1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Interpreting Spybot - S&D scan results

Discussion in 'Virus & Other Malware Removal' started by psylock, Feb 9, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. psylock

    psylock Thread Starter

    Joined:
    Dec 19, 2012
    Messages:
    166
    Hello I did a Spybot S&D scan and 55 items were found. I do not want to delete something I shouldn't please help with interpreting the results....

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
    Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz, x86 Family 6 Model 14 Stepping 8
    Processor Count: 2
    RAM: 1015 Mb
    Graphics Card: Mobile Intel(R) 945 Express Chipset Family, 224 Mb
    Hard Drives: C: Total - 57231 MB, Free - 40764 MB;
    Motherboard: Hewlett-Packard, 30AD
    Antivirus: Microsoft Security Essentials, Updated: Yes, On-Demand Scanner: Enabled


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:48:02 AM, on 2/9/2013
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Prevx\prevx.exe
    C:\WINDOWS\system32\IFXSPMGT.exe
    C:\WINDOWS\system32\IFXTCS.exe
    C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
    C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Prevx\prevx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
    C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
    C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\AccelerometerSt.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Megaan\My Documents\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
    O2 - BHO: SafeOnline BHO - {69D72956-317C-44bd-B369-8E44D4EF9801} - C:\WINDOWS\system32\PxSecure.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
    O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
    O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
    O4 - HKLM\..\Run: [WSUSOfflineUpdate] C:\Documents and Settings\Administrator\Desktop\Windows XP Offline Updates\cmd\DoUpdate.cmd /nobackup /verify /instie8 /updatedx /updatewmp /updatetsc /autoreboot
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1357437660890
    O17 - HKLM\System\CCS\Services\Tcpip\..\{93ED2544-FC87-4658-8BB4-92A0E9C32F7E}: NameServer = 10.0.0.1
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O20 - AppInit_DLLs: APSHook.dll
    O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CSIScanner - Prevx - C:\Program Files\Prevx\prevx.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
    O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
    O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
    O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
    O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

    --
    End of file - 9887 bytes


    **Here is the Spybot S&D Scan results log**

    Search results from Spybot - Search & Destroy

    2/9/2013 9:17:24 AM
    Scan took 00:27:07.
    55 items found.

    Common Dialogs: [SBI $8E73A7FB] History (2 files) (Registry Key, nothing done)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

    Log: [SBI $8E73A7FB] Activity: SchedLgU.Txt (File, nothing done)
    C:\WINDOWS\SchedLgU.Txt
    Properties.size=32522
    Properties.md5=64539F281FD76599D4FFAC2A18F8C037
    Properties.filedate=1360396911
    Properties.filedatetext=2013-02-09 00:01:50

    Log: [SBI $8E73A7FB] Activity: imsins.log (File, nothing done)
    C:\WINDOWS\imsins.log
    Properties.size=1374
    Properties.md5=D7D37DDF6BF89BC8144CF4C9DEAB0BFB
    Properties.filedate=1358264830
    Properties.filedatetext=2013-01-15 07:47:10

    Log: [SBI $8E73A7FB] Activity: OEWABLog.txt (File, nothing done)
    C:\WINDOWS\OEWABLog.txt
    Properties.size=1523
    Properties.md5=2753B052B0DA23690D75273E8CA1708C
    Properties.filedate=1357595512
    Properties.filedatetext=2013-01-07 13:51:52

    Log: [SBI $8E73A7FB] Install: comsetup.log (File, nothing done)
    C:\WINDOWS\comsetup.log
    Properties.size=285204
    Properties.md5=6E9078B40C9CF2D6C229AA3428C85DCE
    Properties.filedate=1358264830
    Properties.filedatetext=2013-01-15 07:47:10

    Log: [SBI $8E73A7FB] Install: ocgen.log (File, nothing done)
    C:\WINDOWS\ocgen.log
    Properties.size=430741
    Properties.md5=6DD24DC514A14CE9A4E445F84E1C884A
    Properties.filedate=1358264828
    Properties.filedatetext=2013-01-15 07:47:08

    Log: [SBI $8E73A7FB] Install: setupact.log (File, nothing done)
    C:\WINDOWS\setupact.log
    Properties.size=181834
    Properties.md5=F4CFF69DFE6DDF8BA1BCA155E32E08A9
    Properties.filedate=1358651292
    Properties.filedatetext=2013-01-19 19:08:12

    Log: [SBI $8E73A7FB] Install: setupapi.log (File, nothing done)
    C:\WINDOWS\setupapi.log
    Properties.size=906854
    Properties.md5=DAFA4DF652D5781D5E7F23CFDFC77A9C
    Properties.filedate=1360387291
    Properties.filedatetext=2013-02-08 21:21:31

    Log: [SBI $8E73A7FB] Install: setuplog.txt (File, nothing done)
    C:\WINDOWS\setuplog.txt
    Properties.size=786528
    Properties.md5=6F2F79CD2D34A248466A53DEDE59E832
    Properties.filedate=1357426024
    Properties.filedatetext=2013-01-05 14:47:04

    Log: [SBI $8E73A7FB] Install: wmsetup.log (File, nothing done)
    C:\WINDOWS\wmsetup.log
    Properties.size=11686
    Properties.md5=52E2BF703727EB6FB050A9BDD61C7B1D
    Properties.filedate=1360353336
    Properties.filedatetext=2013-02-08 11:55:35

    Log: [SBI $8E73A7FB] Install: DtcInstall.log (File, nothing done)
    C:\WINDOWS\DtcInstall.log
    Properties.size=130
    Properties.md5=0B16AD6C2CC0EACDB7AB47F8296905A6
    Properties.filedate=1357424206
    Properties.filedatetext=2013-01-05 14:16:46

    Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\mofcomp.log (File, nothing done)
    C:\WINDOWS\System32\wbem\logs\mofcomp.log
    Properties.size=12131
    Properties.md5=5A8526E54DDE19559E25A9CD3D6B26CA
    Properties.filedate=1357426762
    Properties.filedatetext=2013-01-05 14:59:22

    Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\setup.log (File, nothing done)
    C:\WINDOWS\System32\wbem\logs\setup.log
    Properties.size=5347
    Properties.md5=AEBF431CE13BE5F911FA9DE7B75D690D
    Properties.filedate=1357424230
    Properties.filedatetext=2013-01-05 14:17:10

    Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wbemcore.log (File, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemcore.log
    Properties.size=22668
    Properties.md5=13A1DB8E7288A6AA118CCD6EE384AD60
    Properties.filedate=1360427923
    Properties.filedatetext=2013-02-09 08:38:43

    Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wbemess.lo_ (File, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemess.lo_
    Properties.size=65622
    Properties.md5=F174E8F7372AB3A07C232CF81402A367
    Properties.filedate=1360361279
    Properties.filedatetext=2013-02-08 14:07:59

    Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wbemess.log (File, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemess.log
    Properties.size=25379
    Properties.md5=6D77064CF1F97D2C0B11258560B8182E
    Properties.filedate=1360429324
    Properties.filedatetext=2013-02-09 09:02:03

    Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wbemprox.log (File, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemprox.log
    Properties.size=8402
    Properties.md5=023DCE2B1803A5727EADB689D6070300
    Properties.filedate=1360396910
    Properties.filedatetext=2013-02-09 00:01:50

    Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wmiadap.log (File, nothing done)
    C:\WINDOWS\System32\wbem\logs\wmiadap.log
    Properties.size=691
    Properties.md5=AB5CBE57C29698243E9B06CC8FD2C395
    Properties.filedate=1357425068
    Properties.filedatetext=2013-01-05 14:31:08

    Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wmiprov.log (File, nothing done)
    C:\WINDOWS\System32\wbem\logs\wmiprov.log
    Properties.size=59952
    Properties.md5=A6E34BCEA0E865DCA85FE1AE19332C49
    Properties.filedate=1360425891
    Properties.filedatetext=2013-02-09 08:04:50

    Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Internet Explorer\TypedURLs

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Microsoft Management Console\Recent File List

    MS Media Player: [SBI $E48560B4] Recent file list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\MediaPlayer\Player\RecentFileList

    MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-19\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\DirectInput\MostRecentApplication\Name

    MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\DirectInput\MostRecentApplication\Id

    MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Office\12.0\Word\File MRU

    MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey

    MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

    Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

    Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

    Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

    Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

    WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\WinRAR\ArcHistory

    WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2025429265-1788223648-1417001333-1004\Software\WinRAR\General\LastFolder

    Cookie: [SBI $49804B54] Browser: Cookie (3) (Browser: Cookie, nothing done)


    Cache: [SBI $49804B54] Browser: Cache (200) (Browser: Cache, nothing done)


    History: [SBI $49804B54] Browser: History (33) (Browser: History, nothing done)



    --- Spybot - Search & Destroy version: 2.0.12.131 DLL (build: 20121113) ---

    2012-11-13 blindman.exe (2.0.12.151)
    2012-11-13 explorer.exe (2.0.12.173)
    2012-11-13 SDBootCD.exe (2.0.12.109)
    2012-11-13 SDCleaner.exe (2.0.12.110)
    2012-11-13 SDDelFile.exe (2.0.12.94)
    2012-11-13 SDFiles.exe (2.0.12.135)
    2012-11-13 SDFileScanHelper.exe (2.0.12.1)
    2012-11-13 SDFSSvc.exe (2.0.12.205)
    2012-11-13 SDImmunize.exe (2.0.12.130)
    2012-11-13 SDLogReport.exe (2.0.12.107)
    2012-11-13 SDPESetup.exe (2.0.12.3)
    2012-11-13 SDPEStart.exe (2.0.12.86)
    2012-11-13 SDPhoneScan.exe (2.0.12.27)
    2012-11-13 SDPRE.exe (2.0.12.13)
    2012-11-13 SDPrepPos.exe (2.0.12.10)
    2012-11-13 SDQuarantine.exe (2.0.12.103)
    2012-11-13 SDRootAlyzer.exe (2.0.12.116)
    2012-11-13 SDSBIEdit.exe (2.0.12.39)
    2012-11-13 SDScan.exe (2.0.12.173)
    2012-11-13 SDScript.exe (2.0.12.53)
    2012-11-13 SDSettings.exe (2.0.12.130)
    2012-11-13 SDShred.exe (2.0.12.105)
    2012-11-13 SDSysRepair.exe (2.0.12.101)
    2012-11-13 SDTools.exe (2.0.12.150)
    2012-11-13 SDTray.exe (2.0.12.127)
    2012-11-13 SDUpdate.exe (2.0.12.89)
    2012-11-13 SDUpdSvc.exe (2.0.12.76)
    2012-11-13 SDWelcome.exe (2.0.12.126)
    2012-11-13 SDWSCSvc.exe (2.0.12.2)
    2013-02-03 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
    2012-11-13 SDECon32.dll (2.0.12.113)
    2012-11-13 SDEvents.dll (2.0.12.2)
    2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
    2012-11-13 SDHelper.dll (2.0.12.88)
    2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
    2012-11-13 SDLists.dll (2.0.12.4)
    2012-11-13 SDResources.dll (2.0.12.7)
    2012-11-13 SDScanLibrary.dll (2.0.12.131)
    2012-11-13 SDTasks.dll (2.0.12.15)
    2012-11-13 SDWinLogon.dll (2.0.12.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2012-11-13 Tools.dll (2.0.12.36)
    2012-11-13 UninsSrv.dll (2.0.12.52)
    2012-12-18 Includes\Adware.sbi (*)
    2013-01-29 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2012-11-14 Includes\Dialer.sbi (*)
    2012-11-14 Includes\DialerC.sbi (*)
    2012-11-14 Includes\HeavyDuty.sbi (*)
    2012-11-14 Includes\Hijackers.sbi (*)
    2012-11-14 Includes\HijackersC.sbi (*)
    2012-11-14 Includes\iPhone.sbi (*)
    2012-11-14 Includes\Keyloggers.sbi (*)
    2012-12-18 Includes\KeyloggersC.sbi (*)
    2012-11-21 Includes\Malware.sbi (*)
    2013-01-22 Includes\MalwareC.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2013-01-28 Includes\PUPSC.sbi (*)
    2012-11-14 Includes\Security.sbi (*)
    2012-11-14 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2012-11-14 Includes\Spyware.sbi (*)
    2012-11-14 Includes\SpywareC.sbi (*)
    2011-06-07 Includes\Tracks.sbi (*)
    2012-11-19 Includes\Tracks.uti (*)
    2013-01-16 Includes\Trojans.sbi (*)
    2013-01-17 Includes\TrojansC-02.sbi (*)
    2013-01-30 Includes\TrojansC-03.sbi (*)
    2013-01-28 Includes\TrojansC-04.sbi (*)
    2012-11-14 Includes\TrojansC-05.sbi (*)
    2013-01-30 Includes\TrojansC.sbi (*)
     
  2. psylock

    psylock Thread Starter

    Joined:
    Dec 19, 2012
    Messages:
    166
    Have I posted in the wrong forum? If so could someone let me know how to switch to a different forum, maybe General Security?

    Thanks
     
  3. etaf

    etaf Wayne Moderator

    Joined:
    Oct 2, 2003
    Messages:
    55,934
    this is the correct forum for support on malware etc - we dont allow anyone to support HJT logs and so this forum can only be answered by virus/malware qualified personal
     
  4. dvk01

    dvk01 Derek Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    47,861
    Nothing needs doing
    they are all legitimate entries & do not indicate malware in the slightest
     
  5. psylock

    psylock Thread Starter

    Joined:
    Dec 19, 2012
    Messages:
    166
    Thank you!!
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1088833