PDA

View Full Version : Spybot hangs at exactly the same spot



Hotblack66
2009-06-27, 02:44
Hi all, first post so here goes...

I've had this problem a while now where Spybot would start a scan and a minute or so in it gets to:

Running bot-check (48366/545342: MadInjection.rtk)

...and then hangs.

When I stop the scan the program freezes and I can only close it via Windows Task Manager but interestingly, it always says it is still 'running' when clearly it is not.

A search for 'MadInjection.rtk' led me to in download and run 'RootAlyzer.exe' but this just hung straight away and didn’t search for anything. I couldn't even delete it as it was still running in the Processes of WTM and I could not End Process. I uninstalled and reinstalled Spybot on the off chance that is was corrupt but once again, it hung at the same point. I tried to run RootAlyzer again and again that hung as well.

I found the page for manually removing MadInjection.rtk but I've spent 30 minutes trying to find "The file at "<$SYSDIR>\drivers\mchInjDrv.sys". but couldn't find $SYSDIR (I guess the site is assuming that I am a tech head if I am attempt to remove something like this....why couldn't they be more specific and tell me exactly where the $SYSDIR is?)

Anyway, if anyone can help it would be much appreciated.

Cheers. :bigthumb:

tomdkat
2009-06-27, 03:25
I've found that sometimes Spybot appears to hang when it really hasn't. Yesterday, I scanned a system with it and it got stuck on a particular bug (I forget which) and I thought Spybot had hung and after several minutes (maybe more than 10), it resumed and completed the scan.

How long to do let Spybot run before you determine it has hung?

Peace...

Hotblack66
2009-06-27, 11:34
Hi tomdkat

Yesterday I left it in its stuck state for about 40 minutes but I've run the program before going out or before going to bed and found it like that 6/8 hours later so it's definitely not running in the background but thanks for your reply.

Matt
2009-06-27, 14:19
Hi Hotblack66,

:welcome: to Safer Networking Forums.





I've had this problem a while now where Spybot would start a scan and a minute or so in it gets to:

Running bot-check (48366/545342: MadInjection.rtk)

...and then hangs.

When I stop the scan the program freezes and I can only close it via Windows Task Manager but interestingly, it always says it is still 'running' when clearly it is not.

A search for 'MadInjection.rtk' led me to in download and run 'RootAlyzer.exe' but this just hung straight away and didn’t search for anything. I couldn't even delete it as it was still running in the Processes of WTM and I could not End Process. I uninstalled and reinstalled Spybot on the off chance that is was corrupt but once again, it hung at the same point. I tried to run RootAlyzer again and again that hung as well.

I found the page for manually removing MadInjection.rtk but I've spent 30 minutes trying to find "The file at "<$SYSDIR>\drivers\mchInjDrv.sys". but couldn't find $SYSDIR (I guess the site is assuming that I am a tech head if I am attempt to remove something like this....why couldn't they be more specific and tell me exactly where the $SYSDIR is?)

Anyway, if anyone can help it would be much appreciated.

Cheers. :bigthumb:
First of all, you can try to run Spybot and RootAlyzer in safe mode (http://www.pchell.com/support/safemode.shtml). Does it help you?

Moreover, which operating system and which version of Spybot do you use? :thanks:

Hotblack66
2009-06-27, 18:20
Hi Hotblack66,

:welcome: to Safer Networking Forums.



First of all, you can try to run Spybot and RootAlyzer in safe mode (http://www.pchell.com/support/safemode.shtml). Does it help you?

Moreover, which operating system and which version of Spybot do you use? :thanks:
Hi Matt and thanks for the welcome :bigthumb:

I'm running the latest version of Spybot (1.6.2.46) having just removed and re-installed it on my XP machine.

The good news is that both Spybot and RootAlyzer were able to complete their scans in safe mode with Spybot finding nothing. I have just run Spybot again in normal mode and it has stuck again in the same place and RootAlyzer hung in the same place as well (before it could do its quick scan) so unless I can fix these, I'll only be able to run these programs in safe mode.

In safe mode, after the initial Quick Scan with RootAlyzer (which was clean) I selected my drives in Deep Scan and it found a bunch of stuff but it's hard to say if there's anything dodgy in there as a lot of it was old images and scans that I no longer needed for work (so I've deleted them just in case.)

Any suggestions on what to do with the findings of RootAlyzer?

Cheers.
:thanks:

Matt
2009-06-27, 19:29
Hi Hotblack66,



Any suggestions on what to do with the findings of RootAlyzer?
When RootAlyzer has finished scanning, a Log tab will appear at the top, click that. Highlight all the text, right-click on it and press Copy.
Paste that information back here by pressing Ctrl + V, or right-click and press Paste.
:thanks:

Perhaps Malware blocks Spybot/RootAlyzer from running. :fear:

I'm waiting for your feedback. :bigthumb:

Hotblack66
2009-06-27, 20:51
Hi Matt

I'm having difficulty getting back into Safe Mode. It failed once the first time but I was second time lucky (and ran the programs) but it has failed twice so I am running a full Ad-Aware scan to see what it can find and will then have another go at Safe Mode (I select Safe Mode, the white bar across the bottom goes solid white and then nothing for a minute or so and then it reboots into Windows as per normal).

Cheers

Matt
2009-06-27, 20:57
Hi Matt

I'm having difficulty getting back into Safe Mode. It failed once the first time but I was second time lucky (and ran the programs) but it has failed twice so I am running a full Ad-Aware scan to see what it can find and will then have another go at Safe Mode (I select Safe Mode, the white bar across the bottom goes solid white and then nothing for a minute or so and then it reboots into Windows as per normal).


Just to make sure, I would like you to do that (http://forums.spybot.info/showpost.php?p=304562&postcount=2). Seems to be a bigger problem. As I'm still in training according to Malware Removal, I can't help you yet. :rolleyes:

Happy safe surfing for the future. ;)