Results 1 to 10 of 14

Thread: Installed Spybot but what the hell did it do?

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member
    Join Date
    Apr 2013
    Posts
    6

    Exclamation Installed Spybot but what the hell did it do?

    Installed Spybot but what the hell did it do?

    Hello, sorry i couldnt come up with a better title :(
    But thing is this: I installed spybot 2, and let it do its work with nothing touched!

    And although im very carefull with my computer (work with it) it did found a babylon directory, and some other things...it thought it needed looking into. (no dangerous stuff)

    So as the items were selected i clicked fix and that was that.....I did the full scan again....and noticed it took a long time practically eating up most CPU at some moments up to 99%.

    Dinner was ready, came back ...only to see a message on my screen that i had to hit a key and choose a drive device...whatever...
    I was surprised cause i had no clue where it came from.

    And as far as i can tell its caused by spybot because of the resources it uses and then quits at 100% CPU.

    Then today, it seems spybot does things on its own cause when i was not at computer and came back, same screen...that i had to hit a key and choose a drive device..

    But i cant from that moment, i can only shutdown, turn on and hit F12 and pick the HD device, and then all is fine.

    I just downloaded upgrade of norton 360, restarted, the same thing...

    My question is, before even installing spybot my computer was fine,runs great, no weird screens.

    Why do i have to reboot, hit F12 to even get into my computer...

    See attachment....

  2. #2
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,165

    Default

    Could you find the Checks logfile from the scan right before this started happening?
    The location of the Spybot log files are in one of these locations,depending on your operating system:
    XP:
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs
    Windows Vista and Windows 7:
    C:\ProgramData\Spybot - Search & Destroy\Logs

    The Checks log is dated,so you should be able to find the results of the scan right before you had to choose a drive,etc. on your computer
    It is in this format:
    Checks.yymmdd-hhmm

    If unable to see ProgramData or Application Data,please show hidden files and folders:
    http://www.bleepingcomputer.com/tuto...utorial62.html

    And what is your laptop,a Dell,an Acer,etc?
    And your operating system?

    I can't find any results online of anybody else getting this message:
    "hit a key and choose a drive device"
    Would it be saying hit any key,or a key in particular,etc.?

  3. #3
    Junior Member
    Join Date
    Apr 2013
    Posts
    6

    Default

    Hello,

    Im on a acer aspire ax5900 , win7 upgraded to win8.
    The error shown in windows error event log is kernel -power. thats probably the problem...as spybot took so many resources that it shut down to protect. But i dont understand the text i get to hit a key or pick a device....cause its a text and nothing works...
    I just rebooted, hit F12 and i got the screen to pick the HD, thats it...

    Before installing spybot, the machine runs great...so why use spybot?
    Thought it couldnt hurt....or can it?

    Search results from Spybot - Search & Destroy

    15-4-2013 23:03:32
    Scan took 00:19:18.
    59 items found.

    Babylon.Toolbar: [SBI $DEB52F26] Program directory (Directory, nothing done)
    C:\ProgramData\Babylon\

    Babylon.Toolbar: [SBI $DEB52F26] Program directory (Directory, nothing done)
    C:\Users\mycomputer\AppData\Roaming\Babylon\
    Directory.subfile=C:\Users\mycomputer\AppData\Roaming\Babylon\log_file.txt
    Directory.subfile.size=7617
    Directory.subfile.md5=C30020B51F5C6C8108CA38841BBF7758
    Directory.subfile.filedate=1351522826
    Directory.subfile.filedatetext=2012-10-29 17:00:25

    Babylon.Toolbar: [SBI $0DBCD782] Data (File, nothing done)
    C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
    Properties.size=6520
    Properties.md5=DA159A3F8841C40625B4F13580C0BA89
    Properties.filedate=1351522811
    Properties.filedatetext=2012-10-29 17:00:10

    Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
    C:\Users\mycomputer\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\R98QGDNQ\skype.com\#ui\preferences.sol
    Properties.size=201
    Properties.md5=A73FB6D9DBA3F3A9F4F45FA1DB89F3FE
    Properties.filedate=1366019262
    Properties.filedatetext=2013-04-15 11:47:41

    DoubleClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (User): mycomputer) (Browser: Cookie, nothing done)


    Log: [SBI $8E73A7FB] Install: setupact.log (File, nothing done)
    C:\Windows\setupact.log
    Properties.size=81840
    Properties.md5=5FF35695AC8BFD4BAEAA7FD3E09450C4
    Properties.filedate=1365946008
    Properties.filedatetext=2013-04-14 15:26:47

    dBpowerAMP: [SBI $27FCE0CA] Last used codec (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Illustrate\dBpowerAMP\dMCLastCodec

    dBpowerAMP: [SBI $E0ADCCD2] Last conversion folder #0 (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Illustrate\dBpowerAMP\dMCLastFolder0

    dBpowerAMP: [SBI $16A3FAEB] Last conversion folder #1 (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Illustrate\dBpowerAMP\dMCLastFolder1

    dBpowerAMP: [SBI $D7C0A6E1] Last conversion folder #2 (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Illustrate\dBpowerAMP\dMCLastFolder2

    dBpowerAMP: [SBI $21CE90D8] Last conversion folder #3 (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Illustrate\dBpowerAMP\dMCLastFolder3

    dBpowerAMP: [SBI $760418D8] Last MP3 user folder (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Illustrate\dBpowerAMP\dMCCodec\Mp3 (Lame)\DMCUserFolderStr

    dBpowerAMP: [SBI $10A7204A] Last Wave user folder (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Illustrate\dBpowerAMP\dMCCodec\Wave\DMCUserFolderStr

    Gabest Media Player Classic: [SBI $E81D76E1] Last captured file (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Gabest\Media Player Classic\Capture\FileName

    Gabest Media Player Classic: [SBI $A8B11633] Recent file list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Gabest\Media Player Classic\Recent File List

    Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Internet Explorer\TypedURLs

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    MS Expression Web Designer 12.0: [SBI $530A76FF] Last Opened Web (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Expression\Web Designer\12.0\LastWebOpen

    MS Expression Web Designer 12.0: [SBI $DF38D6DC] Recent File List (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Expression\Web Designer\12.0\Recent File List

    MS Expression Web Designer 12.0: [SBI $9F31CD06] Recent Page List (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Expression\Web Designer\12.0\Recent Page List

    MS Expression Web Designer 12.0: [SBI $2C4F8079] Recent Web List (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Expression\Web Designer\12.0\Recent Web List

    MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List

    MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

    Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

    Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

    Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList

    Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

    Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

    Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

    WinRAR: [SBI $A59A1C0A] Recent exe file list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\WinRAR\DialogEditHistory\ArcName

    WinZip: [SBI $669C1037] Default directory (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Nico Mak Computing\WinZip\directories\DefDir

    WinZip: [SBI $1FCFAF16] Default directory (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Nico Mak Computing\WinZip\directories\zDefDir

    WinZip: [SBI $E95B93ED] Add files directory (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Nico Mak Computing\WinZip\directories\AddDir

    WinZip: [SBI $FF613757] Destination directory (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Nico Mak Computing\WinZip\directories\ExtractTo

    WinZip: [SBI $9EC1EAC6] Add files directory (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Nico Mak Computing\WinZip\directories\gzAddDir

    WinZip: [SBI $214A5C12] Destination directory (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-313990734-577314730-737773676-1001\Software\Nico Mak Computing\WinZip\directories\gzExtractTo

    Cookie: [SBI $49804B54] Browser: Cookie (39) (Browser: Cookie, nothing done)


    Cache: [SBI $49804B54] Browser: Cache (39) (Browser: Cache, nothing done)


    History: [SBI $49804B54] Browser: History (447) (Browser: History, nothing done)


    Cookie: [SBI $49804B54] Browser: Cookie (14) (Browser: Cookie, nothing done)



    --- Spybot - Search & Destroy version: 2.0.12.131 DLL (build: 20121113) ---

    2012-11-13 blindman.exe (2.0.12.151)
    2012-11-13 explorer.exe (2.0.12.173)
    2012-11-13 SDBootCD.exe (2.0.12.109)
    2012-11-13 SDCleaner.exe (2.0.12.110)
    2012-11-13 SDDelFile.exe (2.0.12.94)
    2012-11-13 SDFiles.exe (2.0.12.135)
    2012-11-13 SDFileScanHelper.exe (2.0.12.1)
    2012-11-13 SDFSSvc.exe (2.0.12.205)
    2012-11-13 SDImmunize.exe (2.0.12.130)
    2012-11-13 SDLogReport.exe (2.0.12.107)
    2012-11-13 SDPESetup.exe (2.0.12.3)
    2012-11-13 SDPEStart.exe (2.0.12.86)
    2012-11-13 SDPhoneScan.exe (2.0.12.27)
    2012-11-13 SDPRE.exe (2.0.12.13)
    2012-11-13 SDPrepPos.exe (2.0.12.10)
    2012-11-13 SDQuarantine.exe (2.0.12.103)
    2012-11-13 SDRootAlyzer.exe (2.0.12.116)
    2012-11-13 SDSBIEdit.exe (2.0.12.39)
    2012-11-13 SDScan.exe (2.0.12.173)
    2012-11-13 SDScript.exe (2.0.12.53)
    2012-11-13 SDSettings.exe (2.0.12.130)
    2012-11-13 SDShred.exe (2.0.12.105)
    2012-11-13 SDSysRepair.exe (2.0.12.101)
    2012-11-13 SDTools.exe (2.0.12.150)
    2012-11-13 SDTray.exe (2.0.12.127)
    2012-11-13 SDUpdate.exe (2.0.12.89)
    2012-11-13 SDUpdSvc.exe (2.0.12.76)
    2012-11-13 SDWelcome.exe (2.0.12.126)
    2012-11-13 SDWSCSvc.exe (2.0.12.2)
    2013-04-15 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
    2012-11-13 SDECon32.dll (2.0.12.113)
    2012-11-13 SDECon64.dll (2.0.12.113)
    2012-11-13 SDEvents.dll (2.0.12.2)
    2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
    2012-11-13 SDHelper.dll (2.0.12.88)
    2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
    2012-11-13 SDLists.dll (2.0.12.4)
    2012-11-13 SDResources.dll (2.0.12.7)
    2012-11-13 SDScanLibrary.dll (2.0.12.131)
    2012-11-13 SDTasks.dll (2.0.12.15)
    2012-11-13 SDWinLogon.dll (2.0.12.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2012-11-13 Tools.dll (2.0.12.36)
    2012-11-13 UninsSrv.dll (2.0.12.52)
    2012-12-18 Includes\Adware.sbi (*)
    2013-04-09 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2012-11-14 Includes\Dialer.sbi (*)
    2012-11-14 Includes\DialerC.sbi (*)
    2012-11-14 Includes\HeavyDuty.sbi (*)
    2012-11-14 Includes\Hijackers.sbi (*)
    2012-11-14 Includes\HijackersC.sbi (*)
    2012-11-14 Includes\iPhone.sbi (*)
    2012-11-14 Includes\Keyloggers.sbi (*)
    2012-12-18 Includes\KeyloggersC.sbi (*)
    2012-11-21 Includes\Malware.sbi (*)
    2013-04-09 Includes\MalwareC.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2013-04-09 Includes\PUPSC.sbi (*)
    2012-11-14 Includes\Security.sbi (*)
    2012-11-14 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2013-04-09 Includes\Spyware.sbi (*)
    2013-04-09 Includes\SpywareC.sbi (*)
    2011-06-07 Includes\Tracks.sbi (*)
    2012-11-19 Includes\Tracks.uti (*)
    2013-01-16 Includes\Trojans.sbi (*)
    2013-03-19 Includes\TrojansC-02.sbi (*)
    2013-04-09 Includes\TrojansC-03.sbi (*)
    2013-03-14 Includes\TrojansC-04.sbi (*)
    2012-11-14 Includes\TrojansC-05.sbi (*)
    2013-03-01 Includes\TrojansC.sbi (*)

  4. #4
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,165

    Default

    Hi,there.Thanks for posting your logfile,laptop,etc.
    No results on hit a key or pick a device except for the both of us.
    http://tinyurl.com/bur4fss

    I did find similar,though.Would the text you are seeing at first be?:
    "Reboot and Select proper Boot device or Insert Boot Media in selected Boot device and press a key"

  5. #5
    Junior Member
    Join Date
    Apr 2013
    Posts
    6

    Default

    Hello,

    It could be....im not sure but it comes close....
    So...should i uninstall it?
    Or leave it for now....

    Does it scan by itself?

  6. #6
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,165

    Default

    Ok,thank you.

    Yes,it does.Spybot should have a task set to scan,but it should only run on the first day of each month,so it should not run a scan right now.

    Your attachment,is that the boot screen that comes up when you press F12?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •