Spybot S&D: log file:

Discussion in 'other anti-malware software' started by SG1, Mar 2, 2003.

Thread Status:
Not open for further replies.
  1. SG1
    Offline

    SG1 Registered Member

    As I'm fairly new to using Spybot S&D, I'm posting a Spybot log file: can anyone tell me if there's anything ominous in the results? Or perhaps to rephrase the question - am I looking at usage tracks by and large, in this report?
    Only my brother and I use this PC & in a case like ours, the Spybot help file says that usage tracks aren't necessarily a bad thing as I recall - is that correct? {I always have several security programs running, while using the Internet}.
    The first 3 items were in red w/exclamation point in Spybot report; but as to the missing Alexa item... I erased that once in error after Ad-Aware said "Oh, gasp" about that file - but in this case it's really related to IE browser as I understand it.
    I've thus far only run Spybot 2-3 times, & I believe it finds same things each time (so I don't think "nasties" are getting in from surfing).
    And for Spybot to do its job properly, should I have Spybot running in background when using the net, or do I just run it now and then to check over the "health" of our PC?
    * Thanks, for any info that you may provide. SG1. *
    ------------------

    Alexa Related: What's related link (Replace file)
    RELATED.HTM

    DSO Exploit: Data source object exploit (Registry change)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\01004=W=3

    MS Media Player: Client ID (Registry change)
    HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Settings\Client ID=

    Adobe Acrobat Reader 5: Recent file #1 (Registry key)
    HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles\c1

    Adobe Acrobat Reader 5: Recent file #2 (Registry key)
    HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles\c2

    Internet Explorer: Download directory (Registry change)
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download Directory=

    Internet Explorer: Last used directory (Registry change)
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Save Directory=

    Internet Explorer: User agent (Registry change)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent=Mozilla/4.0 (compatible; MSIE; Win32)

    Log: Activity: ModemDet.txt (Backup file)
    C:\WINDOWS\ModemDet.txt

    Log: Activity: OEWABLog.txt (Backup file)
    C:\WINDOWS\OEWABLog.txt

    Log: IE: brndlog.txt (Backup file)
    C:\WINDOWS\brndlog.txt

    Log: Install: Active Setup Log.txt (Backup file)
    C:\WINDOWS\Active Setup Log.txt

    Log: Install: wmsetup.log (Backup file)
    C:\WINDOWS\wmsetup.log

    MS DirectDraw: Most recent application (Registry change)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name=

    MS Media Player: Recent open directory (Registry change)
    HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir=

    MS Paint: Recent file list( (1 files)) (Registry key)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List

    MS Wordpad: Recent file list( (4 files)) (Registry key)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

    Windows Explorer: Recent file global history (Registry key)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Windows Explorer: Stream history( (201 files)) (Registry key)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

    Windows Explorer: User Assistant history files( (3 files)) (Registry key)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

    Windows Explorer: User Assistant history IE( (592 files)) (Registry key)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

    Windows Network: Recent opened folder list (Registry key)
    HKEY_CURRENT_USER\Network\Recent

    Windows: Install locations( (6 files)) (Registry key)
    HKEY_CURRENT_USER\InstallLocationsMRU

    WinZip: Add files directory (Registry change)
    HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\gzAddDir=

    WinZip: Add files directory (Registry change)
    HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\AddDir=

    WinZip: Default directory (Registry change)
    HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\zDefDir=

    WinZip: Default directory (Registry change)
    HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\DefDir=

    WinZip: Destination directory (Registry change)
    HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\gzExtractTo=

    WinZip: Destination directory (Registry change)
    HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\ExtractTo=

    WinZip: Number of times run (Registry change)
    HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\rrs\Opened=

    WinZip: Recent created file list( (15 files)) (Registry key)
    HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\filemenu

    WinZip: Recent extracted file list( (6 files)) (Registry key)
    HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\extract


    --- Spybot-S&D version: 1.1 rel 4 ---
    2003-02-23 Includes\Malware.sbi
    2003-01-08 Includes\plugin-ignore.ini
    2003-02-23 Includes\Cookies.sbi
    2003-02-23 Includes\Dialer.sbi
    2003-02-23 Includes\Hijackers.sbi
    2003-02-23 Includes\Keyloggers.sbi
    2003-02-23 Includes\Security.sbi
    2003-02-23 Includes\Spybots.sbi
    2003-02-23 Includes\Tracks.uti
    2003-02-23 Includes\Trojans.sbi
  2. Pieter_Arntz
    Offline

    Pieter_Arntz Spyware Veteran

    Hi SG1,

    What you are looking at are indeed the sort of things Spybot S&D would typically find even on a freshly installed computer. There is no harm in letting it repair the red items.
    I always let it repair the logs as well, but when troubleshooting they might come in handy.
    For the official release of Spybot S&D there is no need to keep it running since that has no resident guard, whereas the beta version has. If you would like resident Spyware protection have a look at javacool´s SpywareBlaster and SpywareGuard.
    In Spybot S&D you can disable the checking for usage tracks and System Internals under Setting > File Sets.

    HTH,

    Pieter
Thread Status:
Not open for further replies.