Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: Interpreting Spybot - S&D scan results


(!)

psylock's Avatar
psylock psylock is offline
Member with 166 posts.
THREAD STARTER
 
Join Date: Dec 2012
09-Feb-2013, 01:57 PM #1
Interpreting Spybot - S&D scan results
Hello I did a Spybot S&D scan and 55 items were found. I do not want to delete something I shouldn't please help with interpreting the results....

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz, x86 Family 6 Model 14 Stepping 8
Processor Count: 2
RAM: 1015 Mb
Graphics Card: Mobile Intel(R) 945 Express Chipset Family, 224 Mb
Hard Drives: C: Total - 57231 MB, Free - 40764 MB;
Motherboard: Hewlett-Packard, 30AD
Antivirus: Microsoft Security Essentials, Updated: Yes, On-Demand Scanner: Enabled


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:48:02 AM, on 2/9/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Prevx\prevx.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Prevx\prevx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\AccelerometerSt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Megaan\My Documents\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: SafeOnline BHO - {69D72956-317C-44bd-B369-8E44D4EF9801} - C:\WINDOWS\system32\PxSecure.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
O4 - HKLM\..\Run: [WSUSOfflineUpdate] C:\Documents and Settings\Administrator\Desktop\Windows XP Offline Updates\cmd\DoUpdate.cmd /nobackup /verify /instie8 /updatedx /updatewmp /updatetsc /autoreboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1357437660890
O17 - HKLM\System\CCS\Services\Tcpip\..\{93ED2544-FC87-4658-8BB4-92A0E9C32F7E}: NameServer = 10.0.0.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CSIScanner - Prevx - C:\Program Files\Prevx\prevx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

--
End of file - 9887 bytes


**Here is the Spybot S&D Scan results log**

Search results from Spybot - Search & Destroy

2/9/2013 9:17:24 AM
Scan took 00:27:07.
55 items found.

Common Dialogs: [SBI $8E73A7FB] History (2 files) (Registry Key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg 32\OpenSaveMRU

Log: [SBI $8E73A7FB] Activity: SchedLgU.Txt (File, nothing done)
C:\WINDOWS\SchedLgU.Txt
Properties.size=32522
Properties.md5=64539F281FD76599D4FFAC2A18F8C037
Properties.filedate=1360396911
Properties.filedatetext=2013-02-09 00:01:50

Log: [SBI $8E73A7FB] Activity: imsins.log (File, nothing done)
C:\WINDOWS\imsins.log
Properties.size=1374
Properties.md5=D7D37DDF6BF89BC8144CF4C9DEAB0BFB
Properties.filedate=1358264830
Properties.filedatetext=2013-01-15 07:47:10

Log: [SBI $8E73A7FB] Activity: OEWABLog.txt (File, nothing done)
C:\WINDOWS\OEWABLog.txt
Properties.size=1523
Properties.md5=2753B052B0DA23690D75273E8CA1708C
Properties.filedate=1357595512
Properties.filedatetext=2013-01-07 13:51:52

Log: [SBI $8E73A7FB] Install: comsetup.log (File, nothing done)
C:\WINDOWS\comsetup.log
Properties.size=285204
Properties.md5=6E9078B40C9CF2D6C229AA3428C85DCE
Properties.filedate=1358264830
Properties.filedatetext=2013-01-15 07:47:10

Log: [SBI $8E73A7FB] Install: ocgen.log (File, nothing done)
C:\WINDOWS\ocgen.log
Properties.size=430741
Properties.md5=6DD24DC514A14CE9A4E445F84E1C884A
Properties.filedate=1358264828
Properties.filedatetext=2013-01-15 07:47:08

Log: [SBI $8E73A7FB] Install: setupact.log (File, nothing done)
C:\WINDOWS\setupact.log
Properties.size=181834
Properties.md5=F4CFF69DFE6DDF8BA1BCA155E32E08A9
Properties.filedate=1358651292
Properties.filedatetext=2013-01-19 19:08:12

Log: [SBI $8E73A7FB] Install: setupapi.log (File, nothing done)
C:\WINDOWS\setupapi.log
Properties.size=906854
Properties.md5=DAFA4DF652D5781D5E7F23CFDFC77A9C
Properties.filedate=1360387291
Properties.filedatetext=2013-02-08 21:21:31

Log: [SBI $8E73A7FB] Install: setuplog.txt (File, nothing done)
C:\WINDOWS\setuplog.txt
Properties.size=786528
Properties.md5=6F2F79CD2D34A248466A53DEDE59E832
Properties.filedate=1357426024
Properties.filedatetext=2013-01-05 14:47:04

Log: [SBI $8E73A7FB] Install: wmsetup.log (File, nothing done)
C:\WINDOWS\wmsetup.log
Properties.size=11686
Properties.md5=52E2BF703727EB6FB050A9BDD61C7B1D
Properties.filedate=1360353336
Properties.filedatetext=2013-02-08 11:55:35

Log: [SBI $8E73A7FB] Install: DtcInstall.log (File, nothing done)
C:\WINDOWS\DtcInstall.log
Properties.size=130
Properties.md5=0B16AD6C2CC0EACDB7AB47F8296905A6
Properties.filedate=1357424206
Properties.filedatetext=2013-01-05 14:16:46

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\mofcomp.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\mofcomp.log
Properties.size=12131
Properties.md5=5A8526E54DDE19559E25A9CD3D6B26CA
Properties.filedate=1357426762
Properties.filedatetext=2013-01-05 14:59:22

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\setup.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\setup.log
Properties.size=5347
Properties.md5=AEBF431CE13BE5F911FA9DE7B75D690D
Properties.filedate=1357424230
Properties.filedatetext=2013-01-05 14:17:10

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wbemcore.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log
Properties.size=22668
Properties.md5=13A1DB8E7288A6AA118CCD6EE384AD60
Properties.filedate=1360427923
Properties.filedatetext=2013-02-09 08:38:43

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wbemess.lo_ (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.lo_
Properties.size=65622
Properties.md5=F174E8F7372AB3A07C232CF81402A367
Properties.filedate=1360361279
Properties.filedatetext=2013-02-08 14:07:59

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wbemess.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log
Properties.size=25379
Properties.md5=6D77064CF1F97D2C0B11258560B8182E
Properties.filedate=1360429324
Properties.filedatetext=2013-02-09 09:02:03

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wbemprox.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log
Properties.size=8402
Properties.md5=023DCE2B1803A5727EADB689D6070300
Properties.filedate=1360396910
Properties.filedatetext=2013-02-09 00:01:50

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wmiadap.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiadap.log
Properties.size=691
Properties.md5=AB5CBE57C29698243E9B06CC8FD2C395
Properties.filedate=1357425068
Properties.filedatetext=2013-01-05 14:31:08

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wmiprov.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log
Properties.size=59952
Properties.md5=A6E34BCEA0E865DCA85FE1AE19332C49
Properties.filedate=1360425891
Properties.filedatetext=2013-02-09 08:04:50

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $E48560B4] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\MediaPlayer\Player\RecentFileList

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Office\12.0\Word\File MRU

MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey

MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installa tion Sources

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenW ithList

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB78 0-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{7504870 0-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisite dMRU

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\WinRAR\ArcHistory

WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\WinRAR\General\LastFolder

Cookie: [SBI $49804B54] Browser: Cookie (3) (Browser: Cookie, nothing done)


Cache: [SBI $49804B54] Browser: Cache (200) (Browser: Cache, nothing done)


History: [SBI $49804B54] Browser: History (33) (Browser: History, nothing done)



--- Spybot - Search & Destroy version: 2.0.12.131 DLL (build: 20121113) ---

2012-11-13 blindman.exe (2.0.12.151)
2012-11-13 explorer.exe (2.0.12.173)
2012-11-13 SDBootCD.exe (2.0.12.109)
2012-11-13 SDCleaner.exe (2.0.12.110)
2012-11-13 SDDelFile.exe (2.0.12.94)
2012-11-13 SDFiles.exe (2.0.12.135)
2012-11-13 SDFileScanHelper.exe (2.0.12.1)
2012-11-13 SDFSSvc.exe (2.0.12.205)
2012-11-13 SDImmunize.exe (2.0.12.130)
2012-11-13 SDLogReport.exe (2.0.12.107)
2012-11-13 SDPESetup.exe (2.0.12.3)
2012-11-13 SDPEStart.exe (2.0.12.86)
2012-11-13 SDPhoneScan.exe (2.0.12.27)
2012-11-13 SDPRE.exe (2.0.12.13)
2012-11-13 SDPrepPos.exe (2.0.12.10)
2012-11-13 SDQuarantine.exe (2.0.12.103)
2012-11-13 SDRootAlyzer.exe (2.0.12.116)
2012-11-13 SDSBIEdit.exe (2.0.12.39)
2012-11-13 SDScan.exe (2.0.12.173)
2012-11-13 SDScript.exe (2.0.12.53)
2012-11-13 SDSettings.exe (2.0.12.130)
2012-11-13 SDShred.exe (2.0.12.105)
2012-11-13 SDSysRepair.exe (2.0.12.101)
2012-11-13 SDTools.exe (2.0.12.150)
2012-11-13 SDTray.exe (2.0.12.127)
2012-11-13 SDUpdate.exe (2.0.12.89)
2012-11-13 SDUpdSvc.exe (2.0.12.76)
2012-11-13 SDWelcome.exe (2.0.12.126)
2012-11-13 SDWSCSvc.exe (2.0.12.2)
2013-02-03 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
2012-11-13 SDECon32.dll (2.0.12.113)
2012-11-13 SDEvents.dll (2.0.12.2)
2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
2012-11-13 SDHelper.dll (2.0.12.88)
2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
2012-11-13 SDLists.dll (2.0.12.4)
2012-11-13 SDResources.dll (2.0.12.7)
2012-11-13 SDScanLibrary.dll (2.0.12.131)
2012-11-13 SDTasks.dll (2.0.12.15)
2012-11-13 SDWinLogon.dll (2.0.12.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2012-11-13 Tools.dll (2.0.12.36)
2012-11-13 UninsSrv.dll (2.0.12.52)
2012-12-18 Includes\Adware.sbi (*)
2013-01-29 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2012-11-21 Includes\Malware.sbi (*)
2013-01-22 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-01-28 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2012-11-14 Includes\Spyware.sbi (*)
2012-11-14 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-01-17 Includes\TrojansC-02.sbi (*)
2013-01-30 Includes\TrojansC-03.sbi (*)
2013-01-28 Includes\TrojansC-04.sbi (*)
2012-11-14 Includes\TrojansC-05.sbi (*)
2013-01-30 Includes\TrojansC.sbi (*)
psylock's Avatar
psylock psylock is offline
Member with 166 posts.
THREAD STARTER
 
Join Date: Dec 2012
10-Feb-2013, 01:24 PM #2
Have I posted in the wrong forum? If so could someone let me know how to switch to a different forum, maybe General Security?

Thanks
etaf's Avatar
etaf   (Wayne) etaf is offline
Computer Specs
Moderator with 52,047 posts.
 
Join Date: Oct 2003
Location: Surrey, UK
10-Feb-2013, 05:03 PM #3
this is the correct forum for support on malware etc - we dont allow anyone to support HJT logs and so this forum can only be answered by virus/malware qualified personal
dvk01's Avatar
dvk01   (Derek) dvk01 is offline dvk01 is authorized to help remove malware.
Moderator & Malware Removal Specialist with 45,422 posts.
 
Join Date: Dec 2002
Location: Loughton, Essex, UK
10-Feb-2013, 05:55 PM #4
Nothing needs doing
they are all legitimate entries & do not indicate malware in the slightest
psylock's Avatar
psylock psylock is offline
Member with 166 posts.
THREAD STARTER
 
Join Date: Dec 2012
11-Feb-2013, 02:32 PM #5
Thank you!!
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑