Bankerfox.A Win32/Nugel.E attack

I came under attack of this virus/whatever it is this afternoon. I've become very frustrated as I don't know what to do to rid myself of it. Several of my friends have given me suggestions (of one which was smitfraudfix, which looked like it worked but the issue prevailed) but nȯne have worked as of yet. I am currently running my pc in safe mode afraid to run my OS normally because whatever is attacking me may grow stronger. If anyone could please walk me through what to do to rid myself of this nuisance I would greatly appreciate it. Oh, one more thing. I have come under the attack of malware before and used the malware bytes program to clean my system but it doesn't seem to work now. I have tried deleting and reinstalling it but it still doesnt work. HELP PLEASE!

I've read some other similar problems on this board so I downloaded hijack this and ran a scan. These are the results

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:01:38, on 11/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [realteke] "C:\Documents and Settings\Udeme Ndon\Application Data\Google\cijwg16225165.exe" 2
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [zalupehos] Rundll32.exe "c:\windows\system32\rijedatu.dll",a
O4 - HKLM\..\Run: [qalylryf] C:\Documents and Settings\Udeme Ndon\Local Settings\Application Data\frglbe\subdsysguard.exe
O4 - HKLM\..\Run: [Hqumotegi] rundll32.exe "C:\WINDOWS\ewaminopa.dll",Startup
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [qalylryf] C:\Documents and Settings\Udeme Ndon\Local Settings\Application Data\frglbe\subdsysguard.exe
O4 - HKUS\S-1-5-19\..\Run: [jinozufadu] Rundll32.exe "C:\WINDOWS\system32\parojuse.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [jinozufadu] Rundll32.exe "C:\WINDOWS\system32\parojuse.dll",s (User 'NETWORK SERVICE')
O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1216717545147&h=54c08b63b602cbd151988adeab18e8ef/&filename=jinstall-6u7-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{18F4F4ED-543E-49C9-A54D-4D95522F1E93}: NameServer = 77.74.48.113
O17 - HKLM\System\CS1\Services\Tcpip\..\{18F4F4ED-543E-49C9-A54D-4D95522F1E93}: NameServer = 77.74.48.113
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: ruliyevi.dll c:\windows\system32\rijedatu.dll
O21 - SSODL: zetiyater - {5bfb7708-a1af-407c-8535-2dc7b3f9f749} - c:\windows\system32\rijedatu.dll
O22 - SharedTaskScheduler: mujuzedij - {5bfb7708-a1af-407c-8535-2dc7b3f9f749} - c:\windows\system32\rijedatu.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 6342 bytes

Hello.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
  O4 - HKLM\..\Run: [realteke] "C:\Documents and Settings\Udeme Ndon\Application Data\Google\cijwg16225165.exe" 2
  O4 - HKLM\..\Run: [zalupehos] Rundll32.exe "c:\windows\system32\rijedatu.dll",a
  O4 - HKLM\..\Run: [qalylryf] C:\Documents and Settings\Udeme Ndon\Local Settings\Application Data\frglbe\subdsysguard.exe
  O4 - HKLM\..\Run: [Hqumotegi] rundll32.exe "C:\WINDOWS\ewaminopa.dll",Startup
  O4 - HKCU\..\Run: [qalylryf] C:\Documents and Settings\Udeme Ndon\Local Settings\Application Data\frglbe\subdsysguard.exe
  O4 - HKUS\S-1-5-19\..\Run: [jinozufadu] Rundll32.exe "C:\WINDOWS\system32\parojuse.dll",s (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [jinozufadu] Rundll32.exe "C:\WINDOWS\system32\parojuse.dll",s (User 'NETWORK SERVICE')
  O17 - HKLM\System\CCS\Services\Tcpip\..\{18F4F4ED-543E-49C9-A54D-4D95522F1E93}: NameServer = 77.74.48.113
  O17 - HKLM\System\CS1\Services\Tcpip\..\{18F4F4ED-543E-49C9-A54D-4D95522F1E93}: NameServer = 77.74.48.113
  O20 - AppInit_DLLs: ruliyevi.dll c:\windows\system32\rijedatu.dll
  O21 - SSODL: zetiyater - {5bfb7708-a1af-407c-8535-2dc7b3f9f749} - c:\windows\system32\rijedatu.dll
  O22 - SharedTaskScheduler: mujuzedij - {5bfb7708-a1af-407c-8535-2dc7b3f9f749} - c:\windows\system32\rijedatu.dll
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

I ran Hijack this and cleaned up what you told me to, however I couldn't find this line (O4 - HKLM\..\Run: [Hqumotegi]rundll32.exe "C:\WINDOWS\ewaminopa.dll",Startup) in the scan results in order to delete it.

I tried installing MBAM but got this message when I tried to run it "Unable to execute file C:\program files\malwarebytes' anti-malware\mbam.exe

Create process failed; code 2, the system cannot find the file specified

Hello.

• Download combofix from here
  Link 1
  Link 2
  
  1. If you are using Firefox, make sure that your download settings are as follows:
  
  * Tools->Options->Main tab
  * Set to "Always ask me where to Save the files".
  
  2. During the download, rename Combofix to Combo-Fix as follows:
  
  
  
  
  
  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
  
• We need to disable your local AV (Anti-virus) before running Combofix.
  
• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
  
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
  
  
  
• The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
  
  
  
  
• Allow ComboFix to download the Recovery Console.
  
• Accept the End-User License Agreement.
  
• The Recovery Console will be installed.
  
• You will then get this next prompt that asks if you want to continue the malware scan, select yes
  
  
  
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

ComboFix 09-11-11.02 - Udeme Ndon 11/11/2009 23:17.1.1 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.340 [GMT -8:00]
Running from: c:\documents and settings\Udeme Ndon\Desktop\Combo-Fix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\hemodizi.dll
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\iehelper.dll
c:\windows\system32\jajusema.exe
c:\windows\system32\lahesumo.dll
c:\windows\system32\lipoyiya.dll
c:\windows\system32\maguhugi.dll
c:\windows\system32\mikolobe.dll
c:\windows\system32\nahuhiju.dll
c:\windows\system32\nevibuni.dll
c:\windows\system32\nilejonu.dll
c:\windows\system32\nirepuna.dll
c:\windows\system32\nitekufi.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\ribehige.dll
c:\windows\system32\ruliyevi.dll
c:\windows\system32\sizugomu.dll
c:\windows\system32\sozivado.dll
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\vejidoyu.dll
c:\windows\system32\WS2Fix.exe
c:\windows\system32\wuholove.exe
C:\ydlcgx.exe

.
((((((((((((((((((((((((( Files Created from 2009-10-12 to 2009-11-12 )))))))))))))))))))))))))))))))
.

2009-11-12 06:20 . 2009-11-12 06:20 -------- d-----w- c:\documents and settings\Udeme Ndon\Local Settings\Application Data\Threat Expert
2009-11-12 01:27 . 2009-11-12 01:27 -------- d-----w- c:\program files\comcasttb
2009-11-11 21:32 . 2009-11-11 21:32 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-11-11 20:38 . 2009-11-12 01:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-11 20:38 . 2009-11-12 01:58 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-11 04:01 . 2009-11-11 04:03 -------- d-----w- c:\documents and settings\Udeme Ndon\.SunDownloadManager
2009-11-11 02:21 . 2009-11-11 02:21 -------- d-----w- c:\program files\Trend Micro
2009-11-10 17:43 . 2009-11-10 17:43 0 ----a-w- c:\windows\Afefazalebinuri.bin
2009-11-10 17:43 . 2009-11-11 04:11 120 ----a-w- c:\windows\Vbalayewe.dat
2009-11-10 17:41 . 2009-11-10 17:41 -------- d-----w- c:\documents and settings\Udeme Ndon\Local Settings\Application Data\frglbe
2009-11-10 17:36 . 2009-11-10 17:36 22016 ----a-w- C:\gsho.exe
2009-11-10 17:36 . 2009-11-10 17:36 53248 ----a-w- C:\luobk.exe
2009-10-30 01:37 . 2009-10-30 01:37 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-30 01:37 . 2009-10-31 03:09 -------- d-----w- c:\documents and settings\Udeme Ndon\Application Data\skypePM
2009-10-30 01:21 . 2009-11-12 01:49 -------- d-----w- c:\documents and settings\Udeme Ndon\Application Data\Skype
2009-10-30 01:20 . 2009-10-30 01:20 -------- d-----w- c:\program files\Common Files\Skype
2009-10-30 01:20 . 2009-10-30 01:21 -------- d-----r- c:\program files\Skype
2009-10-30 01:20 . 2009-10-30 01:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-29 16:42 . 2009-10-29 16:42 -------- d-----w- c:\program files\Common Files\Software Update Utility

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-12 06:43 . 2009-01-20 08:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-12 01:55 . 2009-01-20 08:44 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-11-11 02:26 . 2009-01-20 08:43 -------- d-----w- c:\program files\Lavasoft
2009-11-11 01:51 . 2009-01-20 08:01 -------- d-----w- c:\program files\Common Files\Download Manager
2009-11-11 01:39 . 2008-06-12 00:07 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-11-07 03:31 . 2008-07-14 17:40 -------- d-----w- c:\documents and settings\Udeme Ndon\Application Data\uTorrent
2009-10-29 18:22 . 2008-06-13 07:37 -------- d-----w- c:\program files\Common Files\AOL
2009-10-18 17:37 . 2008-07-20 02:05 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT
2009-10-04 02:44 . 2008-08-14 09:42 -------- d-----w- c:\documents and settings\Udeme Ndon\Application Data\LimeWire
2009-09-27 23:43 . 2008-06-13 07:35 -------- d-----w- c:\program files\Yahoo!
2009-09-11 02:03 . 2009-09-11 02:03 98816 ----a-w- c:\documents and settings\Udeme Ndon\Application Data\Sun\Java\Deployment\cache\6.0\30\519a115e-1e32a203-n\WinVideo.dll
2009-09-11 02:03 . 2009-09-11 02:03 74240 ----a-w- c:\documents and settings\Udeme Ndon\Application Data\Sun\Java\Deployment\cache\6.0\51\3e6873f3-1eb47217-n\JINECELP.dll
2009-09-11 02:03 . 2009-09-11 02:03 68608 ----a-w- c:\documents and settings\Udeme Ndon\Application Data\Sun\Java\Deployment\cache\6.0\51\3e6873f3-1eb47217-n\JIWAudio.dll
2009-09-11 02:03 . 2009-09-11 02:03 66048 ----a-w- c:\documents and settings\Udeme Ndon\Application Data\Sun\Java\Deployment\cache\6.0\51\3e6873f3-1eb47217-n\JIWMixer.dll
2009-09-11 02:03 . 2009-09-11 02:03 65536 ----a-w- c:\documents and settings\Udeme Ndon\Application Data\Sun\Java\Deployment\cache\6.0\21\216b13d5-12c978a7-n\ICE_JNIRegistry.dll
2009-09-11 02:03 . 2009-09-11 02:03 60928 ----a-w- c:\documents and settings\Udeme Ndon\Application Data\Sun\Java\Deployment\cache\6.0\21\216b13d5-12c978a7-n\WinPlatform.dll
2009-08-11 05:37 . 2009-08-11 05:37 138240 --sha-w- c:\windows\system32\hefihiru.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2005-11-30 57344]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2005-11-30 40960]
"OrderReminder"="c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-01-30 98304]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-06-28 622592]
"SetDefPrt"="c:\program files\Brother\Brmfl06a\BrStDvPt.exe" [2005-01-27 49152]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2006-06-29 77824]
"qalylryf"="c:\documents and settings\Udeme Ndon\Local Settings\Application Data\frglbe\subdsysguard.exe" [2009-11-10 252672]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Nikon Monitor.lnk - c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe [2007-10-18 479232]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\system32\\drivers\\svchost.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\QuickTime\\QTTask.exe"=
"c:\\Program Files\\Brother\\Brmfcmon\\BrMfcWnd.exe"=
"c:\\Program Files\\Brother\\ControlCenter3\\BrccMCtl.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"=
"c:\\WINDOWS\\system32\\wbem\\unsecapp.exe"=

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/12/2008 11:39 PM 24652]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MBR
*Deregistered* - mbr
.
Contents of the 'Scheduled Tasks' folder

2009-11-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 20:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {18F4F4ED-543E-49C9-A54D-4D95522F1E93} = 77.74.48.113
.
- - - - ORPHANS REMOVED - - - -

BHO-{908d7b7d-e923-4913-ba77-334e4f426ff5} - vejidoyu.dll
WebBrowser-{472734EA-242A-422B-ADF8-83D1E48CC825} - (no file)
HKLM-Run-zalupehos - c:\windows\system32\lahesumo.dll
HKLM-Run-jinozufadu - nevibuni.dll
SharedTaskScheduler-{9544d431-7ea1-4d6b-a096-c08c8f1381d2} - c:\windows\system32\lahesumo.dll
SSODL-bomopusud-{9544d431-7ea1-4d6b-a096-c08c8f1381d2} - c:\windows\system32\lahesumo.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-11 23:29
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
Completion time: 2009-11-12 23:35 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-12 07:35

Pre-Run: 288,647,946,240 bytes free
Post-Run: 288,726,507,520 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 27918B277128FD330C67D930C6173A01

Thank you for your help. The problem has yet to be fȋxed but I gave my computer to some IT on my campus to fix. I appreciate your help nȯne!

oops my previous post was meant to say nȯne... not nȯne.

I have a new problem that I think that may be associated with my previous issue.

My pc has been cleaned but when I get onto the internet my search engines do not work properly. Yahoo is unresponsive and google seems to work, but when i click on a search result, my link is redirected to something totally unrelated to my search. I have to get home and give more details so I can receive the proper help. Thank you!

Did you run my CFScript?

Can this thread be closed please?