PDA

View Full Version : Still can not install Spybot =(



CRAZYHYPA
2006-02-10, 20:30
Thanks for your help & professionalism

Panda Online Scan :


Incident Status Location

Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Morvan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-3ce7aa1-5a3477f1.zip[NewSecurityClassLoader.class]
Virus:Exploit/ByteVerify Renamed C:\Documents and Settings\Morvan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv441.jar-1b65e58a-62193d62.zip[Dummy.class]
Virus:Exploit/ByteVerify Renamed C:\Documents and Settings\Morvan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv494.jar-1e583586-5cd23706.zip[Dummy.class]
Virus:Exploit/ByteVerify Renamed C:\Documents and Settings\Morvan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv655.jar-7f3bac15-1acaae1e.zip[Dummy.class]
Spyware:Cookie/24/7 Realmedia Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@247realmedia[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@2o7[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@ad.yieldmanager[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@adtech[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@apmebf[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@as-eu.falkag[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@as1.falkag[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@belnk[1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@bluestreak[2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@burstnet[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@casalemedia[1].txt
Spyware:Cookie/Casinotropez Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@casinotropez[2].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@ccbill[1].txt
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@cs.sexcounter[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@dist.belnk[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@fastclick[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@fe.lea.lycos[1].txt
Spyware:Cookie/Comclick Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@fl01.ct2.comclick[2].txt
Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@kinghost[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@maxserving[1].txt
Spyware:Cookie/PayCounter Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@paycounter[1].txt
Spyware:Cookie/QkSrv Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@qksrv[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@sel.as-eu.falkag[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@serving-sys[2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@statcounter[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@toplist[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@tradedoubler[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@tribalfusion[1].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@weborama[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@winfixer[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@xiti[1].txt
Spyware:Cookie/XXXCounter Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@xxxcounter[2].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@z1.adserver[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Morvan\Cookies\morvan@zedo[2].txt
Potentially unwanted tool:Application/007Spy Not disinfected C:\Program Files\Fichiers communs\Microsoft Shared\DAO\svchost.exe
Adware:Adware/WinAD Not disinfected C:\Program Files\MediaGateway\MediaGateway.exe
Adware:Adware/Gator Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.1\HDPlugin1101.dll
Potentially unwanted tool:Application/Winfixer2005 Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWFX5V_0001_N57M1212NetInstaller.exe
Adware:Adware/Gator Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.2\HDPlugin1101.dll
Potentially unwanted tool:Application/FunWeb Not disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.inf
Adware:Adware/Gator Not disinfected C:\WINDOWS\Downloaded Program Files\HDPlugin1101.dll
Adware:Adware/WUpd Not disinfected C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll
Potentially unwanted tool:Application/Winfixer2005 Not disinfected C:\WINDOWS\Downloaded Program Files\UWFX5VNetInstaller.exe
Potentially unwanted tool:Application/Winfixer2005 Not disinfected C:\WINDOWS\Downloaded Program Files\UWFX5V_0001_N57M1212NetInstaller.exe
Adware:adware/gator Not disinfected C:\WINDOWS\GatorHDPlugin.log-old.log

CRAZYHYPA
2006-02-10, 20:32
HijackThis :

Logfile of HijackThis v1.99.1
Scan saved at 19:18:08, on 10/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Microsoft Shared\DAO\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
E:\Program Files\eMule\emule.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Morvan\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.xopdrjljwmoafq.com/K3Cy2yk2neeEvneK76XBeTfbN1yQRrmIk3dXwbYRMIp4D4IQ6XzvQ4JdnvHNz/eK.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinLiveUpdate] C:\Program Files\Fichiers communs\Microsoft Shared\DAO\svchost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - Global Startup: palstart.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm297YYFR
O8 - Extra context menu item: Bloquer ce serveur... - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Bloquer cette publicité... - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir tous les liens de la page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Personnaliser les options - C:\Program Files\PROMT5\PROMTIE4\options.htm
O8 - Extra context menu item: Rechercher sur le Web - C:\Program Files\PROMT5\PROMTIE4\search.htm
O8 - Extra context menu item: Rechercher sur le Web... - C:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Surligner - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Traduire - C:\Program Files\PROMT5\PROMTIE4\translat.htm
O8 - Extra context menu item: Traduire avec WebView - C:\Program Files\PROMT5\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - C:\Program Files\PROMT5\PROMTIE4\page.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat4.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: WebControlDeploy - https://grouper.com/v1/GrouperSetup.cab
O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} (PackageHTML) - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by1fd.bay1.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/2/fr/SysWebTelecomInt.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107211140791
O16 - DPF: {7CAA184C-91E7-4E84-8681-32F2A0D68DF1} (Apollon Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/fr/Daphne.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zango/ie/bridge-c8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A58F1212-874F-4AB8-AE84-BB9880D9552D} (VidRecorder Class) - http://download.paltalk.com/videotest/PalPersonalsRecorder.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {C32EE4CB-E99F-4147-BFAE-67FF3B6F8076} (Romeo Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/fr/Juliette.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

CRAZYHYPA
2006-02-10, 20:36
I forgot to tell again what is the problem ....Here is the first post dat i added a few weeks ago :

I had Spybot before and it worked fine, but since a few days i try to install it pon my computer and I can't, it's really strange, i mean :

-I download the install file (spybotsd14.exe)
-I run it
-I see the windows security pop up (i choose execute)
-I can choose the language now (french for me)
-I type "OK"
-i juss have the time to see the next window (installation-Spybot Search & Destroy) and di window disappear !!!!!!!!!!!!!!!!!! Yeh yeh DISAPPEAR, i can't do nuttin more, if i retry, its the same thing.

LonnyRJones
2006-02-11, 06:53
Hello

007 Spy is interfearing, i suggest uninstalling it

To completely remove this program from your system:
Load 007 Spy and make its main interface visible.
if in stealth mode press ctrl + alt + shift and F7
uncheck block anti-spyware
Click Settings menu on its left hand panel.
Click Advanced Option button, the Advanced Option window appear.
Click the button labeled "Uninstall 007 Spy Software" on the left bottom.
Click Yes in the Uninstall Message Box.

CRAZYHYPA
2006-02-11, 13:52
Hello

007 Spy is interfearing, i suggest uninstalling it

Done

RESPECT IT'S OK NOW !!!!!!!!!!!!!!!!!!!!!!!! :bigthumb:

Thanks all the crew/staff, i don't even know anymore that i had this damn 007...

Anyways, thanks

LonnyRJones
2006-02-11, 19:18
Hi
Download Pocket Killbox
http://www.downloads.subratam.org/KillBox.exe
Copy this whole list into the windows clipboard, all the Bolded below.

C:\WINDOWS\Downloaded Program Files\CONFLICT.1\HDPlugin1101.dll
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWFX5V_0001_N57M1212NetInstaller.exe
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\HDPlugin1101.dll
C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.inf
C:\WINDOWS\Downloaded Program Files\HDPlugin1101.dll
C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll
C:\WINDOWS\Downloaded Program Files\UWFX5VNetInstaller.exe
C:\WINDOWS\Downloaded Program Files\UWFX5V_0001_N57M1212NetInstaller.exe
C:\WINDOWS\GatorHDPlugin.log

Back in Killbox go > file > paste from clipboard,
Click the red highlighted X button and say yes to the prompt, click the x button untill all the files get deleted

CRAZYHYPA
2006-02-12, 01:12
Done
Thanks again...

tashi
2006-02-15, 19:31
As the problem appears to be resolved this topic will be archived.

If you need it re-opened please send me a pm and provide a link to the topic.

Glad we could help. :)