PDA

View Full Version : What is all this?


normanishmael
2008-11-23, 06:33
Hello.
For the past two days my DSl has been slow. Down to 800-k1500 download,and my pretty well normal 600k or so upload
most of the time my download is 3000-32000k.
My ISP gave me no joy,and scans by Avira Anti-vir,A-squared a-2,Malwarebytes Antimalware,and
SuperAntiSpyware all came back clean.
THis afternoon my regularly set SpyBot scan kicked this up.
I recently Un-instaled SpywareBlaster,aCan this be something left over from its definitions?
False positives?
--- Report generated: 2008-11-22 23:20 ---

Hint of the Day: Click the bar at the right of this to see more information! ()


Sgrunt: [SBI $3CCEFC93] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sgrunt.biz\*

Bestsearch.Scvhost: [SBI $C936DB5F] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\bestsearch.cc\*

Bestsearch.Scvhost: [SBI $A1937CB2] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dapsol.com\*

Bestsearch.Scvhost: [SBI $16B05BC6] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\bestsearch.cc\*

Bestsearch.Scvhost: [SBI $11250B79] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dapsol.com\*

CoolWWWSearch: [SBI $66DFB7CF] Domain settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\coolwwwsearch.com\*

CoolWWWSearch.BadZoneMap: [SBI $42756596] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\coolwebsearch.com\*

CoolWWWSearch.BadZoneMap: [SBI $6421293D] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchmeup.com\*

CoolWWWSearch.BadZoneMap: [SBI $EB72BC32] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\slotchbar.com\*

CoolWWWSearch.BadZoneMap: [SBI $BC9E9BDB] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ysbweb.com\*

CoolWWWSearch.BadZoneMap: [SBI $3385780A] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\blazefind.com\*

CoolWWWSearch.BadZoneMap: [SBI $EA76D9DE] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clickspring.net\*

CoolWWWSearch.BadZoneMap: [SBI $FD0D89B2] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\flingstone.com\*

CoolWWWSearch.BadZoneMap: [SBI $86A99B8E] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mt-download.com\*

CoolWWWSearch.BadZoneMap: [SBI $A93E645B] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchbarcash.com\*

CoolWWWSearch.BadZoneMap: [SBI $241008D4] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchmiracle.com\*

CoolWWWSearch.Googlems: [SBI $A78D704A] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\xxxtoolbar.com\*

CoolWWWSearch.WinRes: [SBI $0A5F6636] Trusted Site (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\offshoreclicks.com\*

TNS-Search: [SBI $72866050] User settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\asdbiz.biz\*

TNS-Search: [SBI $1DDCA26E] User settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clickspring.net\*

TNS-Search: [SBI $C40B1F3A] User settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mt-download.com\*

TNS-Search: [SBI $773AA8AE] User settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchmiracle.com\*

TNS-Search: [SBI $2E9C5653] User settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\slotch.com\*

ABetterInternet: [SBI $CE49D3F7] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\net-nucleus.com\*

MediaMotor: [SBI $830F8E68] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\elitemediagroup.net\*

MediaMotor: [SBI $66D54986] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\media-motor.net\*

MediaMotor: [SBI $00D5F257] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mmohsix.com\*

Smitfraud-C.: [SBI $543C0AE6] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\asdbiz.biz\*

Smitfraud-C.: [SBI $9405B5A7] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\20x2p.com\*

Smitfraud-C.: [SBI $B9B0F07E] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\greg-tut.com\*

Smitfraud-C.: [SBI $47760D99] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\t34rulit.com\*

Smitfraud-C.: [SBI $7119732C] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u46.cx\*

Smitfraud-C.: [SBI $3458795D] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u48.cc\*

180Solutions.SearchAssistant: [SBI $DA53980B] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\*

XPreload: [SBI $D00C41BA] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sxload.com\*


--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

thanks
normanishmael
normanishmael
2008-11-24, 02:41
pEOPLE WHO ASKED AFTER ME ARE BEING HELPED.
iF YOU DO NOT KNOW HOW TO EXPLAIN THESE FALSE POSITIVES
THATS FINE.
KISS MY ASS.







Hello.
For the past two days my DSl has been slow. Down to 800-k1500 download,and my pretty well normal 600k or so upload
most of the time my download is 3000-32000k.
My ISP gave me no joy,and scans by Avira Anti-vir,A-squared a-2,Malwarebytes Antimalware,and
SuperAntiSpyware all came back clean.
THis afternoon my regularly set SpyBot scan kicked this up.
I recently Un-instaled SpywareBlaster,aCan this be something left over from its definitions?
False positives?
--- Report generated: 2008-11-22 23:20 ---

Hint of the Day: Click the bar at the right of this to see more information! ()


Sgrunt: [SBI $3CCEFC93] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sgrunt.biz\*

Bestsearch.Scvhost: [SBI $C936DB5F] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\bestsearch.cc\*

Bestsearch.Scvhost: [SBI $A1937CB2] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dapsol.com\*

Bestsearch.Scvhost: [SBI $16B05BC6] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\bestsearch.cc\*

Bestsearch.Scvhost: [SBI $11250B79] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dapsol.com\*

CoolWWWSearch: [SBI $66DFB7CF] Domain settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\coolwwwsearch.com\*

CoolWWWSearch.BadZoneMap: [SBI $42756596] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\coolwebsearch.com\*

CoolWWWSearch.BadZoneMap: [SBI $6421293D] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchmeup.com\*

CoolWWWSearch.BadZoneMap: [SBI $EB72BC32] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\slotchbar.com\*

CoolWWWSearch.BadZoneMap: [SBI $BC9E9BDB] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ysbweb.com\*

CoolWWWSearch.BadZoneMap: [SBI $3385780A] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\blazefind.com\*

CoolWWWSearch.BadZoneMap: [SBI $EA76D9DE] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clickspring.net\*

CoolWWWSearch.BadZoneMap: [SBI $FD0D89B2] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\flingstone.com\*

CoolWWWSearch.BadZoneMap: [SBI $86A99B8E] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mt-download.com\*

CoolWWWSearch.BadZoneMap: [SBI $A93E645B] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchbarcash.com\*

CoolWWWSearch.BadZoneMap: [SBI $241008D4] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchmiracle.com\*

CoolWWWSearch.Googlems: [SBI $A78D704A] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\xxxtoolbar.com\*

CoolWWWSearch.WinRes: [SBI $0A5F6636] Trusted Site (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\offshoreclicks.com\*

TNS-Search: [SBI $72866050] User settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\asdbiz.biz\*

TNS-Search: [SBI $1DDCA26E] User settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clickspring.net\*

TNS-Search: [SBI $C40B1F3A] User settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mt-download.com\*

TNS-Search: [SBI $773AA8AE] User settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchmiracle.com\*

TNS-Search: [SBI $2E9C5653] User settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\slotch.com\*

ABetterInternet: [SBI $CE49D3F7] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\net-nucleus.com\*

MediaMotor: [SBI $830F8E68] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\elitemediagroup.net\*

MediaMotor: [SBI $66D54986] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\media-motor.net\*

MediaMotor: [SBI $00D5F257] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mmohsix.com\*

Smitfraud-C.: [SBI $543C0AE6] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\asdbiz.biz\*

Smitfraud-C.: [SBI $9405B5A7] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\20x2p.com\*

Smitfraud-C.: [SBI $B9B0F07E] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\greg-tut.com\*

Smitfraud-C.: [SBI $47760D99] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\t34rulit.com\*

Smitfraud-C.: [SBI $7119732C] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u46.cx\*

Smitfraud-C.: [SBI $3458795D] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u48.cc\*

180Solutions.SearchAssistant: [SBI $DA53980B] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\*

XPreload: [SBI $D00C41BA] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-854245398-1788223648-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sxload.com\*


--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

thanks
normanishmael
md usa spybot fan
2008-11-24, 05:49
normanishmael:

Nice attitude.

Members of Team Spybot normally handle false positives and it is a weekend and they’re off.
Yodama
2008-11-24, 10:02
The scanresult above shows malicious domains which are not set to be restricted within the Internet Explorer. Unlike some other scanners Spybot S&D checks the actual data stored for the domains. For the case above this means that it is not a case of false positives.