Unfortunately you still have some buggers in there. These:
O1 - Hosts: 69.20.16.183 ieautosearch
O2 - BHO: (no name) - {681B6B9C-63FA-284D-8339-68198DA1BF14} - (no file)
O2 - BHO: (no name) - {FAC62D88-4B3D-4F4F-1EC0-0946918A1E78} - (no file)
O2 - BHO: (no name) - {FF9C88EF-281A-F804-DEB6-B91196968E7A} - (no file)
O10 - Unknown file in Winsock LSP: c:\windows\system32\dolsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\dolsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\dolsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\dolsp.dll
O15 - Trusted Zone: *.finefind.nettraffic2cash.biz
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O15 - Trusted IP range: (HKLM)
This one isn't bad but it won't hurt to get rid of it, might help the system:
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Then if you don't use the cisco VPN, rid yourself of those two entries also.
If you've done everything in that thread and it keeps coming back, it's not these HJT entries, they will come back too. You still have to track down the startup or shared DLL that is causing the issue.
Run your scans again and pay particular attention to the file names of what they are, especially the DLL files, write them down.
Then you'll have to clean it in Safe Mode.
Clean with HJT in Safe Mode as well.
Then search your whole registry for any instances of any DLLs found and remove those keys.
Particularly in these two locations (I assume you already check standard startup locations)
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs
&
HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify
If there are any DLLs in the SharedDLLs key that are stored in any "Temp" folder, or have the same name as your infected files, delete them.
In the Notify key, click on each subkey one at a time and notice in the right pane the "DLLName" Value. If it's a bad one, kill the whole key on the left pane.
For example you might have a key called "cscdll" and the right DLLName is "cscdll.dll". That is a good one. But if it wasn't, delete the whole cscdll key on the left. If will be pretty easy to spot a bad key.
Okay then. After all that jazz, do these extra things:
While in Safe Mode still, scan with everything you got again until it's clean.
Then go into C:\Windows\System32\Drivers\etc and just delete all the files in there.
Then go into Internet Explorer properties and under the security tab click on the "Trusted Sites" icon then click the "Sites" button. Removed any entries in the list that are bad ones. Or just remove EVERY entry.
Then click back on the "General" tab and put the home page in that you want. Click OK and exit settings.
Now I would suggest running BHO Captor and remove any entries except ones pointing to your Antivirus. And perhaps Adobe. (I'm not sure if BHO Captor is in the other thread or not). Also don't remove Spybots IE Helper if it's in there. Otherwise remove everything.
Now go into your Spybot and make sure your system is immunized. Also change to "Advanced" mode. On the bottom left click "Tools" then "resident". Put a check in both the tools.
Then click "IE Tweaks" and put a check on all three boxes.
And also just for fun click on "System Startup" and make sure that's clean.
Keep in mind that this stuff, I think, is only good for the currently logged in user. Some of it isn't though, such as the registry keys mentioned earlier. But you WILL have to log out and back in to EVERY user listed (in Safe Mode), to scan and clean each account. Otherwise an infected user could mess things up again. It's best to go through each account in Safe Mode and clean them all.
Lastly, after removing the LSP entries in HJT, you will want to run LSP fix again. When it asks to restart, go ahead and do it. Let it go back into Normal Mode. And hopefully your nightmares will be gone.
This post could go on forever but I might mention some more stuff. You should turn OFF system restore. Also go into C:\Windows\ and remove any files beginning with "wininit" EXCEPT for "wininit.exe" and "wininit.ini" I believe. For example delete ones like wininit.bak and wininit.txt. Note you may not even have these files at all.
Go into C:\Windows\ and delete all files in the "Prefetch" folder.
If your problem child still appears, it is certainly still in startup, somewhere in the registry for sure. And hopefully Spybot's Tea Timer will tell you when junk is trying to get in. Once you think you've got it pretty clean and virus free. Do ALL your updates and patches etc. Then download and use Firefox from
www.mozilla.org. That will solve a lot of issues
Well that's enough for now I suppose, have fun!