Origin,
Thank you so much for helping me fix this. I did what you said. However, I cannot open Spybot search and destroy anymore. It just freezes up also. So, I just removed the program entirely before running combofix. Anyway, here is the combofix.txt...
ComboFix 09-07-29.04 - Owner 07/30/2009 23:27.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.357 [GMT -4:00]
Running from: c:\linksys\Combo-Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\_003534_.tmp.dll
c:\windows\system32\AutoRun.inf
c:\windows\system32\drivers\UACaspdpkowbm.sys
c:\windows\system32\UACiblllnrvdh.dll
c:\windows\system32\uacinit.dll
c:\windows\system32\UACiqjwbpmwwq.dll
c:\windows\system32\UACovytslswgu.dll
c:\windows\system32\UACrpevdnqwhk.dll
c:\windows\system32\UACyiemlempjx.dat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_UACd.sys
((((((((((((((((((((((((( Files Created from 2009-06-28 to 2009-07-31 )))))))))))))))))))))))))))))))
.
2009-07-30 17:19 . 2009-07-30 17:19 -------- d-----w- c:\program files\AVG
2009-07-30 17:02 . 2009-07-30 17:02 -------- d-----w- c:\documents and settings\Owner\Application Data\AVG8
2009-07-29 22:02 . 2009-07-13 17:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-29 22:02 . 2009-07-29 22:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-29 22:02 . 2009-07-29 22:02 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Malwarebytes
2009-07-29 22:02 . 2009-07-13 17:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-29 22:01 . 2009-07-29 22:01 -------- d-----w- C:\pd
2009-07-29 20:51 . 2009-07-29 20:51 -------- d-----w- c:\program files\Enigma Software Group
2009-07-29 20:28 . 2009-07-29 20:28 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\TEMP
2009-07-29 20:26 . 2009-07-29 20:26 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-07-29 20:15 . 2009-07-29 20:15 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-07-29 18:34 . 2009-07-29 18:34 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Symantec
2009-07-29 18:16 . 2009-07-31 03:05 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-29 18:16 . 2009-07-31 03:04 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2009-07-26 00:22 . 2009-07-24 17:38 118784 ----a-w- c:\windows\system32\NetFilter.exe
2009-07-26 00:22 . 2009-06-22 14:58 24576 ----a-w- c:\windows\system32\drivers\ndisrd.sys
2009-07-26 00:22 . 2009-05-14 09:58 61440 ----a-w- c:\windows\system32\ndisapi.dll
2009-07-26 00:21 . 2009-07-26 00:21 -------- d-----w- c:\program files\Common Files\Uninstall
2009-07-19 18:40 . 2009-07-19 18:43 116839 ----a-w- c:\windows\hpqins00.dat
2009-07-08 18:13 . 2009-07-31 03:15 -------- d-----w- C:\linksys
2009-07-08 18:03 . 2009-07-08 18:03 -------- d-----w- c:\windows\system32\LogFiles
2009-07-08 03:50 . 2009-07-08 03:50 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-07-01 05:30 . 2009-07-01 05:30 -------- d-sh--w- c:\documents and settings\Owner\IECompatCache
2009-07-01 05:28 . 2009-07-01 05:28 -------- d-sh--w- c:\documents and settings\Owner\PrivacIE
2009-07-01 05:27 . 2009-07-01 05:27 -------- d-sh--w- c:\documents and settings\Owner\IETldCache
2009-07-01 05:23 . 2009-06-02 10:12 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-07-01 05:23 . 2009-07-01 05:23 -------- d-----w- c:\windows\ie8updates
2009-07-01 05:22 . 2009-07-03 17:09 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-07-01 05:21 . 2009-07-03 17:09 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-01 05:17 . 2009-07-01 05:21 -------- dc-h--w- c:\windows\ie8
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-29 20:40 . 2008-11-17 20:18 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-29 20:25 . 2008-11-17 19:05 -------- d-----w- c:\program files\NortonInstaller
2009-07-29 20:24 . 2008-11-17 19:57 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Norton
2009-07-29 19:24 . 2009-02-12 02:01 -------- d-----w- c:\program files\Google
2009-07-22 00:10 . 2009-03-09 05:18 56 --sh--r- c:\windows\system32\27E14D40BC.sys
2009-07-22 00:10 . 2009-03-09 05:18 1682 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-07-03 17:09 . 2003-03-31 14:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-23 15:07 . 2009-02-26 00:16 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-16 14:36 . 2003-03-31 14:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2003-03-31 14:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:27 . 2008-12-24 17:39 -------- d-----w- c:\documents and settings\Owner\Application Data\MSN6
2009-06-03 19:09 . 2003-03-31 14:00 1291264 ----a-w- c:\windows\system32\quartz.dll
2009-05-07 15:32 . 2003-03-31 14:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-02-12 02:01 . 2009-02-12 02:01 1038968 ----a-w- c:\program files\Google_Updater.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
c:\docume~1\ALLUSE~1\STARTM~1\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
S2 gupdate1c98cb66b566872;Google Update Service (gupdate1c98cb66b566872);c:\program files\Google\Update\GoogleUpdate.exe [2/11/2009 10:05 PM 133104]
--- Other Services/Drivers In Memory ---
*Deregistered* - NDISRD
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/ig?source=gama&hl=en.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-07-30 23:35
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1801674531-854245398-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3152)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
.
**************************************************************************
.
Completion time: 2009-07-31 23:38 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-31 03:38
Pre-Run: 70,665,252,864 bytes free
Post-Run: 74,380,455,936 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
146 --- E O F --- 2009-07-29 00:02