data\EDrawings
2009-09-30 03:30 . 2009-09-30 03:30 -------- d-----w- c:\documents and settings\Me\Local Settings\Application Data\DassaultSystemes
2009-09-30 03:30 . 2009-09-30 03:30 -------- d-----w- c:\documents and settings\Me\Application Data\DassaultSystemes
2009-09-30 03:30 . 2009-09-30 03:30 -------- d-----w- c:\documents and settings\All Users\Application Data\DassaultSystemes
2009-09-30 03:29 . 2009-09-30 03:29 -------- d-----w- c:\program files\Common Files\eDrawings2009
2009-09-28 04:46 . 2001-08-18 02:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-09-28 04:46 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-09-28 04:46 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2009-09-28 04:46 . 2008-04-14 00:12 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-09-28 02:16 . 2009-09-28 02:17 -------- d-----w- c:\program files\Pyware 3D Performer's Practice Tools
2009-09-28 02:16 . 2009-09-28 02:16 -------- d--h--w- c:\program files\Zero G Registry
2009-09-28 02:15 . 2009-09-28 02:15 -------- d--h--w- c:\documents and settings\Me\InstallAnywhere
2009-09-17 01:04 . 2008-04-13 18:45 26368 ----a-w- c:\windows\system32\dllcache\usbstor.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-13 02:31 . 2009-08-25 15:27 -------- d-----w- c:\documents and settings\Me\Application Data\IM
2009-10-08 14:55 . 2009-08-28 16:41 -------- d-----w- c:\program files\Dl_cats
2009-10-01 18:24 . 2009-08-25 15:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-01 14:31 . 2009-08-20 21:46 -------- d-----w- c:\documents and settings\Me\Application Data\Apple Computer
2009-09-30 22:11 . 2009-08-29 00:07 -------- d-----w- c:\documents and settings\Me\Application Data\LimeWire
2009-09-18 04:06 . 2009-08-23 19:09 -------- d-----w- c:\documents and settings\Me\Application Data\AdobeUM
2009-09-07 21:06 . 2009-08-23 19:06 4184 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-09-07 21:06 . 2009-08-23 19:06 88 --sh--r- c:\windows\system32\AB5937B8DB.sys
2009-09-03 01:46 . 2009-08-20 21:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-08-30 20:46 . 2009-08-30 20:46 -------- d-----w- c:\documents and settings\Me\Application Data\acccore
2009-08-30 20:45 . 2009-08-30 20:43 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL OCP
2009-08-30 20:44 . 2009-08-30 20:42 -------- d-----w- c:\program files\AIM6
2009-08-30 20:44 . 2009-08-30 20:44 -------- d-----w- c:\program files\Common Files\Software Update Utility
2009-08-30 20:44 . 2009-08-30 20:44 -------- d-----w- c:\program files\AIM Toolbar
2009-08-30 20:44 . 2009-08-30 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\AIM Toolbar
2009-08-30 20:44 . 2006-08-22 19:02 -------- d-----w- c:\program files\Viewpoint
2009-08-30 20:43 . 2006-08-22 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-08-30 20:43 . 2009-08-30 20:43 -------- d-----w- c:\documents and settings\All Users\Application Data\acccore
2009-08-30 20:43 . 2006-08-22 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2009-08-30 20:43 . 2006-08-22 19:01 -------- d-----w- c:\program files\Common Files\AOL
2009-08-29 23:19 . 2009-08-20 02:18 108376 ----a-w- c:\documents and settings\Me\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-28 23:58 . 2009-08-28 23:54 -------- d-----w- c:\program files\LimeWire
2009-08-28 23:57 . 2009-08-28 23:58 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-08-28 23:57 . 2006-08-22 18:52 -------- d-----w- c:\program files\Java
2009-08-28 16:41 . 2009-08-28 16:41 -------- d-----w- c:\program files\Dell Color Printer 725
2009-08-27 23:12 . 2009-08-27 23:12 -------- d-----w- c:\program files\Microsoft Works
2009-08-27 23:11 . 2009-08-25 15:39 -------- d-----w- c:\program files\MSBuild
2009-08-27 22:58 . 2009-08-25 19:37 -------- d-----w- c:\documents and settings\Me\Application Data\COREL
2009-08-27 22:58 . 2009-08-25 19:37 56 --sh--r- c:\windows\system32\DBB83759AB.sys
2009-08-25 19:50 . 2009-08-25 19:49 -------- d-----w- c:\documents and settings\Me\Application Data\SolidWorks
2009-08-25 15:57 . 2009-08-25 15:44 -------- d-----w- c:\program files\SolidWorks Corp
2009-08-25 15:49 . 2009-08-25 15:44 -------- d-----w- c:\program files\Common Files\SolidWorks Shared
2009-08-25 15:48 . 2009-08-25 15:44 -------- d-----w- c:\documents and settings\All Users\Application Data\SolidWorks
2009-08-25 15:44 . 2009-08-25 15:44 -------- d-----w- c:\program files\AGEIA Technologies
2009-08-25 15:42 . 2009-08-25 15:42 -------- d-----w- c:\documents and settings\Me\Application Data\Windows Desktop Search
2009-08-25 15:42 . 2009-08-25 15:42 -------- d-----w- c:\program files\Windows Desktop Search
2009-08-25 15:41 . 2009-08-25 15:41 -------- d-----w- c:\program files\MSECache
2009-08-25 15:40 . 2009-08-25 15:40 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-08-25 15:40 . 2009-08-25 15:40 -------- d-----w- c:\program files\Microsoft.NET
2009-08-25 15:35 . 2009-08-25 15:35 -------- d-----w- c:\program files\Reference Assemblies
2009-08-25 15:28 . 2009-08-25 15:28 -------- d-----w- c:\program files\Common Files\SolidWorks Installation Manager
2009-08-23 19:09 . 2009-08-23 19:09 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-23 19:06 . 2009-08-23 19:06 -------- d-----w- c:\documents and settings\Me\Application Data\Corel Photo Album
2009-08-20 21:46 . 2009-08-20 21:45 -------- d-----w- c:\program files\iTunes
2009-08-20 21:46 . 2009-08-20 21:45 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-08-20 21:45 . 2009-08-20 21:45 -------- d-----w- c:\program files\iPod
2009-08-20 21:45 . 2009-08-20 21:45 -------- d-----w- c:\program files\Bonjour
2009-08-20 21:45 . 2009-08-20 21:45 -------- d-----w- c:\program files\QuickTime
2009-08-20 21:45 . 2009-08-20 21:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-08-20 21:44 . 2009-08-20 21:44 -------- d-----w- c:\program files\Apple Software Update
2009-08-20 21:44 . 2009-08-20 21:44 -------- d-----w- c:\program files\Common Files\Apple
2009-08-20 07:00 . 2009-08-20 07:00 -------- d-----w- c:\program files\MSXML 4.0
2009-08-20 06:11 . 2005-08-17 00:54 -------- d-----w- c:\program files\DIGStream
2009-08-20 02:44 . 2009-08-20 02:44 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-20 02:44 . 2009-08-20 02:44 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-08-20 02:44 . 2009-08-20 02:44 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-20 02:44 . 2009-08-20 02:44 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-20 02:43 . 2009-08-20 02:43 -------- d-----w- c:\program files\AVG
2009-08-20 02:43 . 2009-08-20 02:43 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-08-20 02:41 . 2009-08-20 02:41 -------- d-----w- c:\documents and settings\Me\Application Data\AVG8
2009-08-20 02:15 . 2009-08-20 02:13 125 ----a-w- c:\documents and settings\Me\Local Settings\Application Data\fusioncache.dat
2009-08-05 09:01 . 2005-08-16 08:18 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:37 . 2005-08-16 08:18 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2005-08-16 08:18 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-17 19:01 . 2005-08-16 08:18 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-10 23:09 . 2009-07-10 23:09 87552 --sha-w- c:\windows\system32\hukibopa.dll
2009-07-09 15:54 . 2009-07-09 15:54 60416 --sha-w- c:\windows\system32\jafudigu.dll
2009-07-12 11:09 . 2009-07-12 11:09 38400 --sha-w- c:\windows\system32\jowukuyu.dll
2009-07-10 03:54 . 2009-07-10 03:54 88576 --sha-w- c:\windows\system32\jujogiya.dll
2009-07-12 11:09 . 2009-07-12 11:09 1011342 --sha-w- c:\windows\system32\kurufihu.exe
2009-07-13 00:25 . 2009-07-13 00:25 50688 --sha-w- c:\windows\system32\luribepo.dll
2009-07-10 03:54 . 2009-07-10 03:54 172544 --sha-w- c:\windows\system32\namikisa.dll
2009-07-10 03:54 . 2009-07-10 03:54 50688 --sha-w- c:\windows\system32\nibimalo.dll
2009-07-13 00:25 . 2009-07-13 00:25 38400 --sha-w- c:\windows\system32\piralume.dll
2009-07-13 00:26 . 2009-07-13 00:26 50688 --sha-w- c:\windows\system32\zubadira.dll
2009-07-09 15:54 . 2009-07-09 15:54 88576 --sha-w- c:\windows\system32\zuyagobo.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-10-11_22.44.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-13 02:30 . 2009-10-13 02:30 16384 c:\windows\temp\Perflib_Perfdata_190.dat
+ 2009-01-05 19:44 . 2009-01-05 19:44 53248 c:\windows\bdoscandel.exe
+ 2009-10-13 01:09 . 2009-10-13 01:09 86016 c:\windows\BDOSCAN8\librtvr.dll
+ 2009-10-13 01:09 . 2009-10-13 01:09 27136 c:\windows\BDOSCAN8\avxt.dll
+ 2009-10-13 01:09 . 2009-10-13 01:09 10240 c:\windows\BDOSCAN8\avxs.dll
+ 2009-10-13 01:09 . 2009-10-13 01:09 45056 c:\windows\BDOSCAN8\avxdisk.dll
+ 2009-01-05 19:44 . 2009-01-05 19:44 741376 c:\windows\Downloaded Program Files\ipsupd.dll
+ 2009-01-05 19:44 . 2009-10-13 01:09 142848 c:\windows\BDOSCAN8\libfn.dll
+ 2009-01-05 19:44 . 2009-01-05 19:44 741376 c:\windows\BDOSCAN8\ipsupd.dll
+ 2009-01-05 19:44 . 2009-10-13 01:09 107800 c:\windows\BDOSCAN8\bdcore.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2137181c-99bc-4c81-8eff-d2484a764ec2}]
2009-07-13 00:26 50688 --sha-w- c:\windows\system32\zubadira.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport "= "c:\program files\Dell Support\DSAgnt.exe" [2005-05-15 332800]
"MSMSGS "= "c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Aim6 "= "c:\program files\AIM6\aim6.exe" [2009-07-09 49968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray "= "c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"ATIPTA "= "c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]
"DMXLauncher "= "c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"ISUSPM Startup "= "c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler "= "c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"DLA "= "c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"Google Desktop Search "= "c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-08-22 169984]
"AVG8_TRAY "= "c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-05 2023704]
"QuickTime Task "= "c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"SolidWorks_CheckForUpdates "= "c:\program files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe" [2009-01-31 7300392]
"GrooveMonitor "= "c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"DLCFCATS "= "c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll" [2005-09-08 73728]
"SunJavaUpdateSched "= "c:\program files\Java\jre6\bin\jusched.exe" [2009-08-28 136600]
"novuporew "= "c:\windows\system32\lebenesa.dll" [BU]
"SigmatelSysTrayApp "= "stsystra.exe" - c:\windows\stsystra.exe [2006-02-10 282624]
"kepodotiva "= "sogidona.dll" [BU]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-20 02:44 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe "=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe "=
"c:\\Program Files\\America Online 9.0\\waol.exe "=
"c:\\Program Files\\Messenger\\msmsgs.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE "=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE "=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE "=
"c:\\Program Files\\LimeWire\\LimeWire.exe "=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe "=
"c:\\Program Files\\AIM6\\aim6.exe "=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe "=
"c:\\WINDOWS\\system32\\logon.scr "=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/19/2009 10:44 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/19/2009 10:44 PM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [8/19/2009 10:43 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/19/2009 10:43 PM 297752]
R2 Remote Solver for Flow Simulation 2009;Remote Solver for Flow Simulation 2009;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [12/10/2008 4:21 PM 214312]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [8/30/2009 4:44 PM 24652]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [1/31/2009 6:01 AM 83240]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [9/23/2005 7:01 AM 2799808]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll ",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-10-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
uInternet Settings,ProxyOverride = *.local
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
Trusted Zone: musicmatch.com\online
FF - ProfilePath - c:\documents and settings\Me\Application Data\Mozilla\Firefox\Profiles\h486v5f9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://aimzones.aol.com/homepage
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrab&query=
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Malwarebytes Anti-Malware (reboot) - c:\program files\Malwarebytes' Anti-Malware\mbam.exe
HKLM-Run-76395737 - c:\docume~1\ALLUSE~1\APPLIC~1\76395737\76395737.exe
SharedTaskScheduler-{057fa725-144b-4b77-a40e-7c23817ec000} - c:\windows\system32\lebenesa.dll
SSODL-kibapagat-{057fa725-144b-4b77-a40e-7c23817ec000} - c:\windows\system32\lebenesa.dll
AddRemove-Malwarebytes' Anti-Malware_is1 - c:\documents and settings\Me\Desktop\Malwarebytes' Anti-Malware\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-12 22:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCFCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,RunDLLEntry???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker3 "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3112)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\searchindexer.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Google\Google Desktop Search\GoogleDesktopIndex.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\AIM6\aolsoftware.exe
.
**************************************************************************
.
Completion time: 2009-10-13 22:36 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-13 02:36
ComboFix2.txt 2009-10-12 00:02
ComboFix3.txt 2009-10-11 22:50

Pre-Run: 96,624,926,720 bytes free
Post-Run: 95,521,226,752 bytes free

293 --- E O F --- 2009-10-07 07:00



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-13.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 8/19/2009 10:13:19 PM
System Uptime: 10/12/2009 10:29:52 PM (1 hours ago)

Motherboard: Dell Inc. | | 0HJ054
Processor: Intel(R) Pentium(R) D CPU 2.66GHz | Microprocessor | 2660/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 144 GiB total, 88.961 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
F: is FIXED (NTFS) - 233 GiB total, 97.266 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 8/19/2009 10:13:23 PM - System Checkpoint
RP2: 8/19/2009 10:17:41 PM - Software Distribution Service 3.0
RP3: 8/19/2009 10:43:47 PM - Installed AVG Free 8.5
RP4: 8/20/2009 3:00:15 AM - Software Distribution Service 3.0
RP5: 8/20/2009 5:45:49 PM - Installed iTunes
RP6: 8/20/2009 5:49:56 PM - Removed Get High Speed Internet!
RP7: 8/20/2009 5:50:33 PM - Removed Trend Micro PC-cillin Internet Security 12
RP8: 8/20/2009 5:51:22 PM - Removed TMASOEDL
RP9: 8/20/2009 5:51:30 PM - Removed TMASOLDL
RP10: 8/21/2009 3:00:13 AM - Software Distribution Service 3.0
RP11: 8/22/2009 3:00:15 AM - Software Distribution Service 3.0
RP12: 8/22/2009 11:54:46 AM - Software Distribution Service 3.0
RP13: 8/22/2009 11:58:40 AM - Software Distribution Service 3.0
RP14: 8/22/2009 4:59:12 PM - Software Distribution Service 3.0
RP15: 8/22/2009 5:54:45 PM - Software Distribution Service 3.0
RP16: 8/23/2009 10:47:36 AM - Software Distribution Service 3.0
RP17: 8/24/2009 11:44:22 AM - System Checkpoint
RP18: 8/25/2009 9:27:45 AM - Avg8 Update
RP19: 8/25/2009 11:35:00 AM - Installed %1 %2.
RP20: 8/25/2009 11:35:06 AM - Printer Driver Microsoft XPS Document Writer Installed
RP21: 8/25/2009 11:42:02 AM - Installed Windows XP Windows Desktop Search 3.01.
RP22: 8/26/2009 3:00:19 AM - Software Distribution Service 3.0
RP23: 8/26/2009 3:25:27 AM - Printer Driver Microsoft XPS Document Writer Installed
RP24: 8/27/2009 3:00:19 AM - Software Distribution Service 3.0
RP25: 8/27/2009 7:06:22 PM - Installed Microsoft Office Enterprise 2007
RP26: 8/27/2009 7:14:26 PM - Printer Driver Send To Microsoft OneNote Driver Installed
RP27: 8/28/2009 9:37:25 PM - System Checkpoint
RP28: 8/29/2009 9:44:26 PM - System Checkpoint
RP29: 8/30/2009 10:33:59 PM - System Checkpoint
RP30: 8/31/2009 11:25:49 PM - System Checkpoint
RP31: 9/1/2009 10:36:47 PM - Software Distribution Service 3.0
RP32: 9/2/2009 11:04:31 PM - System Checkpoint
RP33: 9/3/2009 11:44:01 PM - System Checkpoint
RP34: 9/4/2009 11:44:12 PM - System Checkpoint
RP35: 9/6/2009 12:44:07 AM - System Checkpoint
RP36: 9/7/2009 1:44:10 AM - System Checkpoint
RP37: 9/8/2009 2:44:11 AM - System Checkpoint
RP38: 9/9/2009 3:00:21 AM - Software Distribution Service 3.0
RP39: 9/10/2009 3:00:18 AM - Software Distribution Service 3.0
RP40: 9/11/2009 3:15:29 AM - System Checkpoint
RP41: 9/12/2009 4:15:23 AM - System Checkpoint
RP42: 9/13/2009 3:00:19 AM - Software Distribution Service 3.0
RP43: 9/14/2009 3:50:09 AM - System Checkpoint
RP44: 9/15/2009 4:50:13 AM - System Checkpoint
RP45: 9/16/2009 5:50:06 AM - System Checkpoint
RP46: 9/17/2009 6:50:10 AM - System Checkpoint
RP47: 9/18/2009 6:54:02 AM - System Checkpoint
RP48: 9/19/2009 7:50:08 AM - System Checkpoint
RP49: 9/20/2009 8:50:05 AM - System Checkpoint
RP50: 9/21/2009 9:50:05 AM - System Checkpoint
RP51: 9/22/2009 10:50:04 AM - System Checkpoint
RP52: 9/23/2009 11:50:07 AM - System Checkpoint
RP53: 9/24/2009 1:04:34 PM - System Checkpoint
RP54: 9/25/2009 1:50:13 PM - System Checkpoint
RP55: 9/26/2009 2:20:03 PM - System Checkpoint
RP56: 9/27/2009 7:06:16 PM - System Checkpoint
RP57: 9/28/2009 7:50:04 PM - System Checkpoint
RP58: 9/29/2009 8:50:06 PM - System Checkpoint
RP59: 9/29/2009 11:28:05 PM - Removed SolidWorks eDrawings 2009.
RP60: 9/29/2009 11:29:24 PM - Installed SolidWorks eDrawings 2009.
RP61: 10/1/2009 12:19:29 AM - System Checkpoint
RP62: 10/1/2009 2:22:52 PM - Configured Microsoft Office Enterprise 2007
RP63: 10/2/2009 3:29:08 PM - System Checkpoint
RP64: 10/3/2009 3:50:03 PM - System Checkpoint
RP65: 10/4/2009 4:50:03 PM - System Checkpoint
RP66: 10/5/2009 9:26:11 AM - Avg8 Update
RP67: 10/5/2009 9:26:56 AM - Avg8 Update
RP68: 10/6/2009 10:57:40 AM - System Checkpoint
RP69: 10/7/2009 3:00:20 AM - Software Distribution Service 3.0
RP70: 10/7/2009 8:22:10 AM - Avg8 Update
RP71: 10/8/2009 8:43:37 AM - System Checkpoint
RP72: 10/9/2009 9:43:35 AM - System Checkpoint
RP73: 10/10/2009 7:57:11 PM - System Checkpoint
RP74: 10/11/2009 8:43:24 PM - Software Distribution Service 3.0

==== Installed Programs ======================

725plc32
Adobe Acrobat - Reader 6.0.2 Update
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 6.0.1
AIM 6
AIM Toolbar
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOLIcon
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
ATI Parental Control
AVG Free 8.5
Banctec Service Agreement
Bonjour
Corel Photo Album 6
Dell CinePlayer
Dell Color Printer 725
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Game Console
Dell Support 3.1
Dell System Restore
Digital Content Portal
Documentation & Support Launcher
Download Updater (AOL LLC)
DWGeditor
EarthLink setup files
EducateU
ELIcon
ESPNMotion
Games, Music, & Photos Launcher
GemMaster Mystic
Google Desktop
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
Internet Service Offers Launcher
iTunes
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 11
Learn2 Player (Uninstall Only)
LimeWire 5.2.13
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2003 Web Components
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Software Update for Web Folders (English) 12
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio 2005 Tools for Applications - ENU
Mozilla Firefox (3.5.3)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB925673)
Musicmatch® Jukebox
NetZeroInstallers
Otto
PhotoView 360
QuickTime
RealPlayer Basic
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Search Assist
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
SolidWorks 2009 SP02.1
SolidWorks eDrawings 2009
SolidWorks Flow Simulation 2009 SP02.1
SolidWorks Motion 2009 SP02.1
SolidWorks Simulation 2009 SP02.1
Sonic Activation Module
Sonic Encoders
Sonic Update Manager
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Assistant
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WebFldrs XP
WildTangent Web Driver
Windows Desktop Search 3.01
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Presentation Foundation
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
WordPerfect Office 12
XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages From Past Week ========

10/11/2009 7:49:41 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the CryptSvc service to connect.
10/11/2009 7:49:41 PM, error: Service Control Manager [7000] - The CryptSvc service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/11/2009 7:48:09 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86 AvgMfx86 Fips intelppm
10/11/2009 6:31:01 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PEVSystemStart service to connect.
10/11/2009 6:30:52 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Cryptographic Services service to connect.
10/11/2009 6:30:52 PM, error: Service Control Manager [7000] - The Cryptographic Services service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/11/2009 5:11:25 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments " " in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
10/11/2009 5:04:48 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments " " in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
10/11/2009 5:04:21 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments " " in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
10/11/2009 5:04:18 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
10/11/2009 5:04:18 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/11/2009 5:04:18 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/11/2009 5:04:18 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/11/2009 5:04:17 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
10/11/2009 5:04:17 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/11/2009 5:04:17 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
10/11/2009 5:04:03 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/11/2009 4:36:02 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the dlcf_device service to connect.
10/11/2009 4:36:02 PM, error: Service Control Manager [7000] - The dlcf_device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/11/2009 4:36:02 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service dlcf_device with arguments " " in order to run the server: {323CE21C-A448-40AA-BA74-7FCF1E441060}

==== End Of File ===========================


DDS (Ver_09-10-13.01) - NTFSx86
Run by Me at 23:51:17.28 on Mon 10/12/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.371 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Me\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: {2137181c-99bc-4c81-8eff-d2484a764ec2} - zubadira.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\mi1933~1\office12\GRA8E1~1.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe "
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [SolidWorks_CheckForUpdates] "c:\program files\common files\solidworks installation manager\scheduler\sldIMScheduler.exe" /scheduler
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe "
mRun: [DLCFCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCFtime.dll,RunDLLEntry
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [novuporew] Rundll32.exe "c:\windows\system32\lebenesa.dll ",a
mRun: [kepodotiva] Rundll32.exe "sogidona.dll ",s
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: &AIM Toolbar Search - c:\documents and settings\all users\application data\aim toolbar\ietoolbar\resources\en-us\local\search.html
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
Trusted Zone: musicmatch.com\online
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\mi1933~1\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
AppInit_DLLs: nuzeriko.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mi1933~1\office12\GRA8E1~1.DLL
LSA: Notification Packages = scecli sogidona.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\me\applic~1\mozilla\firefox\profiles\h486v5f9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://aimzones.aol.com/homepage
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrab&query=
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-8-19 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-8-19 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-8-19 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-8-19 297752]
R2 Remote Solver for Flow Simulation 2009;Remote Solver for Flow Simulation 2009;c:\program files\solidworks corp\solidworks flow simulation\bincfw\StandAloneSlv.exe [2008-12-10 214312]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-8-30 24652]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\solidworks corp\solidworks\swscheduler\DTSCoordinatorService.exe [2009-1-31 83240]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe [2005-9-23 2799808]

=============== Created Last 30 ================

2009-10-11 18:29 236,544 a------- c:\windows\PEV.exe
2009-10-11 18:29 161,792 a------- c:\windows\SWREG.exe
2009-10-11 18:29 98,816 a------- c:\windows\sed.exe
2009-10-11 17:14 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-11 17:14 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-10-11 17:14 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-10-11 17:05 <DIR> --d----- c:\docume~1\me\applic~1\Malwarebytes
2009-10-11 16:59 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-10-04 21:22 3,242 a------- c:\windows\system32\wbem\Outlook_01ca455a424ea4d3.mof
2009-09-29 23:36 <DIR> --d----- c:\docume~1\me\applic~1\EDrawings
2009-09-29 23:30 <DIR> --d----- c:\docume~1\me\applic~1\DassaultSystemes
2009-09-29 23:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DassaultSystemes
2009-09-29 23:29 <DIR> --d----- c:\program files\common files\eDrawings2009
2009-09-28 00:46 5,632 a------- c:\windows\system32\ptpusb.dll
2009-09-28 00:46 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2009-09-28 00:46 15,104 a------- c:\windows\system32\dllcache\usbscan.sys
2009-09-28 00:46 159,232 a------- c:\windows\system32\ptpusd.dll
2009-09-27 22:16 <DIR> --d-h--- c:\program files\Zero G Registry
2009-09-27 22:16 <DIR> --d----- c:\program files\Pyware 3D Performer's Practice Tools
2009-09-27 22:15 <DIR> --d-h--- c:\documents and settings\me\InstallAnywhere
2009-09-16 21:04 26,368 a------- c:\windows\system32\dllcache\usbstor.sys

==================== Find3M ====================

2009-09-07 17:06 4,184 a--sh--- c:\windows\system32\KGyGaAvL.sys
2009-08-28 19:57 410,984 a------- c:\windows\system32\deploytk.dll
2009-08-22 12:18 88,467 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-08-19 22:44 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-08-19 22:44 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-08-19 22:44 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-08-05 05:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll
2009-07-29 00:37 119,808 a------- c:\windows\system32\t2embed.dll
2009-07-29 00:37 81,920 a------- c:\windows\system32\fontsub.dll
2009-07-29 00:37 119,808 -------- c:\windows\system32\dllcache\t2embed.dll
2009-07-29 00:37 81,920 -------- c:\windows\system32\dllcache\fontsub.dll
2009-07-19 18:48 11,067,392 -------- c:\windows\system32\dllcache\ieframe.dll
2009-07-19 09:18 5,937,152 -------- c:\windows\system32\dllcache\mshtml.dll
2009-07-18 12:05 1,509,888 -------- c:\windows\system32\dllcache\shdocvw.dll
2009-07-17 15:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-17 15:01 58,880 -------- c:\windows\system32\dllcache\atl.dll
2009-07-10 19:09 87,552 a--sh--- c:\windows\system32\hukibopa.dll
2009-07-09 11:54 60,416 a--sh--- c:\windows\system32\jafudigu.dll
2009-07-12 07:09 38,400 a--sh--- c:\windows\system32\jowukuyu.dll
2009-07-09 23:54 88,576 a--sh--- c:\windows\system32\jujogiya.dll
2009-07-12 07:09 1,011,342 a--sh--- c:\windows\system32\kurufihu.exe
2009-07-12 20:25 50,688 a--sh--- c:\windows\system32\luribepo.dll
2009-07-09 23:54 172,544 a--sh--- c:\windows\system32\namikisa.dll
2009-07-09 23:54 50,688 a--sh--- c:\windows\system32\nibimalo.dll
2009-07-12 20:25 38,400 a--sh--- c:\windows\system32\piralume.dll
2009-07-12 20:26 50,688 a--sh--- c:\windows\system32\zubadira.dll
2009-07-09 11:54 88,576 a--sh--- c:\windows\system32\zuyagobo.dll

============= FINISH: 23:51:35.04 ===============

 

I am not sure if you can tell this from the log or not, but after my computer rebooted from running combofix, some things that seemed like errors came up in the code box. It said it didn't have a value for certain things and it said certain things were just ignored. It finnished fine so maybe it's not a problem. Just thought I would let you know.
Thanks

ComboFix 09-10-12.03 - Me 10/13/2009 10:05.4.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.516 [GMT -4:00]
Running from: c:\documents and settings\Me\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Me\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"c:\windows\system32\AB5937B8DB.sys "
"c:\windows\system32\DBB83759AB.sys "
"c:\windows\system32\hukibopa.dll "
"c:\windows\system32\jafudigu.dll "
"c:\windows\system32\jowukuyu.dll "
"c:\windows\system32\jujogiya.dll "
"c:\windows\system32\kurufihu.exe "
"c:\windows\system32\lebenesa.dll "
"c:\windows\system32\luribepo.dll "
"c:\windows\system32\namikisa.dll "
"c:\windows\system32\nibimalo.dll "
"c:\windows\system32\piralume.dll "
"c:\windows\system32\zubadira.dll "
"c:\windows\system32\zuyagobo.dll "
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\AB5937B8DB.sys
c:\windows\system32\DBB83759AB.sys
c:\windows\system32\hukibopa.dll
c:\windows\system32\jafudigu.dll
c:\windows\system32\jowukuyu.dll
c:\windows\system32\jujogiya.dll
c:\windows\system32\kurufihu.exe
c:\windows\system32\luribepo.dll
c:\windows\system32\namikisa.dll
c:\windows\system32\nibimalo.dll
c:\windows\system32\piralume.dll
c:\windows\system32\zuyagobo.dll

.
((((((((((((((((((((((((( Files Created from 2009-09-13 to 2009-10-13 )))))))))))))))))))))))))))))))
.

2009-10-13 14:13 . 2009-10-13 14:13 -------- d-----w- c:\windows\LastGood
2009-10-13 01:08 . 2009-10-13 02:19 -------- d-----w- c:\windows\BDOSCAN8
2009-10-11 21:14 . 2009-09-10 18:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-11 21:14 . 2009-10-12 00:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-11 21:14 . 2009-09-10 18:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-11 21:05 . 2009-10-11 21:05 -------- d-----w- c:\documents and settings\Me\Application Data\Malwarebytes
2009-10-11 20:59 . 2009-10-11 20:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-11 20:44 . 2009-10-11 22:56 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-30 03:36 . 2009-09-30 03:36 -------- d-----w- c:\documents and settings\Me\Application Data\EDrawings
2009-09-30 03:30 . 2009-09-30 03:30 -------- d-----w- c:\documents and settings\Me\Local Settings\Application Data\DassaultSystemes
2009-09-30 03:30 . 2009-09-30 03:30 -------- d-----w- c:\documents and settings\Me\Application Data\DassaultSystemes
2009-09-30 03:30 . 2009-09-30 03:30 -------- d-----w- c:\documents and settings\All Users\Application Data\DassaultSystemes
2009-09-30 03:29 . 2009-09-30 03:29 -------- d-----w- c:\program files\Common Files\eDrawings2009
2009-09-28 04:46 . 2001-08-18 02:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-09-28 04:46 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-09-28 04:46 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2009-09-28 04:46 . 2008-04-14 00:12 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-09-28 02:16 . 2009-09-28 02:17 -------- d-----w- c:\program files\Pyware 3D Performer's Practice Tools
2009-09-28 02:16 . 2009-09-28 02:16 -------- d--h--w- c:\program files\Zero G Registry
2009-09-28 02:15 . 2009-09-28 02:15 -------- d--h--w- c:\documents and settings\Me\InstallAnywhere
2009-09-17 01:04 . 2008-04-13 18:45 26368 ----a-w- c:\windows\system32\dllcache\usbstor.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-13 14:14 . 2009-08-25 15:27 -------- d-----w- c:\documents and settings\Me\Application Data\IM
2009-10-13 14:00 . 2009-08-20 02:43 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-10-08 14:55 . 2009-08-28 16:41 -------- d-----w- c:\program files\Dl_cats
2009-10-01 18:24 . 2009-08-25 15:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-01 14:31 . 2009-08-20 21:46 -------- d-----w- c:\documents and settings\Me\Application Data\Apple Computer
2009-09-30 22:11 . 2009-08-29 00:07 -------- d-----w- c:\documents and settings\Me\Application Data\LimeWire
2009-09-18 04:06 . 2009-08-23 19:09 -------- d-----w- c:\documents and settings\Me\Application Data\AdobeUM
2009-09-07 21:06 . 2009-08-23 19:06 4184 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-09-03 01:46 . 2009-08-20 21:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-08-30 20:46 . 2009-08-30 20:46 -------- d-----w- c:\documents and settings\Me\Application Data\acccore
2009-08-30 20:45 . 2009-08-30 20:43 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL OCP
2009-08-30 20:44 . 2009-08-30 20:42 -------- d-----w- c:\program files\AIM6
2009-08-30 20:44 . 2009-08-30 20:44 -------- d-----w- c:\program files\Common Files\Software Update Utility
2009-08-30 20:44 . 2009-08-30 20:44 -------- d-----w- c:\program files\AIM Toolbar
2009-08-30 20:44 . 2009-08-30 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\AIM Toolbar
2009-08-30 20:44 . 2006-08-22 19:02 -------- d-----w- c:\program files\Viewpoint
2009-08-30 20:43 . 2006-08-22 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-08-30 20:43 . 2009-08-30 20:43 -------- d-----w- c:\documents and settings\All Users\Application Data\acccore
2009-08-30 20:43 . 2006-08-22 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2009-08-30 20:43 . 2006-08-22 19:01 -------- d-----w- c:\program files\Common Files\AOL
2009-08-29 23:19 . 2009-08-20 02:18 108376 ----a-w- c:\documents and settings\Me\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-28 23:58 . 2009-08-28 23:54 -------- d-----w- c:\program files\LimeWire
2009-08-28 23:57 . 2009-08-28 23:58 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-08-28 23:57 . 2006-08-22 18:52 -------- d-----w- c:\program files\Java
2009-08-28 16:41 . 2009-08-28 16:41 -------- d-----w- c:\program files\Dell Color Printer 725
2009-08-27 23:12 . 2009-08-27 23:12 -------- d-----w- c:\program files\Microsoft Works
2009-08-27 23:11 . 2009-08-25 15:39 -------- d-----w- c:\program files\MSBuild
2009-08-27 22:58 . 2009-08-25 19:37 -------- d-----w- c:\documents and settings\Me\Application Data\COREL
2009-08-25 19:50 . 2009-08-25 19:49 -------- d-----w- c:\documents and settings\Me\Application Data\SolidWorks
2009-08-25 15:57 . 2009-08-25 15:44 -------- d-----w- c:\program files\SolidWorks Corp
2009-08-25 15:49 . 2009-08-25 15:44 -------- d-----w- c:\program files\Common Files\SolidWorks Shared
2009-08-25 15:48 . 2009-08-25 15:44 -------- d-----w- c:\documents and settings\All Users\Application Data\SolidWorks
2009-08-25 15:44 . 2009-08-25 15:44 -------- d-----w- c:\program files\AGEIA Technologies
2009-08-25 15:42 . 2009-08-25 15:42 -------- d-----w- c:\documents and settings\Me\Application Data\Windows Desktop Search
2009-08-25 15:42 . 2009-08-25 15:42 -------- d-----w- c:\program files\Windows Desktop Search
2009-08-25 15:41 . 2009-08-25 15:41 -------- d-----w- c:\program files\MSECache
2009-08-25 15:40 . 2009-08-25 15:40 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-08-25 15:40 . 2009-08-25 15:40 -------- d-----w- c:\program files\Microsoft.NET
2009-08-25 15:35 . 2009-08-25 15:35 -------- d-----w- c:\program files\Reference Assemblies
2009-08-25 15:28 . 2009-08-25 15:28 -------- d-----w- c:\program files\Common Files\SolidWorks Installation Manager
2009-08-23 19:09 . 2009-08-23 19:09 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-23 19:06 . 2009-08-23 19:06 -------- d-----w- c:\documents and settings\Me\Application Data\Corel Photo Album
2009-08-20 21:46 . 2009-08-20 21:45 -------- d-----w- c:\program files\iTunes
2009-08-20 21:46 . 2009-08-20 21:45 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-08-20 21:45 . 2009-08-20 21:45 -------- d-----w- c:\program files\iPod
2009-08-20 21:45 . 2009-08-20 21:45 -------- d-----w- c:\program files\Bonjour
2009-08-20 21:45 . 2009-08-20 21:45 -------- d-----w- c:\program files\QuickTime
2009-08-20 21:45 . 2009-08-20 21:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-08-20 21:44 . 2009-08-20 21:44 -------- d-----w- c:\program files\Apple Software Update
2009-08-20 21:44 . 2009-08-20 21:44 -------- d-----w- c:\program files\Common Files\Apple
2009-08-20 07:00 . 2009-08-20 07:00 -------- d-----w- c:\program files\MSXML 4.0
2009-08-20 06:11 . 2005-08-17 00:54 -------- d-----w- c:\program files\DIGStream
2009-08-20 02:44 . 2009-08-20 02:44 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-20 02:44 . 2009-08-20 02:44 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-08-20 02:44 . 2009-08-20 02:44 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-20 02:44 . 2009-08-20 02:44 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-20 02:43 . 2009-08-20 02:43 -------- d-----w- c:\program files\AVG
2009-08-20 02:41 . 2009-08-20 02:41 -------- d-----w- c:\documents and settings\Me\Application Data\AVG8
2009-08-20 02:15 . 2009-08-20 02:13 125 ----a-w- c:\documents and settings\Me\Local Settings\Application Data\fusioncache.dat
2009-08-05 09:01 . 2005-08-16 08:18 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:37 . 2005-08-16 08:18 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2005-08-16 08:18 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-17 19:01 . 2005-08-16 08:18 58880 ----a-w- c:\windows\system32\atl.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-10-11_22.44.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-13 14:12 . 2009-10-13 14:12 16384 c:\windows\temp\Perflib_Perfdata_7d8.dat
+ 2009-01-05 19:44 . 2009-01-05 19:44 53248 c:\windows\bdoscandel.exe
+ 2009-10-13 01:09 . 2009-10-13 01:09 86016 c:\windows\BDOSCAN8\librtvr.dll
+ 2009-10-13 01:09 . 2009-10-13 01:09 27136 c:\windows\BDOSCAN8\avxt.dll
+ 2009-10-13 01:09 . 2009-10-13 01:09 10240 c:\windows\BDOSCAN8\avxs.dll
+ 2009-10-13 01:09 . 2009-10-13 01:09 45056 c:\windows\BDOSCAN8\avxdisk.dll
+ 2009-01-05 19:44 . 2009-01-05 19:44 741376 c:\windows\Downloaded Program Files\ipsupd.dll
+ 2009-01-05 19:44 . 2009-10-13 01:09 142848 c:\windows\BDOSCAN8\libfn.dll
+ 2009-01-05 19:44 . 2009-01-05 19:44 741376 c:\windows\BDOSCAN8\ipsupd.dll
+ 2009-01-05 19:44 . 2009-10-13 01:09 107800 c:\windows\BDOSCAN8\bdcore.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport "= "c:\program files\Dell Support\DSAgnt.exe" [2005-05-15 332800]
"MSMSGS "= "c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Aim6 "= "c:\program files\AIM6\aim6.exe" [2009-07-09 49968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray "= "c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"ATIPTA "= "c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]
"DMXLauncher "= "c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"ISUSPM Startup "= "c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler "= "c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"DLA "= "c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"Google Desktop Search "= "c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-08-22 169984]
"AVG8_TRAY "= "c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-05 2023704]
"QuickTime Task "= "c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"SolidWorks_CheckForUpdates "= "c:\program files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe" [2009-01-31 7300392]
"GrooveMonitor "= "c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"DLCFCATS "= "c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll" [2005-09-08 73728]
"SunJavaUpdateSched "= "c:\program files\Java\jre6\bin\jusched.exe" [2009-08-28 136600]
"SigmatelSysTrayApp "= "stsystra.exe" - c:\windows\stsystra.exe [2006-02-10 282624]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-20 02:44 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe "=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe "=
"c:\\Program Files\\America Online 9.0\\waol.exe "=
"c:\\Program Files\\Messenger\\msmsgs.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE "=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE "=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE "=
"c:\\Program Files\\LimeWire\\LimeWire.exe "=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe "=
"c:\\Program Files\\AIM6\\aim6.exe "=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe "=
"c:\\WINDOWS\\system32\\logon.scr "=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/19/2009 10:44 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/19/2009 10:44 PM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [8/19/2009 10:43 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/19/2009 10:43 PM 297752]
R2 Remote Solver for Flow Simulation 2009;Remote Solver for Flow Simulation 2009;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [12/10/2008 4:21 PM 214312]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [8/30/2009 4:44 PM 24652]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [1/31/2009 6:01 AM 83240]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [9/23/2005 7:01 AM 2799808]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll ",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-10-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
uInternet Settings,ProxyOverride = *.local
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
Trusted Zone: musicmatch.com\online
FF - ProfilePath - c:\documents and settings\Me\Application Data\Mozilla\Firefox\Profiles\h486v5f9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://aimzones.aol.com/homepage
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrab&query=
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-13 10:14
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCFCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,RunDLLEntry???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker3 "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2516)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\searchindexer.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\searchprotocolhost.exe
c:\windows\system32\wscntfy.exe
c:\windows\ehome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\AIM6\aolsoftware.exe
c:\windows\system32\searchfilterhost.exe
.
**************************************************************************
.
Completion time: 2009-10-13 10:18 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-13 14:18
ComboFix2.txt 2009-10-13 02:36
ComboFix3.txt 2009-10-12 00:02
ComboFix4.txt 2009-10-11 22:50

Pre-Run: 95,481,761,792 bytes free
Post-Run: 95,404,556,288 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS= "Windows XP Media Center Edition" /noexecute=optin /fastdetect

301 --- E O F --- 2009-10-13 14:14


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:26:12 AM, on 10/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe "
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe" /scheduler
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
O4 - HKLM\..\Run: [DLCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,RunDLLEntry
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MI1933~1\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: dlcf_device - - C:\WINDOWS\system32\dlcfcoms.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Remote Solver for Flow Simulation 2009 - Unknown owner - C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 10599 bytes

 

I followed the instructions you gave me. Below are the logs you requested. I also am getting a error message when I restart. It says:

"Error in C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll
Missing entry:RunDLLEntry "

Not sure if this is a related issue or not.

Thanks


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/13/2009 at 02:47 PM

Application Version : 4.29.1002

Core Rules Database Version : 4163
Trace Rules Database Version: 2086

Scan type : Quick Scan
Total Scan Time : 00:55:04

Memory items scanned : 212
Memory threats detected : 0
Registry items scanned : 544
Registry threats detected : 0
File items scanned : 27586
File threats detected : 0


Malwarebytes' Anti-Malware 1.41
Database version: 2955
Windows 5.1.2600 Service Pack 3

10/13/2009 6:35:10 PM
mbam-log-2009-10-13 (18-35-10).txt

Scan type: Full Scan (C:\|)
Objects scanned: 180576
Time elapsed: 41 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:38:33 PM, on 10/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AIM6\aim6.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe "
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe" /scheduler
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
O4 - HKLM\..\Run: [DLCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,RunDLLEntry
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MI1933~1\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: dlcf_device - - C:\WINDOWS\system32\dlcfcoms.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Remote Solver for Flow Simulation 2009 - Unknown owner - C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 11175 bytes

 

You have been a great help so far. My computer is running great, there is no longer any error appearing and it has noticeably sped up. Below is the latest hijackthis log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:24 PM, on 10/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe "
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MI1933~1\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: dlcf_device - - C:\WINDOWS\system32\dlcfcoms.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Remote Solver for Flow Simulation 2009 - Unknown owner - C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

--
End of file - 9061 bytes

 

Thank you very much broni. Your help was very much appreciated.
ptsyu