Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Not open for further replies.
1 - 13 of 13 Posts

· Registered
664 Posts
Discussion Starter · #1 ·
I got home today to find spysweeper opened up as it had finished its schedualed sweep and what do I find? Bonzi buddy! I was astonished that such crapware could of gotten past me! It was catagorized as an exact match and 15 other traces of the software, all of which I killed with a passion. The only thing ive installed in between my schedualled scans was Microsoft Visual Studio 6.

Im scared now.. so below is my log..

Logfile of HijackThis v1.97.7
Scan saved at 5:41:02 AM, on 4/8/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Creative\MediaSource\GO\CTCMSGo.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Tj\My Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\GO\CTCMSGo.exe /SCB
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Tj"
O4 - HKCU\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Tj"
O4 - Startup: PeerGuardian.lnk = C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

· Registered
46,465 Posts
SpySweeper is a good program. No need to uninstall it.

Your log is clean! :up:

· Registered
664 Posts
Discussion Starter · #7 ·
I trust any software made by webroot their an awesome company and block almost 23k different softwares and have live cookie shield and memory sheild.

· Registered
14,673 Posts
I use spysweeper right along with spybot and adaware, it is a very good program and does a very thourough job. I run spyware blaster right along with adwatch, and have immunized with spybot. I still manage to get hit once in awhile, but without them I would be toast. Keep spysweeper IMHO :)

· Registered
664 Posts
Discussion Starter · #9 ·
I dont own ad-aware pro is it worth buying skivvywaver? I often hear good things about adwatch but never had the money.. I also run spyware guard spyware blaster 3.1 and spybot immunize

· Registered
14,673 Posts
It is worth it I would say. I've had it for well over a year but would never run adwatch because it B----es about everything you do that changes the registry. I started running it after getting good and HiJacked a few times. I have learned it is better to give a program permission to change the registry than to have it done on auto.
However Maggz with the other programs you are running, I would say you are better off than most. I don't run spysweeper on startup because I run adwatch. I have hundreds tied up in anti scum software, and I still get smacked. Ask flrman1.:), $teve, WinChester, and the rest that have helped me debug. All I can say is this, if you have this site bookmarked, you have a step up on the scumware pushers. These guys are great.
1 - 13 of 13 Posts
Not open for further replies.