out of control popups

hi. I've tried spyware, ad aware, etc. No Luck. My hijack this log is posted below, but I received error messages while I was running the log, so it might not be accurate. Thanks.

Logfile of HijackThis v1.99.1
Scan saved at 4:10:35 PM, on 3/22/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
C:\WINNT\system32\sms_msn40.exe
C:\WINNT\system32\sms_msn.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Spyware Nuker\swnxt.exe
C:\WINNT\System32\wgse.exe
C:\WINNT\system32\kwinosap.exe
C:\WINNT\system32\ngpw40.exe
C:\Program Files\Common Files\efax\HotTray.exe
C:\Program Files\PerSono\perstray.exe
C:\Program Files\Handspring\HOTSYNC.EXE
C:\Program Files\Linksys\Wireless-G Notebook Adapter\OdHost.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54Cfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\COMMON~1\YMBOLS~1\ati2evxx.exe
C:\Program Files\MediaGateway\MediaGateway.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINNT\System32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.usaa.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x=...AbRr/1E4LA2gA5YiRCE68lrvqOEfNkXt7AQ0lvenpEJrH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R3 - URLSearchHook: (no name) - {8B023360-FA83-A608-D5ED-D30FA3931CE5} - C:\WINNT\System32\yrgfbu.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ngsh35.clsIS - {279A1B41-6CAC-4ABF-B39C-72C8E489F685} - C:\WINNT\system32\ngsh35.dll
O2 - BHO: (no name) - {7D9CB362-375B-4FB9-8024-E55079CC69D1}" - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [freestyle] lockx.exe
O4 - HKLM\..\Run: [WIxNDOWxS] \wildwin.exe
O4 - HKLM\..\Run: [lspins] "C:\WINNT\System32\igps.exe "
O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe
O4 - HKLM\..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
O4 - HKLM\..\Run: [{3B-B6-69-99-ZN}] c:\winnt\system32\dwdsregt.exe FI002
O4 - HKLM\..\Run: [sms_msn40] C:\WINNT\system32\sms_msn40.exe
O4 - HKLM\..\Run: [sms_msn] C:\WINNT\system32\sms_msn.exe
O4 - HKLM\..\Run: [susse] "C:\WINNT\System32\hpsw.exe "
O4 - HKLM\..\Run: [SWN2] C:\Program Files\Spyware Nuker\swnxt.exe /h
O4 - HKLM\..\Run: [winsync] C:\WINNT\System32\rkoiko.exe reg_run
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINNT\system32\kwinosap.exe FI002
O4 - HKLM\..\Run: [keyboard] c:\windows\keyboard4.exe
O4 - HKLM\..\Run: [mousepad] c:\windows\mousepad4.exe

 

Hi bridgecap
To help the people out that will help you, please do and follow the insturctions here first....
http://www.windowsbbs.com/showthread.php?t=37074
and then post back here.

Your Hijackthis log is incomplete and should not be in a temp folder.
Geri