• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
ThallidRanger

SpyBot locks up when fixing selected problems

4 posts in this topic

My browser is not really hijacked but I am having a problem removing spyware.

 

I have Ad-Aware, SW Blaster, Spybot:S&D, CWShredder and HT installed.

 

I ran Ad-Aware. I had like 200+ objects identified. Cleaned them all. Reran and am clean.

 

The problem comes when I run SpyBot. I check for problems and it outlines something like 20 problems, all red. I then click the fix selected problems and the process starts, but then locks up and task manager says not responding and I have to hit end task. It does not remove any of the spyware. I even tried clicking on only 1 item to remove and it still locks up.

 

Is the current version of SpyBot problematic or is something else going on? On the website I saw something about a problem with DSO Exploit and I have that on my scan so could that be the issue?

 

 

Also I ran CWShredder (Spybot found a "Cool WWW Search") and it noticed some files that are confusing me.

 

C:\WINNT\LIC98RMT.EXE

C:\WINNT\LIC98RMTD.EXE

C:\WINNT\DSTENG32.EXE

 

I did a google and a windows knowledge database search for these files. Nothing. Nada. So it makes me think they may be a random name for the CW spyware. Shrug.

 

 

 

Here is my HT log:

 

 

Logfile of HijackThis v1.97.7

Scan saved at 5:40:18 PM, on 06/29/2004

Platform: Windows 2000 SP3 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\UMCSTUB.EXE

C:\Program Files\NavNT\defwatch.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\LogWatNT.exe

C:\Program Files\NavNT\rtvscan.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\TNGSD\BIN\SDSERV.EXE

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\System32\mspmspsv.exe

C:\WINNT\system32\svchost.exe

C:\TNGSD\BIN\TRIGGAG.EXE

C:\SxpInst\sxplog32.exe

C:\WINNT\system32\spmonnt.exe

C:\WINNT\Explorer.EXE

C:\Program Files\NavNT\vptray.exe

C:\Program Files\Nice Agent\ScreenAgent.exe

C:\TNGSD\BIN\triggusr.exe

C:\Program Files\DIGStream\digstream.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\WINNT\system32\spool\DRIVERS\W32X86\3\BRQIKMON.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\software\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.espn.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,,C:\SxpInst\sxplog32.exe

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

O4 - HKLM\..\Run: [AGNTREC] "C:\Program Files\Nice Agent\ScreenAgent.exe" -wait

O4 - HKLM\..\Run: [sDJobCheck] triggusr.exe

O4 - HKLM\..\Run: [Dit] Dit.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - Global Startup: SnagIt 6.lnk = C:\Program Files\TechSmith\SnagIt 6\SnagIt32.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O12 - Plugin for .rx: C:\Program Files\Internet Explorer\Plugins\iewrqxrx.dll

O12 - Plugin for .rxc: C:\Program Files\Internet Explorer\Plugins\iewrqxrx.dll

O15 - Trusted Zone: ??????.com" target="_blank">http://ivrprdws2.cdc.??????.com

O15 - Trusted Zone: ??????.net" target="_blank">http://project.??????.net

O15 - Trusted Zone: http://*.plnapproject01

O15 - Trusted Zone: http://*.sos-webdev

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab

O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstall...q_h1930_40.html

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab

O16 - DPF: {4A3CBDDD-C4DC-4C38-B44F-704DAEF628AE} (PjAdoInfo3 Class) - ???.net/projectserver/objects/pjclient.cab" target="_blank">http://project.???.net/projectserver/objects/pjclient.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8167.5708796296

O16 - DPF: {AF9A1421-E128-4D5F-A37E-039F305867B9} (Pj11enuC Class) - ???.net/projectserver/objects/1033/pjcintl.cab" target="_blank">http://project.???.net/projectserver/ob...033/pjcintl.cab

O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3) - http://ccon.madonion.com/global/msc3.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ???.com

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ???.com

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ???.com

 

 

EDIT - the question marks are my company's name...

Edited by ThallidRanger

Share this post


Link to post
Share on other sites

I am having the EXACT smae problem. I get a list of red evil-doers, but when I click "Fix Selected Problems" Spybot freezes and I get Not Responding in the task manager.

 

Did you get a fix for this?!?!?

 

Thanks!

Share this post


Link to post
Share on other sites

Hi ThallidRanger, welcome to the forums.

 

Sorry it has taken so long to get back to you but we have been swamped.

 

Please run HijackThis and post a current log. I will be happy to take a look at it for you.

Share this post


Link to post
Share on other sites

Due to the lack of feedback this Topic is closed.

 

If you need this topic reopened, please request this by sending the moderating team

an email with the address of the thread. This applies only to the original topic starter.

 

Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0