I did a scan and fixed under my login. When my daughter logged on right after, and we rescanned, there were many issues. Normal? Did I miss something in the scan setup, or are you supposed to scan each user?
Thanks
I did a scan and fixed under my login. When my daughter logged on right after, and we rescanned, there were many issues. Normal? Did I miss something in the scan setup, or are you supposed to scan each user?
Thanks
Fiveskiers:
I assume that you are running under a Windows operating system that allows multiple such as Windows XP. If you run a Spybot scan under any "Computer administrator" account, the entire system is scanned for most malware, however, due to restrictions in the Microsoft APIs (Application Program Interfaces) used by Spybot, the scan from one account does not include the Internet cache, cookies and some other user specific entries of other accounts.
Since a scan from a second "Computer administrator" account normally only picks up problems such as "Tracking cookies" (which are minor problems), it would be helpful if you detailed what problems ("issues") were detected when "… we rescanned, there were many issues". To do that:
- Run another scan.
- When the scan completes, right click on the results list, select "Copy results to clipboard".
- Then paste (Ctrl+V) those results to a new post in this thread.
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
This is a copy of the scan for one user. I will fix, scan second user and post it soon. ThanksDoubleClick:
Tracking cookie (Internet Explorer: Andrew Hochkammer) (Cookie, nothing done)
Avenue A, Inc.: Tracking cookie (Internet Explorer: Andrew Hochkammer) (Cookie, nothing done)
Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt
Log: Activity: imsins.log (Backup file, nothing done)
C:\WINDOWS\imsins.log
Log: Install: comsetup.log (Backup file, nothing done)
C:\WINDOWS\comsetup.log
Log: Install: ocgen.log (Backup file, nothing done)
C:\WINDOWS\ocgen.log
Log: Install: setupapi.log (Backup file, nothing done)
C:\WINDOWS\setupapi.log
Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log
Log: Shutdown: System32\wbem\logs\wbemess.lo_ (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.lo_
Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log
Log: Shutdown: System32\wbem\logs\wbemprox.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log
Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log
Cookie: Cookie (15) (Cookie, nothing done)
Cache: Cache (688) (Cache, nothing done)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-05-03 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-04-18 advcheck.dll (1.5.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-05-02 Includes\Cookies.sbi
2006-12-08 Includes\Dialer.sbi
2007-05-02 Includes\DialerC.sbi
2007-04-04 Includes\Hijackers.sbi
2007-05-02 Includes\HijackersC.sbi
2006-10-27 Includes\Keyloggers.sbi
2007-05-02 Includes\KeyloggersC.sbi
2007-03-21 Includes\Malware.sbi
2007-05-02 Includes\MalwareC.sbi
2007-03-21 Includes\PUPS.sbi
2007-05-02 Includes\PUPSC.sbi
2007-05-02 Includes\Revision.sbi
2006-12-08 Includes\Security.sbi
2007-05-02 Includes\SecurityC.sbi
2007-03-21 Includes\Spybots.sbi
2007-05-02 Includes\SpybotsC.sbi
2005-02-17 Includes\Tracks.uti
2007-05-02 Includes\Trojans.sbi
2007-05-02 Includes\TrojansC.sbi
Here is the scan for the the second user. Just to let you know, I scanned and fixed each user 2 days ago. Still get tons of popups. Also, McAfee pops up often saying it removed the trojan Vundo.dll Thanks Again
BlackCore: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
AdRevolver: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
FastClick: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
CasaleMedia: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
Zedo: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
DoubleClick: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
Statcounter: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
TargetNet: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
Avenue A, Inc.: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
MediaPlex: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
Advertising.com: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
WebTrends live: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
TagASaurus: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
AdRevolver: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
FastClick: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
MalwareAlarm: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
Smitfraud-C.Toolbar888: Tracking cookie (Internet Explorer: Amanda Hochkammer) (Cookie, nothing done)
Common Dialogs: History (12 files) (Registry key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt
Log: Activity: imsins.log (Backup file, nothing done)
C:\WINDOWS\imsins.log
Log: Install: comsetup.log (Backup file, nothing done)
C:\WINDOWS\comsetup.log
Log: Install: ocgen.log (Backup file, nothing done)
C:\WINDOWS\ocgen.log
Log: Install: setupapi.log (Backup file, nothing done)
C:\WINDOWS\setupapi.log
Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log
Log: Shutdown: System32\wbem\logs\wbemess.lo_ (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.lo_
Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log
Log: Shutdown: System32\wbem\logs\wbemprox.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log
Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log
Cookie: Cookie (109) (Cookie, nothing done)
Cache: Cache (1956) (Cache, nothing done)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-05-03 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-04-18 advcheck.dll (1.5.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-05-02 Includes\Cookies.sbi
2006-12-08 Includes\Dialer.sbi
2007-05-02 Includes\DialerC.sbi
2007-04-04 Includes\Hijackers.sbi
2007-05-02 Includes\HijackersC.sbi
2006-10-27 Includes\Keyloggers.sbi
2007-05-02 Includes\KeyloggersC.sbi
2007-03-21 Includes\Malware.sbi
2007-05-02 Includes\MalwareC.sbi
2007-03-21 Includes\PUPS.sbi
2007-05-02 Includes\PUPSC.sbi
2007-05-02 Includes\Revision.sbi
2006-12-08 Includes\Security.sbi
2007-05-02 Includes\SecurityC.sbi
2007-03-21 Includes\Spybots.sbi
2007-05-02 Includes\SpybotsC.sbi
2005-02-17 Includes\Tracks.uti
2007-05-02 Includes\Trojans.sbi
2007-05-02 Includes\TrojansC.sbi
Besides usage tracks the only problems listed are Tracking Cookies.
In Internet Explorer you can block the same Tracking Cookies that Spybot detects by enabling Spybot's Browser Helper Object (BHO). To do this go into Spybot-S&D > Immunize. Look in the last section labeled "Permanently running bad download blocker for Internet Explorer". Check the following:
- Enable permanent blocking of bad addresses in Internet Explorer
There is another way to prevent the storing of Tracking Cookies in Internet Explorer (even those not blocked by Spybot's resident BHO) as well as the storing of Tracking Cookies in other WEB browsers. See:
- Why do other anti-spyware applications detect so many more tracking cookies?
http://www.safer-networking.org/inde...=faq&detail=37
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
Thanks for looking. Is it possible then that spybot is not seeing the problem. Because I'm getting massive popups (malwarealarm, winpro...?, and some others), super slow and browser redirects.
Thanks
The only thing that I can suggest is that you consider posting in the Malware Removal forum and having someone take a look at your system. Follow the instructions here:
- "BEFORE you POST" Mandatory Steps Before Requesting Assistance.
http://forums.spybot.info/showthread.php?t=288
After completing those steps, start a new thread (topic) in the following forum (making sure to include the HijackThis log and online scan logs produced from the instructions above):
- Malware Removal
http://forums.spybot.info/forumdisplay.php?f=22
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
Thanks for your help. If anyone wants to follow, heres the new title in Malware Removal.
very slow, popups, winantivirus pro, malware alarm, vundo
The link to the thread is:
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.