As Intended: Spywareinfo.TrafficZ on www.spywareinfo.com in my SeaMonkey v1.1.14 bookmarks.html [Archive]

antdude

2009-01-14, 17:54

I think this is a false positive:

Spywareinfo.TrafficZ: Bookmark (Mozilla: ant) (Bookmark, nothing done)

Common Dialogs: History (4 files) (Registry key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: Activity: COM+.log (Backup file, nothing done)
C:\WINDOWS\COM+.log

Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt

Log: Activity: imsins.log (Backup file, nothing done)
C:\WINDOWS\imsins.log

Log: Activity: OEWABLog.txt (Backup file, nothing done)
C:\WINDOWS\OEWABLog.txt

Log: Activity: ntbtlog.txt (Backup file, nothing done)
C:\WINDOWS\ntbtlog.txt

Log: Install: comsetup.log (Backup file, nothing done)
C:\WINDOWS\comsetup.log

Log: Install: Directx.log (Backup file, nothing done)
C:\WINDOWS\Directx.log

Log: Install: ocgen.log (Backup file, nothing done)
C:\WINDOWS\ocgen.log

Log: Install: setupact.log (Backup file, nothing done)
C:\WINDOWS\setupact.log

Log: Install: setupapi.log (Backup file, nothing done)
C:\WINDOWS\setupapi.log

Log: Install: setuplog.txt (Backup file, nothing done)
C:\WINDOWS\setuplog.txt

Log: Install: svcpack.log (Backup file, nothing done)
C:\WINDOWS\svcpack.log

Log: Install: wmsetup.log (Backup file, nothing done)
C:\WINDOWS\wmsetup.log

Log: Install: DtcInstall.log (Backup file, nothing done)
C:\WINDOWS\DtcInstall.log

Log: Shutdown: System32\wbem\logs\mofcomp.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\mofcomp.log

Log: Shutdown: System32\wbem\logs\setup.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\setup.log

Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log

Log: Shutdown: System32\wbem\logs\wbemess.lo_ (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.lo_

Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wbemprox.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log

Log: Shutdown: System32\wbem\logs\wbemsnmp.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemsnmp.log

Log: Shutdown: System32\wbem\logs\winmgmt.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\winmgmt.log

Log: Shutdown: System32\wbem\logs\wmiadap.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiadap.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

GetRight: [SBI $D5DA454C] Most recently used (24 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\SOFTWARE\Headlight\GetRight\MRU

GetRight: [SBI $377134F7] Recent servers (204 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\SOFTWARE\Headlight\GetRight\RecentServers

GetRight: [SBI $4F21F639] Last download folder (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\HeadLight\GetRight\Config\LastDir

GetRight: [SBI $07A1E5FF] Number of downloaded files (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\HeadLight\GetRight\Stats\Files

GetRight: [SBI $4B113802] Number of used FTP servers (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\HeadLight\GetRight\Stats\FtpServers

GetRight: [SBI $C0A3AB53] Number of downloaded HTTP files (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\HeadLight\GetRight\Stats\HttpFiles

GetRight: [SBI $19FD1F2A] Total of saved KB (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\HeadLight\GetRight\Stats\SavedK

GetRight: [SBI $D642E234] Total of downloaded KB (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\HeadLight\GetRight\Stats\TotalK

GetRight: [SBI $5BA268EE] Recent folder list (10 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Headlight\GetRight\Dirs

Internet Explorer: [SBI $D9A946AF] Last used directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Internet Explorer\Main\Save Directory

Internet Explorer: [SBI $FF589D0C] Download directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Internet Explorer\Download Directory

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1028\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Isobuster: [SBI $FFCD5808] Last save folder (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Smart Projects\IsoBuster\LastSavedPath

MS Management Console: [SBI $ECD50EAD] Recent command list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $D8642806] Application data file (global) () (File, nothing done)
C:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\wmplibrary_v_0_12.db

MS Media Player: [SBI $656F1808] Search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\MediaPlayer\AutoComplete\MediaSearch

MS Media Player: [SBI $5C51E349] Client ID (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1028\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS DirectInput: [SBI $6533916A] Last mapped application ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\DirectInput\MostRecentMapperApplication\ID

MS DirectInput: [SBI $31B11F6A] Last mapped application (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\DirectInput\MostRecentMapperApplication\Name

MS Office 9.0: [SBI $4F7FBCC4] Internet history (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Office\9.0\Common\Internet\LocationOfComponents

MS Office 9.0 (Word): [SBI $EC31BB71] Recently used file list (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Office\9.0\Word\Data\Settings

MS Fax: [SBI $F2D1A0E8] Last country ID (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Fax\UserInfo\LastCountryID

MS Fax: [SBI $8F651DE1] Last recipient name (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Fax\UserInfo\LastRecipientName

MS Fax: [SBI $17E7FB0C] Last recipient number (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Fax\UserInfo\LastRecipientNumber

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Search Assistant\ACMru

MS Windows Backup 5.0: [SBI $9CE336F6] Last created backup set (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Ntbackup\Hardware\Logical Disk File

Paint Shop Pro 8: [SBI $64E8CACA] Last browse folder (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\Browser\BrowseDir

Paint Shop Pro 8: [SBI $4036789C] General folder history (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\General\FolderHistory

Paint Shop Pro 8: [SBI $57AE9057] Last batch processing input folder (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\JascCmdFile\BatchProcess\InputDir

Paint Shop Pro 8: [SBI $139562EC] Last batch processing output folder (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\JascCmdFile\BatchProcess\OutputDir

Paint Shop Pro 8: [SBI $9DC7EE24] Last batch processing output type (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\JascCmdFile\BatchProcess\OutputType

Paint Shop Pro 8: [SBI $6C460643] Last open folder (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\JascCmdFile\FileOpen\Folder

Paint Shop Pro 8: [SBI $7EE611FA] Last save as folder (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\JascCmdFile\FileSaveAs\FileFolder

Paint Shop Pro 8: [SBI $5DC50297] Last created raster layer (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\JascCmdLayers\NewRasterLayer\General\Name

Paint Shop Pro 8: [SBI $FFFDDA7A] Non-graphic command folder history (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\JascCmdNonGraphic\General\FolderHistory

Paint Shop Pro 8: [SBI $B63339A5] Last used picture tube (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\JascToolPaint\PictureTube\TubeName

Paint Shop Pro 8: [SBI $3DFA9E28] Recent texture #1 (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\Materials\MRUMaterial0

Paint Shop Pro 8: [SBI $00890756] Recent texture #2 (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\Materials\MRUMaterial1

Paint Shop Pro 8: [SBI $3783CC80] Recent texture #3 (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\Materials\MRUMaterial2

Paint Shop Pro 8: [SBI $7A6E35AA] Recent texture #4 (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\Materials\MRUMaterial3

Paint Shop Pro 8: [SBI $29083B78] Recent texture #5 (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\Materials\MRUMaterial4

Paint Shop Pro 8: [SBI $147BA206] Recent texture #6 (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\Materials\MRUMaterial5

Paint Shop Pro 8: [SBI $418A36E8] Last applied text (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Jasc\Paint Shop Pro 8\JascToolText\Text\SavedText

Virtual Dub: [SBI $B933A375] Recently file list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Freeware\VirtualDub\MRU List

Windows: [SBI $1E4E2003] Drivers installation paths (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $286A25C6] Open with list - .ACE extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ACE\OpenWithList

Windows.OpenWith: [SBI $9FC5618C] Open with list - .ANI extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ANI\OpenWithList

Windows.OpenWith: [SBI $F9D595D2] Open with list - .ANS extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ANS\OpenWithList

Windows.OpenWith: [SBI $16E309E0] Open with list - .ASF extension (10 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList

Windows.OpenWith: [SBI $C675485B] Open with list - .ASM extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASM\OpenWithList

Windows.OpenWith: [SBI $6CBE8CD7] Open with list - .ASP extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASP\OpenWithList

Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (11 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (11 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $9130BCC8] Open with list - .AVS extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVS\OpenWithList

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (11 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (11 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $3A7F8A99] Open with list - .BZ2 extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList

Windows.OpenWith: [SBI $585AC39A] Open with list - .C extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.C\OpenWithList

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (5 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

Windows.OpenWith: [SBI $21C40B70] Open with list - .CAL extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAL\OpenWithList

Windows.OpenWith: [SBI $FAC0D236] Open with list - .CAR extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAR\OpenWithList

Windows.OpenWith: [SBI $EE6DBAB9] Open with list - .CC extension (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CC\OpenWithList

Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList

Windows.OpenWith: [SBI $99432203] Open with list - .CFG extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CFG\OpenWithList

Windows.OpenWith: [SBI $552C82FA] Open with list - .CHK extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHK\OpenWithList

Windows.OpenWith: [SBI $B6B2B96E] Open with list - .CHM extension (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList

Windows.OpenWith: [SBI $0FA8F199] Open with list - .CLP extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CLP\OpenWithList

Windows.OpenWith: [SBI $AF6CCC6C] Open with list - .CON extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CON\OpenWithList

Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

Windows.OpenWith: [SBI $F34FE1D0] Open with list - .CUE extension (7 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $7308A845] Run history (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $AA0766B5] Stream history (2 files) (Registry key, nothing done)
HKEY_USERS\PE_C_ADMINISTRATOR\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $AA0766B5] Stream history (5 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (1 files) (Registry key, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (4 files) (Registry key, nothing done)
HKEY_USERS\PE_C_ADMINISTRATOR\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (12 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1028\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (1 files) (Registry key, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (5 files) (Registry key, nothing done)
HKEY_USERS\PE_C_ADMINISTRATOR\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (1104 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1028\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (22 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1028\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1028\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1028\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry value, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1028\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry value, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

WinRAR: [SBI $0B56E92B] Recent file list (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\WinRAR\ArcHistory

WinZip: [SBI $4912A1BE] Recent extracted file list (2 files) (Registry key, nothing done)
HKEY_USERS\PE_C_ADMINISTRATOR\Software\Nico Mak Computing\WinZip\extract

WinZip: [SBI $4912A1BE] Recent extracted file list (5 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Nico Mak Computing\WinZip\extract

WinZip: [SBI $462D4A59] Recent created file list (15 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Nico Mak Computing\WinZip\filemenu

WinZip: [SBI $1059E532] Number of times run (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Nico Mak Computing\WinZip\rrs\Opened

WinZip: [SBI $669C1037] Default directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Nico Mak Computing\WinZip\directories\DefDir

WinZip: [SBI $1FCFAF16] Default directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Nico Mak Computing\WinZip\directories\zDefDir

WinZip: [SBI $E95B93ED] Add files directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Nico Mak Computing\WinZip\directories\AddDir

WinZip: [SBI $FF613757] Destination directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Nico Mak Computing\WinZip\directories\ExtractTo

WinZip: [SBI $9EC1EAC6] Add files directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Nico Mak Computing\WinZip\directories\gzAddDir

WinZip: [SBI $214A5C12] Destination directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-789336058-1202660629-1003\Software\Nico Mak Computing\WinZip\directories\gzExtractTo

Cache: [SBI $49804B54] Cache (1) (Cache, nothing done)

History: [SBI $49804B54] History (206) (History, nothing done)

Cookie: [SBI $49804B54] Cookie (842) (Cookie, nothing done)

--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-09-16 TeaTimer.exe (1.6.3.25)
2008-07-10 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-10-22 advcheck.dll (1.6.2.13)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2008-11-04 Includes\Adware.sbi (*)
2009-01-13 Includes\AdwareC.sbi (*)
2009-01-08 Includes\Cookies.sbi (*)
2009-01-06 Includes\Dialer.sbi (*)
2009-01-13 Includes\DialerC.sbi (*)
2009-01-13 Includes\HeavyDuty.sbi (*)
2008-11-18 Includes\Hijackers.sbi (*)
2009-01-13 Includes\HijackersC.sbi (*)
2008-12-09 Includes\Keyloggers.sbi (*)
2009-01-13 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-11-18 Includes\Malware.sbi (*)
2009-01-14 Includes\MalwareC.sbi (*)
2008-12-16 Includes\PUPS.sbi (*)
2009-01-13 Includes\PUPSC.sbi (*)
2009-01-13 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-01-13 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-12-10 Includes\Spyware.sbi (*)
2009-01-13 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti (*)
2009-01-05 Includes\Trojans.sbi (*)
2009-01-14 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

Never had this problem before today's definitions. http://safeweb.norton.com/report/show?url=www.spywareinfo.com&x=0&y=0
and http://www.siteadvisor.com/sites/spywareinfo.com say OK!

md usa spybot fan

2009-01-14, 18:29

antdude:

This is in no way an official ruling on your report of the possible false positive, but I believe that you should be aware of the discussion in following thread concerning the domain name Spywareinfo:
Microsoft.Windows.RedirectedHosts?
http://forums.spybot.info/showthread.php?t=43973
As of yesterday Spywareinfo.com was even advertizing a fake Spybot Search & Destroy.

tashi

2009-01-14, 18:41

Hello antdude,

http://www.siteadvisor.com/sites/spywareinfo.com say OK!

Site Advisor is out of date regarding Spywareinfo, read the last reviews/comments warning about the fact the domain was sold.

Also please see this sticky topic at SWI.
http://www.spywareinfoforum.com/index.php?showtopic=121410

Best regards.

antdude

2009-01-14, 19:22

Hello antdude,

Site Advisor is out of date regarding Spywareinfo, read the last reviews/comments warning about the fact the domain was sold.

Also please see this sticky topic at SWI.
http://www.spywareinfoforum.com/index.php?showtopic=121410

Best regards.Wow, what the heck? Sheesh, I was on it recently too. That stinks! Thanks and sorry about that!

tashi

2009-01-14, 19:53

Hi there,

No need to apologise, :) word is still getting out and some places tardy in responding to requests to change the links.

antdude

2009-01-14, 20:04

Hi there,

No need to apologise, :) word is still getting out and some places tardy in responding to requests to change the links.I told my friends about it. Did anyone tell the two sites in my links yet? I don't have accounts to there to report bad "takeover".

tashi

2009-01-14, 21:38

I told my friends about it. Did anyone tell the two sites in my links yet? I don't have accounts to there to report bad "takeover".

Thanks.

I don't know about Norton. Site Advisor was informed by cnm, SWI Administrator, she posted a heads up in the comments section 12/07/2008.

The link was changed at ASAP. http://asap.maddoktor2.com/

A lot of places have tried to get the word out, for example,

http://msmvps.com/blogs/harrywaldron/archive/2008/12/16/swi-spyware-info-site-name-has-changed.aspx

http://securityticker.blogspot.com/2008/12/spywareinfo-domain-now-linking-rogues.html

antdude

2009-01-14, 21:44

Thanks.

I don't know about Norton. Site Advisor was informed by cnm, SWI Administrator, she posted a heads up in the comments section 12/07/2008.

The link was changed at ASAP. http://asap.maddoktor2.com/

A lot of places have tried to get the word out, for example,

http://msmvps.com/blogs/harrywaldron/archive/2008/12/16/swi-spyware-info-site-name-has-changed.aspx

http://securityticker.blogspot.com/2008/12/spywareinfo-domain-now-linking-rogues.htmlThanks again. I think I will submit a Digg story about this too.

LoneLurker

2009-02-17, 16:20

Thanks for this discussion and the HELPFUL information.

Has anyone considered Wiki to update this action?

Thanks for reading my poster toasty,