can someone help me please.

[panfriedhardrive]

I'm new to malwarebytes forums and my computer has been really messed up lately. I'll get rid of three fourths of all the infections and then they all come back. I curreently have: Malware.Packer.Gen, Backdoor.Bifrose, Worm.Spambot, Trojan.Spambot, Bifrose.Trace, Backdoor.Bot, Virus.Sality, and there are multiple of all listed. I ran ComboFix which will take a lot of them out but then they all come back.

Here is the log for my scan with ComboFix. Thanks.

ComboFix 10-12-18.01 - Administrator 12/18/2010 16:14:08.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.461 [GMT -5:00]

Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Autorun.inf

c:\windows\system\javapc.dll

.

---- Previous Run -------

.

C:\Autorun.inf

c:\windows\system\java.exe

c:\windows\system\javapc.dll

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_ASC3360PR

-------\Service_amsint32

-------\Service_asc3360pr

-------\Legacy_ASC3360PR

-------\Service_amsint32

-------\Service_asc3360pr

((((((((((((((((((((((((( Files Created from 2010-11-18 to 2010-12-18 )))))))))))))))))))))))))))))))

.

2010-12-18 03:49 . 2010-12-18 03:52 -------- d-----w- c:\program files\Active PC Optimizer

2010-12-18 02:48 . 2010-12-18 02:48 -------- d-----w- c:\program files\SUPERAntiSpyware

2010-12-18 02:30 . 2010-02-22 15:37 147456 ----a-w- c:\windows\system\java.exe

2010-12-17 18:59 . 2010-12-17 18:59 7475200 ----a-w- c:\windows\system32\rmslt.nt

2010-12-17 18:38 . 2010-12-17 18:38 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Threat Expert

2010-12-17 17:14 . 2010-12-17 17:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\DriverCure

2010-12-17 17:14 . 2010-12-17 17:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\ParetoLogic

2010-12-17 17:13 . 2010-12-17 17:31 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic

2010-12-17 04:18 . 2010-12-17 04:20 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Deployment

2010-12-15 22:12 . 2010-12-15 22:24 -------- d-----w- c:\windows\system32\MpEngineStore

2010-12-14 21:41 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys

2010-12-12 22:33 . 2010-12-12 22:33 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes

2010-12-12 22:33 . 2010-11-29 22:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-12-12 22:33 . 2010-12-12 22:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-12-12 22:33 . 2010-12-12 22:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-12-12 22:33 . 2010-11-29 22:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-12-10 17:55 . 2010-12-15 21:55 -------- d-----w- c:\program files\Microsoft IntelliType Pro

2010-12-10 17:33 . 2010-12-10 17:33 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles

2010-12-10 17:15 . 2010-09-11 06:46 887912 ----a-w- c:\windows\system32\nvdispco32.dll

2010-12-10 17:15 . 2010-09-11 06:46 813672 ----a-w- c:\windows\system32\nvgenco32.dll

2010-12-09 03:58 . 2010-12-09 03:58 -------- d-----w- c:\program files\Bonjour

2010-12-09 03:43 . 2010-12-09 03:43 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll

2010-12-09 03:43 . 2010-12-09 03:43 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll

2010-12-09 03:43 . 2010-12-09 03:43 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll

2010-12-09 03:43 . 2010-12-09 03:43 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll

2010-12-09 03:43 . 2010-12-09 03:43 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll

2010-12-09 03:43 . 2010-12-09 03:43 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll

2010-12-09 03:43 . 2010-12-09 03:43 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll

2010-12-08 17:31 . 2010-12-08 23:46 -------- d--h--w- c:\windows\msdownld.tmp

2010-12-08 14:05 . 2010-12-08 14:05 -------- d-----w- c:\program files\Common Files\xing shared

2010-12-08 14:04 . 2010-12-08 14:05 -------- d-----w- c:\program files\real

2010-12-08 01:33 . 2010-12-08 01:33 -------- d-----w- c:\documents and settings\Guest\Local Settings\Application Data\SoftGrid Client

2010-12-08 01:33 . 2010-12-08 11:58 -------- d-----w- c:\documents and settings\Guest\Application Data\SoftGrid Client

2010-12-01 16:59 . 2010-12-01 16:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion

2010-11-29 22:38 . 2010-11-29 22:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-11-29 22:38 . 2010-11-29 22:38 69632 ----a-w- c:\windows\system32\QuickTime.qts

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-12-18 21:31 . 2010-03-02 18:53 9216 ----a-w- c:\windows\base64.exe

2010-12-16 00:03 . 2009-05-15 13:02 90112 ----a-w- c:\windows\DUMP606f.tmp

2010-12-14 22:20 . 2007-04-09 16:32 93696 ----a-w- c:\windows\system32\Ctxfihlp.exe

2010-12-08 14:05 . 2006-07-11 22:35 348160 ----a-w- c:\windows\system32\msvcr71.dll

2010-11-18 18:12 . 2009-05-15 17:49 81920 ----a-w- c:\windows\system32\isign32.dll

2010-11-15 22:20 . 2010-11-15 22:20 138 ---ha-w- c:\documents and settings\Administrator\Application Data\lakerda1967.sys

2010-11-15 22:20 . 2010-11-15 22:20 360580 ----a-w- c:\windows\eSellerateEngine.dll

2010-11-06 00:26 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-06 00:26 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-06 00:26 . 2004-08-04 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-03 12:25 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec

2010-11-02 15:17 . 2009-05-18 13:50 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys

2010-10-28 13:13 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll

2010-10-26 13:25 . 2009-05-18 13:50 1853312 ----a-w- c:\windows\system32\win32k.sys

2010-10-21 22:44 . 2010-11-10 19:15 438976 ----a-w- c:\windows\system32\Mshflxgd.ocx

2010-10-21 22:44 . 2010-11-10 19:15 212240 ----a-w- c:\windows\system32\Richtx32.ocx

2010-10-21 22:44 . 2010-11-10 19:15 196608 ----a-w- c:\windows\system32\Utility.dll

2010-10-21 22:44 . 2010-11-10 19:15 117507 ----a-w- c:\windows\system32\msinet.ocx

2010-10-21 22:44 . 2010-11-10 19:15 139264 ----a-w- c:\windows\system32\gswin32c.exe

2010-10-19 20:51 . 2010-11-04 17:28 222080 ------w- c:\windows\system32\MpSigStub.exe

2010-10-12 15:11 . 2010-10-01 17:33 664 ----a-w- c:\documents and settings\Guest\Local Settings\Application Data\d3d9caps.tmp

2010-10-07 17:23 . 2010-10-07 17:23 91424 ----a-w- c:\windows\system32\dnssd.dll

2010-10-07 17:23 . 2010-10-07 17:23 107808 ----a-w- c:\windows\system32\dns-sd.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-27 39408]

"Google Update"="c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-06-15 200192]

"ares"="c:\program files\Ares\Ares.exe" [2010-07-21 4185088]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-12-14 2424560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 458752]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 278528]

"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 139264]

"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 114688]

"SetDefPrt"="c:\program files\Brother\Brmfl05b\BrStDvPt.exe" [2005-01-26 122880]

"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2010-12-14 1081344]

"USBDetector"="c:\usbstorage\USBDetector.exe" [2003-04-01 126976]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 1028096]

"QuickFinder Scheduler"="c:\program files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2007-01-03 147456]

"PDF4 Registry Controller"="c:\program files\ScanSoft\PDF Professional 4.0\RegistryController.exe" [2010-12-14 122880]

"ScanSoft PDF Professional 4-reminder"="c:\program files\ScanSoft\PDF Professional 4.0\Ereg\Ereg.exe" [2006-11-16 107520]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-12-14 93696]

"CTHelper"="CTHELPER.EXE" [2009-06-23 89088]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 330256]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 47904]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 136192]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 242688]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 99840]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 1004544]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1159168]

"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2010-12-08 274608]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 495616]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-09-11 110696]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-09-11 13851752]

"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-26 1824256]

"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-03-26 1433600]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]

"shdocvw"="wscript.exe" [2008-05-08 155648]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2010-1-27 393216]

Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-5-19 884736]

QuickBooks Delivery Agent.lnk - c:\program files\Intuit\QuickBooks\Components\QBAgent\QBDAgent.exe [2009-5-25 192512]

Wireless Network Monitor.lnk - c:\program files\Linksys\WUSB600N\WUSB600N.exe [2007-12-14 6991872]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2009-07-20 17:28 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

"AntiVirusDisableNotify"=dword:00000001

"FirewallDisableNotify"=dword:00000001

"FirewallOverride"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=

"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\WINDOWS\\system32\\mrtMngr.EXE"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"c:\\Program Files\\ScanSoft\\PaperPort\\pptd40nt.exe"=

"c:\\program files\\real\\realplayer\\RealPlay.exe"=

"c:\\Program Files\\Microsoft IntelliType Pro\\itype.exe"=

"c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"=

"c:\\Program Files\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe"=

"c:\\Program Files\\Brother\\Brmfl05b\\BrStDvPt.exe"=

"c:\\Program Files\\Ares\\Ares.exe"=

"c:\\Documents and Settings\\Administrator\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"=

"c:\\Program Files\\Intuit\\QuickBooks\\Components\\QBAgent\\QBDAgent.exe"=

"c:\\WINDOWS\\system\\java.exe"=

"c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=

"c:\\Program Files\\Google\\Update\\1.2.183.39\\GoogleCrashHandler.exe"=

"c:\\Program Files\\Real\\RealUpgrade\\realupgrade.exe"=

"c:\\Program Files\\ScanSoft\\PaperPort\\IndexSearch.exe"=

"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=

"c:\\WINDOWS\\stsystra.exe"=

"c:\\Program Files\\iTunes\\iTunesHelper.exe"=

"c:\\Program Files\\Microsoft IntelliType Pro\\dpupdchk.exe"=

"c:\\Documents and Settings\\Administrator\\Local Settings\\Application Data\\Google\\Update\\1.2.183.39\\GoogleCrashHandler.exe"=

"c:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"=

"c:\\Program Files\\Linksys\\WUSB600N\\WUSB600N.exe"=

"c:\\Program Files\\Common Files\\Logishrd\\KHAL2\\KHALMNPR.EXE"=

"c:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe"=

"c:\\Program Files\\NVIDIA Corporation\\nView\\nwiz.exe"=

"c:\\Program Files\\Logitech\\SetPoint\\SetPoint.exe"=

"c:\\WINDOWS\\system32\\CTHELPER.EXE"=

"c:\\PROGRA~1\\COMMON~1\\MICROS~1\\DW\\DW20.EXE"=

"c:\\USBStorage\\USBDetector.exe"=

"c:\\Program Files\\Microsoft IntelliPoint\\ipoint.exe"=

"c:\\Program Files\\Logitech\\SetPoint\\LU\\LULnchr.exe"=

"c:\\Documents and Settings\\Administrator\\Desktop\\ComboFix.exe"=

"c:\\WINDOWS\\system32\\cmd.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 1:25 PM 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 1:41 PM 67656]

R2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2/28/2010 2:33 AM 821664]

R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [5/19/2009 12:53 PM 45824]

R2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [4/24/2010 1:10 AM 483688]

R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [7/27/2005 4:25 PM 14080]

R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [7/27/2005 4:25 PM 36352]

R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [6/23/2009 12:34 PM 99352]

R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [6/23/2009 12:34 PM 555032]

R3 ctgame;Game Port;c:\windows\system32\drivers\ctgame.sys [6/23/2009 12:36 PM 18840]

R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [6/23/2009 12:34 PM 566296]

R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [5/19/2009 12:53 PM 56960]

R3 P0630VID;Creative WebCam Live!;c:\windows\system32\drivers\P0630Vid.sys [5/19/2009 4:32 AM 91830]

R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfsxp.sys [12/2/2009 10:23 PM 554344]

R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplayxp.sys [12/2/2009 10:23 PM 211432]

R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [12/2/2009 10:23 PM 20584]

R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolxp.sys [12/2/2009 10:23 PM 18280]

R3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [4/24/2010 1:10 AM 209768]

R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [7/27/2005 4:25 PM 77056]

S1 khichjfa;khichjfa;\??\c:\windows\system32\drivers\khichjfa.sys --> c:\windows\system32\drivers\khichjfa.sys [?]

S1 tuptnchl;tuptnchl;\??\c:\windows\system32\drivers\tuptnchl.sys --> c:\windows\system32\drivers\tuptnchl.sys [?]

S1 xugkgpwf;xugkgpwf;\??\c:\windows\system32\drivers\xugkgpwf.sys --> c:\windows\system32\drivers\xugkgpwf.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/28/2010 12:22 AM 212480]

S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [5/15/2009 1:51 PM 20160]

S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [6/23/2009 12:34 PM 99352]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [9/29/2009 10:13 PM 157184]

S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [6/23/2009 12:34 PM 555032]

S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [6/23/2009 12:35 PM 100888]

S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [6/23/2009 12:35 PM 100888]

S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [6/23/2009 12:34 PM 566296]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4710912]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [8/4/2004 7:00 AM 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ASC3360PR

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

WINRM REG_MULTI_SZ WINRM

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]

2009-03-08 08:32 128512 ----a-w- c:\windows\system32\advpack.dll

.

Contents of the 'Scheduled Tasks' folder

2010-12-17 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-28 05:22]

2010-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-28 05:22]

2010-12-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-220523388-839522115-500Core.job

- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-24 04:27]

2010-12-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-220523388-839522115-500UA.job

- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-24 04:27]

2010-12-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1645522239-220523388-839522115-500.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 16:33]

2010-12-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1645522239-220523388-839522115-500.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 16:33]

2010-12-18 c:\windows\Tasks\User_Feed_Synchronization-{DE3F6AD8-35DF-4765-8202-9AB46C8BB149}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com

IE: Copy to &Lightning Note - c:\program files\WordPerfect Lightning\Programs\WPLightningCopyToNote.hta

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html

IE: Open with ScanSoft PDF Converter 4.1 - c:\program files\ScanSoft\PDF Professional 4.0\cnvres_eng.dll /100

IE: Open with WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta

DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-12-18 16:29

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

CTxfiHlp = CTXFIHLP.EXE?

CTHelper = CTHELPER.EXE?

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1645522239-220523388-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,af,e4,ad,53,a1,b5,3c,48,a3,76,59,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,af,e4,ad,53,a1,b5,3c,48,a3,76,59,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(504)

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\WININET.dll

c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

c:\program files\common files\logitech\bluetooth\LBTWlgn.dll

c:\program files\common files\logitech\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(2448)

c:\windows\system32\WININET.dll

c:\windows\system32\ctagent.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\nvsvc32.exe

c:\windows\system32\brsvc01a.exe

c:\program files\Creative\Shared Files\CTAudSvc.exe

c:\windows\system32\brss01a.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\CTsvcCDA.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\PSIService.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\windows\system32\MsPMSPSv.exe

c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\windows\stsystra.exe

c:\windows\system32\CTHELPER.EXE

c:\windows\system32\RUNDLL32.EXE

c:\program files\iPod\bin\iPodService.exe

c:\windows\system32\mrtMngr.EXE

c:\windows\system\java.exe

c:\program files\real\realplayer\RealPlay.exe

.

**************************************************************************

.

Completion time: 2010-12-18 16:36:38 - machine was rebooted

ComboFix-quarantined-files.txt 2010-12-18 21:36

ComboFix2.txt 2010-12-17 17:04

Pre-Run: 54,478,782,464 bytes free

Post-Run: 54,561,247,232 bytes free

- - End Of File - - F4BA7FE55C20F810C47F99FCC5D2EC33

[Wide_Glide]

Hello panfriedhardrive and

First, Combofix should NOT be used except under the supervision of a EXPERT

As we don't work on Malware removal in the General Malwarebytes' Anti-Malware Forum as it is for issues with the program itself,

only in the Malware Removal - HijackThis Logs section

Please print out, read and follow the Directions Here, skipping any steps you are unable to complete. Then post a NEW Topic Here

One of the Expert helpers there will give you one-on-one assistance when one becomes available.

Please note that it may take 48 hours or more for you to receive a response in the malware removal forum, as it is often busy at times. Please do not reply to your own post asking for help unless its been more than 48 hours since you originally posted, as this can make it appear as though you are being helped and take longer for you to get help. If no one has replied within 48 hours then please go ahead and either reply to your post or send a private message to a Moderator and let them know that you're still needing assistance.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or HERE

NOTE:panfriedhardrive has posted in correct forum