Can someone please help me clean up spyware? Crunchie, Gerbil? Anyone? You all are so great! Thanks in advance for any advice!
Logfile of HijackThis v1.99.1
Scan saved at 7:43:10 PM, on 7/9/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\HiJackThis!\HijackThis.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1184035090031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1184034946421
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2F7ABB6-1354-4881-9F5B-831214CC8758}: NameServer = 205.171.3.65 205.171.2.65
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exe
Recommended Answers
Jump to PostWhat a brazen come-on!! :)
K... a couple of things there, let's move em out.
Either: go Control panel > folder options OR: in an explorer window > tools>folder options; - then view tab, and press Show hidden files and folders.
Download fixwareout from
Jump to PostHi, heidi. Infection possibility while using AVG site: not likely, as long as you have Windows firewall ON.
And yikes! is right..... what a log. When this is over you are going to install an AV and a proper firewall, aren't you...? Right after you update to SP2... on dialup …
Jump to PostOh, heidi... Right. For a start, hijackthis is only a reporting tool, it does not repair anything unless set to do so. The first group of files, the .com ones, are MSDOS files for when XP runs DOS in an emulation environment. But they should have an old date, maybe …
Jump to PostSkip running fixwareout - log is fine from that aspect.. the O17 entry represents the DNS server that your ISP uses, and I should have been sharper on that, but at least the second run showed that a couple of trojan registry entries had been removed.
AVG found infections in …
Jump to PostIf you used your installation cd you could attempt a windows Repair [ignore the option to "repair using Recovery Console", just Enter to go past that into setup where it detects your OS and then suggests a Repair if possible]. That would give you the chance to pull off the …
All 34 Replies
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.