rundll32.exe is running all the time (HJT log included)

What do you mean by "running"? It's always present in Task Manager.

Your HJT log is fine so far as I can tell. Makes a change.

Also, your HiJackThis log appears to be missing some entries, such as the Ro, R1, R2.. and several others. What I want to know is did you remove these yourself because of privacy issues(and if so please give the full log, you can cesor what you want private but dont remove the whole thing) or did those entries never show up in the first place?

.... and don't forget the running processes at the topof the CPU usage list.

.... and don't forget the running processes at the topof the CPU usage list.

Yeah and that too. :)

That is the full HJT log unless there are options I need to change.

Also, by "running" I mean is always present in task manager under my name and not under system.

This is a fairly fresh install of windows so maybe that is why the HJT log is short.

Ok do this then. Change the name of HiJackThis.exe to something random. It can be anything you want, but just change it and run hjt again. After you run the scan with hjt with a changed name post it here.

Rename HijackThis to something else and run it again.

Rename HijackThis to something else and run it again.

lol I said it first. :P Look at my last post.

Renamed to HJT and ran

The bold line is what is bothering me.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:05:13 PM, on 11/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
[B]C:\WINDOWS\system32\RUNDLL32.EXE[/B]
C:\Documents and Settings\All Users\Start Menu\Programs\System Cleaning\HiJackThis\HJT.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [RivaTuner] "C:\Program Files\RivaTuner v2.06\RivaTuner.exe" /T
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Pidgin] C:\Program Files\Pidgin\pidgin.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1194481958906
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194481951187
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe

--
End of file - 3336 bytes

Still looks like an imcomplete log, but lets try this now instead.

Please download Combofix.exe from here to your desktop. Double click it to run and and when prompted type 1 and enter. Now DO NOT touch the mouse or keyboard until the scan is done completely. It should finish shortly after it restarts the computer. After its done it will open up notepad, copy and paste the contents here in your next post.

post the combofix log in your next post.

ComboFix 07-11-19.3 - Grizz 2007-11-22 12:44:42.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.2991 [GMT -8:00]
Running from: C:\Documents and Settings\Grizz\Desktop\ComboFix.exe
 * Created a new restore point
.

(((((((((((((((((((((((((   Files Created from 2007-10-22 to 2007-11-22  )))))))))))))))))))))))))))))))
.

2007-11-21 17:15	<DIR>	d--------	C:\WINDOWS\ShellNew
2007-11-21 17:15	<DIR>	d--------	C:\Program Files\Microsoft ActiveSync
2007-11-21 17:09	<DIR>	d--------	C:\Program Files\Common Files\Adobe Systems Shared
2007-11-21 17:09	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Adobe Systems
2007-11-21 16:25	<DIR>	d--------	C:\Documents and Settings\Grizz\WINDOWS
2007-11-21 16:25	299,008	--a------	C:\WINDOWS\uninst.exe
2007-11-21 16:25	6,272	--a------	C:\WINDOWS\system32\drivers\ASLM75.SYS
2007-11-21 14:41	<DIR>	d--------	C:\Documents and Settings\Grizz\Application Data\Grisoft
2007-11-21 14:41	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-21 14:41	10,872	--a------	C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-21 14:24	<DIR>	d--h-----	C:\WINDOWS\system32\GroupPolicy
2007-11-21 14:09	<DIR>	d--------	C:\Program Files\Analog Devices
2007-11-21 14:09	293,888	-ra------	C:\WINDOWS\system32\drivers\ADIHdAud.sys
2007-11-21 14:09	49,152	---------	C:\WINDOWS\system32\DSndUp.exe
2007-11-21 14:09	45,056	---------	C:\WINDOWS\system32\CleanUp.exe
2007-11-17 16:50	<DIR>	d--------	C:\Documents and Settings\Grizz\Application Data\vlc
2007-11-17 16:49	<DIR>	d--------	C:\Program Files\VideoLAN
2007-11-17 16:39	<DIR>	d--------	C:\Documents and Settings\Grizz\Application Data\DivX
2007-11-17 16:38	<DIR>	d--------	C:\Program Files\DivX
2007-11-15 21:25	<DIR>	d--------	C:\WINDOWS\system32\URTTemp
2007-11-15 21:25	<DIR>	d--------	C:\Program Files\GameSpy
2007-11-13 22:58	<DIR>	d--------	C:\Program Files\Common Files\Blizzard Entertainment
2007-11-13 02:19	356,352	--a------	C:\WINDOWS\system32\nvudisp.exe
2007-11-13 02:19	17,737	--a------	C:\WINDOWS\system32\nvdisp.nvu
2007-11-13 02:18	<DIR>	d--------	C:\NVIDIA
2007-11-13 02:18	356,352	--a------	C:\WINDOWS\system32\NVUNINST.EXE
2007-11-13 01:41	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-13 00:35	<DIR>	d--------	C:\WINDOWS\nview
2007-11-12 08:15	22,328	--a------	C:\Documents and Settings\Grizz\Application Data\PnkBstrK.sys
2007-11-12 06:51	7,433,504	--a------	C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-11-12 06:51	6,537,216	--a------	C:\WINDOWS\system32\nvdisps.dll
2007-11-12 06:51	3,698,688	--a------	C:\WINDOWS\system32\nvvitvs.dll
2007-11-12 06:51	2,486,272	--a------	C:\WINDOWS\system32\nvwss.dll
2007-11-12 06:51	1,703,936	--a------	C:\WINDOWS\system32\nvwdmcpl.dll
2007-11-12 06:51	1,626,112	--a------	C:\WINDOWS\system32\nwiz.exe
2007-11-12 06:51	1,019,904	--a------	C:\WINDOWS\system32\nvwimg.dll
2007-11-12 06:51	425,984	--a------	C:\WINDOWS\system32\keystone.exe
2007-11-12 06:51	81,920	--a------	C:\WINDOWS\system32\nvwddi.dll
2007-11-11 08:11	<DIR>	d--------	C:\Program Files\Real
2007-11-11 08:11	<DIR>	d--------	C:\Program Files\Common Files\xing shared
2007-11-11 08:11	<DIR>	d--------	C:\Program Files\Common Files\Real
2007-11-11 08:11	499,712	--a------	C:\WINDOWS\system32\msvcp71.dll
2007-11-11 08:11	348,160	--a------	C:\WINDOWS\system32\msvcr71.dll
2007-11-11 00:13	<DIR>	d--------	C:\Program Files\World of Warcraft
2007-11-11 00:10	<DIR>	d--------	C:\Program Files\DVD Decrypter
2007-11-10 11:56	<DIR>	d--------	C:\Program Files\Lavasoft
2007-11-10 11:56	<DIR>	d--------	C:\Program Files\Common Files\Wise Installation Wizard
2007-11-10 11:56	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-10 11:54	<DIR>	d--------	C:\Program Files\Driver Cleaner Pro
2007-11-10 11:52	<DIR>	d--------	C:\Program Files\CCleaner
2007-11-09 18:30	<DIR>	d--------	C:\Documents and Settings\Grizz\Application Data\Bioshock
2007-11-09 17:48	<DIR>	d--------	C:\Program Files\Flagship Studios
2007-11-09 17:45	18,280	--a------	C:\WINDOWS\system32\x3daudio1_2.dll
2007-11-09 17:34	<DIR>	d--------	C:\Program Files\2K Games
2007-11-09 02:35	<DIR>	d--------	C:\Program Files\QuickTime
2007-11-09 02:35	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-09 02:34	<DIR>	d--------	C:\Program Files\Apple Software Update
2007-11-09 02:34	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Apple
2007-11-08 22:59	<DIR>	d--------	C:\Documents and Settings\Grizz\Application Data\Azureus
2007-11-08 22:59	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Azureus
2007-11-08 22:58	<DIR>	d--------	C:\Program Files\Azureus
2007-11-08 22:36	262,144	--a------	C:\WINDOWS\system32\wrap_oal.dll
2007-11-08 22:36	86,016	--a------	C:\WINDOWS\system32\OpenAL32.dll
2007-11-08 22:34	<DIR>	d--------	C:\Program Files\THQ
2007-11-08 21:17	<DIR>	d--------	C:\Program Files\ATITool
2007-11-08 19:58	3,727,720	--a------	C:\WINDOWS\system32\d3dx9_35.dll
2007-11-08 19:58	3,497,832	--a------	C:\WINDOWS\system32\d3dx9_34.dll
2007-11-08 19:58	1,358,192	--a------	C:\WINDOWS\system32\D3DCompiler_35.dll
2007-11-08 19:58	1,124,720	--a------	C:\WINDOWS\system32\D3DCompiler_34.dll
2007-11-08 19:58	444,776	--a------	C:\WINDOWS\system32\d3dx10_35.dll
2007-11-08 19:58	443,752	--a------	C:\WINDOWS\system32\d3dx10_34.dll
2007-11-08 19:56	<DIR>	d--------	C:\Program Files\Electronic Arts
2007-11-08 19:49	81,768	--a------	C:\WINDOWS\system32\xinput1_3.dll
2007-11-08 19:48	3,426,072	--a------	C:\WINDOWS\system32\d3dx9_32.dll
2007-11-08 19:48	2,414,360	--a------	C:\WINDOWS\system32\d3dx9_31.dll
2007-11-08 19:48	2,297,552	--a------	C:\WINDOWS\system32\d3dx9_26.dll
2007-11-08 19:48	15,128	--a------	C:\WINDOWS\system32\x3daudio1_1.dll
2007-11-08 19:16	<DIR>	dr-h-----	C:\Documents and Settings\Grizz\Application Data\SecuROM
2007-11-08 19:16	107,888	--a------	C:\WINDOWS\system32\CmdLineExt.dll
2007-11-08 18:37	<DIR>	d--------	C:\Program Files\RivaTuner v2.06
2007-11-08 18:25	3,495,784	--a------	C:\WINDOWS\system32\d3dx9_33.dll
2007-11-08 18:25	1,123,696	--a------	C:\WINDOWS\system32\D3DCompiler_33.dll
2007-11-08 18:25	443,752	--a------	C:\WINDOWS\system32\d3dx10_33.dll
2007-11-08 18:24	<DIR>	d--hs----	C:\WINDOWS\ftpcache
2007-11-08 18:20	<DIR>	d--------	C:\Program Files\Steam
2007-11-08 18:11	<DIR>	d--------	C:\WINDOWS\system32\LogFiles
2007-11-07 17:07	13,646	--a------	C:\WINDOWS\system32\wpa.bak
2007-11-07 17:05	<DIR>	d--------	C:\WINDOWS\system32\windows media
2007-11-07 17:05	<DIR>	d--h-----	C:\WINDOWS\msdownld.tmp
2007-11-07 17:05	<DIR>	d--------	C:\Program Files\Windows Media Components
2007-11-07 17:00	<DIR>	d--------	C:\WINDOWS\provisioning
2007-11-07 17:00	<DIR>	d--------	C:\WINDOWS\peernet
2007-11-07 17:00	5,525,504	--a--c---	C:\WINDOWS\system32\dllcache\wmp.dll
2007-11-07 17:00	1,737,856	---------	C:\WINDOWS\system32\mtxparhd.dll
2007-11-07 17:00	1,689,088	---------	C:\WINDOWS\system32\d3d9.dll
2007-11-07 17:00	397,056	---------	C:\WINDOWS\system32\s3gnb.dll
2007-11-07 17:00	384,512	---------	C:\WINDOWS\system32\mp4sdmod.dll
2007-11-07 17:00	377,984	---------	C:\WINDOWS\system32\ati2dvaa.dll
2007-11-07 17:00	310,272	---------	C:\WINDOWS\system32\mp43dmod.dll
2007-11-07 17:00	282,624	--a--c---	C:\WINDOWS\system32\dllcache\wmpdxm.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-22 20:44	---------	d-----w	C:\Documents and Settings\Grizz\Application Data\.purple
2007-11-18 00:32	737,280	----a-w	C:\WINDOWS\iun6002.exe
2007-11-12 14:51	81,920	----a-w	C:\WINDOWS\system32\nvmctray.dll
2007-11-12 14:51	8,523,776	----a-w	C:\WINDOWS\system32\nvcpl.dll
2007-11-12 14:51	757,760	----a-w	C:\WINDOWS\system32\nvcplui.exe
2007-11-12 14:51	6,901,760	----a-w	C:\WINDOWS\system32\nvoglnt.dll
2007-11-12 14:51	5,770,880	----a-w	C:\WINDOWS\system32\nv4_disp.dll
2007-11-12 14:51	466,944	----a-w	C:\WINDOWS\system32\nvshell.dll
2007-11-12 14:51	45,056	----a-w	C:\WINDOWS\system32\nvmccsrs.dll
2007-11-12 14:51	442,368	----a-w	C:\WINDOWS\system32\nvappbar.exe
2007-11-12 14:51	385,024	----a-w	C:\WINDOWS\system32\nvapi.dll
2007-11-12 14:51	35,328	----a-w	C:\WINDOWS\system32\nvcodins.dll
2007-11-12 14:51	35,328	----a-w	C:\WINDOWS\system32\nvcod.dll
2007-11-12 14:51	307,200	----a-w	C:\WINDOWS\system32\nvexpbar.dll
2007-11-12 14:51	3,407,872	----a-w	C:\WINDOWS\system32\nvgames.dll
2007-11-12 14:51	286,720	----a-w	C:\WINDOWS\system32\nvnt4cpl.dll
2007-11-12 14:51	229,376	----a-w	C:\WINDOWS\system32\nvmccs.dll
2007-11-12 14:51	188,416	----a-w	C:\WINDOWS\system32\nvmccss.dll
2007-11-12 14:51	155,716	----a-w	C:\WINDOWS\system32\nvsvc32.exe
2007-11-12 14:51	147,456	----a-w	C:\WINDOWS\system32\nvcolor.exe
2007-11-12 14:51	1,474,560	----a-w	C:\WINDOWS\system32\nview.dll
2007-11-12 14:51	1,339,392	----a-w	C:\WINDOWS\system32\nvdspsch.exe
2007-11-12 14:51	1,212,416	----a-w	C:\WINDOWS\system32\nvmobls.dll
2007-11-12 14:51	1,089,536	----a-w	C:\WINDOWS\system32\nvcuda.dll
2007-11-08 00:20	21,035	----a-w	C:\WINDOWS\system32\drivers\AegisP.sys
2007-11-07 23:56	---------	d-----w	C:\Program Files\microsoft frontpage
2007-11-07 23:17	---------	d-----w	C:\Program Files\SiSoftware
2007-10-20 00:56	524,288	----a-w	C:\WINDOWS\system32\DivXsm.exe
2007-10-20 00:56	3,596,288	----a-w	C:\WINDOWS\system32\qt-dx331.dll
2007-10-20 00:56	200,704	----a-w	C:\WINDOWS\system32\ssldivx.dll
2007-10-20 00:56	1,044,480	----a-w	C:\WINDOWS\system32\libdivx.dll
2007-10-20 00:54	823,296	----a-w	C:\WINDOWS\system32\divx_xx0c.dll
2007-10-20 00:54	823,296	----a-w	C:\WINDOWS\system32\divx_xx07.dll
2007-10-20 00:54	81,920	----a-w	C:\WINDOWS\system32\dpl100.dll
2007-10-20 00:54	802,816	----a-w	C:\WINDOWS\system32\divx_xx11.dll
2007-10-20 00:54	739,840	----a-w	C:\WINDOWS\system32\DivX.dll
2007-10-20 00:54	196,608	----a-w	C:\WINDOWS\system32\dtu100.dll
2007-10-18 09:06	156,992	----a-w	C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-10-18 09:03	593,920	----a-w	C:\WINDOWS\system32\dpuGUI11.dll
2007-10-18 09:03	57,344	----a-w	C:\WINDOWS\system32\dpv11.dll
2007-10-18 09:03	53,248	----a-w	C:\WINDOWS\system32\dpuGUI10.dll
2007-10-18 09:03	344,064	----a-w	C:\WINDOWS\system32\dpus11.dll
2007-10-18 09:03	294,912	----a-w	C:\WINDOWS\system32\dpu11.dll
2007-10-18 09:03	294,912	----a-w	C:\WINDOWS\system32\dpu10.dll
2007-10-18 09:02	12,288	----a-w	C:\WINDOWS\system32\DivXWMPExtType.dll
2006-06-23 06:48	32,768	----a-r	C:\WINDOWS\inf\UpdateUSB.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pidgin"="C:\Program Files\Pidgin\pidgin.exe" [2007-10-23 16:14]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [2007-03-19 22:36]
"36X Raid Configurer"="C:\WINDOWS\System32\xRaidSetup.exe" [2007-03-21 00:23]
"RivaTuner"="C:\Program Files\RivaTuner v2.06\RivaTuner.exe" [2007-10-30 10:05]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:56 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2007-11-12 06:51 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-04 00:56 C:\WINDOWS\system32\rundll32.exe]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 00:56]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Grizz^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\Grizz\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup
			
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-10-10 19:51	39792	--a------	C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
			
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ai Nap]
2007-04-09 14:49	1423360	--a------	C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
			
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-03-21 13:00	174872	--a------	C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
			
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch PC Probe II]
			C:\Program Files\ASUS\PC Probe II\Probe2.exe 1
			
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
			RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
			
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
			C:\Program Files\QuickTime\QTTask.exe -atboottime
			
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
			C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
			
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2006-12-18 05:34	868352	-ra------	C:\Program Files\Analog Devices\Core\smax4pnp.exe
			
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
			C:\Program Files\Common Files\Real\Update_OB\realsched.exe  -osboot

R1 ATITool;ATITool Overclocking Utility;C:\WINDOWS\system32\DRIVERS\ATITool.sys
R3 RivaTuner32;RivaTuner32;\??\C:\Program Files\RivaTuner v2.06\RivaTuner32.sys
S3 cpuz128;cpuz128;\??\C:\DOCUME~1\Grizz\LOCALS~1\Temp\cpuz_x32.sys
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys
S3 TCCrystalCpuInfo;TCCrystalCpuInfo;\??\C:\DOCUME~1\Grizz\LOCALS~1\Temp\TCCpuInfo.sys

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-22 12:45:31
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully 
hidden files: 0 

**************************************************************************
.
Completion time: 2007-11-22 12:45:45
.
	--- E O F ---

Syl, your log is fine. Short, and that is nice - most folks ignore the instructions on running hijackthis and leave a bunch of apps running. My own log is short like yours, shorter, even.
Rundll will show all the time it is handling a process from a dll, the more threads it is handling the more memory it uses, but it should only ever use a percent or two of you CPU time, mostly in TM it should show zero time. And it will come up under your name if it is handling a dll launched by your profile.
I'd read your combofix log but you attach or whatever instead of pasting in plain text - it makes reading tedious..
See these two entries?
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
-they are why Rundll is running all the time. Mine does not cos I don't have entries like that in my startup. I can observe rundll in TM by starting timedate.cpl from the taskbar clock.