rain40
2008-05-25, 16:34
--- Search result list ---
SmartPCKeylogger: [SBI $52088A00] Shared DLL (3 apps) (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\system32\Memman.vxd
SmartPCKeylogger: [SBI $52088A00] System file (File, nothing done)
C:\WINDOWS\system32\Memman.vxd
--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---
2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2005-11-06 unins000.exe (51.41.0.0)
2008-02-09 unins001.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2007-08-31 _SpybotSD.exe (1.5.1.15)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2008-04-16 Includes\Adware.sbi
2008-05-21 Includes\AdwareC.sbi
2008-05-21 Includes\Beta.sbi
2007-11-06 Includes\Beta.uti
2008-05-21 Includes\Cookies.sbi
2007-12-26 Includes\Dialer.sbi
2008-05-21 Includes\DialerC.sbi
2008-05-21 Includes\HeavyDuty.sbi
2008-04-30 Includes\Hijackers.sbi
2008-05-21 Includes\HijackersC.sbi
2008-04-30 Includes\Keyloggers.sbi
2008-05-21 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi
2008-05-21 Includes\Malware.sbi
2008-05-21 Includes\MalwareC.sbi
2008-03-26 Includes\PUPS.sbi
2008-05-21 Includes\PUPSC.sbi
2008-05-21 Includes\Revision.sbi
2008-01-09 Includes\Security.sbi
2008-05-21 Includes\SecurityC.sbi
2008-04-16 Includes\Spybots.sbi
2008-05-21 Includes\SpybotsC.sbi
2008-04-16 Includes\Spyware.sbi
2008-05-21 Includes\SpywareC.sbi
2007-11-06 Includes\Tracks.uti
2008-05-21 Includes\Trojans.sbi
2008-05-21 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2008-12-24 Plugins\TCPIPAddress.dll
My (possibly naive) reasons for skeptism:
File has a date created and date modified stamp of 22-09-2002
I was unable to distinguish a startup process that seemed associated
Online scans from virusscan.jotti.org and Virustotal.com negative
The above report was shortened to try and keep to the style demonstrated
in
http://forums.spybot.info/showthread.php?t=28373
and
http://forums.spybot.info/showthread.php?t=18382
so my apologies if I failed somewhere (I didn't see anything regarding what
reporting options to use in the sticky).
SmartPCKeylogger: [SBI $52088A00] Shared DLL (3 apps) (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\system32\Memman.vxd
SmartPCKeylogger: [SBI $52088A00] System file (File, nothing done)
C:\WINDOWS\system32\Memman.vxd
--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---
2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2005-11-06 unins000.exe (51.41.0.0)
2008-02-09 unins001.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2007-08-31 _SpybotSD.exe (1.5.1.15)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2008-04-16 Includes\Adware.sbi
2008-05-21 Includes\AdwareC.sbi
2008-05-21 Includes\Beta.sbi
2007-11-06 Includes\Beta.uti
2008-05-21 Includes\Cookies.sbi
2007-12-26 Includes\Dialer.sbi
2008-05-21 Includes\DialerC.sbi
2008-05-21 Includes\HeavyDuty.sbi
2008-04-30 Includes\Hijackers.sbi
2008-05-21 Includes\HijackersC.sbi
2008-04-30 Includes\Keyloggers.sbi
2008-05-21 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi
2008-05-21 Includes\Malware.sbi
2008-05-21 Includes\MalwareC.sbi
2008-03-26 Includes\PUPS.sbi
2008-05-21 Includes\PUPSC.sbi
2008-05-21 Includes\Revision.sbi
2008-01-09 Includes\Security.sbi
2008-05-21 Includes\SecurityC.sbi
2008-04-16 Includes\Spybots.sbi
2008-05-21 Includes\SpybotsC.sbi
2008-04-16 Includes\Spyware.sbi
2008-05-21 Includes\SpywareC.sbi
2007-11-06 Includes\Tracks.uti
2008-05-21 Includes\Trojans.sbi
2008-05-21 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2008-12-24 Plugins\TCPIPAddress.dll
My (possibly naive) reasons for skeptism:
File has a date created and date modified stamp of 22-09-2002
I was unable to distinguish a startup process that seemed associated
Online scans from virusscan.jotti.org and Virustotal.com negative
The above report was shortened to try and keep to the style demonstrated
in
http://forums.spybot.info/showthread.php?t=28373
and
http://forums.spybot.info/showthread.php?t=18382
so my apologies if I failed somewhere (I didn't see anything regarding what
reporting options to use in the sticky).