I've looked around previous posts, ran 2 anti-virus sites (trendmicro, panda) and booted spybot S&D in safemode and managed to remove quite a few spyware however I still have a few left. If possible can you guys help me remove them?

I've looked around sites already and got AVG anti-spyware however that didn't seem to do much for me...

Logfile of HijackThis v1.99.1
Scan saved at 1:48:05 AM, on 7/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\rui\Desktop\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

It seems like combofix is also something that is needed inorder to determine what spyware I have so...

"rui" - 2007-07-15 1:49:01 - ComboFix 07-07-14.6 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2007-06-15 to 2007-07-15 )))))))))))))))))))))))))))))))


2007-07-15 01:16 8,576 --a------ C:\WINDOWS\system32\drivers\bjmwhbxnlnwr.sys
2007-07-15 01:10 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-07-15 00:13 <DIR> d-------- C:\VundoFix Backups
2007-07-14 22:35 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-07-14 22:21 <DIR> d-------- C:\WINDOWS\CSC
2007-07-14 19:30 <DIR> d-------- C:\DOCUME~1\rui\.housecall6.6
2007-07-14 18:46 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-07 19:18 <DIR> d-------- C:\Program Files\mIRC
2007-07-06 17:21 <DIR> d-------- C:\DOCUME~1\rui\APPLIC~1\MSN6
2007-07-06 17:21 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
2007-07-04 22:21 <DIR> d-------- C:\Program Files\DivX
2007-07-02 15:41 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-02 15:41 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-07-01 18:01 <DIR> d-------- C:\DOCUME~1\rui\APPLIC~1\Apple Computer
2007-07-01 17:20 <DIR> d-------- C:\Program Files\QuickTime
2007-07-01 17:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-07-01 17:14 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-07-01 17:14 <DIR> d-------- C:\Program Files\Xvid
2007-07-01 16:49 86,016 --a------ C:\WINDOWS\unvise32.exe
2007-07-01 16:49 <DIR> d-------- C:\Program Files\DivXLand
2007-07-01 16:35 <DIR> d-------- C:\Program Files\URUSoft
2007-07-01 16:17 <DIR> d-------- C:\DOCUME~1\rui\APPLIC~1\Help
2007-07-01 16:15 <DIR> d-------- C:\Program Files\Sub Station Alpha v4.08
2007-07-01 16:15 <DIR> d-------- C:\DOCUME~1\rui\APPLIC~1\Viewpoint
2007-07-01 16:14 299,520 --a------ C:\WINDOWS\uninst.exe
2007-07-01 16:14 <DIR> d-------- C:\DOCUME~1\rui\WINDOWS
2007-07-01 09:16 <DIR> d-------- C:\DOCUME~1\rui\APPLIC~1\vlc
2007-07-01 09:14 <DIR> d-------- C:\Program Files\VideoLAN
2007-06-29 13:45 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2007-06-29 13:39 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-06-29 13:39 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-06-29 13:39 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-06-29 13:39 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-06-29 13:39 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-06-29 13:39 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2007-06-29 13:39 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-06-29 13:39 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-06-29 13:39 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-06-29 13:39 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-06-29 13:39 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-06-29 13:39 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-06-29 13:39 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-06-29 13:39 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-06-29 13:37 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-06-29 13:36 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-06-29 13:36 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-06-29 13:21 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-06-29 11:51 <DIR> d-------- C:\Program Files\Steam
2007-06-29 11:41 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-06-29 11:32 <DIR> d-------- C:\DOCUME~1\rui\APPLIC~1\Ventrilo
2007-06-29 11:15 76,039 --a------ C:\WINDOWS\War3Unin.dat
2007-06-29 11:15 2,829 --a------ C:\WINDOWS\War3Unin.pif
2007-06-29 11:15 139,264 --a------ C:\WINDOWS\War3Unin.exe
2007-06-29 11:12 <DIR> d-------- C:\Program Files\Warcraft III
2007-06-29 11:04 <DIR> d-------- C:\WINDOWS\pss
2007-06-29 11:03 <DIR> d-------- C:\Program Files\Ventrilo
2007-06-29 11:03 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-06-29 11:02 <DIR> d-------- C:\DOCUME~1\rui\APPLIC~1\acccore
2007-06-29 11:02 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
2007-06-29 11:02 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
2007-06-29 11:01 <DIR> d-------- C:\Program Files\Viewpoint
2007-06-29 11:01 <DIR> d-------- C:\Program Files\Common Files\AOL
2007-06-29 11:01 <DIR> d-------- C:\Program Files\AIM6
2007-06-29 11:01 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
2007-06-29 11:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
2007-06-29 10:42 <DIR> d-------- C:\Program Files\BitComet
2007-06-29 10:42 <DIR> d-------- C:\Downloads
2007-06-29 10:37 <DIR> d-------- C:\DOCUME~1\rui\APPLIC~1\ATI
2007-06-29 10:34 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
2007-06-29 10:34 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-06-29 10:34 <DIR> d-------- C:\Program Files\ATI Technologies
2007-06-29 10:33 <DIR> d-------- C:\ATI
2007-06-29 10:29 1,940 --a------ C:\WINDOWS\mozver.dat
2007-06-29 10:24 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-06-29 10:24 <DIR> d-------- C:\WINDOWS\Prefetch
2007-06-29 10:19 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys
2007-06-29 10:19 937,984 --------- C:\WINDOWS\system32\winbrand.dll
2007-06-29 10:19 9,728 --------- C:\WINDOWS\system32\comsdupd.exe
2007-06-29 10:19 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll
2007-06-29 10:19 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll
2007-06-29 10:19 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll
2007-06-29 10:19 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll
2007-06-29 10:19 81,920 --------- C:\WINDOWS\system32\ieencode.dll
2007-06-29 10:19 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2007-06-29 10:19 8,192 --------- C:\WINDOWS\system32\smbinst.exe
2007-06-29 10:19 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2007-06-29 10:19 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2007-06-29 10:19 75,776 --------- C:\WINDOWS\system32\strmfilt.dll
2007-06-29 10:19 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2007-06-29 10:19 73,796 --------- C:\WINDOWS\system32\slserv.exe
2007-06-29 10:19 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-06-29 10:19 71,680 --------- C:\WINDOWS\system32\blastcln.exe
2007-06-29 10:19 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll
2007-06-29 10:19 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll
2007-06-29 10:19 7,168 --------- C:\WINDOWS\system32\kbdukx.dll
2007-06-29 10:19 7,168 --------- C:\WINDOWS\system32\kbdno1.dll
2007-06-29 10:19 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll
2007-06-29 10:19 7,168 --------- C:\WINDOWS\system32\hccoin.dll
2007-06-29 10:19 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2007-06-29 10:19 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-29 14:50:50 359,040 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL
2007-06-29 14:50:50 359,040 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS
2007-06-29 14:42:30 2,560 ----a-w C:\WINDOWS\system32\BitCometRes.dll
2007-06-28 22:52:18 765,952 ------w C:\WINDOWS\system32\xvidcore.dll
2007-06-13 19:50:17 43,152 ----a-w C:\WINDOWS\system32\drivers\ativvpxx.vp
2007-06-13 19:25:36 339,968 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-06-13 19:23:23 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-06-13 19:17:37 139,264 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-06-13 19:17:26 118,784 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-06-13 19:17:18 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-06-13 19:17:12 42,496 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-06-13 19:16:59 118,784 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-06-13 19:15:39 483,328 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-06-13 19:14:51 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-06-13 19:10:33 8,097,792 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-06-13 18:57:04 972,072 ----a-w C:\WINDOWS\system32\ativva6x.dat
2007-06-13 18:57:04 3,107,788 ----a-w C:\WINDOWS\system32\ativvaxx.dat
2007-06-13 18:57:04 3,107,788 ----a-w C:\WINDOWS\system32\ativva5x.dat
2007-06-13 18:46:28 5,431,296 ----a-w C:\WINDOWS\system32\atioglxx.dll
2007-06-13 18:43:53 262,144 ----a-w C:\WINDOWS\system32\atikvmag.dll
2007-06-13 18:42:29 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2007-06-13 18:41:46 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2007-06-13 18:41:06 50,176 ----a-w C:\WINDOWS\system32\atiok3x2.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 01:04 853672 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [2007-06-29 11:51]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 08:29]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ATI Smart"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-15 01:49:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-15 1:50:06

--- E O F ---

Welcome to Safer Networking, I wish to be sure you have viewed and understand this information. "BEFORE you POST" (READ this Procedure before Requesting Assistance)
http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.

Post here if waiting for help longer than four days
http://forums.spybot.info/forumdisplay.php?f=37

Posting additional comments or logs before a volunteer responds, can push you back instead of forward, because your thread ends up with a newer date. Also, helpers may think you are already being assisted because of the post count. Quoted above are likely the reasons you were not responded to. If you have not resolved your issues, post a new HJT log and I will take a look. If your issues are resolved I would appreciae a quick post letting me know and I will close your topic.

Thanks...Phil

This topic has been archived.

If you need it re-opened, please send me a private message (pm) and provide a link to the thread.

Applies only to the original poster, anyone else with similar problems please start a new topic.