[Maggz]

I got home today to find spysweeper opened up as it had finished its schedualed sweep and what do I find? Bonzi buddy! I was astonished that such crapware could of gotten past me! It was catagorized as an exact match and 15 other traces of the software, all of which I killed with a passion. The only thing ive installed in between my schedualled scans was Microsoft Visual Studio 6.

Im scared now.. so below is my log..

Logfile of HijackThis v1.97.7
Scan saved at 5:41:02 AM, on 4/8/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\dllhost.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Creative\MediaSource\GO\CTCMSGo.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\mdm.exe
C:\Documents and Settings\Tj\My Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.venkee.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.venkee.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\GO\CTCMSGo.exe /SCB
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Tj"
O4 - HKCU\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Tj"
O4 - Startup: PeerGuardian.lnk = C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38073.8206134259
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

 

[Solid_Froggy]

I got an idea! How about you switch to Ad-aware 6.0 or SpyBot Search & Destroy! And about your Bonzi Buddy, SpyBot Search & Destroy will remove it. Uninstall SpySweeper too.

 

[Flrman1]

SpySweeper is a good program. No need to uninstall it.

Your log is clean! :up:

 

[Maggz]

Thanks flrman

 

[Flrman1]

My Pleasure!

 

[Solid_Froggy]

I don't trust anything but Ad-aware and SpyBot

 

[Maggz]

I trust any software made by webroot their an awesome company and block almost 23k different softwares and have live cookie shield and memory sheild.

 

[Skivvywaver]

I use spysweeper right along with spybot and adaware, it is a very good program and does a very thourough job. I run spyware blaster right along with adwatch, and have immunized with spybot. I still manage to get hit once in awhile, but without them I would be toast. Keep spysweeper IMHO

 

[Maggz]

I dont own ad-aware pro is it worth buying skivvywaver? I often hear good things about adwatch but never had the money.. I also run spyware guard spyware blaster 3.1 and spybot immunize

 

[Solid_Froggy]

Nah, no need to buy Ad-aware Pro, download it at http://www.lavasoftusa.com

=======================
Advice From A 12 Year Old
=======================

 

[Skivvywaver]

It is worth it I would say. I've had it for well over a year but would never run adwatch because it B----es about everything you do that changes the registry. I started running it after getting good and HiJacked a few times. I have learned it is better to give a program permission to change the registry than to have it done on auto.
However Maggz with the other programs you are running, I would say you are better off than most. I don't run spysweeper on startup because I run adwatch. I have hundreds tied up in anti scum software, and I still get smacked. Ask flrman1., $teve, WinChester, and the rest that have helped me debug. All I can say is this, if you have this site bookmarked, you have a step up on the scumware pushers. These guys are great.

 

[Maggz]

Indeed :up:

 

[FinestRanger]

If you don't have the cash...stick with Spybot, Ad-aware, spywareblaster and spywareguard. You should also check out IE SpyAd. You'd be amazed at the sites it'll block from allowing active-x and downloading. And, SpySweeper's an excellent product. After thorough research and a thumbs up from Flrman1 I bought it.

IESpyAd link:

http://www.staff.uiuc.edu/~ehowes/resource.htm