deanna
2007-02-06, 21:18
Spybot encountered the following when last run:
Problem
Microsoft.Windows.FileExe
Settings
HKEY-CLASSES-ROOT\.exe\!=exefile
Threat: Hijacked Windows Setting
Description:
This entry will show up if the filetype association for exefile has been changed. This can be done by trojans or malware which try to load their executable with any exe the user wants to start.
No other spyware/av/firewall has detected this, so could it be a false positive?
System Info:
Win98SE
ZA Firewall
Spybot SD
Spywareblaster
CCleaner
AdAware
F-Prot AV
All with current signature updates. Below is the report detail from Spybot.
TIA for any/all assistance.
Microsoft.Windows.FileExe: Settings (Registry change, nothing done)
HKEY_CLASSES_ROOT\.exe\!=exefile
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2007-01-19 unins000.exe (51.41.0.0)
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-05-31 Update.exe (1.4.0.0)
2007-01-15 advcheck.dll (1.2.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-12-08 Includes\Dialer.sbi (*)
2007-02-02 Includes\Cookies.sbi (*)
2006-11-24 Includes\Hijackers.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-01-12 Includes\Malware.sbi (*)
2007-01-19 Includes\PUPS.sbi (*)
2006-12-08 Includes\Security.sbi (*)
2007-02-02 Includes\Spybots.sbi (*)
2006-12-08 Includes\Trojans.sbi (*)
2007-02-02 Includes\Revision.sbi (*)
2005-02-17 Includes\Tracks.uti
2003-11-12 Includes\QA Tests.sbi (*)
2007-02-02 Includes\TrojansC.sbi (*)
2004-08-11 Includes\plugin-ignore.ini
2007-02-02 Includes\SpybotsC.sbi (*)
2007-02-02 Includes\SecurityC.sbi (*)
2007-02-02 Includes\PUPSC.sbi (*)
2007-02-02 Includes\MalwareC.sbi (*)
2007-02-02 Includes\KeyloggersC.sbi (*)
2007-02-02 Includes\HijackersC.sbi (*)
2007-02-02 Includes\DialerC.sbi (*)
Problem
Microsoft.Windows.FileExe
Settings
HKEY-CLASSES-ROOT\.exe\!=exefile
Threat: Hijacked Windows Setting
Description:
This entry will show up if the filetype association for exefile has been changed. This can be done by trojans or malware which try to load their executable with any exe the user wants to start.
No other spyware/av/firewall has detected this, so could it be a false positive?
System Info:
Win98SE
ZA Firewall
Spybot SD
Spywareblaster
CCleaner
AdAware
F-Prot AV
All with current signature updates. Below is the report detail from Spybot.
TIA for any/all assistance.
Microsoft.Windows.FileExe: Settings (Registry change, nothing done)
HKEY_CLASSES_ROOT\.exe\!=exefile
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2007-01-19 unins000.exe (51.41.0.0)
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-05-31 Update.exe (1.4.0.0)
2007-01-15 advcheck.dll (1.2.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-12-08 Includes\Dialer.sbi (*)
2007-02-02 Includes\Cookies.sbi (*)
2006-11-24 Includes\Hijackers.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-01-12 Includes\Malware.sbi (*)
2007-01-19 Includes\PUPS.sbi (*)
2006-12-08 Includes\Security.sbi (*)
2007-02-02 Includes\Spybots.sbi (*)
2006-12-08 Includes\Trojans.sbi (*)
2007-02-02 Includes\Revision.sbi (*)
2005-02-17 Includes\Tracks.uti
2003-11-12 Includes\QA Tests.sbi (*)
2007-02-02 Includes\TrojansC.sbi (*)
2004-08-11 Includes\plugin-ignore.ini
2007-02-02 Includes\SpybotsC.sbi (*)
2007-02-02 Includes\SecurityC.sbi (*)
2007-02-02 Includes\PUPSC.sbi (*)
2007-02-02 Includes\MalwareC.sbi (*)
2007-02-02 Includes\KeyloggersC.sbi (*)
2007-02-02 Includes\HijackersC.sbi (*)
2007-02-02 Includes\DialerC.sbi (*)