Unknown virus

Please help again - my other computer is now acting up. I cannot do system restore, it freezes for no reason, etc...
Malware detects two same broken commands every time even after it "fixes" them

I have also noticed these things: the broken commands found by Malware all refer to notepad.exe and when I ran my System Mechanic it wanted to repair securities by assigning all .reg and .scr files to be opened with notepad. Hope this helps

Thank you so much!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:59:17 PM, on 8/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\iolo\System Mechanic Professional\IoloSGCtrl.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\iolo\System Mechanic Professional\SystemGuardAlerter.exe
C:\Program Files\iolo\System Mechanic Professional\Personal Firewall\ioloFW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\AOG\My Documents\Downloads\winlogon(2).exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070124
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070124
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=47689
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Road Runner High Speed Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SystemGuardAlerter] "C:\Program Files\iolo\System Mechanic Professional\SystemGuardAlerter.exe"
O4 - HKLM\..\Run: [iolo AntiVirus] "C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe"
O4 - HKLM\..\Run: [iolo Personal Firewall] "C:\Program Files\iolo\System Mechanic Professional\Personal Firewall\ioloFW.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\AOG\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Installer) - http://supportcenter.rr.com/sdccommon/download/tgctlins.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://supportcenter.rr.com/sdccommon/download/tgctlsi.cab
O16 - DPF: {010123DF-5E80-11D8-9E86-0007E96C65AE} (SprtCtlBrowse Class) - http://supportcenter.rr.com/sdccommon/download/sprtctlbr.cab
O16 - DPF: {010136FD-5E80-11D8-9E86-0007E96C65AE} (SprtWMIControl Class) - http://supportcenter.rr.com/sdccommon/download/sprtctlwmi.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {01117B00-3E00-11D2-8470-0060089874ED} (Support.com ScreenShot Class) - http://supportcenter.rr.com/sdccommon/download/tgctlss.cab
O16 - DPF: {01119400-3E00-11D2-8470-0060089874ED} (SupportSoft Listener Control) - http://supportcenter.rr.com/sdccommon/download/sprtctlln.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional\IoloSGCtrl.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9081 bytes

Please post the MBAM report for me to see.

MBAM report showed 0 in everything. Here's the new winlogon report

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:22:38 PM, on 8/5/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\iolo\System Mechanic Professional\IoloSGCtrl.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iolo\System Mechanic Professional\SystemGuardAlerter.exe
C:\Program Files\iolo\System Mechanic Professional\Personal Firewall\ioloFW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\AOG\Application Data\mjusbsp\magicJack.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\AOG\My Documents\Downloads\winlogon(2).exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070124
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070124
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=47689
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Road Runner High Speed Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SystemGuardAlerter] "C:\Program Files\iolo\System Mechanic Professional\SystemGuardAlerter.exe"
O4 - HKLM\..\Run: [iolo AntiVirus] "C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe"
O4 - HKLM\..\Run: [iolo Personal Firewall] "C:\Program Files\iolo\System Mechanic Professional\Personal Firewall\ioloFW.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\AOG\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Installer) - http://supportcenter.rr.com/sdccommon/download/tgctlins.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://supportcenter.rr.com/sdccommon/download/tgctlsi.cab
O16 - DPF: {010123DF-5E80-11D8-9E86-0007E96C65AE} (SprtCtlBrowse Class) - http://supportcenter.rr.com/sdccommon/download/sprtctlbr.cab
O16 - DPF: {010136FD-5E80-11D8-9E86-0007E96C65AE} (SprtWMIControl Class) - http://supportcenter.rr.com/sdccommon/download/sprtctlwmi.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {01117B00-3E00-11D2-8470-0060089874ED} (Support.com ScreenShot Class) - http://supportcenter.rr.com/sdccommon/download/tgctlss.cab
O16 - DPF: {01119400-3E00-11D2-8470-0060089874ED} (SupportSoft Listener Control) - http://supportcenter.rr.com/sdccommon/download/sprtctlln.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional\IoloSGCtrl.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9151 bytes

I still need to see the MBAM report to see if you have the latest database and what version you are running.

Malwarebytes' Anti-Malware 1.40
Database version: 2565
Windows 5.1.2600 Service Pack 3

8/5/2009 3:15:18 PM
mbam-log-2009-08-05 (15-15-18).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 162794
Time elapsed: 39 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

bump

Sorry about the wait, your post slipped past us and got missed.

Hello.

• Download combofix from here
  Link 1
  Link 2
  
  1. If you are using Firefox, make sure that your download settings are as follows:
  
  * Tools->Options->Main tab
  * Set to "Always ask me where to Save the files".
  
  2. During the download, rename Combofix to Combo-Fix as follows:
  
  
  
  
  
  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
  
• We need to disable your local AV (Anti-virus) before running Combofix.
  
• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
  
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
  
  
  
• The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
  
  
  
  
• Allow ComboFix to download the Recovery Console.
  
• Accept the End-User License Agreement.
  
• The Recovery Console will be installed.
  
• You will then get this next prompt that asks if you want to continue the malware scan, select yes
  
  
  
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

No problem - here's the log
ComboFix 09-08-09.04 - AOG 08/09/2009 20:34.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.213 [GMT -5:00]
Running from: c:\documents and settings\AOG\Desktop\Combo-Fix.exe
AV: iolo AntiVirus *On-access scanning disabled* (Updated) {2565CEEE-6BDB-4A6D-AD6D-F682F2695014}
FW: iolo Personal Firewall *enabled* {38254411-9AEC-4967-913E-F892C2A4DF89}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\AOG\Start Menu\Programs\MovieBox
c:\program files\moviebox
c:\windows\Installer\10167021.msp
c:\windows\Installer\104d7584.msp
c:\windows\Installer\10844be8.msp
c:\windows\Installer\10bb417d.msp
c:\windows\Installer\10f2287b.msp
c:\windows\Installer\1129170a.msp
c:\windows\Installer\113aa6f.msp
c:\windows\Installer\115c5.msp
c:\windows\Installer\11600607.msp
c:\windows\Installer\1184757.msp
c:\windows\Installer\118e2.msp
c:\windows\Installer\1196f4b6.msp
c:\windows\Installer\119b7df.msp
c:\windows\Installer\119cc.msp
c:\windows\Installer\11cb669.msp
c:\windows\Installer\11cde336.msp
c:\windows\Installer\1204d197.msp
c:\windows\Installer\123bc603.msp
c:\windows\Installer\1272d549.msp
c:\windows\Installer\12780fc.msp
c:\windows\Installer\127e6.msp
c:\windows\Installer\12a99d84.msp
c:\windows\Installer\12e08f41.msp
c:\windows\Installer\13177c78.msp
c:\windows\Installer\134e681a.msp
c:\windows\Installer\1385566b.msp
c:\windows\Installer\13bc4568.msp
c:\windows\Installer\13f333c9.msp
c:\windows\Installer\142a2287.msp
c:\windows\Installer\146110aa.msp
c:\windows\Installer\1497fedc.msp
c:\windows\Installer\14a98d0.msp
c:\windows\Installer\14ceed8a.msp
c:\windows\Installer\14f35f7.msp
c:\windows\Installer\1505df56.msp
c:\windows\Installer\150a611.msp
c:\windows\Installer\152de.msp
c:\windows\Installer\152e7.msp
c:\windows\Installer\153b209.msp
c:\windows\Installer\153ccc7e.msp
c:\windows\Installer\1573da4e.msp
c:\windows\Installer\15aaa76b.msp
c:\windows\Installer\15e19743.msp
c:\windows\Installer\15e6645.msp
c:\windows\Installer\161885b3.msp
c:\windows\Installer\164f78e6.msp
c:\windows\Installer\168662b3.msp
c:\windows\Installer\16bd5049.msp
c:\windows\Installer\16f43ee8.msp
c:\windows\Installer\172b2da7.msp
c:\windows\Installer\176227ee.msp
c:\windows\Installer\17995b18.msp
c:\windows\Installer\17cffa50.msp
c:\windows\Installer\1806f3cc.msp
c:\windows\Installer\18186f2.msp
c:\windows\Installer\183e500a.msp
c:\windows\Installer\18627d2.msp
c:\windows\Installer\18757ae7.msp
c:\windows\Installer\187a589.msp
c:\windows\Installer\18a91b4.msp
c:\windows\Installer\18abf706.msp
c:\windows\Installer\18e2c01c.msp
c:\windows\Installer\1919d7ee.msp
c:\windows\Installer\1950d4a6.msp
c:\windows\Installer\1958143.msp
c:\windows\Installer\1987ab78.msp
c:\windows\Installer\19bf013d.msp
c:\windows\Installer\19f5b564.msp
c:\windows\Installer\1a2c521a.msp
c:\windows\Installer\1a642954.msp
c:\windows\Installer\1a9a33ed.msp
c:\windows\Installer\1ad1058e.msp
c:\windows\Installer\1b07f72b.msp
c:\windows\Installer\1b3eeb39.msp
c:\windows\Installer\1b75ce20.msp
c:\windows\Installer\1b875a1.msp
c:\windows\Installer\1bacc22e.msp
c:\windows\Installer\1be09f9.msp
c:\windows\Installer\1be3aca7.msp
c:\windows\Installer\1be85d0.msp
c:\windows\Installer\1c19c57.msp
c:\windows\Installer\1c1a9ba4.msp
c:\windows\Installer\1c518a14.msp
c:\windows\Installer\1c5ac.msp
c:\windows\Installer\1c6898b8.msp
c:\windows\Installer\1c887eaf.msp
c:\windows\Installer\1cbf6791.msp
c:\windows\Installer\1cc4410.msp
c:\windows\Installer\1cf66c87.msp
c:\windows\Installer\1d2d5df5.msp
c:\windows\Installer\1d6437c4.msp
c:\windows\Installer\1d9b2153.msp
c:\windows\Installer\1dd20fa4.msp
c:\windows\Installer\1e08fe62.msp
c:\windows\Installer\1e3fece2.msp
c:\windows\Installer\1ef63a4.msp
c:\windows\Installer\1f404c2.msp
c:\windows\Installer\1f576c1.msp
c:\windows\Installer\1f86e08.msp
c:\windows\Installer\2033743.msp
c:\windows\Installer\2265262.msp
c:\windows\Installer\22af5b3.msp
c:\windows\Installer\22c605f.msp
c:\windows\Installer\22f5cd6.msp
c:\windows\Installer\23a214e.msp
c:\windows\Installer\25d44e9.msp
c:\windows\Installer\261ecfd.msp
c:\windows\Installer\2634f3d.msp
c:\windows\Installer\2664b08.msp
c:\windows\Installer\2711220.msp
c:\windows\Installer\2942f72.msp
c:\windows\Installer\298dce5.msp
c:\windows\Installer\29a3d9e.msp
c:\windows\Installer\29d3d32.msp
c:\windows\Installer\2a7fdb2.msp
c:\windows\Installer\2ac3a.msi
c:\windows\Installer\2ac3f.msi
c:\windows\Installer\2ac42.msi
c:\windows\Installer\2cb2ae2.msp
c:\windows\Installer\2cfbd7a.msp
c:\windows\Installer\2d13565.msp
c:\windows\Installer\2d428f2.msp
c:\windows\Installer\2df0a1a.msp
c:\windows\Installer\3021c60.msp
c:\windows\Installer\306abbc.msp
c:\windows\Installer\3081c82.msp
c:\windows\Installer\30b4846.msp
c:\windows\Installer\315da64.msp
c:\windows\Installer\338fdff.msp
c:\windows\Installer\33d9942.msp
c:\windows\Installer\33f08ef.msp
c:\windows\Installer\34206ae.msp
c:\windows\Installer\34cc903.msp
c:\windows\Installer\36febd3.msp
c:\windows\Installer\3748754.msp
c:\windows\Installer\375f6b3.msp
c:\windows\Installer\378f3e6.msp
c:\windows\Installer\382efe.msp
c:\windows\Installer\383b6e7.msp
c:\windows\Installer\3861d6.msp
c:\windows\Installer\38bbae.msp
c:\windows\Installer\3a6d89e.msp
c:\windows\Installer\3ab7642.msp
c:\windows\Installer\3ace533.msp
c:\windows\Installer\3baa509.msp
c:\windows\Installer\3c0902.msp
c:\windows\Installer\3ca0b0.msp
c:\windows\Installer\3ddc75c.msp
c:\windows\Installer\3e1aed.msp
c:\windows\Installer\3e26454.msp
c:\windows\Installer\3e3d3a4.msp
c:\windows\Installer\3f19406.msp
c:\windows\Installer\41135c.msp
c:\windows\Installer\414bb3b.msp
c:\windows\Installer\4195351.msp
c:\windows\Installer\41aceb6.msp
c:\windows\Installer\428abc9.msp
c:\windows\Installer\44ba6fc.msp
c:\windows\Installer\451b1bd.msp
c:\windows\Installer\45f566a.msp
c:\windows\Installer\45f7116.msp
c:\windows\Installer\482a80a.msp
c:\windows\Installer\48730af.msp
c:\windows\Installer\4889f81.msp
c:\windows\Installer\4968166.msp
c:\windows\Installer\4b98fd3.msp
c:\windows\Installer\4be2605.msp
c:\windows\Installer\4bf9e1e.msp
c:\windows\Installer\4cd4ed1.msp
c:\windows\Installer\4f09026.msp
c:\windows\Installer\4f50ca5.msp
c:\windows\Installer\4f67cfe.msp
c:\windows\Installer\5043a92.msp
c:\windows\Installer\5275ddf.msp
c:\windows\Installer\52bfb93.msp
c:\windows\Installer\52d6b11.msp
c:\windows\Installer\53b2922.msp
c:\windows\Installer\55e4da7.msp
c:\windows\Installer\562e9c5.msp
c:\windows\Installer\5646cac.msp
c:\windows\Installer\5721735.msp
c:\windows\Installer\5953afe.msp
c:\windows\Installer\599dc9a.msp
c:\windows\Installer\59b4830.msp
c:\windows\Installer\5a93158.msp
c:\windows\Installer\5b676.msp
c:\windows\Installer\5cc2de3.msp
c:\windows\Installer\5d11b4d.msp
c:\windows\Installer\5d23643.msp
c:\windows\Installer\5dff33b.msp
c:\windows\Installer\6031724.msp
c:\windows\Installer\607c1c8.msp
c:\windows\Installer\6092407.msp
c:\windows\Installer\616e18c.msp
c:\windows\Installer\63a0575.msp
c:\windows\Installer\63ea5d8.msp
c:\windows\Installer\6402227.msp
c:\windows\Installer\64dd089.msp
c:\windows\Installer\670f472.msp
c:\windows\Installer\6770369.msp
c:\windows\Installer\684be9b.msp
c:\windows\Installer\6a7e265.msp
c:\windows\Installer\6adf563.msp
c:\windows\Installer\6bbaf00.msp
c:\windows\Installer\6ded0c6.msp
c:\windows\Installer\6e4e2f9.msp
c:\windows\Installer\6edfba.msp
c:\windows\Installer\6f2c1f0.msp
c:\windows\Installer\6f4644.msp
c:\windows\Installer\715dacd.msp
c:\windows\Installer\71be465.msp
c:\windows\Installer\7298ede.msp
c:\windows\Installer\7394af.msp
c:\windows\Installer\74cb315.msp
c:\windows\Installer\74fe03.msp
c:\windows\Installer\752be24.msp
c:\windows\Installer\7607abe.msp
c:\windows\Installer\78070d.msp
c:\windows\Installer\783ac05.msp
c:\windows\Installer\789ab1e.msp
c:\windows\Installer\7976ab5.msp
c:\windows\Installer\7ba8bc0.msp
c:\windows\Installer\7c09940.msp
c:\windows\Installer\7ce55bb.msp
c:\windows\Installer\7ef1323.msp
c:\windows\Installer\7f796d3.msp
c:\windows\Installer\80544c7.msp
c:\windows\Installer\825f733.msp
c:\windows\Installer\82e76ec.msp
c:\windows\Installer\83c57b7.msp
c:\windows\Installer\85ce5f2.msp
c:\windows\Installer\865657b.msp
c:\windows\Installer\86b181.msp
c:\windows\Installer\873215a.msp
c:\windows\Installer\893d4a1.msp
c:\windows\Installer\89c52c3.msp
c:\windows\Installer\8aa0f6c.msp
c:\windows\Installer\8cac62e.msp
c:\windows\Installer\8d340e5.msp
c:\windows\Installer\8e0fe2b.msp
c:\windows\Installer\901b059.msp
c:\windows\Installer\90a2fc3.msp
c:\windows\Installer\917ec6c.msp
c:\windows\Installer\93155.msp
c:\windows\Installer\938a4e3.msp
c:\windows\Installer\94130f0.msp
c:\windows\Installer\94edc83.msp
c:\windows\Installer\96f8d78.msp
c:\windows\Installer\9780cd2.msp
c:\windows\Installer\985e05f.msp
c:\windows\Installer\9a67c07.msp
c:\windows\Installer\9aefba1.msp
c:\windows\Installer\9bcde60.msp
c:\windows\Installer\9dd6ce9.msp
c:\windows\Installer\9e5fa3e.msp
c:\windows\Installer\9f3a65d.msp
c:\windows\Installer\a14584c.msp
c:\windows\Installer\a1cd852.msp
c:\windows\Installer\a229a.msp
c:\windows\Installer\a4b4768.msp
c:\windows\Installer\a53d2b9.msp
c:\windows\Installer\a5cd6f.msp
c:\windows\Installer\a633f9.msp
c:\windows\Installer\a8235aa.msp
c:\windows\Installer\a8ac253.msp
c:\windows\Installer\aa6b22.msp
c:\windows\Installer\ab92449.msp
c:\windows\Installer\abe995.msp
c:\windows\Installer\ac1a72e.msp
c:\windows\Installer\aeda15.msp
c:\windows\Installer\af014cd.msp
c:\windows\Installer\af8a08b.msp
c:\windows\Installer\b271cef.msp
c:\windows\Installer\b2f84ba.msp
c:\windows\Installer\b5def9a.msp
c:\windows\Installer\b667463.msp
c:\windows\Installer\b94de68.msp
c:\windows\Installer\b9b448.msp
c:\windows\Installer\b9d6380.msp
c:\windows\Installer\bcbd351.msp
c:\windows\Installer\bd44e75.msp
c:\windows\Installer\c02c173.msp
c:\windows\Installer\c0b3d05.msp
c:\windows\Installer\c39ab7e.msp
c:\windows\Installer\c422fda.msp
c:\windows\Installer\c709887.msp
c:\windows\Installer\c79287c.msp
c:\windows\Installer\ca786e8.msp
c:\windows\Installer\cb007d9.msp
c:\windows\Installer\cde75b6.msp
c:\windows\Installer\ce6f85d.msp
c:\windows\Installer\d1563e8.msp
c:\windows\Installer\d4c7283.msp
c:\windows\Installer\d834184.msp
c:\windows\Installer\dba318b.msp
c:\windows\Installer\dcbb62.msp
c:\windows\Installer\dd2334.msp
c:\windows\Installer\df11de8.msp
c:\windows\Installer\e159c2.msp
c:\windows\Installer\e28133e.msp
c:\windows\Installer\e2c96f.msp
c:\windows\Installer\e5c857.msp
c:\windows\Installer\e5efac9.msp
c:\windows\Installer\e95e939.msp
c:\windows\Installer\eccd8e2.msp
c:\windows\Installer\f03c985.msp
c:\windows\Installer\f09635.msp
c:\windows\Installer\f3ab7c7.msp
c:\windows\Installer\f71a387.msp
c:\windows\Installer\fa891e8.msp
c:\windows\Installer\fdf81c0.msp
c:\windows\kb913800.exe
c:\windows\RM.exe
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000010_.tmp.dll
c:\windows\system32\_000023_.tmp.dll
c:\windows\system32\_000024_.tmp.dll
c:\windows\system32\_000025_.tmp.dll
c:\windows\system32\_000026_.tmp.dll
c:\windows\system32\mfc45.dll

.

((((((((((((((((((((((((( Files Created from 2009-07-10 to 2009-08-10 )))))))))))))))))))))))))))))))
.

2009-08-06 21:47 . 2009-08-06 21:47 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-08-05 19:33 . 2009-08-01 16:16 6256600 ---ha-w- c:\documents and settings\AOG\Application Data\mjusbsp\in00000\setup.exe
2009-08-05 19:33 . 2009-08-01 16:12 728600 ---ha-w- c:\documents and settings\AOG\Application Data\mjusbsp\ar00000\install.exe
2009-08-05 12:49 . 2009-08-05 12:49 153104 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-08-05 12:49 . 2009-08-05 12:49 -------- d-----w- c:\documents and settings\AOG\log
2009-08-04 11:54 . 2009-08-04 11:54 3942048 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-08-02 12:12 . 2009-08-01 16:16 6256600 ---ha-w- c:\documents and settings\AOG\Application Data\mjusbsp\Upgrade\setup2.exe
2009-08-02 12:12 . 2009-08-01 16:12 728600 ---ha-w- c:\documents and settings\AOG\Application Data\mjusbsp\Upgrade\install2.exe
2009-08-01 16:16 . 2009-08-01 16:16 95576 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\ug00000\magicJack.dll
2009-08-01 16:16 . 2009-08-01 16:16 6256600 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\ug00000\setup.exe
2009-08-01 16:16 . 2009-08-01 16:16 413304 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\magicJackLoader.exe
2009-08-01 16:16 . 2009-08-01 16:16 480608 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\octvqe1_apiw.dll
2009-08-01 16:16 . 2009-08-01 16:16 214360 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\TjVista.dll
2009-08-01 16:16 . 2009-08-01 16:16 325040 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\TjIpSys.dll
2009-08-01 16:16 . 2009-08-01 16:16 570736 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\SJHandsetMagicJack.dll
2009-08-01 16:15 . 2009-08-01 16:15 87384 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\st00000\mjsetup.exe
2009-08-01 16:15 . 2009-08-01 16:15 95576 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\st00000\magicJack.dll
2009-08-01 16:15 . 2009-08-01 16:15 95576 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\magicJack.dll
2009-08-01 16:13 . 2009-08-01 16:13 12231512 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\magicJack.exe
2009-08-01 16:12 . 2009-08-01 16:12 728600 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\ug00000\install.exe
2009-08-01 16:12 . 2009-08-01 16:12 87384 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\in00000\mjsetup.exe
2009-08-01 16:12 . 2009-08-01 16:12 95576 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\in00000\magicJack.dll
2009-08-01 16:11 . 2009-08-01 16:11 441704 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\ug00000\magicJackSplash.exe
2009-08-01 16:11 . 2009-08-01 16:11 441704 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\st00000\magicJackSplash.exe
2009-08-01 16:11 . 2009-08-01 16:11 441704 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\magicJackSplash.exe
2009-08-01 16:11 . 2009-08-01 16:11 441704 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\in00000\magicJackSplash.exe
2009-08-01 16:11 . 2009-08-01 16:11 50520 ----a-w- c:\documents and settings\AOG\Application Data\mjusbsp\cdloader2.exe
2009-07-27 13:40 . 2009-07-10 12:56 327688 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys
2009-07-27 13:40 . 2009-07-10 12:56 2301208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avguiadv.dll
2009-07-27 13:40 . 2009-07-10 12:56 3402008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2009-07-27 13:40 . 2009-07-10 12:56 1204504 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgabout.dll
2009-07-27 13:40 . 2009-07-10 12:56 1107224 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgssie.dll
2009-07-27 13:40 . 2009-07-10 12:56 3298072 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe
2009-07-27 13:40 . 2009-07-10 12:56 337176 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avglogx.dll
2009-07-27 13:40 . 2009-07-10 12:56 829208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcfgx.dll
2009-07-27 13:40 . 2009-07-10 12:56 2167576 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll
2009-07-27 13:40 . 2009-07-10 12:56 353048 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgxch32.dll
2009-07-27 13:39 . 2009-07-10 12:56 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2009-07-27 13:38 . 2009-07-10 12:56 1454360 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-07-11 13:09 . 2009-07-11 13:09 2052376 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-08 19:26 . 2008-04-27 15:28 518 ----a-w- c:\documents and settings\AOG\Application Data\iolo\Registry\Last\restore.bat
2009-08-06 22:08 . 2008-04-27 03:43 -------- d-----w- c:\documents and settings\All Users\Application Data\iolo
2009-08-06 21:57 . 2009-07-10 12:56 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-08-05 19:34 . 2009-03-06 22:41 -------- d-----w- c:\documents and settings\AOG\Application Data\mjusbsp
2009-08-04 23:41 . 2008-04-27 03:43 -------- d-----w- c:\documents and settings\AOG\Application Data\iolo
2009-08-04 23:33 . 2009-07-10 14:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-04 20:58 . 2009-01-24 15:56 518 ----a-w- c:\documents and settings\LocalService\Application Data\iolo\Registry\Last\restore.bat
2009-08-03 18:36 . 2009-07-10 14:01 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 18:36 . 2009-07-10 14:01 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-30 12:05 . 2008-04-27 15:28 1523 ----a-w- c:\documents and settings\AOG\Application Data\iolo\restore.bat
2009-07-16 08:45 . 2009-03-19 01:19 1119 ----a-w- c:\documents and settings\LocalService\Application Data\iolo\restore.bat
2009-07-10 14:01 . 2009-07-10 14:01 -------- d-----w- c:\documents and settings\AOG\Application Data\Malwarebytes
2009-07-10 14:01 . 2009-07-10 14:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-10 12:56 . 2009-07-10 12:56 -------- d-----w- c:\program files\AVG
2009-07-10 11:39 . 2009-07-10 11:39 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-10 11:39 . 2007-01-24 15:58 -------- d-----w- c:\program files\Java
2009-07-10 11:38 . 2009-07-10 11:38 152576 ----a-w- c:\documents and settings\AOG\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-07-08 01:31 . 2007-02-01 23:04 -------- d-----w- c:\documents and settings\AOG\Application Data\Image Zone Express
2009-06-26 16:50 . 2005-08-16 10:18 666624 ----a-w- c:\windows\system32\wininet.dll
2009-06-26 16:50 . 2005-08-16 10:18 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-06-16 14:36 . 2005-08-16 10:18 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2005-08-16 10:18 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-03 19:09 . 2005-08-16 10:18 1291264 ----a-w- c:\windows\system32\quartz.dll
2009-05-29 20:54 . 2008-04-27 04:32 940896 ----a-w- c:\windows\system32\Incinerator.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SystemGuardAlerter"="c:\program files\iolo\System Mechanic Professional\SystemGuardAlerter.exe" [2009-05-29 364896]
"iolo Personal Firewall"="c:\program files\iolo\System Mechanic Professional\Personal Firewall\ioloFW.exe" [2009-05-13 1322848]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverUpdaterPro

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\iolo\\System Mechanic Professional\\Personal Firewall\\ioloFW.exe"=
"c:\\Documents and Settings\\AOG\\Application Data\\mjusbsp\\magicJack.exe"=
"c:\\Program Files\\iolo\\System Mechanic Professional\\AntiVirus\\ioloAV.exe"=
"c:\\Program Files\\iolo\\System Mechanic Professional\\AntiVirus\\iAVEmailScanner.exe"=

R0 XPacket;iolo Personal Firewall Driver;c:\windows\system32\xpacket.sys [6/8/2008 5:28 PM 39424]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [4/26/2008 11:32 PM 600944]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [4/26/2008 11:32 PM 600944]
S3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [1/27/2007 8:33 PM 16384]
S3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\pelusblf.sys [1/27/2007 8:33 PM 12288]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv
.
Contents of the 'Scheduled Tasks' folder

2009-08-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.dell.com
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
LSP: c:\windows\system32\iavlsp.dll
LSP: c:\program files\iolo\Common\Firewall\iFW_Xfilter.dll
DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} - hxxp://supportcenter.rr.com/sdccommon/download/tgctlins.cab
DPF: {010123DF-5E80-11D8-9E86-0007E96C65AE} - hxxp://supportcenter.rr.com/sdccommon/download/sprtctlbr.cab
DPF: {010136FD-5E80-11D8-9E86-0007E96C65AE} - hxxp://supportcenter.rr.com/sdccommon/download/sprtctlwmi.cab
DPF: {01117B00-3E00-11D2-8470-0060089874ED} - hxxp://supportcenter.rr.com/sdccommon/download/tgctlss.cab
DPF: {01119400-3E00-11D2-8470-0060089874ED} - hxxp://supportcenter.rr.com/sdccommon/download/sprtctlln.cab
FF - ProfilePath - c:\documents and settings\AOG\Application Data\Mozilla\Firefox\Profiles\qzgtcly0.default\
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-09 20:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(780)
c:\windows\system32\iavlsp.dll
c:\program files\iolo\Common\Firewall\iFW_Xfilter.dll
.
Completion time: 2009-08-10 20:46
ComboFix-quarantined-files.txt 2009-08-10 01:46

Pre-Run: 222,749,523,968 bytes free
Post-Run: 222,705,733,632 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

540 --- E O F --- 2009-08-04 23:39

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?

seems to be running ok. can you tell me what the problem was?

Not sure what it was myself, there was never any malicious run value for anything, just some leftover files.