Something is killing my computer, hijackthis log included

Discussion in 'Windows - Virus and spyware problems' started by ellegon18, Jul 29, 2007.

  1. ellegon18

    ellegon18 Member

    Joined:
    May 21, 2007
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    16
    I have popups constantly, i have ran adaware, avg free antivirus and cleaned everything it says and not helping. Here is my hijack this log. Thanks in advance for any help.


    Logfile of HijackThis v1.99.1
    Scan saved at 12:27:22 PM, on 7/29/2007
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\System32\Atievxx.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\System32\pctspk.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\WINDOWS\g4356cbvy63.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\?dobe\n?tepad.exe
    c:\windows\system32\msdsregl.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\HJT\HijackThis.exe

    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\nwintndt.exe SKY009
    O4 - HKLM\..\Run: [uwas7cw] "C:\Program Files\Common Files\WinAntiSpyware 2007\uwas7cw.exe" -c
    O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe"
    O4 - HKLM\..\Run: [g4356cbvy63] C:\WINDOWS\g4356cbvy63
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [{B4-4F-F9-92-ZN}] c:\windows\system32\msdsregl.exe SKY009
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Hroo] "C:\WINDOWS\ICROSO~1.NET\spoolsv.exe" -vt yazb
    O4 - HKCU\..\Run: [Cvoi] C:\WINDOWS\system32\?dobe\n?tepad.exe
    O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe
    O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
    O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\nwintndt.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1053069377503
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1053069364785
    O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab
    O16 - DPF: {DD8C9372-35FD-4F7D-8CE4-909ABCFAB2C5} - ms-its:mhtml:file://c:\\nores.mht!http://adxtnet.net/code/chm/xpre.chm::/xpreload.ocx
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://playgames.comcast.net/online2/bejeweled2/popcaploader_v6.cab
    O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Net Agent - Unknown owner - C:\WINDOWS\dls0523pmw.exe (file missing)
    O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\tojstny.exe (file missing)
     
    ellegon18, Jul 29, 2007
    #1
  2. ellegon18

    ellegon18 Member

    Joined:
    May 21, 2007
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    16
    Sorry, I couldn't figure out how to edit my post, in Add or Remove Programs, I see Outerinfo size 49.83 mb. I tried to uninstall and it says need to go their website and download an uninstaller. This program showed up on my computer without my knowledge and a search shows it is bad news, so don't want to download anything else that has anything to do with this program unless it is absolutely needed. I am sure this has something to due with my current situation. Thanks in advance for any help.
     
    ellegon18, Jul 29, 2007
    #2
  3. ellegon18

    ellegon18 Member

    Joined:
    May 21, 2007
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    16
    Adimns, please close this thread. Help is no longer needed. Thanks
     
    ellegon18, Aug 1, 2007
    #3
  4. Auttaja

    Auttaja Guest

    Hi your computer is very badly infected still..

    You are currently using an unpatched version of Microsoft XP. It is CRITICAL that you update to Service Pack 1
    Please visit this link:
    Microsoft Service Pack 1

    and install Service Pack 1. If you run into troubles, please post them here.

    IMPORTANT: DO NOT update to Service pack 2. Doing so before your computer is clean can cause Windows to become unstable.
    We will update to SP2 when you are clean.


    Please post back with a HJT log and your computer running with Service pack 1, or with any problems you are having updating.

    ============

    Download and Run ComboFix
    *Download this file from either of the two below listed places :

    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe

    *Then double click combofix.exe & follow the prompts.
    *When finished, it shall produce a log for you. Post that log in your next reply
    Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

    =======

    Post fresh hijacthis log and combofix log..
     
    Last edited by a moderator: Aug 3, 2007
    Auttaja, Aug 3, 2007
    #4
  5. ellegon18

    ellegon18 Member

    Joined:
    May 21, 2007
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    16
    Thanks for responding, I did post on another site, and got some help, cleaned up the infection, and have already updated to sp2. I did try to do sp1 first but couodn't find it. I was told that sp2 had all of sp1 in it and it was safe so I downloaded sp2. When I get home, I will post another hijackthis log and a combofix log. If it isn't too much trouble, would you mind taking a look to see if everything looks good. Thanks again for the response.
     
    ellegon18, Aug 3, 2007
    #5

Share This Page