MSN Messenger virus, auto sends virus to my contacts! I have the HijackThis Log, please help!?

Question

I got sent this file called images.zip, my friend said "You look awfully funny in this picture, no joke" and I unzipped and, silly me, ran it!

So now, every 10 minutes or so, I send out another "Look at this picture" or "Who is this on the right?" to all my online contacts, and those unwitted enough to open it gets the virus too.

The log from HijackThis is:

Logfile of HijackThis v1.99.1
Scan saved at 4:48:56 PM, on 7/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Thomson SpeedTouch\PPPoE\fts.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

Continue later

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\winlog32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\steam\steam.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgwb.dat
C:\Program Files\Hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=3502
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O3 - Toolbar: Neopets - {CD292324-974F-4224

O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H
O4 - HKLM\..\Run: [%FP%PPPoE fts.exe] "C:\Program Files\Thomson SpeedTouch\PPPoE\fts.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

I'M BORED OF THIS JUST GET THE FULL LOG FROM HERE:

http://www.geocities.com/drelnis/hijackthis.log

I RAN ALL OF MY ANTIVIRUS PROGRAMS, NO RESULTS!

Answer 1

I say that u immediately go offline! Run ur AVG anti-virus scan but first download Ad-Adware SE Personal-preferably frm download.com: it's free and shud get rid of ur problem. This is most probably just a spyware. Still, to be on the better side, work in safe mode. Better yet, follow this path:
Ctrl+Alt+Delete>>Processes and shud u see a NON-SYSTEM program using a lot of ur memory or having a suspicious name: straightaway right-click on it and select: 'End Process Tree'. Then try the anti-virus and anti-spyware. Gud luck!

Answer 2

reeboot your computer in safemode meaning restart the computer and keep hitting F8. The computer will ask if you want to run safe mode. Hit yes. Run your spyware and your virusware and see what happens. I know at this point you dont trust anyone with your computer but ill give you a sugestion I gave to someone else as far as virus/spyware. Go on the internet to www.majorgeeks.com and look for AVG spy/virusware. Its a free download from professional computer fixers. If you take my advise good but if you dont its up to you.

Answer 3

i see you are using avg anti virus good choice update it and scan your computer 2 times just to be safe and uninstall your msn and reinstall it that should stop it from auto sending the virus to your contacts and the anti-virus should get rid of it if none of this works run a system restore than repeat this process and if it doesn't work the 2nd time i think you should leave it to the pros by the way if you need any help my msn is at the bottom

Answer 4

Run your anti-virus and spyware in safe mode.
Advise all of your contacts to do the same thing

Answer 5

I have the zipped file for sorting it but need to email it! You can mail me if you wish for it!