hello

Recently, this program called ultimate defender/ultimate fixer has been popping up in my toolbar, with a similar window design as "Windows Defender". I ran the latest ad-aware build then i did the Hijackthis
here it is


Logfile of HijackThis v1.99.1
Scan saved at 5:46:02 PM, on 4/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\yhuxonuj.exe
C:\WINDOWS\system32\stcheck32.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\Program Files\TuneUp Utilities 2006\DiskCleaner.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\aim6\anotify.exe
C:\Documents and Settings\Inc\Desktop\HijackThis.exe

R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {965f4750-1dd1-11b2-8908-999e1e82a7e1} - C:\WINDOWS\system32\CfFpAwUB.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [yhuxonuj.exe] C:\WINDOWS\system32\yhuxonuj.exe
O4 - HKLM\..\Run: [Privacy tools] C:\WINDOWS\system32\stcheck32.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: .protected
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: .protected
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

1. Download this file - combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply with a new hijackthis log.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Ok this is the combo fix log


"Inc" - 07-04-17 11:14:13 Service Pack 2
ComboFix 07-04-17.V - Running from: C:\Downloads\


((((((((((((((((((((((((((((((( Files Created from 2007-03-17 to 2007-04-17 ))))))))))))))))))))))))))))))))))


2007-04-16 17:28 <DIR> d-------- C:\Program Files\Lavasoft
2007-04-16 17:28 <DIR> d-------- C:\DOCUME~1\Inc\APPLIC~1\Lavasoft
2007-04-16 17:21 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-04-16 17:21 <DIR> d-------- C:\DOCUME~1\Inc\APPLIC~1\SUPERAntiSpyware.com
2007-04-16 17:21 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
2007-04-16 16:18 <DIR> d-------- C:\Program Files\Enigma Software Group
2007-04-16 16:03 <DIR> d-------- C:\Program Files\Ultimate Fixer
2007-04-16 14:57 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2007-04-16 12:09 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-04-16 12:07 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-04-16 11:22 <DIR> d-------- C:\DOCUME~1\Inc\APPLIC~1\Ultimate Fixer
2007-04-16 11:00 77,312 --a------ C:\WINDOWS\system32\CfFpAwUB.dll
2007-04-16 11:00 54,272 --a------ C:\WINDOWS\system32\yhuxonuj.exe
2007-04-16 11:00 262,144 --a------ C:\WINDOWS\system32\stcheck32.exe
2007-04-16 11:00 <DIR> d-------- C:\WINDOWS\system32\cgjektls
2007-04-12 18:52 4,103,032 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2007-04-12 18:52 13,013 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2007-04-12 18:52 <DIR> d-------- C:\Program Files\Illustrate
2007-04-12 18:48 <DIR> d-------- C:\Program Files\Motorola
2007-04-12 18:47 <DIR> d-------- C:\Program Files\Common Files\Motorola Shared
2007-04-12 18:46 <DIR> d-------- C:\HarryThompson
2007-04-04 15:44 <DIR> d-------- C:\Program Files\Plagiarism-Finder TRIAL
2007-04-04 15:44 <DIR> d-------- C:\DOCUME~1\Inc\APPLIC~1\Plagiarism-Finder
2007-04-04 15:35 159,059 --a------ C:\WINDOWS\Plagiarism-Finder Uninstaller.exe
2007-04-04 15:35 <DIR> d-------- C:\Program Files\Plagiarism-Finder 1.2.2 TRIAL
2007-04-02 08:34 <DIR> d-------- C:\Program Files\iTunes
2007-04-02 08:34 <DIR> d-------- C:\Program Files\iPod
2007-04-02 08:28 <DIR> d-------- C:\Program Files\QuickTime
2007-04-01 09:03 65,536 --a------ C:\WINDOWS\IFinst27.exe
2007-03-28 19:32 <DIR> d-------- C:\DOCUME~1\Inc\APPLIC~1\Aim
2007-03-28 19:31 <DIR> d-------- C:\Program Files\AOD
2007-03-28 19:31 <DIR> d-------- C:\Program Files\AIM
2007-03-28 19:25 <DIR> d-------- C:\DOCUME~1\Inc\APPLIC~1\Viewpoint
2007-03-28 19:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
2007-03-28 19:24 <DIR> d-------- C:\Program Files\Viewpoint
2007-03-28 19:24 <DIR> d-------- C:\Program Files\AIM95
2007-03-22 17:32 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2007-03-22 17:31 <DIR> d-------- C:\WINDOWS\ShellNew
2007-03-20 17:35 <DIR> d--h----- C:\DOCUME~1\Inc\APPLIC~1\Move Networks


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-04-17 11:19 -------- d-------- C:\DOCUME~1\Inc\APPLIC~1\free download manager
2007-04-16 18:29 -------- d-------- C:\Program Files\tuneup utilities 2006
2007-04-16 18:29 -------- d-------- C:\Program Files\steam
2007-04-16 18:29 -------- d-------- C:\Program Files\msn messenger
2007-04-16 18:29 -------- d-------- C:\Program Files\google
2007-04-16 18:29 -------- d-------- C:\Program Files\free download manager
2007-04-16 18:29 -------- d-------- C:\Program Files\aim6
2007-04-16 17:27 -------- d-------- C:\Program Files\Common Files\wise installation wizard
2007-04-16 12:20 -------- d-------- C:\Program Files\limewire
2007-04-16 12:20 -------- d-------- C:\Program Files\friendblasterpro
2007-04-16 12:06 -------- d-------- C:\Program Files\elcomsoft
2007-04-15 01:04 -------- d-------- C:\Program Files\java
2007-04-08 10:49 -------- d-------- C:\DOCUME~1\Inc\APPLIC~1\google
2007-04-04 15:21 -------- d--h----- C:\Program Files\installshield installation information
2007-04-03 23:06 -------- d-------- C:\Program Files\gpotato
2007-03-19 18:22 -------- d-------- C:\Program Files\byond
2007-03-17 09:43 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-15 12:23 497496 --a------ C:\WINDOWS\system32\xceedzip.dll
2007-03-15 12:19 526184 --a------ C:\WINDOWS\system32\xceedcry.dll
2007-03-14 18:55 -------- d-------- C:\DOCUME~1\Inc\APPLIC~1\byond
2007-03-11 14:42 155411 --a------ C:\WINDOWS\system32\drivers\dump_wmimmc.sys
2007-03-08 11:36 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 11:36 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 11:36 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 09:47 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-03-05 15:50 -------- d-------- C:\Program Files\apple software update
2007-03-04 18:20 -------- d-------- C:\DOCUME~1\Inc\APPLIC~1\sonic
2007-03-04 18:20 -------- d-------- C:\DOCUME~1\Inc\APPLIC~1\leadertech
2007-03-01 23:35 16 --a------ C:\WINDOWS\popcinfo.dat
2007-02-05 16:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll
2007-02-01 00:56 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-02-01 00:56 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-02-01 00:56 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-02-01 00:56 639066 --a------ C:\WINDOWS\system32\divx.dll
2007-01-31 17:27 524288 --a------ C:\WINDOWS\system32\divxsm.exe
2007-01-30 19:15 118784 --a------ C:\WINDOWS\system32\divxcodecupdatechecker.exe
2007-01-30 01:03 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-01-30 01:03 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-01-30 01:03 129784 --------- C:\WINDOWS\system32\pxafs.dll
2007-01-30 01:03 118520 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-01-30 01:03 116472 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-01-30 01:03 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-01-30 00:56 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-01-30 00:56 593920 --a------ C:\WINDOWS\system32\dpugui11.dll
2007-01-30 00:56 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-01-30 00:56 53248 --a------ C:\WINDOWS\system32\dpugui10.dll
2007-01-30 00:56 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-01-30 00:56 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-01-30 00:56 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-01-30 00:56 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-01-25 14:48 720896 --a------ C:\WINDOWS\iun6002ev.exe
2007-01-19 16:23 2 --a------ C:\WINDOWS\system32\grecorder.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{965f4750-1dd1-11b2-8908-999e1e82a7e1} C:\WINDOWS\system32\CfFpAwUB.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar2.dll
{CC59E0F9-7E43-44FA-9FAA-8377850BF205} C:\Program Files\Free Download Manager\iefdmcks.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"AGRSMMSG"="AGRSMMSG.exe"
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe"
"SoundMan"="SOUNDMAN.EXE"
"AlcWzrd"="ALCWZRD.EXE"
"Alcmtr"="ALCMTR.EXE"
"APVXDWIN"="\"C:\\Program Files\\Panda Software\\Panda Antivirus 2007\\APVXDWIN.EXE\" /s"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"BootSkin Startup Jobs"="\"C:\\PROGRA~1\\Stardock\\WINCUS~1\\BootSkin\\BootSkin.exe\" /StartupJobs"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"UserFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,\
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"yhuxonuj.exe"="C:\\WINDOWS\\system32\\yhuxonuj.exe"
"Privacy tools"="C:\\WINDOWS\\system32\\stcheck32.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Aim6"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp"
"Steam"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"Free Download Manager"="C:\\Program Files\\Free Download Manager\\fdm.exe -autorun"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"appinit_dlls"="wbsys.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\
Security Packages REG_MULTI_SZ kerberosmsv1_0schannelwdigest\
Notification Packages REG_MULTI_SZ scecli\


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\
LocalService REG_MULTI_SZ AlerterWebClientLmHostsRemoteRegistryupnphostSSDPSRV\
NetworkService REG_MULTI_SZ DnsCache\
DcomLaunch REG_MULTI_SZ DcomLaunchTermService\
rpcss REG_MULTI_SZ RpcSs\
imgsvc REG_MULTI_SZ StiSvc\
termsvcs REG_MULTI_SZ TermService\
Usnsvc REG_MULTI_SZ usnsvc\

hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
UxTuneUp

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_NTMSSVC
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_SASDIFSV
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_SASENUM
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_SASKUTIL
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_UDFS


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job

********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-04-17 11:19:44
C:\ComboFix-quarantined-files.txt ... 07-04-17 11:19

btw i kinda did 2 topics so im just gonna work with this one

Can I see a new hijackthis log?