[DP21]

Hi, I got infected with winantivirus, bravesentry, and others. Everytime I think I got rid of them, one comes back. I've downloaded multiple programs such as AVG, Hijackthis, Combofix, CC Cleaner, and Killbox. Nothing seems to be removing them permanently and my background desktop is still blue. Windows also asks me to logon as a user now when previously I didn't have it set up that way. I am pasting my recent combfix and HijackThis logfiles. I'd greatly appreciate instructions on how to proceed.
Thank you.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:39:35 PM, on 8/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\1142387715\ee\aolsoftware.exe
c:\program files\common files\aol\1142387715\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1142387715\ee\aolsoftware.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: 0 - {DC086D56-4175-41FB-6CBE-A521BB7DBE76} - C:\Program Files\MSN\xukafon.dll (file missing)
O2 - BHO: (no name) - {EE4DE96A-D34B-4E97-AD8D-53EE52323A34} - C:\Program Files\ComPlus Applications\texol83122.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

--
End of file - 3934 bytes


Combofix log:

ComboFix 07-08-04.3 - "Debra Penfield" 2007-08-05 17:47:52.1 [GMT -5:00] - NTFS
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.True
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\ALLUSE~1\APPLIC~1.\salesmonitor
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\ProductCode
C:\DOCUME~1\DEBRAP~1\APPLIC~1.\winantispyware 2007
C:\DOCUME~1\DEBRAP~1\APPLIC~1.\winantispyware 2007 free
C:\DOCUME~1\DEBRAP~1\APPLIC~1.\winantispyware 2007 free\DownloadUWAS7.url
C:\DOCUME~1\DEBRAP~1\APPLIC~1.\winantispyware 2007\Logs\update.log
C:\DOCUME~1\DEBRAP~1\APPLIC~1\.rdr.ini
C:\DOCUME~1\LOCALS~1\APPLIC~1\install.dat
C:\DOCUME~1\NETWOR~1\APPLIC~1\.rdr.ini
C:\DOCUME~1\NETWOR~1\APPLIC~1\install.dat
C:\Documents and Settings\All Users.\documents\settings
C:\Documents and Settings\All Users.\documents\settings\bot.dll
C:\Documents and Settings\All Users.\documents\settings\desktop.ini
C:\Program Files\Common Files\winantispyware 2007
C:\Program Files\Common Files\winantispyware 2007\err.log
C:\Program Files\inetget2
C:\Program Files\sstem3~1
C:\tempc2
C:\tempc2\tmpFF.log
C:\temp\brr
C:\temp\brr\tmpZTF.log
C:\WINDOWS\b103.exe
C:\WINDOWS\csrss.exe
C:\WINDOWS\retadpu1000106.exe
C:\WINDOWS\retadpu572.exe
C:\WINDOWS\system32\awloybpt.exe
C:\WINDOWS\system32\b02FdUe
C:\WINDOWS\system32\b06FdUe
C:\WINDOWS\system32\byvxnqtk.exe
C:\WINDOWS\system32\byxussp.dll
C:\WINDOWS\system32\config\systemprofile\application data\.rdr.ini
C:\WINDOWS\system32\dllh8jkd1q1.exe
C:\WINDOWS\system32\dllh8jkd1q2.exe
C:\WINDOWS\system32\dllh8jkd1q5.exe
C:\WINDOWS\system32\dllh8jkd1q6.exe
C:\WINDOWS\system32\dllh8jkd1q7.exe
C:\WINDOWS\system32\dllh8jkd1q8.exe
C:\WINDOWS\system32\dmnpgixg.dll
C:\WINDOWS\system32\driver
C:\WINDOWS\system32\driver\w717.exe
C:\WINDOWS\system32\drivers\fopn.sys
C:\WINDOWS\system32\F2
C:\WINDOWS\system32\F3
C:\WINDOWS\system32\G1
C:\WINDOWS\system32\G11
C:\WINDOWS\system32\G3
C:\WINDOWS\system32\G3\wr725.exe
C:\WINDOWS\system32\G7
C:\WINDOWS\system32\icroso~1
C:\WINDOWS\system32\iifffcb.dll
C:\WINDOWS\system32\iifgecy.dll
C:\WINDOWS\system32\ijeclcvw.exe
C:\WINDOWS\system32\kernelwind32.exe
C:\WINDOWS\system32\ldinfo.ldr
C:\WINDOWS\system32\msnav32.ax
C:\WINDOWS\SYSTEM32\nqstv.bak1
C:\WINDOWS\SYSTEM32\nqstv.bak2
C:\WINDOWS\SYSTEM32\nqstv.ini
C:\WINDOWS\system32\ophygaqy.exe
C:\WINDOWS\system32\opnkjjh.dll
C:\WINDOWS\system32\pqnahawl.dll
C:\WINDOWS\system32\tsuninst.exe
C:\WINDOWS\system32\tuvspml.dll
C:\WINDOWS\system32\urqrsts.dll
C:\WINDOWS\system32\vedxg4am1et2.exe
C:\WINDOWS\system32\vedxg6ame4.exe
C:\WINDOWS\system32\vedxga3me2.exe
C:\WINDOWS\system32\vedxga4m1et4.exe
C:\WINDOWS\system32\vedxga4me1.exe
C:\WINDOWS\system32\vedxga8me6.exe
C:\WINDOWS\system32\version69ie7fix.dll
C:\WINDOWS\system32\vtsqn.dll
C:\WINDOWS\system32\vx.tll
C:\WINDOWS\system32\vxltfjfg.exe
C:\WINDOWS\system32\win
C:\WINDOWS\system32\winpfz32.sys
C:\WINDOWS\wr.txt


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_ASC3550U
-------\LEGACY_FOPN
-------\LEGACY_NET_AGENT
-------\ApiMon
-------\asc3550u
-------\fopn
-------\Net Agent


((((((((((((((((((((((((( Files Created from 2007-07-05 to 2007-08-05 )))))))))))))))))))))))))))))))


2007-08-05 17:45 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-04 20:29 125,504 --a------ C:\WINDOWS\SYSTEM32\fusufuai.dll
2007-08-04 12:00 56,912 --a------ C:\DOCUME~1\DEBRAP~1\g2mdlhlpx.exe
2007-08-04 08:37 <DIR> d-------- C:\Program Files\Trend Micro
2007-08-04 08:35 812,344 --a------ C:\Program Files\HJTInstall.exe
2007-08-04 08:19 486,352 -r-hs---- C:\WINDOWS\dmoeixxA.exe
2007-08-04 08:19 <DIR> d-------- C:\WINDOWS\SYSTEM32\f02WtR
2007-08-04 08:19 <DIR> d-------- C:\WINDOWS\SYSTEM32\configs
2007-08-04 08:19 <DIR> d-------- C:\Temp\1cb
2007-08-04 08:18 <DIR> d-------- C:\Temp\fse
2007-08-03 18:42 664 --a------ C:\WINDOWS\SYSTEM32\d3d9caps.dat
2007-08-03 00:26 169,147 --a------ C:\WINDOWS\TTC-4444.exe
2007-07-31 22:48 125,504 --a------ C:\WINDOWS\SYSTEM32\asixpqxp.dll
2007-07-30 23:36 <DIR> d-------- C:\Program Files\CCleaner
2007-07-30 22:53 10,872 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgAsCln.sys
2007-07-30 22:53 <DIR> d-------- C:\!KillBox
2007-07-30 22:34 70,312 --a------ C:\Program Files\codec_setup.exe
2007-07-29 23:05 1,732,068 --ahs---- C:\WINDOWS\SYSTEM32\kmllm.bak2
2007-07-29 21:48 1,060,864 --a------ C:\WINDOWS\SYSTEM32\mfc71.dll
2007-07-29 21:42 6,466 --ahs---- C:\WINDOWS\SYSTEM32\kmllm.bak1
2007-07-29 21:41 228,960 --a------ C:\WINDOWS\SYSTEM32\mllmk.dll.vir
2007-07-29 21:36 226,352 -r-hs---- C:\WINDOWS\wvlfcctA.exe
2007-07-29 21:35 31,254 --a------ C:\WINDOWS\SYSTEM32\urqonon.dll.vir
2007-07-28 13:38 5,632 --a------ C:\WINDOWS\SYSTEM32\ptpusb.dll
2007-07-28 13:38 159,232 --a------ C:\WINDOWS\SYSTEM32\ptpusd.dll
2007-07-28 13:38 15,104 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\usbscan.sys
2007-07-28 13:38 15,104 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\usbscan.sys
2007-07-22 16:12 <DIR> d-------- C:\Program Files\Citrix
2007-07-06 14:40 192,512 --a------ C:\WINDOWS\g4356cbvy63.exe


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-05 12:00 --------- d-------- C:\Program Files\America Online 9.0
2007-08-05 08:56 --------- d-------- C:\DOCUME~1\DEBRAP~1\APPLIC~1\U3
2007-08-03 20:51 --------- d-------- C:\Program Files\Hijack This
2007-07-30 06:03 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-30 06:03 --------- d-------- C:\Program Files\Viewpoint
2007-07-30 06:03 --------- d-------- C:\Program Files\SealedMedia
2007-07-28 13:40 284 --a------ C:\DOCUME~1\DEBRAP~1\APPLIC~1\ViewerApp.dat
2007-06-25 08:54 53248 --a------ C:\WINDOWS\uni_eh44.exe
2007-06-25 08:53 53248 --a------ C:\WINDOWS\uninst1014.exe
2007-06-07 18:30 --------- d-------- C:\Program Files\AIM6
2007-05-16 10:12 86528 --------- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 10:12 85504 --------- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 10:12 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 10:12 683520 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 10:12 510976 --------- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 10:12 1314816 --------- C:\WINDOWS\system32\dllcache\msoe.dll
2007-05-08 04:24 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
2004-12-22 21:00 47688 --a------ C:\DOCUME~1\DEBRAP~1\APPLIC~1\GDIPFONTCACHEV1.DAT
2004-08-09 22:49 1772 --a------ C:\Program Files\Install Jukebox.lnk
2004-06-18 21:46 4185744 --a------ C:\Program Files\Install_AIM.exe
2004-06-18 21:10 2150574 --a------ C:\Program Files\aaw6181.exe
2004-06-18 20:56 4354084 --a------ C:\Program Files\spybotsd13.exe
2004-06-04 16:19 16706160 --a------ C:\Program Files\AdbeRdr60_enu_full.exe
2004-03-20 23:32 19979192 --a------ C:\Program Files\iTunesSetup.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DC086D56-4175-41FB-6CBE-A521BB7DBE76}]
C:\Program Files\MSN\xukafon.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE4DE96A-D34B-4E97-AD8D-53EE52323A34}]
C:\Program Files\ComPlus Applications\texol83122.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2003-08-26 20:47]
"MMTray"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2004-07-01 12:15]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2004-06-18 19:07]
"mmtask"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [2004-07-01 12:15]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-04-27 11:25]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sonic RecordNow!"="" []
"AOL Fast Start"="C:\Program Files\America Online 9.0\AOL.exe" [2005-07-12 00:17]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-23 16:30]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56]

C:\Documents and Settings\Debra Penfield\Start Menu\Programs\Startup\
DESKTOP.INI [2002-09-03 10:00:00]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [2002-09-03 10:00:00]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoColorChoice"=0 (0x0)
"NoSizeChoice"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"NoDispCPL"=0 (0x0)
"NoVisualStyleChoice"=0 (0x0)
"NoDispSettingsPage"=0 (0x0)
"NoDispAppearancePage"=0 (0x0)
"NoDispBackgroundPage"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=
"NoActiveDesktopChanges"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSaveSettings"=0 (0x0)
"NoThemesTab"=0 (0x0)

R1 cdrbsvsd;cdrbsvsd;C:\WINDOWS\system32\drivers\cdrbsvsd.sys
R1 sscdbhk5;sscdbhk5;C:\WINDOWS\system32\drivers\sscdbhk5.sys
R1 ssrtln;ssrtln;C:\WINDOWS\system32\drivers\ssrtln.sys
R2 ASCTRM;ASCTRM;C:\WINDOWS\system32\drivers\ASCTRM.sys
R2 tfsnpool;tfsnpool;C:\WINDOWS\system32\dla\tfsnpool.sys
R3 BCMModem;BCM V.92 56K Modem;C:\WINDOWS\system32\DRIVERS\BCMSM.sys
R3 MxlW2k;MxlW2k;C:\WINDOWS\system32\drivers\MxlW2k.sys
R3 P16X;Creative SB Live! Series (WDM);C:\WINDOWS\system32\drivers\P16X.sys
R3 UsbCmxp;Scientific Atlanta WebSTAR 2000 series Cable Modem;C:\WINDOWS\system32\DRIVERS\sacmxp2.sys
R3 wanatw;WAN Miniport (ATW);C:\WINDOWS\system32\DRIVERS\wanatw4.sys
S3 DCamUSBSQTECH;Dual-Mode DSC(2770);C:\WINDOWS\system32\Drivers\SQcaptur.sys
S3 iAimFP0;iAimFP0;C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
S3 iAimFP1;iAimFP1;C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
S3 iAimFP2;iAimFP2;C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
S3 iAimFP3;iAimFP3;C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
S3 iAimFP4;iAimFP4;C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
S3 iAimTV0;iAimTV0;C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
S3 iAimTV1;iAimTV1;C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
S3 iAimTV2;iAimTV2;C:\WINDOWS\system32\DRIVERS\wATV03nt.sys
S3 iAimTV3;iAimTV3;C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
S3 iAimTV4;iAimTV4;C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys

*Newly Created Service* - ATWPKT2

Contents of the 'Scheduled Tasks' folder
2007-07-25 16:27:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-05 18:04:51
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ATWPKT2]
"ImagePath"="\??\C:\WINDOWS\system32\drivers\ATWPKT2.SYS"

Completion time: 2007-08-05 18:07:50 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-05 18:07

--- E O F ---