• Welcome Guest, to the Spybot Forums! It's 2025, and we just upgraded our forum software.

    Today is Safer Internet Day, and with our new forum, you can finally use passkeys to login. That was about time!

    Of course, you could ask if a forum is still useful, with so many social media networks out there where you might already have an account, and met a lot of users. You can now use your login from some of those networks to log in here. And by posting here, your question and data is stored on our servers and not automatically shared with a whole social media network.

    We'll also start using the forum for small bits of information, announcements and more again.

Spybot results

B

Benzmum

New member
I did my weekly Spybot scan and got the following results:
Avenue A, Inc.: Tracking cookie (Internet Explorer: Owner) (Cookie, nothing done)


Common Dialogs: History (342 files) (Registry key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt

Log: Activity: imsins.log (Backup file, nothing done)
C:\WINDOWS\imsins.log

Log: Activity: OEWABLog.txt (Backup file, nothing done)
C:\WINDOWS\OEWABLog.txt

Log: Activity: ntbtlog.txt (Backup file, nothing done)
C:\WINDOWS\ntbtlog.txt

Log: Install: comsetup.log (Backup file, nothing done)
C:\WINDOWS\comsetup.log

Log: Install: Directx.log (Backup file, nothing done)
C:\WINDOWS\Directx.log

Log: Install: ocgen.log (Backup file, nothing done)
C:\WINDOWS\ocgen.log

Log: Install: setupact.log (Backup file, nothing done)
C:\WINDOWS\setupact.log

Log: Install: setupapi.log (Backup file, nothing done)
C:\WINDOWS\setupapi.log

Log: Install: setuperr.log (Backup file, nothing done)
C:\WINDOWS\setuperr.log

Log: Install: setuplog.txt (Backup file, nothing done)
C:\WINDOWS\setuplog.txt

Log: Install: svcpack.log (Backup file, nothing done)
C:\WINDOWS\svcpack.log

Log: Install: wmsetup.log (Backup file, nothing done)
C:\WINDOWS\wmsetup.log

Log: Install: DtcInstall.log (Backup file, nothing done)
C:\WINDOWS\DtcInstall.log

Log: Shutdown: System32\wbem\logs\mofcomp.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\mofcomp.log

Log: Shutdown: System32\wbem\logs\setup.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\setup.log

Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log

Log: Shutdown: System32\wbem\logs\wbemess.lo_ (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.lo_

Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wbemprox.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log

Log: Shutdown: System32\wbem\logs\wbemsnmp.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemsnmp.log

Log: Shutdown: System32\wbem\logs\winmgmt.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\winmgmt.log

Log: Shutdown: System32\wbem\logs\wmiadap.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiadap.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

Cookie: Cookie (100) (Cookie, nothing done)


Cache: Cache (143) (Cache, nothing done)


Cookie: Cookie (1) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-06-18 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-12-15 Includes\Cookies.sbi
2006-12-08 Includes\Dialer.sbi
2006-12-15 Includes\DialerC.sbi
2006-11-24 Includes\Hijackers.sbi
2006-12-15 Includes\HijackersC.sbi
2006-10-27 Includes\Keyloggers.sbi
2006-12-15 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2006-12-15 Includes\Malware.sbi
2006-12-15 Includes\MalwareC.sbi
2006-10-20 Includes\PUPS.sbi
2006-12-15 Includes\PUPSC.sbi
2006-12-15 Includes\Revision.sbi
2006-12-08 Includes\Security.sbi
2006-12-15 Includes\SecurityC.sbi
2006-10-13 Includes\Spybots.sbi
2006-12-15 Includes\SpybotsC.sbi
2005-02-17 Includes\Tracks.uti
2006-12-08 Includes\Trojans.sbi
2006-12-15 Includes\TrojansC.sbi

I normally get no threats. In the past week I downloaded and installed IE 7, and was a bit confused about secure settings. I did set 3rd party cookies to block.

Can someone make head or tails of the above? Here's a Hijackthis log too, if that helps: Removed.
 
Last edited by a moderator:
It appears that you received one tracking cookie, Avenue A, Inc., and also scanned for useage tracks.

Was everything besides the "Avenue A, Inc.: Tracking cookie" in green? Do you normally scan for useage tracks?
 
Last edited:
Tracking cookies

Thanks for responding. Avenue A was in red, and the others were in green. I don't know how to set my scan to look for "usage tracks." I run search & destroy in what's called Default Mode. I was just surprised to get any problems at all, since this hasn't happened in ages. That's why I thought maybe I didn't have IE 7 set securely.
 
Tracks do come up green.Here's an explanation of them:
http://www.safer-networking.org/en/dictionary/usagetracks.html

If you would like Spybot not to scan for tracks anymore,please open Spybot,click mode up top,then select Advanced Mode(say yes to the prompt.)Then,over to the left,click Settings,then File Sets.Rightclick somewhere in the window to the right,and select Spyware check only.You can return Spybot back to Default Mode,using Mode up top once again.
 
No,you could still scan for tracks if you like,and then look through them and,if you see something in green you don't want Spybot to fix,you could get Spybot to ignore that usage track.There is more about that here:
http://www.safer-networking.org/en/paragraphs/tutorial_exceptions.html
Or,you could just decide not to checkmark any usage tracks you don't want fixed.For example,if you wanted to keep your cookies,then you could leave Cookie unchecked.
If you click on a green entry,and then click the gray button to the right,Spybot sometimes has a description of that particular track.
It also has this at the bottom of each description:

Privacy Statement
Usage tracks allow any user with direct access to your machine to see what files you have worked on recently. If that user is you, those tracks are even a feature. There is no other harm done by usage tracks
Click to expand...
 
Usage tracks

Thanks, Zenobia. That link was helpful. I'll try it out next time I get usage tracks popping up.

Any suggestions as to how to set my privacy and security in IE 7 so I'm at my safest? Wish it was the same as IE 6, because I knew how to set them there. But the features are different in version 7.
 
You're welcome. :)
Yes,there is a little bit here about setting the Internet Zone and Restricted Zone for additional security:
http://www.mvps.org/winhelp2002/restricted.htm#Setting
Also,there is some info here on the features page for Internet Explorer 7,showing what security features are available for IE 7,under the heading Dynamic Security protection:
http://www.microsoft.com/windows/ie/ie7/about/features/default.mspx
If you click Fix My Settings,under that section,it tells you a little bit about how IE 7 will warn you when your settings might put you at risk.

As for the privacy tab,this will show you how to block third-party cookies,if you like:
http://www.spybot.info/en/faq/37.html
 
IE 7 Settings

That's what I needed - thanks very much for all your help, Zenobia. Just one more question: I couldn't find the following on the Advanced tab:

Uncheck: "Install on demand (other)", click Apply/Ok

Is there some other wording for this that I should be looking for?
 
You're welcome. :)
Yes,I don't see "Install on demand (other)" there either.It used to be under the browsing section,I think.
Apparently,Install On Demand was removed from Internet Explorer 7,so you could skip that part.
 
You're welcome.Thanks,I'm having a great Christmas. :D: Hope you're having a Merry Christmas,too. :)
 
Failed fix

Hi Xenobia, or anyone else who can help. I ran Spybot today and found a usage track that couldn't be fixed. I was told I needed to restart with Spybot at startup, which I did a couple of times but the track refused to go. This is the track I found in the green results under Log:

Activity: SchedLgU.Txt C:\WINDOWS\SchedLgU.Txt
It's listed as a Backup file.

Should I be concerned if I can't remove this usage track?

I'm hoping that my results are cleaner next week when I run Spybot, because I've now tightened up my security settings.
 
Hi. :) I used to get that,too.This will explain why SchedLgU.Txt isn't being fixed:
http://www.spybot.info/en/faq/6.html
I always just used to put that into the single ignore list.If you'd like to do that,after the scan,click the plus sign next to the green Log entry.Then
click on the SchedLgU.txt entry with your mouse,so it's highlighted,then rightclick and select Exclude this detection from further searches.
 
Scheduler

What a great resource these forums are! Instead of reinventing the wheel, I get the benefit of your vast experience, Zenobia.:bigthumb:

I think I get it about the Scheduler. II have a weekly reminer in my calendar that says when to manually run Spybot.

Tell me if this is ok: I went to the Scheduler feature in Spybot and selected Remove. As I understand it, the Scheduler will no longer function. Will that remove it from my RAM? I also made a point of Excluding SchedLgU.txt from future scans.
 
Selecting remove in Scheduler in Spybot will remove Spybot's scheduled scan,that you had set up,but it will not disable your task scheduler.Scheduler in Spybot helps you to set up a scheduled scan in Scheduled Tasks,on your computer.You can see Scheduled Tasks if you click Start, click All Programs, point to Accessories, point to System Tools, and then click Scheduled Tasks.

In your case,it sounds as if you were using task scheduler to schedule a scan with Spybot,so I'd suggest leaving task scheduler enabled.Excluding SchedLgU.txt from future scans should be good.hth. :)
 
Scheduler

Well, I didn't have any spybot scan scheduled before, but I did select Remove in the Scheduler. I assume that no harm is done with it like that. I can't see a way to unremove it, except to set up a scan schedule which I don't want to do. And SchedLgU.txt has been excluded.

Found the Scheduled Tasks list, thanks Zenobia. Noticed Symantec's LiveUpdate was still operating, so I disabled it (I'm running avast! now).

Once again, thanks for all your help. I think i'm ok now.
 
Last edited:
Okay,I thought you had a scheduled scan for Spybot set up,where you selected Remove in Spybot's scheduler,sorry about that.That's right,no harm done if you didn't have a scheduled scan for Spybot set up.
You're welcome. :)
 
You must log in or register to reply here.
Back
Top