*Infected* rootkit.0access Trogens:Win32:Kryptik-KEG/zeroaccess/.FakeMS/.Delf/enchanim.gePUM.Hijack

ANOTHER NEW DEVELOPMENT... after combofix, PC tools full scan found 52 infections.
Some had the 'catchme' phrase some not, Needed to reboot but couldnt complete t
Went to 'E' page (e-machine) with startup choices (bios, f12 etc) then froze & had to
manually unplug to shut it off. Tried several times with same result then finally went through.
Keyboard typing is delayed also

Sorry, Forgot to attach the new combofix log last post ...said rootkit activity found? rebooted & scanned
Then above probs happened. I'll run the new tool & post back
Here's the combofix log

ComboFix 12-10-31.03 - Owner 31/10/2012 11:39:55.3.1 - x86
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
.
.
((((((((((((((((((((((((( Files Created from 2012-09-28 to 2012-10-31 )))))))))))))))))))))))))))))))
.
.
2012-10-23 18:37 . 2009-06-30 14:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2012-10-23 18:37 . 2012-10-23 18:37 -------- d-----w- c:\program files\Panda Security
2012-10-22 22:11 . 2012-10-22 22:11 -------- d-----w- c:\program files\ESET
2012-10-22 14:04 . 2012-10-22 14:06 -------- d-----w- c:\windows\system32\NtmsData
2012-10-16 22:13 . 2012-10-16 22:13 -------- d-----w- C:\FRST
2012-10-16 06:59 . 2012-10-16 06:59 177496 ----a-w- c:\windows\system32\drivers\07292517.sys
2012-10-16 06:59 . 2012-10-16 06:59 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-15 08:26 . 2012-09-07 21:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-15 06:02 . 2012-10-15 06:02 -------- d-----w- c:\windows\system32\wbem\Repository
2012-10-15 00:31 . 2012-10-15 23:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-14 20:13 . 2012-10-14 20:13 -------- d-----w- c:\program files\Enigma Software Group
2012-10-14 20:09 . 2012-10-14 20:09 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-10-14 19:55 . 2012-10-14 19:55 -------- d-----w- c:\documents and settings\Owner\Application Data\DriverCure
2012-10-14 19:54 . 2012-10-14 19:54 -------- d-----w- c:\documents and settings\Owner\Application Data\SpeedyPC Software
2012-10-14 08:21 . 2012-10-14 08:21 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2012-10-14 08:20 . 2012-10-14 08:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-10-09 09:04 . 2012-10-09 09:04 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2012-10-02 05:36 . 2001-08-17 18:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2012-10-02 05:36 . 2001-08-17 18:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2012-10-02 05:36 . 2008-04-13 23:09 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2012-10-02 05:36 . 2008-04-13 23:09 6144 ----a-w- c:\windows\system32\kbd106.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-16 07:25 . 2004-08-26 16:12 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-08-28 15:14 . 2004-08-26 16:12 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14 . 2004-08-26 16:11 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14 . 2004-08-26 16:11 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-26 16:11 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2004-08-26 16:12 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:29 . 2004-08-26 16:12 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58 . 2004-08-04 05:59 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992]
"TWCU"="c:\program files\TP-LINK\TWCU\TWCU.exe" [2006-03-15 348160]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-07-12 81920]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-12 4112384]
"nwiz"="nwiz.exe" [2004-07-12 843776]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-04 131072]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-05-12 300472]
"ISTray"="c:\program files\PC Tools\PC Tools Security\pctsGui.exe" [2012-06-22 2673624]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Secunia PSI Tray.lnk.disabled]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk.disabled
backup=c:\windows\pss\Secunia PSI Tray.lnk.disabledCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnectionCenter]
2010-05-12 22:03 300472 ----a-w- c:\program files\Citrix\ICA Client\concentr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2004-07-12 04:50 4112384 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray]
2004-06-04 04:51 131072 ----a-w- c:\program files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2004-07-12 04:50 843776 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 15:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
2009-10-22 08:43 64048 ----a-w- c:\program files\VMware\VMware Player\hqtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Browser Defender Update Service"=2 (0x2)
"wuauserv"=2 (0x2)
"Secunia Update Agent"=3 (0x3)
"JavaQuickStarterService"=3 (0x3)
"iPod Service"=3 (0x3)
"Apple Mobile Device"=3 (0x3)
"AudioSrv"=2 (0x2)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
"RSVP"=3 (0x3)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunKistEM"=c:\program files\Digital Media Reader\shwiconem.exe
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"nwiz"=nwiz.exe /install
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" -osboot
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"<NO NAME>"=
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" /startup
"ControlCenter2.0"=c:\program files\Brother\ControlCenter2\brctrcen.exe /autorun
"SetDefPrt"=c:\program files\Brother\Brmfl04a\BrStDvPt.exe
"Path"="c:\program files\ZOOM\ZFX Tools\ZFX Tools startup.exe"
"SelectRebates"=c:\program files\SelectRebates\SelectRebates.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R3 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [x]
R3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD.sys [x]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
R3 QslFsFltr;QslFsFltr;c:\windows\system32\DRIVERS\QslFsFltr.sys [x]
R3 QuikSync;QuikSync;c:\program files\EMC Corporation\v.Clone\QuikSync\QuikSync.exe [x]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [x]
R3 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [x]
R3 ZMGHPAudioSrv;ZOOM G Series High Performance Audio Driver Service;c:\windows\system32\drivers\zmghpau.sys [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R4 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [x]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [x]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [x]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [x]
S1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [x]
S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD.sys [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [x]
S2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [x]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools\PC Tools Security\pctsAuxs.exe [x]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [x]
S2 vstor2-mntapi10;Vstor2 vix Disk Tools Virtual Storage Driver;c:\program files\VMware\VMware Virtual Disk Development Kit\bin\vstor2-mntapi10.sys [x]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [x]
S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis.sys [x]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [x]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - PCTSDInjDriver32
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2012-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-27 06:43]
.
2012-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-27 06:43]
.
.
------- Supplementary Scan -------
.
uStart Page = https://login.yahoo.com/config/login_verify2?.intl=us&.src=ym
uInternet Settings,ProxyOverride = *.local
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
Trusted Zone: pb.com\ibdswebp8-ext
Trusted Zone: usps.com\carrierpickup
Trusted Zone: usps.com\tools
TCP: DhcpNameServer = 167.206.254.1 167.206.254.2
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-31 12:03
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(1000)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
Completion time: 2012-10-31 12:12:21
ComboFix-quarantined-files.txt 2012-10-31 16:12
ComboFix2.txt 2012-10-20 05:51
ComboFix3.txt 2012-10-19 08:53
.
Pre-Run: 34,928,304,128 bytes free
Post-Run: 35,047,735,296 bytes free
.
- - End Of File - - 5525E1197204049AA569E6CF310B7143

Sorry for the wait, Im on Long Island NY & were having a very tough time with everything...
electricity, internet ...basically life as we knew it

I did some reasearch on WMI & wound up rebuilding the repository which seems to have
cleared up many of the issues. Security center is detecting antivirus/firewall now, connectivity
popup is gone & slow loading start/shut etc is better.

I did still run the scan ,,,but then lost power The log is attached

Thats good news. Loading is still not where it was but better since the WMI fix as
well as the typing /keyboard to screen issue
...I'll type a word then have to wait quite a bit for it to show up, spacebar /backspacing /delete
/enter are all very slow to repond
I havent been able to use the cp much lately so will let you know as things are evident but
none of the major probs of previous. Let me know what you think might be the cause for
these issues? VERY annoying

...just a note- With the 'Complete Internet Fix tool' I didnt know which specific resets/restores
to use (not knowing where the problem) was so was wary to try most.
Did use the resets for Internet Protocol, Windows firewall.
Should have ticked all the boxes?