Start in Safe Mode, then run Norton - see if that makes a difference.

Well Damn @ lenght of logs.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:05:13 AM, on 8/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.tt/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {293f4892-53bb-4961-9857-598936625276} - C:\WINDOWS\system32\lsasddr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\lsasddr.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\lsasddr.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Sastre\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9CDDD774-0E1E-49E3-91C6-F2D49949CF5D} (DictAideOE.ctlDictaideOE) - https://hcp.dictaide.com/OE3202.CAB
O16 - DPF: {D7107300-E42A-4C1C-84EB-4D783E58B88D} (DNInstallerOCX Class) - https://mq1webc2.speechmachines.org/Installer/InstallerOCX.cab
O16 - DPF: {D9E4E21E-60E0-11DA-91EB-00123F33E209} (DNInstallerOCX Class) - https://mq1webc2.speechmachines.org/Installer/DNInstaller2.cab
O20 - Winlogon Notify: lsasddr - C:\WINDOWS\SYSTEM32\lsasddr.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 6518 bytes

____________________________________________________________________________________________

ComboFix 07-08-17.2 - "Sastre" 2007-08-21 10:28:10.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.148 [GMT -4:00]


(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\Sastre\APPLIC~1\tmp109.tmp.exe
C:\DOCUME~1\Sastre\APPLIC~1\tmp10C.tmp.exe
C:\DOCUME~1\Sastre\APPLIC~1\tmp12.tmp.exe
C:\WINDOWS\system32\dn9c906e88.dat
C:\WINDOWS\system32\eNd6GsmI.exe
C:\WINDOWS\system32\gebcayy.dll
C:\WINDOWS\system32\X616Tj58.exe
C:\WINDOWS\Tasks.\At25.job
C:\WINDOWS\Tasks.\At26.job
C:\WINDOWS\Tasks.\At27.job
C:\WINDOWS\Tasks.\At28.job
C:\WINDOWS\Tasks.\At29.job
C:\WINDOWS\Tasks.\At30.job
C:\WINDOWS\Tasks.\At31.job
C:\WINDOWS\Tasks.\At32.job
C:\WINDOWS\Tasks.\At33.job
C:\WINDOWS\Tasks.\At34.job
C:\WINDOWS\Tasks.\At35.job
C:\WINDOWS\Tasks.\At36.job
C:\WINDOWS\Tasks.\At37.job
C:\WINDOWS\Tasks.\At38.job
C:\WINDOWS\Tasks.\At39.job
C:\WINDOWS\Tasks.\At40.job
C:\WINDOWS\Tasks.\At41.job
C:\WINDOWS\Tasks.\At42.job
C:\WINDOWS\Tasks.\At43.job
C:\WINDOWS\Tasks.\At44.job
C:\WINDOWS\Tasks.\At45.job
C:\WINDOWS\Tasks.\At46.job
C:\WINDOWS\Tasks.\At47.job
C:\WINDOWS\Tasks.\At48.job
C:\WINDOWS\Tasks.\At73.job
C:\WINDOWS\Tasks.\At74.job
C:\WINDOWS\Tasks.\At75.job
C:\WINDOWS\Tasks.\At76.job
C:\WINDOWS\Tasks.\At77.job
C:\WINDOWS\Tasks.\At78.job
C:\WINDOWS\Tasks.\At79.job
C:\WINDOWS\Tasks.\At80.job
C:\WINDOWS\Tasks.\At81.job
C:\WINDOWS\Tasks.\At82.job
C:\WINDOWS\Tasks.\At83.job
C:\WINDOWS\Tasks.\At84.job
C:\WINDOWS\Tasks.\At85.job
C:\WINDOWS\Tasks.\At86.job
C:\WINDOWS\Tasks.\At87.job
C:\WINDOWS\Tasks.\At88.job
C:\WINDOWS\Tasks.\At89.job
C:\WINDOWS\Tasks.\At90.job
C:\WINDOWS\Tasks.\At91.job
C:\WINDOWS\Tasks.\At92.job
C:\WINDOWS\Tasks.\At93.job
C:\WINDOWS\Tasks.\At94.job
C:\WINDOWS\Tasks.\At95.job
C:\WINDOWS\Tasks.\At96.job


(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_DOMAINSERVICE


(((((((((((((((((((((((((   Files Created from 2007-07-21 to 2007-08-21  )))))))))))))))))))))))))))))))


2007-08-21 10:27   51,200   --a------   C:\WINDOWS\nircmd.exe
2007-08-20 11:01   225,280   --ah-----   C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-08-17 22:20   <DIR>   d--------   C:\WINDOWS\pss
2007-08-15 08:22   <DIR>   d--------   C:\Program Files\ScanSpyware v3.8.0.4
2007-08-14 21:21   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-08-04 19:08   92,730   ---------   C:\WINDOWS\system32\lsasddr.dll


((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-20 19:48   ---------   d--------   C:\DOCUME~1\Sastre\APPLIC~1\IMVU
2007-08-20 19:10   ---------   d--------   C:\Program Files\DocQscribe
2007-08-20 19:08   ---------   d--------   C:\Program Files\QLEDR05
2007-08-20 10:57   ---------   d--------   C:\Program Files\Norton AntiVirus
2007-08-20 09:48   ---------   d--------   C:\Program Files\Warcraft III
2007-08-19 13:33   ---------   d--------   C:\DOCUME~1\Sastre\APPLIC~1\BitTorrent
2007-08-17 05:49   ---------   d--------   C:\Program Files\Common Files\Symantec Shared
2007-08-17 05:42   ---------   d--------   C:\Program Files\Symantec
2007-08-16 23:46   ---------   d--------   C:\Program Files\IMVU
2007-08-03 18:19   ---------   d--------   C:\Program Files\SymNetDrv
2007-07-23 18:37   ---------   d--------   C:\DOCUME~1\Sastre\APPLIC~1\LimeWire
2007-07-12 10:00   ---------   d--------   C:\Program Files\Ares
2007-07-10 17:32   ---------   d--------   C:\Program Files\eMule
2007-07-08 01:12   4608   --a------   C:\WINDOWS\system32\drivers\symlcbrd.sys
2007-07-08 01:10   ---------   d--------   C:\Program Files\K-Lite Codec Pack
2007-06-28 11:26   ---------   d--------   C:\Program Files\Yahoo!
2007-06-27 19:50   ---------   d--------   C:\Program Files\GAMES


(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
 
 
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{293f4892-53bb-4961-9857-598936625276}]
2007-08-04 19:08   92730   ---------   C:\WINDOWS\system32\lsasddr.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2007-04-13 12:49]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-08-17 05:41]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 17:32]
"VTTimer"="VTTimer.exe" [2005-03-07 15:33 C:\WINDOWS\system32\VTTimer.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" []
"RaidTool"="C:\Program Files\VIA\RAID\raid_tool.exe" [2007-04-13 12:49]
"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" []
"AGRSMMSG"="AGRSMMSG.exe" [2005-06-30 01:16 C:\WINDOWS\AGRSMMSG.exe]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-06-11 18:16]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\lsasddr]
lsasddr.dll 2007-08-04 19:08 92730 C:\WINDOWS\system32\lsasddr.dll

R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\fetnd5.sys
S3 GMSIPCI;GMSIPCI;\??\D:\INSTALL\GMSIPCI.SYS


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2dd4e72-9f9a-11db-8909-0016179b061b}]
Auto\command- sxs.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe


Contents of the 'Scheduled Tasks' folder
2007-08-21 13:00:00 C:\WINDOWS\Tasks\At10.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-21 14:00:00 C:\WINDOWS\Tasks\At11.job
2007-08-20 15:00:00 C:\WINDOWS\Tasks\At12.job
2007-08-19 16:00:00 C:\WINDOWS\Tasks\At13.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-19 17:00:00 C:\WINDOWS\Tasks\At14.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-19 18:00:02 C:\WINDOWS\Tasks\At15.job
2007-08-19 19:00:00 C:\WINDOWS\Tasks\At16.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-19 20:00:00 C:\WINDOWS\Tasks\At17.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-20 21:00:00 C:\WINDOWS\Tasks\At18.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-20 22:00:00 C:\WINDOWS\Tasks\At19.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-20 23:00:00 C:\WINDOWS\Tasks\At20.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-21 00:00:00 C:\WINDOWS\Tasks\At21.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-21 01:00:00 C:\WINDOWS\Tasks\At22.job
2007-08-21 02:00:00 C:\WINDOWS\Tasks\At23.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-21 03:00:00 C:\WINDOWS\Tasks\At24.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-21 06:00:00 C:\WINDOWS\Tasks\At3.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-21 07:00:00 C:\WINDOWS\Tasks\At4.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-21 04:00:00 C:\WINDOWS\Tasks\At49.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 08:00:00 C:\WINDOWS\Tasks\At5.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-21 05:00:00 C:\WINDOWS\Tasks\At50.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 06:00:00 C:\WINDOWS\Tasks\At51.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 07:00:00 C:\WINDOWS\Tasks\At52.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 08:00:01 C:\WINDOWS\Tasks\At53.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 09:00:00 C:\WINDOWS\Tasks\At54.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 10:00:00 C:\WINDOWS\Tasks\At55.job
2007-08-21 11:00:00 C:\WINDOWS\Tasks\At56.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 12:00:01 C:\WINDOWS\Tasks\At57.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 13:00:00 C:\WINDOWS\Tasks\At58.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 14:00:00 C:\WINDOWS\Tasks\At59.job
2007-08-21 09:00:00 C:\WINDOWS\Tasks\At6.job
2007-08-20 15:00:00 C:\WINDOWS\Tasks\At60.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-19 16:00:00 C:\WINDOWS\Tasks\At61.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-19 17:00:00 C:\WINDOWS\Tasks\At62.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-19 18:00:03 C:\WINDOWS\Tasks\At63.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-19 19:00:00 C:\WINDOWS\Tasks\At64.job
2007-08-19 20:00:00 C:\WINDOWS\Tasks\At65.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-20 21:00:00 C:\WINDOWS\Tasks\At66.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-20 22:00:00 C:\WINDOWS\Tasks\At67.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-20 23:00:00 C:\WINDOWS\Tasks\At68.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 00:00:00 C:\WINDOWS\Tasks\At69.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 10:00:00 C:\WINDOWS\Tasks\At7.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-21 01:00:00 C:\WINDOWS\Tasks\At70.job
2007-08-21 02:00:00 C:\WINDOWS\Tasks\At71.job
2007-08-21 03:00:00 C:\WINDOWS\Tasks\At72.job - C:\WINDOWS\system32\Uf8tJN4K.exe
2007-08-21 11:00:00 C:\WINDOWS\Tasks\At8.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-21 12:00:01 C:\WINDOWS\Tasks\At9.job - C:\WINDOWS\system32\Xi3EouL1.exe
2007-08-20 00:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Sastre.job - C:\PROGRA~1\NORTON~1\Navw32.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-21 10:46:33
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-21 10:48:33 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-21 10:48

   --- E O F ---

Also did you purchase or download this programme

ScanSpyware v3.8.0.4

Thanks to the moderate for the help lsasddr.dll is no longer annoying, might still be there and dangerous but not annoying

WinPFind3 logfile created on: 8/22/2007 11:18:44 AM
WinPFind3U by OldTimer - Version 1.0.39   Folder = C:\Documents and Settings\Sastre\Desktop\clean up\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)
 
447.48 Mb Total Physical Memory | 185.13 Mb Available Physical Memory | 41.37% Memory free
1.03 Gb Paging File | 0.84 Gb Available in Paging File | 81.19% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80.00 Gb Total Space | 8.30 Gb Free Space | 10.37% Space Free
D: Drive not present or media not loaded
Drive E: | 106.30 Gb Total Space | 64.42 Gb Free Space | 60.60% Space Free
F: Drive not present or media not loaded

Computer Name: BUCK1
Current User Name: Sastre
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.171 | Size = 100032 bytes | Modified Date = 7/25/2006 6:03:44 PM | Attr =    ]
ccapp.exe -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 58984 bytes | Modified Date = 1/9/2007 5:32:02 PM | Attr =    ]
ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 198248 bytes | Modified Date = 1/9/2007 5:32:02 PM | Attr =    ]
ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 181864 bytes | Modified Date = 1/9/2007 5:32:04 PM | Attr =    ]
navapsvc.exe -> %ProgramFiles%\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 11.0.9.16 | Size = 177264 bytes | Modified Date = 1/10/2005 12:20:22 PM | Attr =    ]
nerocheck.exe -> %System32%\NeroCheck.exe ->  [Ver =  | Size = 53267 bytes | Modified Date = 4/13/2007 12:49:48 PM | Attr =    ]
npfmntor.exe -> %ProgramFiles%\Norton AntiVirus\IWP\NPFMNTOR.EXE -> Symantec Corporation [Ver = 11.0.9.16 | Size = 46704 bytes | Modified Date = 1/10/2005 12:20:42 PM | Attr =    ]
sndsrvc.exe -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.6.604 | Size = 206552 bytes | Modified Date = 3/28/2007 6:41:56 PM | Attr =    ]
spbbcsvc.exe -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 1,0,1,47 | Size = 173160 bytes | Modified Date = 7/21/2004 5:24:04 PM | Attr =    ]
symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1, 8, 54, 419 | Size = 817304 bytes | Modified Date = 7/8/2007 1:13:00 AM | Attr =    ]
winpfind3u.exe -> %UserDesktop%\clean up\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 6/23/2007 3:15:54 PM | Attr =    ]
yahoomessenger.exe -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe -> Yahoo! Inc. [Ver = 8,1,0,402 | Size = 4670968 bytes | Modified Date = 6/11/2007 6:16:12 PM | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(AresChatServer) Ares Chatroom server [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Ares\chatServer.exe -> Ares Development Group [Ver = 2.0.5.3027 | Size = 263168 bytes | Modified Date = 2/6/2007 9:39:26 PM | Attr =    ]
(Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.171 | Size = 100032 bytes | Modified Date = 7/25/2006 6:03:44 PM | Attr =    ]
(ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 198248 bytes | Modified Date = 1/9/2007 5:32:02 PM | Attr =    ]
(ccPwdSvc) Symantec Password Validation [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPWDSVC.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 79464 bytes | Modified Date = 1/9/2007 5:32:04 PM | Attr =    ]
(ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 181864 bytes | Modified Date = 1/9/2007 5:32:04 PM | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 12:56:50 AM | Attr =    ]
(LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_0.EXE -> Symantec Corporation [Ver = 3.0.0.171 | Size = 2119360 bytes | Modified Date = 7/25/2006 6:03:44 PM | Attr =    ]
(navapsvc) Norton AntiVirus Auto-Protect Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 11.0.9.16 | Size = 177264 bytes | Modified Date = 1/10/2005 12:20:22 PM | Attr =    ]
(NPFMntor) Norton AntiVirus Firewall Monitor Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton AntiVirus\IWP\NPFMNTOR.EXE -> Symantec Corporation [Ver = 11.0.9.16 | Size = 46704 bytes | Modified Date = 1/10/2005 12:20:42 PM | Attr =    ]
(SAVScan) SAVScan [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton AntiVirus\SAVSCAN.EXE -> Symantec Corporation [Ver = 9.4.1.10 | Size = 198368 bytes | Modified Date = 12/10/2004 1:00:50 PM | Attr =    ]
(SBService) ScriptBlocking Service [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\Script Blocking\SBSERV.EXE -> Symantec Corporation [Ver = 11.0.9.16 | Size = 67184 bytes | Modified Date = 1/10/2005 12:20:48 PM | Attr =    ]
(SNDSrvc) Symantec Network Drivers Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.6.604 | Size = 206552 bytes | Modified Date = 3/28/2007 6:41:56 PM | Attr =    ]
(SPBBCSvc) Symantec SPBBCSvc [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 1,0,1,47 | Size = 173160 bytes | Modified Date = 7/21/2004 5:24:04 PM | Attr =    ]
(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1, 8, 54, 419 | Size = 817304 bytes | Modified Date = 7/8/2007 1:13:00 AM | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
AudioDeck -> %ProgramFiles%\VIAudioi\SBADeck\ADeck.exe -> File not found
ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 58984 bytes | Modified Date = 1/9/2007 5:32:02 PM | Attr =    ]
NeroFilterCheck -> %System32%\NeroCheck.exe ->  [Ver =  | Size = 53267 bytes | Modified Date = 4/13/2007 12:49:48 PM | Attr =    ]
RaidTool -> %ProgramFiles%\VIA\RAID\raid_tool.exe ->  [Ver =  | Size = 53267 bytes | Modified Date = 4/13/2007 12:49:48 PM | Attr =    ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> File not found
Symantec NetDriver Monitor -> %ProgramFiles%\SymNetDrv\SNDMon.exe -> Symantec Corporation [Ver = 5.5.6.604 | Size = 100056 bytes | Modified Date = 8/17/2007 5:41:36 AM | Attr =    ]
VTTimer -> %System32%\VTTimer.exe -> S3 Graphics, Inc. [Ver = 2.00.01-0307 | Size = 53248 bytes | Modified Date = 3/7/2005 3:33:28 PM | Attr = R  ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Yahoo! Pager -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe -> Yahoo! Inc. [Ver = 8,1,0,402 | Size = 4670968 bytes | Modified Date = 6/11/2007 6:16:12 PM | Attr =    ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
lsasddr -> lsasddr.dll -> File not found
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoDriveAutoRun -> 67108863 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoDriveTypeAutoRun -> 255 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ ->  ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ ->  ->
< HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1       localhost ->  ->
< Internet Explorer Settings > ->  ->
HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome ->
HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKLM: Start Page -> about:blank ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKCU: Start Page -> http://www.google.tt/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] ->  ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.9.0.2004090100 | Size = 58528 bytes | Modified Date = 9/1/2004 1:43:30 AM | Attr =    ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Reg Data - Value does not exist] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 1:04:00 AM | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 11/9/2006 3:21:52 PM | Attr =    ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{BDF3E430-B101-42AD-A544-FADC6B084872} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [CNavExtBho Class] -> Symantec Corporation [Ver = 11.0.9.16 | Size = 218736 bytes | Modified Date = 1/10/2005 12:20:36 PM | Attr =    ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.9.16 | Size = 218736 bytes | Modified Date = 1/10/2005 12:20:36 PM | Attr =    ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.9.16 | Size = 218736 bytes | Modified Date = 1/10/2005 12:20:36 PM | Attr =    ]
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.9.16 | Size = 218736 bytes | Modified Date = 1/10/2005 12:20:36 PM | Attr =    ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{9455301C-CF6B-11D3-A266-00C04F689C50} -> Reg Data - Value does not exist [ButtonText: Researcher] -> File not found
{B205A35E-1FC4-4CE3-818B-899DBBB3388C} [HKLM] -> Reg Data - Key not found [MenuText: Reg Data - Value does not exist] -> File not found
{d9288080-1baa-4bc4-9cf8-a92d743db949} -> %SystemDrive%\Documents and Settings\Sastre\Start Menu\Programs\IMVU\Run IMVU.lnk [ButtonText: Run IMVU] ->  [Ver =  | Size = 1540 bytes | Modified Date = 8/5/2007 3:53:26 AM | Attr =    ]
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xport to Microsoft Excel ->  -> File not found
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->
SV1 ->  ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{AF533E7F-AF15-4EC1-B6CF-36492627C37F} ->    (VIA Rhine II Fast Ethernet Adapter) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp -> %System32%\lsasddr.dll -> File not found
msdaipp -> %System32%\lsasddr.dll -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{9CDDD774-0E1E-49E3-91C6-F2D49949CF5D} -> DictAideOE.ctlDictaideOE - CodeBase = https://hcp.dictaide.com/OE3202.CAB ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab ->
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} ->  - CodeBase = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ->
{D7107300-E42A-4C1C-84EB-4D783E58B88D} -> DNInstallerOCX Class - CodeBase = https://mq1webc2.speechmachines.org/Installer/InstallerOCX.cab ->
{D9E4E21E-60E0-11DA-91EB-00123F33E209} -> DNInstallerOCX Class - CodeBase = https://mq1webc2.speechmachines.org/Installer/DNInstaller2.cab ->

They can run but they can't hide 

Start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a newHijackthis log.

I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

If I see that dll again I will use the nuclear option on it.