Ultimate Defender 2007/ Winantispyware 2007 help plz

OK! did combofix and it SEEMS to have worked... no popups.

Here's the combofix log-----

ComboFix 07-09-10.6 - "Knivez" 2007-09-12 20:35:41.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.94 [GMT -4:00]
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\DOCUME~1\ALLUSE~1\APPLIC~1.\salesmonitor
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\ProductCode
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiSpyware 2007\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiSpyware 2007\Data\ProductCode
C:\DOCUME~1\DEFAULT\APPLIC~1\install.dat
C:\DOCUME~1\DEFAULT\FAVORI~1\Error Cleaner.url
C:\DOCUME~1\DEFAULT\FAVORI~1\Privacy Protector.url
C:\DOCUME~1\DEFAULT\FAVORI~1\Spyware&Malware Protection.url
C:\Program Files\VideoAccessCodec
C:\Program Files\VideoAccessCodec\install.ico
C:\WINDOWS\dat.txt
C:\WINDOWS\main_uninstaller.exe
C:\WINDOWS\msmdev.dll
C:\WINDOWS\msmhost.dll
C:\WINDOWS\nsduo.dll
C:\WINDOWS\rs.txt
C:\WINDOWS\start.exe
C:\WINDOWS\system32\drivers\ApiMon.sys

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

-------\LEGACY_FOPN
-------\LEGACY_MSFTCPIP

((((((((((((((((((((((((( Files Created from 2007-08-13 to 2007-09-13 )))))))))))))))))))))))))))))))
.

2007-09-12 20:11 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-12 02:12 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\MySpace
2007-09-11 22:05 <DIR> d--hs---- C:\FOUND.001
2007-09-11 06:28 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Pmcc
2007-09-10 22:43 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
2007-09-10 22:43 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\SUPERAntiSpyware.com
2007-09-10 06:22 <DIR> d--hs---- C:\FOUND.000
2007-08-31 10:11 <DIR> dr-h----- C:\DOCUME~1\Knivez\APPLIC~1\yahoo!
2007-08-31 10:05 <DIR> d-------- C:\DOCUME~1\Knivez\APPLIC~1\Comodo
2007-08-25 14:27 <DIR> d-------- C:\WINDOWS\.jagex_cache_32
2007-08-22 01:28 <DIR> d-------- C:\DOCUME~1\Default\APPLIC~1\WinRAR
2007-08-22 01:21 <DIR> d-------- C:\Program Files\Ad Muncher
2007-08-15 18:35 <DIR> d-------- C:\Program Files\MSXML 6.0

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-08 11:51 43520 --a------ C:\WINDOWS\SYSTEM32\CmdLineExt03.dll
2007-08-24 03:17 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys
2007-08-24 03:17 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-07-30 19:19 92504 --a------ C:\WINDOWS\SYSTEM32\dllcache\cdm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\SYSTEM32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\SYSTEM32\wuapi.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\SYSTEM32\dllcache\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\SYSTEM32\wuauclt.exe
2007-07-30 19:19 53080 --a------ C:\WINDOWS\SYSTEM32\dllcache\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\SYSTEM32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\SYSTEM32\wucltui.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\SYSTEM32\dllcache\wucltui.dll
2007-07-30 19:19 271224 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll
2007-07-30 19:19 207736 --a------ C:\WINDOWS\SYSTEM32\muweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\SYSTEM32\wuweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\SYSTEM32\dllcache\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\SYSTEM32\wuaueng.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\SYSTEM32\dllcache\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\SYSTEM32\wups.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\SYSTEM32\dllcache\wups.dll
2007-07-29 19:30 --------- d-------- C:\Program Files\MSBuild
2007-07-29 19:02 --------- d-------- C:\Program Files\Reference Assemblies
2007-07-29 09:15 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
2007-07-28 10:35 --------- d-a------ C:\DOCUME~1\DEFAULT\APPLIC~1\yahoo!
2007-07-28 09:20 --------- d-------- C:\DOCUME~1\DEFAULT\APPLIC~1\Pmcc
2007-07-28 09:18 --------- d-------- C:\Program Files\Pmcc
2007-07-27 18:23 --------- d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-07-27 14:35 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
2007-07-26 12:23 --------- d-------- C:\Program Files\SUPERAntiSpyware
2007-07-26 12:23 --------- d-------- C:\DOCUME~1\DEFAULT\APPLIC~1\SUPERAntiSpyware.com
2007-07-26 08:32 --------- d-------- C:\Program Files\Samurize
2007-07-21 06:05 --------- d-------- C:\Program Files\AusLogics Disk Defrag
2007-07-21 02:56 --------- d-------- C:\DOCUME~1\DEFAULT\APPLIC~1\Comodo
2007-07-21 02:56 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Comodo
2007-07-21 02:50 --------- d-------- C:\Program Files\Comodo
2007-07-21 02:01 --------- d-------- C:\Program Files\NETEagle
2007-07-20 17:23 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
2007-07-20 17:00 512 --a------ C:\ScanSectorLog.dat
2007-07-20 16:52 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\MailFrontier
2007-07-20 16:35 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Sereniti
2007-07-20 16:24 14 --a------ C:\getfile.dat
2007-07-20 16:11 --------- d-------- C:\Program Files\IObit
2007-07-20 08:42 --------- d-------- C:\Program Files\Security Task Manager
2007-07-19 15:40 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
2007-07-19 14:28 --------- d-------- C:\Program Files\PC Optimizer
2007-07-19 14:15 --------- d-------- C:\Program Files\Startup Optimizer
2007-07-19 12:51 --------- d-------- C:\DOCUME~1\DEFAULT\APPLIC~1\Sereniti
2007-07-19 03:00 3583488 --------- C:\WINDOWS\SYSTEM32\dllcache\mshtml.dll
2007-07-18 19:44 1793465 ---hs---- C:\WINDOWS\SYSTEM32\klmoq.bak1
2007-07-12 19:31 765952 --a------ C:\WINDOWS\SYSTEM32\dllcache\vgx.dll
2007-06-27 10:35 823808 --------- C:\WINDOWS\SYSTEM32\dllcache\wininet.dll
2007-06-27 10:35 232960 --------- C:\WINDOWS\SYSTEM32\dllcache\webcheck.dll
2007-06-27 10:34 671232 --------- C:\WINDOWS\SYSTEM32\dllcache\mstime.dll
2007-06-27 10:34 6058496 --------- C:\WINDOWS\SYSTEM32\dllcache\ieframe.dll
2007-06-27 10:34 52224 --------- C:\WINDOWS\SYSTEM32\dllcache\msfeedsbs.dll
2007-06-27 10:34 477696 --------- C:\WINDOWS\SYSTEM32\dllcache\mshtmled.dll
2007-06-27 10:34 459264 --------- C:\WINDOWS\SYSTEM32\dllcache\msfeeds.dll
2007-06-27 10:34 44544 --------- C:\WINDOWS\SYSTEM32\dllcache\iernonce.dll
2007-06-27 10:34 384512 --------- C:\WINDOWS\SYSTEM32\dllcache\iedkcs32.dll
2007-06-27 10:34 383488 --------- C:\WINDOWS\SYSTEM32\dllcache\ieapfltr.dll
2007-06-27 10:34 27648 --------- C:\WINDOWS\SYSTEM32\dllcache\jsproxy.dll
2007-06-27 10:34 267776 --------- C:\WINDOWS\SYSTEM32\dllcache\iertutil.dll
2007-06-27 10:34 230400 --------- C:\WINDOWS\SYSTEM32\dllcache\ieaksie.dll
2007-06-27 10:34 193024 --------- C:\WINDOWS\SYSTEM32\dllcache\msrating.dll
2007-06-27 10:34 153088 --------- C:\WINDOWS\SYSTEM32\dllcache\ieakeng.dll
2007-06-27 10:34 132608 --------- C:\WINDOWS\SYSTEM32\dllcache\extmgr.dll
2007-06-27 10:34 124928 --------- C:\WINDOWS\SYSTEM32\dllcache\advpack.dll
2007-06-27 10:34 1152000 --------- C:\WINDOWS\SYSTEM32\dllcache\urlmon.dll
2007-06-27 10:34 105984 --------- C:\WINDOWS\SYSTEM32\dllcache\url.dll
2007-06-27 10:34 102400 --------- C:\WINDOWS\SYSTEM32\dllcache\occache.dll
2007-06-27 04:27 63488 --------- C:\WINDOWS\SYSTEM32\dllcache\ie4uinit.exe
2007-06-27 04:27 625152 --------- C:\WINDOWS\SYSTEM32\dllcache\iexplore.exe
2007-06-27 04:27 13824 --------- C:\WINDOWS\SYSTEM32\dllcache\ieudinit.exe
2007-06-27 03:00 161792 --a------ C:\WINDOWS\SYSTEM32\dllcache\ieakui.dll
2007-06-26 02:08 1104896 --a------ C:\WINDOWS\SYSTEM32\msxml3.dll
2007-06-26 02:08 1104896 --------- C:\WINDOWS\SYSTEM32\dllcache\msxml3.dll
2007-06-19 09:31 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll
2007-06-19 09:31 282112 --------- C:\WINDOWS\SYSTEM32\dllcache\gdi32.dll
2007-06-13 06:23 1033216 --a------ C:\WINDOWS\explorer.exe
2007-06-13 06:23 1033216 --------- C:\WINDOWS\SYSTEM32\dllcache\explorer.exe
1999-07-22 11:14 266 ---hs---- C:\Program Files\desktop.ini
1999-07-22 11:14 11079 --ah----- C:\Program Files\folder.htt
2004-08-04 07:56:46 50,688 --sh--w C:\WINDOWS\twain_32.dll
2001-08-23 15:00:00 94,784 --sh--w C:\WINDOWS\twain.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-07-21 03:00]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-09-08 09:34]
"Ad Muncher"="C:\Program Files\Ad Muncher\AdMunch.exe" [2006-10-28 03:37]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

C:\DOCUME~1\DEFAULT\STARTM~1\PROGRAMS\STARTUP\
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 19:05:35]
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE [2005-10-20 12:04:08]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, msnsspc.dll, digest.dll, xlibgfl254.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ WinCinema Manager.lnk]
backup=C:\WINDOWS\pss\ WinCinema Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^dx32cxlp.exe]
path=C:\WINDOWS\SYSTEM32\dx32cxlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Verizon Online Support Center.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Default^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\Default\Start Menu\Programs\Startup\Adobe Gamma.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Default^Start Menu^Programs^Startup^Morpheus.lnk]
path=C:\Documents and Settings\Default\Start Menu\Programs\Startup\Morpheus.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1IUZgJ]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3J28S585LNLFXN]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Abr]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aef]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agf]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aik]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aimmvS5]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aip]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ait]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Amp]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aor]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Avg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BallistikSetup.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bbt]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bdu]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Beg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ber]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bgd]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bhp]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bhu]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bkr]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bnn]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boa]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cap]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cbi]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cci]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cgb]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cja]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cnc]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\System32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ctg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DHaxi.exe]
C:\WINDOWS\System32\DHaxi.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dhn]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dhp]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dks]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dle]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dps]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dql]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dus]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eaf]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ecc]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eds]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ehg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eit]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ejr]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ela]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1135460125\EE\AOLHostManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Morpheus]
"C:\Program Files\StreamCast\Morpheus\Morpheus.exe" -min

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SFP]
C:\Program Files\Common Files\Verizon Online\SFP\vzSFPWin.EXE /s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
"C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"moto"=2 (0x2)
"WZCSVC"=2 (0x2)
"AOL TopSpeedMonitor"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
"AtiCwd32"=Aticwd32.exe
"SoundFusion"=RunDll32 cwcprops.cpl,CrystalControlWnd
"Easykey"=C:\Program Files\Easy Keyboard\Easykey.exe
"LexmarkPrinTray"=PrinTray.exe

R0 pmfilt;pmfilt;C:\WINDOWS\system32\drivers\pmfilt.sys
R0 pmhelp;pmhelp;C:\WINDOWS\system32\drivers\pmhelp.sys
R3 KID_USB;Kensington Input Devices USB filter driver;C:\WINDOWS\system32\DRIVERS\KID_USB.sys
R3 KMW_SYS;Kensington MouseWorks Mouse filter driver;C:\WINDOWS\system32\DRIVERS\KMW_SYS.sys
R3 SMC55T;SMC EZ Card 10/100 (SMC1255TX);C:\WINDOWS\system32\DRIVERS\SMC55T51.sys
S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\AN983.sys
S3 NtApm;NT Apm/Legacy Interface Driver;C:\WINDOWS\system32\DRIVERS\NtApm.sys
S3 USB_RNDIS_XP;Westell WireSpeed Dual Connect Modem;C:\WINDOWS\system32\DRIVERS\usb8023.sys
S3 USBNET_XP;Instant Wireless XP USB Network Adapter ver.2.6 Driver;C:\WINDOWS\system32\DRIVERS\netusbxp.sys
S3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>IEPerUser]
RUNDLL32.EXE IEDKCS32.DLL,BrandIE4 SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\MmoptPreferredAudioDevices]
rundll32.exe shell32.dll,Control_RunDLL mmsys.cpl,@0,SPCI\VEN_1013&DEV_6003&SUBSYS_00000000&REV_01\BUS_00&DEV_0B&FUNC_00

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA851-CC51-11CF-AAFA-00AA00B6015C}]
rundll32.exeadvpack.dll
.
Contents of the 'Scheduled Tasks' folder
"2007-09-06 03:00:02 c:\windows\Tasks\Tune-up Application Start.job"
"2007-09-13 00:20:02 c:\windows\Tasks\Uninstall Expiration Reminder.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2007-09-13 00:04:02 c:\windows\Tasks\{28D8C1C7-95D2-4F18-9495-D8A8AC138617}_OEMCOMPUTER_Adriann.job"
"2007-09-10 07:00:02 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job"
"2007-09-10 16:00:02 c:\windows\Tasks\Auto-scheduled task of Free Registry Fix.job"
"2007-09-07 15:04:02 c:\windows\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-12 20:52:53
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-09-12 20:57:25 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-12 20:57
.
--- E O F ---

<hr /><br />
Here's the HJT LOG after combofix ended---

Logfile of HijackThis v1.99.1
Scan saved at 9:05:14 PM, on 9/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Knivez\Desktop\Antivirus\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarerefer...=...6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Ad Muncher] C:\Program Files\Ad Muncher\AdMunch.exe /bt
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher...d=menu_ie_frame
O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher...d=menu_ie_image
O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher...id=menu_ie_link
O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher...menu_ie_exclude
O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher...=menu_ie_report
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .asx: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdsplay.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecu...vex/TmHcmsX.CAB
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1184865872416
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1184865852527
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4691A505-9E3C-4806-B742-02D39B9516EC}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{86BA0510-7854-4A51-8A57-02FBE003EF9B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: ffqRgEFgGMf - {3C2DD1E3-9687-7B49-6F3B-F23667ACEBC3} - (no file)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

OH, and btw, combofix solved my clock problem b4 i could do it manually lol

Ultimate Defender 2007/ Winantispyware 2007 help plz

#1
Knivez1

Posted 12 September 2007 - 06:35 PM

Advertisements

#2
Knivez1

Posted 12 September 2007 - 07:08 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Ultimate Defender 2007/ Winantispyware 2007 help plz

#1 Knivez1 Posted 12 September 2007 - 06:35 PM

Advertisements

#2 Knivez1 Posted 12 September 2007 - 07:08 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
Knivez1

Posted 12 September 2007 - 06:35 PM

#2
Knivez1

Posted 12 September 2007 - 07:08 PM