• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
CyberRaptor

Problem with Spybot

12 posts in this topic

What's up with Spybot? Supposedly this a useful little tool for removing spyware. If this is true, why did it screw up Windows on two different computers? It said something about an extension hijack and if you try to fix it, it removes .exe as a known file type! WTF.

Share this post


Link to post
Share on other sites

I've just got done using it on my 4 PCs without any problems and installed it on a PC it was never on before and ran it perfectly (found 834 suspects).

 

I could see if your PC was already infected with some trash that was written to be nastly to anti-spyware how this could happen.

 

I did have one PC that would not run Spybot at all until I used ad-aware and removed hundreds of bad files. And to be fair, I've the the exact reverse happen. Guess that's why we need to keep both weapons in our toolboxes.

 

Try installing ad-aware6 and see what it does. If that fails, move this subject over the the help area for infections and post a 'hijack this' log.

 

WT

Share this post


Link to post
Share on other sites

Adaware came up with the same entry. I've tried removing it before with Adaware but it always comes back. It's been on my computer for a while. I don't think it's anything special. I've seen this same thing on my computer at home, and on two computers at work. If I try to use Spybot to fix it, it messes up the computer. I can't explain why it does that. At any rate, here is my hijackthis log. Looks clean to me

---------------------------------------------------------------------------------------------

Logfile of HijackThis v1.97.7

Scan saved at 1:43:12 PM, on 7/26/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Norton Internet Security\NISUM.EXE

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Norton Internet Security\ccPxySvc.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINDOWS\system32\srvany.exe

C:\WINDOWS\system32\resetservice.exe

C:\WINDOWS\system32\slserv.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Documents and Settings\Venom\Desktop\My Junk\Programs\HijackThis.exe

 

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe

O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Messenger (HKLM)

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_41.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8058.6222685185

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab

 

----------------------------------------------------------------------------------------------

Share this post


Link to post
Share on other sites
:scratchhead: I have the windows xp "os" as well and have been using Spy bot and Adaware for ...I don't really recall how long ....but find them both very effective.....haven't had any messages come up and they both seem to do the job!!! ciao :bounce: ....in fact our other computer has both programs installed as well and it is xp as well and again we are in our comfort zone with both programs there as well!

Share this post


Link to post
Share on other sites

Raptor calm down.

What is the name of the "entry" from Ad-aware and Spybot?

Share this post


Link to post
Share on other sites

It says:

 

Vendor: Windows

Type: RegData

Category: Vulnerability

Object: HKEY_CLASSES_ROOT:exefile\shell\open\command"" ()

Comments: Possible virus infection, executable file extension compromised

Share this post


Link to post
Share on other sites
:gasp: Raptor....I thought that these forums were to discuss openly experiences with programs and put forward comments.....I did not anticipate expressions from a member conceivably critical of my satisfaction with their performance......I do not think that this type of dialogue is appropriate when all that is wanted is to work towards the security of our computers as a common goal...is that not what these info exchanges are all about?? :bounce: .....I hope that I will get bonafide comments on this question from moderators........I like to participate in forums working towards this common goal .... that all vested owners of computers have ...the priority of security. :!:

Share this post


Link to post
Share on other sites

Well, maybe I was a bit harsh with you, but it sounded to me like you were saying: "Oh well that's too bad. It works fine on my computer. Sucks for you."

Edited by CyberRaptor

Share this post


Link to post
Share on other sites

Thank you for telling me about that .exe file fix. But can someone PLEASE tell me why Spybot is doing this? My problem is not exactly solved.

Share this post


Link to post
Share on other sites

You'll probably get more and better answers at the Spybot SD forum. Link is in my signature, below.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0