Results 1 to 2 of 2

Thread: Spybot will not immunize PC from all threats

  1. 2008-03-24, 18:16 #1
    BBCMember
    BBCMember is offline
    Junior Member
    Join Date
    Mar 2008
    Posts
    1

    Default Spybot will not immunize PC from all threats

    Running Windows 2000 SP4

    I scanned and removed threats with the following programs:

    Ad-aware 2007
    Spybot
    AVAST

    After that, Internet Explorer would still not open. So, I ran hijackthis and got rid of AOL's BHO. Then IE was able to launch. Cool.

    I then did a Windows Update, and it came up with an error, but I don't remember what it was. It was something like msixxx.exe (xxx refers to characters that I don't remember). I looked it up and it has something to do with the installer of programs. However, the 1 critical update that was available, which is the only update that I chose, installed successfully.

    I have not seen that error since.

    I then uninstalled Spybot and reinstalled it (v. 1.5.2), and for some reason it only will immunize the pc from 17250 out of 74431 threats, leaving a whopping 57181 threats unprotected (see screenshot to see what the threats are).

    Spybot Screenshot
    http://www.badongo.com/pic/3210373

    Thoughts?

    I also ran hijackthis again, and wanted to know if there is anything else that can be fixed.

    Here is the log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:47:49 PM, on 3/23/2008
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\System32\snmp.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\System32\mspmspsv.exe
    C:\WINNT\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\soundman.exe
    C:\WINNT\system32\pctspk.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\VitalSigns\Net.Medic\Program\netMedic.exe
    C:\Program Files\QUICKENW\QWDLLS.EXE
    C:\Program Files\Webshots\WebshotsTray.exe
    C:\Program Files\VitalSigns\Net.Medic\Program\syshook.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Documents and Settings\User\Desktop\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://sg.rd.yahoo.com/customize/ie/...rch.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://sg.rd.yahoo.com/customize/ie/...rch.yahoo.com/
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - (no file)
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [SoundMan] soundman.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
    O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [drsmartloadb] c:\\drsmartloadb.exe
    O4 - HKLM\..\Run: [lspins] "C:\WINNT\system32\igps.exe"
    O4 - HKLM\..\Run: [ntdll.dll] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Billminder.lnk = C:\Program Files\QUICKENW\BILLMIND.EXE
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Net.Medic.lnk = C:\Program Files\VitalSigns\Net.Medic\Program\netMedic.exe
    O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\QUICKENW\QWDLLS.EXE
    O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra 'Tools' menuitem: Launch Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra button: Copernic - {2A465936-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
    O9 - Extra button: Translate - {99EFB53C-C965-43CF-9F45-52242D134187} - file://C:\Program Files\Copernic 2001 Pro\Translate.htm
    O9 - Extra 'Tools' menuitem: &Translate Using Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://C:\Program Files\Copernic 2001 Pro\Translate.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - https://www.plaxo.com/down/latest/PlaxoInstall.cab
    O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://64.124.45.181/downloads/ccpm_0237.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/2159a02f2f4ce93...zip/RdxIE6.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1138145712421
    O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.spamblockerutility.c...kerutility.cab
    O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.yaho...bio5_0_2_6.cab
    O18 - Filter hijack: text/html - {3551784B-E99A-474f-B782-3EC814442918} - (no file)
    O20 - AppInit_DLLs: C:\WINNT\NMSOCKNT.DLL
    O23 - Service: .NET Framework Service (.NET Connection Service) - Unknown owner - C:\WINNT\svchost.exe (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    Reply With Quote Reply With Quote
  2. 2008-03-25, 14:25 #2
    spybotsandra
    spybotsandra is offline
    Senior Member
    Join Date
    Oct 2005
    Location
    Germany
    Posts
    5,263

    Default

    Hello,

    If you are not immunizing with full administrator rights, Spybot-S&D might not have enough permissions to fully immunize all user accounts.

    As a current solution you can try to "Undo" the Immunisation. Now the bad products are allowed.
    Then "Immunize" again. This should solve the problem for now.

    Some more information is available in our forum:
    Immunize
    Immunize Problems

    Another thing though is that immunization only works properly while your browser is closed, since otherwise your browser will overwrite immunization from time to time from the settings it loaded when it was started.

    Best regards
    Sandra
    Team Spybot
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules