SG1
March 2nd, 2003, 03:33 AM
As I'm fairly new to using Spybot S&D, I'm posting a Spybot log file: can anyone tell me if there's anything ominous in the results? Or perhaps to rephrase the question - am I looking at usage tracks by and large, in this report?
Only my brother and I use this PC & in a case like ours, the Spybot help file says that usage tracks aren't necessarily a bad thing as I recall - is that correct? {I always have several security programs running, while using the Internet}.
The first 3 items were in red w/exclamation point in Spybot report; but as to the missing Alexa item... I erased that once in error after Ad-Aware said "Oh, gasp" about that file - but in this case it's really related to IE browser as I understand it.
I've thus far only run Spybot 2-3 times, & I believe it finds same things each time (so I don't think "nasties" are getting in from surfing).
And for Spybot to do its job properly, should I have Spybot running in background when using the net, or do I just run it now and then to check over the "health" of our PC?
* Thanks, for any info that you may provide. SG1. *
------------------
Alexa Related: What's related link (Replace file)
RELATED.HTM
DSO Exploit: Data source object exploit (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\01004=W=3
MS Media Player: Client ID (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Settings\Client ID=
Adobe Acrobat Reader 5: Recent file #1 (Registry key)
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles\c1
Adobe Acrobat Reader 5: Recent file #2 (Registry key)
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles\c2
Internet Explorer: Download directory (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download Directory=
Internet Explorer: Last used directory (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Save Directory=
Internet Explorer: User agent (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent=Mozilla/4.0 (compatible; MSIE; Win32)
Log: Activity: ModemDet.txt (Backup file)
C:\WINDOWS\ModemDet.txt
Log: Activity: OEWABLog.txt (Backup file)
C:\WINDOWS\OEWABLog.txt
Log: IE: brndlog.txt (Backup file)
C:\WINDOWS\brndlog.txt
Log: Install: Active Setup Log.txt (Backup file)
C:\WINDOWS\Active Setup Log.txt
Log: Install: wmsetup.log (Backup file)
C:\WINDOWS\wmsetup.log
MS DirectDraw: Most recent application (Registry change)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name=
MS Media Player: Recent open directory (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir=
MS Paint: Recent file list( (1 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
MS Wordpad: Recent file list( (4 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
Windows Explorer: Recent file global history (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: Stream history( (201 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: User Assistant history files( (3 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: User Assistant history IE( (592 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Network: Recent opened folder list (Registry key)
HKEY_CURRENT_USER\Network\Recent
Windows: Install locations( (6 files)) (Registry key)
HKEY_CURRENT_USER\InstallLocationsMRU
WinZip: Add files directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\gzAddDir=
WinZip: Add files directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\AddDir=
WinZip: Default directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\zDefDir=
WinZip: Default directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\DefDir=
WinZip: Destination directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\gzExtractTo=
WinZip: Destination directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\ExtractTo=
WinZip: Number of times run (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\rrs\Opened=
WinZip: Recent created file list( (15 files)) (Registry key)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\filemenu
WinZip: Recent extracted file list( (6 files)) (Registry key)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\extract
--- Spybot-S&D version: 1.1 rel 4 ---
2003-02-23 Includes\Malware.sbi
2003-01-08 Includes\plugin-ignore.ini
2003-02-23 Includes\Cookies.sbi
2003-02-23 Includes\Dialer.sbi
2003-02-23 Includes\Hijackers.sbi
2003-02-23 Includes\Keyloggers.sbi
2003-02-23 Includes\Security.sbi
2003-02-23 Includes\Spybots.sbi
2003-02-23 Includes\Tracks.uti
2003-02-23 Includes\Trojans.sbi
Only my brother and I use this PC & in a case like ours, the Spybot help file says that usage tracks aren't necessarily a bad thing as I recall - is that correct? {I always have several security programs running, while using the Internet}.
The first 3 items were in red w/exclamation point in Spybot report; but as to the missing Alexa item... I erased that once in error after Ad-Aware said "Oh, gasp" about that file - but in this case it's really related to IE browser as I understand it.
I've thus far only run Spybot 2-3 times, & I believe it finds same things each time (so I don't think "nasties" are getting in from surfing).
And for Spybot to do its job properly, should I have Spybot running in background when using the net, or do I just run it now and then to check over the "health" of our PC?
* Thanks, for any info that you may provide. SG1. *
------------------
Alexa Related: What's related link (Replace file)
RELATED.HTM
DSO Exploit: Data source object exploit (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\01004=W=3
MS Media Player: Client ID (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Settings\Client ID=
Adobe Acrobat Reader 5: Recent file #1 (Registry key)
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles\c1
Adobe Acrobat Reader 5: Recent file #2 (Registry key)
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles\c2
Internet Explorer: Download directory (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download Directory=
Internet Explorer: Last used directory (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Save Directory=
Internet Explorer: User agent (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent=Mozilla/4.0 (compatible; MSIE; Win32)
Log: Activity: ModemDet.txt (Backup file)
C:\WINDOWS\ModemDet.txt
Log: Activity: OEWABLog.txt (Backup file)
C:\WINDOWS\OEWABLog.txt
Log: IE: brndlog.txt (Backup file)
C:\WINDOWS\brndlog.txt
Log: Install: Active Setup Log.txt (Backup file)
C:\WINDOWS\Active Setup Log.txt
Log: Install: wmsetup.log (Backup file)
C:\WINDOWS\wmsetup.log
MS DirectDraw: Most recent application (Registry change)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name=
MS Media Player: Recent open directory (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir=
MS Paint: Recent file list( (1 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
MS Wordpad: Recent file list( (4 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
Windows Explorer: Recent file global history (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: Stream history( (201 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: User Assistant history files( (3 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: User Assistant history IE( (592 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Network: Recent opened folder list (Registry key)
HKEY_CURRENT_USER\Network\Recent
Windows: Install locations( (6 files)) (Registry key)
HKEY_CURRENT_USER\InstallLocationsMRU
WinZip: Add files directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\gzAddDir=
WinZip: Add files directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\AddDir=
WinZip: Default directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\zDefDir=
WinZip: Default directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\DefDir=
WinZip: Destination directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\gzExtractTo=
WinZip: Destination directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\ExtractTo=
WinZip: Number of times run (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\rrs\Opened=
WinZip: Recent created file list( (15 files)) (Registry key)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\filemenu
WinZip: Recent extracted file list( (6 files)) (Registry key)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\extract
--- Spybot-S&D version: 1.1 rel 4 ---
2003-02-23 Includes\Malware.sbi
2003-01-08 Includes\plugin-ignore.ini
2003-02-23 Includes\Cookies.sbi
2003-02-23 Includes\Dialer.sbi
2003-02-23 Includes\Hijackers.sbi
2003-02-23 Includes\Keyloggers.sbi
2003-02-23 Includes\Security.sbi
2003-02-23 Includes\Spybots.sbi
2003-02-23 Includes\Tracks.uti
2003-02-23 Includes\Trojans.sbi