What the?!

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Maggz

Thread Starter
Joined
Jun 27, 2003
Messages
582
I got home today to find spysweeper opened up as it had finished its schedualed sweep and what do I find? Bonzi buddy! I was astonished that such crapware could of gotten past me! It was catagorized as an exact match and 15 other traces of the software, all of which I killed with a passion. The only thing ive installed in between my schedualled scans was Microsoft Visual Studio 6.

Im scared now.. so below is my log..

Logfile of HijackThis v1.97.7
Scan saved at 5:41:02 AM, on 4/8/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\dllhost.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Creative\MediaSource\GO\CTCMSGo.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\mdm.exe
C:\Documents and Settings\Tj\My Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.venkee.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.venkee.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\GO\CTCMSGo.exe /SCB
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Tj"
O4 - HKCU\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Tj"
O4 - Startup: PeerGuardian.lnk = C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38073.8206134259
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
 
Joined
Apr 2, 2004
Messages
318
I got an idea! How about you switch to Ad-aware 6.0 or SpyBot Search & Destroy! And about your Bonzi Buddy, SpyBot Search & Destroy will remove it. Uninstall SpySweeper too.
 
Joined
Jul 26, 2002
Messages
46,349
SpySweeper is a good program. No need to uninstall it.

Your log is clean! (y)
 

Maggz

Thread Starter
Joined
Jun 27, 2003
Messages
582
I trust any software made by webroot their an awesome company and block almost 23k different softwares and have live cookie shield and memory sheild.
 
Joined
Mar 18, 2001
Messages
13,958
I use spysweeper right along with spybot and adaware, it is a very good program and does a very thourough job. I run spyware blaster right along with adwatch, and have immunized with spybot. I still manage to get hit once in awhile, but without them I would be toast. Keep spysweeper IMHO :)
 

Maggz

Thread Starter
Joined
Jun 27, 2003
Messages
582
I dont own ad-aware pro is it worth buying skivvywaver? I often hear good things about adwatch but never had the money.. I also run spyware guard spyware blaster 3.1 and spybot immunize
 
Joined
Mar 18, 2001
Messages
13,958
It is worth it I would say. I've had it for well over a year but would never run adwatch because it B----es about everything you do that changes the registry. I started running it after getting good and HiJacked a few times. I have learned it is better to give a program permission to change the registry than to have it done on auto.
However Maggz with the other programs you are running, I would say you are better off than most. I don't run spysweeper on startup because I run adwatch. I have hundreds tied up in anti scum software, and I still get smacked. Ask flrman1.:), $teve, WinChester, and the rest that have helped me debug. All I can say is this, if you have this site bookmarked, you have a step up on the scumware pushers. These guys are great.
 
Joined
Oct 13, 2003
Messages
2,367
If you don't have the cash...stick with Spybot, Ad-aware, spywareblaster and spywareguard. You should also check out IE SpyAd. You'd be amazed at the sites it'll block from allowing active-x and downloading. And, SpySweeper's an excellent product. After thorough research and a thumbs up from Flrman1 I bought it. :)

IESpyAd link:

http://www.staff.uiuc.edu/~ehowes/resource.htm
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top