SpywareBlaster Updates Don't Install

Discussion in 'adware, spyware & hijack cleaning' started by mbobo, Feb 28, 2004.

Thread Status:
Not open for further replies.
  1. mbobo

    mbobo Registered Member

    Feb 23, 2004
    A few weeks ago while I was surfing, a CoolWeb window popped up. I closed it immediately, and because I'd heard how nasty CoolWeb is, I immediately updated SpywareBlaster and ran it.

    The updates downloaded okay. I checked all the new red items using the Select All button, then clicked the Protect button. Immediately the new checkmarks disappeared and the items remained red. However SpywareBlaster reported "Success." The previously installed items (black) remain checked and unaffected.

    Before posting this I cleaned my system using Ad-Aware and Spybot S&D. The latter has also been acting strange. When I click Immunize it reports 486 bad products protected against, 20 additional protections possible; and urges me to immunize. When I click the Immunize button, it reports 0 bad products blocked (which I take to mean the 20 additional protections).

    Seems rather suspicious to me, even though IE does not appear to be hijacked. I also downloaded and ran CWShredder and it reported no CoolWeb infestation.

    I'm running XP Pro (SP1), IE 6.0, and SpywareBlaster 2.6.1. Below is the Hijackthis log.


    Logfile of HijackThis v1.97.7
    Scan saved at 2:36:57 PM, on 2/28/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Documents and Settings\Ed\Desktop\hijackthis1977\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - D:\TweakMASTER\TweakBHO.dll
    O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\STARDO~1\SDIEInt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [AVG_CC] d:\Grisoft\AVG6\avgcc32.exe /STARTUP
    O4 - HKLM\..\Run: [Zone Labs Client] D:\ZONEAL~1\zlclient.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [MP_STATUS_MONITOR] D:\Canon\MultiPASS\monitr32.exe I
    O4 - HKLM\..\Run: [MPTBox] D:\Canon\MultiPASS\MPTBox.exe
    O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: Download with Star Downloader - D:\Star Downloader\sdie.htm
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37891.4376736111
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{48061E60-14A4-45AB-A3D2-7A1275422B21}: NameServer =
    O17 - HKLM\System\CS1\Services\Tcpip\..\{48061E60-14A4-45AB-A3D2-7A1275422B21}: NameServer =
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Apr 27, 2002
    Hi mbobo,

    Nothing to do with your problem, but it should be fixed.
    Check the item below in HijackThis.
    Close all windows except HijackThis and click Fix checked:
    R3 - Default URLSearchHook is missing
    Then reboot.

    I will now close this topic so you can continue in the other one you started.


Thread Status:
Not open for further replies.