Hi, I was searching for help in some virus matters and I run across this website and so here I am asking some questions. Someone already had asked the same question but never followed up.
I am wondering if anyone can help me out here. I have done some stuff that was recommended as follows:
Posted by CHIAZ (security analyst) -

Hello.

Please download Malwarebytes' Anti-Malware by clicking the link below:
Malwarebytes Anti-Malware - Reviews and free Malwarebytes Anti-Malware downloads at Download.com

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* You'll be required to post the contents of this log later.

Please Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Next let's have you download ComboFix.exe. Please visit this webpage for downloading and instructions for running the tool:

Go here ======> A guide and tutorial on using ComboFix<====== Go here

Please ensure you read this guide carefully and install the Recovery Console first.This applies to XP Pro and XP Home users only.If you have SP3 installed you will need to use SP2

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should get a prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:

(1) Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
(2) Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review (copy and paste them, not attach), so that we may continue cleansing the system:

MBAM log
C:\ComboFix.txt


Caution: Never run and remove files with Combofix unless supervised by a qualified security analyst who is experienced in the use of Combofix. Misuse can cause serious computer problems.

-------------------------------------------------------------
So, I have done whatever is said above and am looking for someone to review the .txt file given out by combofix and help me out with further instruction. PLEASE!!!!!!

combofix txt file:

ComboFix 09-11-07.02 - ABHI 11/07/2009 11:39.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.212 [GMT 0:00]
Running from: c:\documents and settings\ABHI\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-1482476501-573735546-725345543-1003
c:\recycler\S-1-5-21-1482476501-573735546-725345543-500
c:\windows\system32\Penx.dat
c:\windows\system32\Xpen.dat

.
((((((((((((((((((((((((( Files Created from 2009-10-07 to 2009-11-07 )))))))))))))))))))))))))))))))
.

2009-11-07 11:07 . 2009-11-07 11:07 -------- d-----w- c:\documents and settings\ABHI\Application Data\Malwarebytes
2009-11-07 11:06 . 2009-09-10 14:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-07 11:06 . 2009-11-07 11:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-11-07 11:06 . 2009-09-10 14:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-07 11:06 . 2009-11-07 11:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-18 08:27 . 2009-10-18 08:27 578560 ----a-w- c:\windows\system32\dllcache\user32.dll
2009-10-18 08:26 . 2009-10-18 08:26 -------- d-----w- c:\windows\ERUNT
2009-10-18 08:19 . 2008-11-06 01:03 -------- d-----w- C:\SDFix
2009-10-15 20:47 . 2009-10-17 08:51 -------- d-----w- c:\documents and settings\ABHI\Local Settings\Application Data\Google
2009-10-08 23:03 . 2007-03-19 13:00 80896 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP210 series Printer\LanguageModules\0411\CNMlr8S.dll
2009-10-08 23:03 . 2007-03-19 13:00 76288 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP210 series Printer\LanguageModules\0409\CNMsr8S.dll
2009-10-08 23:03 . 2007-03-19 13:00 43520 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP210 series Printer\LanguageModules\0411\CNMsr8S.dll
2009-10-08 23:03 . 2007-03-19 13:00 361472 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP210 series Printer\LanguageModules\0409\CNMur8S.dll
2009-10-08 23:03 . 2007-03-19 13:00 265728 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP210 series Printer\LanguageModules\0411\CNMur8S.dll
2009-10-08 23:03 . 2007-03-19 13:00 145408 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP210 series Printer\LanguageModules\0409\CNMlr8S.dll
2009-10-08 23:02 . 2009-10-08 23:02 -------- d--h--w- c:\documents and settings\All Users.WINDOWS\Application Data\CanonBJ
2009-10-08 23:02 . 2007-03-19 13:00 215040 ----a-w- c:\windows\system32\CNMLM8S.DLL
2009-10-08 13:31 . 2009-10-08 13:33 -------- d-----w- c:\windows\system32\NtmsData

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-11-07 10:38 . 2008-01-16 05:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-07 10:37 . 2009-07-24 14:32 20 ---h--w- c:\documents and settings\All Users.WINDOWS\Application Data\PKP_DLbx.DAT
2009-10-30 21:50 . 2009-09-12 16:51 -------- d-----w- c:\documents and settings\ABHI\Application Data\vlc
2009-10-28 19:42 . 2008-02-23 03:36 -------- d-----w- c:\program files\SopCast
2009-10-26 15:11 . 2009-01-30 10:12 -------- d-----w- c:\program files\Guitar Scales Method
2009-10-14 15:42 . 2009-09-12 16:51 -------- d-----w- c:\documents and settings\ABHI\Application Data\dvdcss
2009-10-14 15:15 . 2008-02-02 02:45 -------- d-----w- c:\program files\Google
2009-10-14 10:28 . 2009-01-29 19:47 -------- d-----w- c:\documents and settings\ABHI\Application Data\IObit
2009-10-14 10:14 . 2009-01-29 19:47 -------- d-----w- c:\program files\IObit
2009-10-03 11:12 . 2008-01-17 00:19 -------- d-----w- c:\program files\Java
2009-10-03 11:12 . 2009-10-03 11:12 152576 ----a-w- c:\documents and settings\ABHI\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-10-03 11:02 . 2009-09-30 19:41 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-30 19:41 . 2009-07-24 14:32 17576 ----a-w- c:\documents and settings\ABHI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-30 19:40 . 2008-02-18 03:14 -------- d-----w- c:\program files\Windows Live
2009-09-30 19:39 . 2009-09-30 19:39 -------- d-----w- c:\program files\Microsoft
2009-09-30 19:39 . 2009-09-30 19:39 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-30 19:35 . 2009-09-30 19:35 -------- d-----w- c:\program files\Common Files\Windows Live
2009-09-11 14:18 . 2006-10-01 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 11:02 . 2009-09-11 11:02 152576 ----a-w- c:\documents and settings\ABHI\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-09-10 23:38 . 2008-03-03 22:30 -------- d-----w- c:\program files\MSECache
2009-09-04 21:03 . 2006-10-01 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2006-10-01 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2006-10-01 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2006-10-01 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:00 . 2006-10-01 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"LxrAutorun"="c:\documents and settings\ABHI\Local Settings\Application Data\Lexar Media\LxrAutorun.exe" [2007-03-07 24576]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-06-30 2329224]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2009-02-19 202064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-08-14 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-08-14 114688]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2006-08-14 94208]
"Lexmark 2200 Series"="c:\program files\Lexmark 2200 Series\lxbvbmgr.exe" [2004-02-13 57344]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SmartDefrag"="c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [2009-07-02 2453264]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssflt r_tdi.sys [9/30/2009 7:40 PM 54752]
R2 LxrSII1d;Secure II Driver;c:\windows\system32\drivers\LxrSII1d.sys [8/12/2009 7:19 PM 72672]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [8/5/2009 9:48 PM 704864]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MBR
*NewlyCreated* - PROCEXP113
*Deregistered* - mbr
*Deregistered* - PROCEXP113
.
Contents of the 'Scheduled Tasks' folder

2009-11-01 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-02-22 08:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
FF - ProfilePath - c:\documents and settings\ABHI\Application Data\Mozilla\Firefox\Profiles\3rdr5kzw.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-11-07 11:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2009-11-07 11:44
ComboFix-quarantined-files.txt 2009-11-07 11:44

Pre-Run: 51,016,482,816 bytes free
Post-Run: 51,150,323,712 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Micro soft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 58DFF68FE59C6B4F39F957E689075B81

Thanks for posting your logs.
One of the security team will be along soon to take a look and advise you of your next course of action.

Thanks for your patience.

k thank you. Any help is highly appreciated.
NOTE: I am looking at the task manager and dc.exe and fun.exe are no longer there after performing a run through malware bytes anti-malware and restarting. There may still be something hidden so am waiting for someone to help me out a maybe eliminate all the junk.

Your log looks fine now.Some malware was removed and I see no further problems.

This will clear away any of the files and folders that were created by ComboFix.
Go to :
Start > Run then copy and paste the following highlighted (blue) text below into the box and click OK.

ComboFix /u

Please read these for future reference it may save you future problems with malware:

http://www.pchelpforum.com/fixed-hij...afterwork.html
http://www.pchelpforum.com/fixed-hij...happening.html
http://www.pchelpforum.com/fixed-hij...-infected.html

AWESOME!!! Totally Awesome! I have been trying to clean this up for the last 2 months...finally.
Thank you so much for your help. will certainly be back if anything else happens.

Ok.No problem.