Page 1 of 2 12 LastLast
Results 1 to 10 of 64

Thread: suggestions to spybot

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Guest
    Join Date
    Jun 2008
    Posts
    478

    Default suggestions to spybot

    hi. i have some suggestions to spybot, i can see that i have 11 hostsfile backups in the hostsfile folder, maybe they can be removed by spybot so we dont have to do that manually because the folder is just growing and growing and some people maybe dont know the folder is growing, i mean it is just necessary to have just one backup.

    the other one is that maybe the installation wizard can ask if you want to disable the dnsclient to avoid slow browsing speed, maybe someone dont understand why their browsing is a bit slower than before. and it have been great to have a hostsfile server to serve up images or empty images to make the browsing even faster, and to avoid to having to hit the backbutton in the browser several times to get back to where people was, but that happenes only sometimes and mostly when a ad or something is blocked on the site they are visiting, maybe you should link to hostsman wich has a hostsserver and is able to download other hostsfiles and then we just merge spybots hostsfile to the others, that will be even more protection than we had before. i use hphosts and mvpshosts together with the spybot hostsfile and almost never see ads and other annoyances.

    its sad to see poor test results by spybot on the calendarofupdates site made by donna, but i love spybot anyway and will never stop using it, and i hope that all the tools and immunize will never be removed from spybot

    and maybe the logs should be not only in the advanced mode, but in the standard mode, to be easy for newbies to delete them when they are not needed anymore, to avoid the growing of the logs endlessly.

    is it safe to remove the usage tracks found by spybot?

    maybe you should go together with the makers of hphosts, mvpshosts, hostsman, spywareblaster, ccleaner and an antivirus to make a powerfull security suite

  2. #2
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    Quote Originally Posted by blues View Post
    its sad to see poor test results by spybot on the calendarofupdates site made by donna, but i love spybot anyway and will never stop using it, and i hope that all the tools and immunize will never be removed from spybot
    This is because Spybot scans specifically for certain entries. Spybot however, does not function like AV... it does detect trojans, malware, spyware, keyloggers, bots, and some rookits. But it does not detect viruses.

    However, compared to SAS and A-squared they have a vast database, enabling the user to scan with 'Smart' scan or a 'Deep' scan.
    --
    Quote Originally Posted by blues View Post
    and maybe the logs should be not only in the advanced mode, but in the standard mode, to be easy for newbies to delete them when they are not needed anymore, to avoid the growing of the logs endlessly.
    Your post should have been posted in the SUGGESTIONS forum, as these features are suggested by users to be added into future Spybot versions.
    --
    Quote Originally Posted by blues View Post
    hey are not needed anymore, to avoid the growing of the logs endlessly.

    is it safe to remove the usage tracks found by spybot?

    maybe you should go together with the makers of hphosts, mvpshosts, hostsman, spywareblaster, ccleaner and an antivirus to make a powerfull security suite
    This would depend on what the trackage is. If it is tracking cookies, then it would safe to remove. You can also clear the cookies, cache, and temp. files once in a while manually.

    As for the integrated Security, I honestly don't think that SaferNetworking will do that. AV's, CCleaner, Javacool, and MVPHosts are separate companies who do their own work and create their own software.

  3. #3
    Guest
    Join Date
    Jun 2008
    Posts
    478

    Default

    i asked about usage tracks because it seemed like spybot finds registry entries and tracks in the registry, and i saw a thread here today about that registry cleaners was not recommended and was because of that worried to delete what spybot finds.

    i didnt mean that spybot was no good, sorry if i seemed to mean that as i have read about spybot it is mostly scanning the registry to see if there is malware on the computer, and that explained why i almost never hear or see disc activity, but maybe i have misunderstood.

    i like this forum and is reading here everyday

  4. #4
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    Hm. It's okay.

    You don't see Spybot's scanning activity? When you do a scan, Spybot shows your the progress and if there are any found entries.

    Can you give some examples of the entries Spybot found? Like what name of the "user trackage".

  5. #5
    Guest
    Join Date
    Jun 2008
    Posts
    478

    Default

    yes i see the progress bar.

    this is what spybot found: almost all are usage tracks.


    --- Report generated: 2008-06-26 20:02 ---

    Microsoft.Windows.RedirectedHosts: [SBI $97C2C277] Omdirigert vert (Omdirigert vert, nothing done)
    www.experts-exchange.com=127.0.0.1

    Microsoft.Windows.RedirectedHosts: [SBI $926098F7] Omdirigert vert (Omdirigert vert, nothing done)
    experts-exchange.com=127.0.0.1

    Microsoft.Windows.RedirectedHosts: [SBI $C1DEB1AF] Omdirigert vert (Omdirigert vert, nothing done)
    ask.com=127.0.0.1

    Microsoft.Windows.RedirectedHosts: [SBI $25161DD4] Omdirigert vert (Omdirigert vert, nothing done)
    www.ask.com=127.0.0.1

    Log: Activity: SchedLgU.Txt (Backup fil, nothing done)
    C:\WINDOWS\SchedLgU.Txt

    Log: Activity: imsins.log (Backup fil, nothing done)
    C:\WINDOWS\imsins.log

    Log: Install: comsetup.log (Backup fil, nothing done)
    C:\WINDOWS\comsetup.log

    Log: Install: ocgen.log (Backup fil, nothing done)
    C:\WINDOWS\ocgen.log

    Log: Install: setupact.log (Backup fil, nothing done)
    C:\WINDOWS\setupact.log

    Log: Shutdown: System32\wbem\logs\wbemess.lo_ (Backup fil, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemess.lo_

    Log: Shutdown: System32\wbem\logs\wbemess.log (Backup fil, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemess.log

    Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup fil, nothing done)
    C:\WINDOWS\System32\wbem\logs\wmiprov.log

    Ahead Nero Burning Rom: [SBI $F3FD92E9] Working directory (Registerendring, nothing done)
    HKEY_USERS\S-1-5-21-329068152-789336058-1343024091-1003\Software\Ahead\Nero - Burning Rom\Settings\WorkingDir

    Internet Explorer: [SBI $FF589D0C] Download directory (Registerendring, nothing done)
    HKEY_USERS\S-1-5-21-329068152-789336058-1343024091-1003\Software\Microsoft\Internet Explorer\Download Directory

    MS Management Console: [SBI $ECD50EAD] Recent command list (2 filer) (Registernøkkel, nothing done)
    HKEY_USERS\S-1-5-21-329068152-789336058-1343024091-1003\Software\Microsoft\Microsoft Management Console\Recent File List

    MS Direct3D: [SBI $7FB7B83F] Most recent application (Registerendring, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registerendring, nothing done)
    HKEY_USERS\S-1-5-21-329068152-789336058-1343024091-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registerendring, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    Windows Explorer: [SBI $2026AFB6] User Assistant history IE (5 filer) (Registernøkkel, nothing done)
    HKEY_USERS\S-1-5-21-329068152-789336058-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

    Windows Explorer: [SBI $6107D172] User Assistant history files (51 filer) (Registernøkkel, nothing done)
    HKEY_USERS\S-1-5-21-329068152-789336058-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

    WinRAR: [SBI $B510882E] Extraction directory history (1 filer) (Registernøkkel, nothing done)
    HKEY_USERS\S-1-5-21-329068152-789336058-1343024091-1003\Software\WinRAR\DialogEditHistory\ExtrPath

    Cookie: [SBI $49804B54] Cookie (42) (Cookie, nothing done)


    Cache: [SBI $49804B54] Cache (4565) (Cache, nothing done)


    History: [SBI $49804B54] Historie (538) (Historie, nothing done)



    --- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---

    2008-01-28 blindman.exe (1.0.0.7)
    2008-01-28 SDDelFile.exe (1.0.2.4)
    2008-01-28 SDMain.exe (1.0.0.5)
    2007-10-07 SDShred.exe (1.0.1.2)
    2008-01-28 SDUpdate.exe (1.0.8.8)
    2008-01-28 SDWinSec.exe (1.0.0.11)
    2008-01-28 SpybotSD.exe (1.5.2.20)
    2008-01-28 TeaTimer.exe (1.5.2.16)
    2008-05-26 unins000.exe (51.49.0.0)
    2008-01-28 Update.exe (1.4.0.6)
    2008-01-28 advcheck.dll (1.5.4.5)
    2007-04-02 aports.dll (2.1.0.0)
    2007-11-17 DelZip179.dll (1.79.7.4)
    2008-01-28 SDFiles.dll (1.5.1.19)
    2008-01-28 SDHelper.dll (1.5.0.11)
    2008-01-28 Tools.dll (2.1.3.3)
    2008-06-17 Includes\Adware.sbi (*)
    2008-06-18 Includes\AdwareC.sbi (*)
    2008-06-03 Includes\Cookies.sbi (*)
    2008-06-03 Includes\Dialer.sbi (*)
    2008-06-24 Includes\DialerC.sbi (*)
    2008-06-03 Includes\HeavyDuty.sbi (*)
    2008-06-16 Includes\Hijackers.sbi (*)
    2008-06-17 Includes\HijackersC.sbi (*)
    2008-06-25 Includes\Keyloggers.sbi (*)
    2008-06-24 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2008-06-24 Includes\Malware.sbi (*)
    2008-06-24 Includes\MalwareC.sbi (*)
    2008-06-17 Includes\PUPS.sbi (*)
    2008-06-24 Includes\PUPSC.sbi (*)
    2007-11-07 Includes\Revision.sbi (*)
    2008-06-10 Includes\Security.sbi (*)
    2008-06-18 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2008-06-17 Includes\Spyware.sbi (*)
    2008-06-17 Includes\SpywareC.sbi (*)
    2008-06-03 Includes\Tracks.uti (*)
    2008-06-24 Includes\Trojans.sbi (*)
    2008-06-25 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll

    this comes from hphosts and i just ignore the entries experts-exchange.com and ask.com

    when they recommend to not use registry cleaners in this forum then i am unsure if i should delete the usagetracks because almost everything found is in the registry. i have used glary utilities one time, and that corrupted one of my programs.

  6. #6
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    Ooof. I'm not specialized in these areas *chuckle .

    However, I see there there was a HOSTS redirection...

    Check your IE homepage. What is it?

  7. #7
    Junior Member
    Join Date
    Jul 2008
    Posts
    1

    Default xmlwin.dll (downloader mislead.app)

    Hello,
    this program xmlwin.dll is an dangerous adware.It adds a registry key to windows registry,and every time you open your win explorer,it open a warning message and redirect you to an antivirus website.Please add it to your database.
    if you are infected with it, remove this file and key manually :

    Infection:
    c:\windows\system32\xmlwin.dll
    Browser Cache
    Registry:
    HKEY_CLASSES_ROOT\CLSID\{B1892F58-1116-4DEC-92AA-577872EC3D3D}
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B1892F58-1116-4DEC-92AA-577872EC3D3D}


    thank you

  8. #8
    Guest
    Join Date
    Jun 2008
    Posts
    478

    Default

    Quote Originally Posted by elshorbagy View Post
    Hello,
    this program xmlwin.dll is an dangerous adware.It adds a registry key to windows registry,and every time you open your win explorer,it open a warning message and redirect you to an antivirus website.Please add it to your database.
    if you are infected with it, remove this file and key manually :

    Infection:
    c:\windows\system32\xmlwin.dll
    Browser Cache
    Registry:
    HKEY_CLASSES_ROOT\CLSID\{B1892F58-1116-4DEC-92AA-577872EC3D3D}
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B1892F58-1116-4DEC-92AA-577872EC3D3D}


    thank you
    if it isnt detected by spybot you should submit it, look at this: http://forums.spybot.info/showthread.php?t=1699

  9. #9
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    I recall that either it was SmitFraud or Zlob that redirects you to those "misleading" sites and changes the HOSTS file so the user cannot access security websites. But I'm sure that SmitFraud bombards the user's desktop with pop-ups.

    blues, I would suggest fixing the entries with HiJack This, unless you are really sure what you're doing.

    I don't think it can be a malware intervening with the display, so save the time in the Malware Forums.

    I think the drivers may be a problem. Yes, it's tedious but it's worth your time. 'Better safe than sorry' (like go the extra step). Microsoft Updates/Windows Update offers driver updates for your display card, modem, and sound drivers. You should definitely check it out.

    Confirm the source of Windows XP SP2. Was it from Windows Update?

  10. #10
    Guest
    Join Date
    Jun 2008
    Posts
    478

    Default

    Quote Originally Posted by drragostea View Post
    I recall that either it was SmitFraud or Zlob that redirects you to those "misleading" sites and changes the HOSTS file so the user cannot access security websites. But I'm sure that SmitFraud bombards the user's desktop with pop-ups.

    blues, I would suggest fixing the entries with HiJack This, unless you are really sure what you're doing.

    I don't think it can be a malware intervening with the display, so save the time in the Malware Forums.

    I think the drivers may be a problem. Yes, it's tedious but it's worth your time. 'Better safe than sorry' (like go the extra step). Microsoft Updates/Windows Update offers driver updates for your display card, modem, and sound drivers. You should definitely check it out.

    Confirm the source of Windows XP SP2. Was it from Windows Update?
    the display driver on the toshiba page is the same as the one i has on my cd, i have tried it and found that out. the other newer drivers for other things on the computer hasnt fixed the problem. toshiba wont update the drivers for my computer anymore because they have put them in their archives. i have got sp2 from windows update. the only driver microsoft update/windows update have is for my network card. i should download the newer drivers from toshiba again but it wont help me because i have tried exactly that drivers before.

    the only thing microsoft update has is microsoft silverlight and exactly the same network card driver that toshiba have, but no sites that i know about use silverlight, but downloading silverlight wont fix my problem. silverlight is such a thing like flash i think.

    i wont damage my computer by fixing the hijackthis entries when i dont know what it is. i think it isnt allowed to post my hijackthis log here, but doing that would help me. is it allowed? what should i do with this? two of the entries does belong to something i have had on the computer before, but i dont know if i should fix that ones. it isnt malware. the other entries i dont know what is.

    i succesfully removed a chinese toolbar with hijackthis some years ago, the entry i found couldnt be other thing other than the toolbar. the toolbar installed through an exploit i think. i have just some little knowledge what to fix with hijackthis.

    is it really necessary to download the drivers? do you use to download new drivers?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •