Results 1 to 3 of 3

Thread: Spybot still showing spyware after attempting to fix, unsure what to do

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member
    Join Date
    Aug 2013
    Location
    PA, USA
    Posts
    2

    Default Spybot still showing spyware after attempting to fix, unsure what to do

    Hey guys. I ran Spybot earlier and noticed that I had quite a few items detected (53). I attempted to "fix" them by clicking on "Show Details", selected all of them, and then hit "Fix Selected". Every one came up with a green check mark next to it after it finished fixing them. However, I did another scan later just to be sure I didn't miss anything or forget to check any of them off before I hit the fix button, etc. On the second scan, I found 17 items, some of which were the same from the previous scan. I tried to fix them again, and out of curiosity, did another scan, which again came up with 17 items. That lead me to the conclusion that whatever I was doing wasn't actually fixing the issues.

    To get the results as accurate as possible, I'm posting/attaching a log of the 4th scan where I did not do any fixes after it finished. I'm mostly just looking to find out what I need to remove and what can be left alone/is a false positive. If there are things I need to remove, I'd also appreciate some help on how to actually remove them instead of just "fixing" them (or what Spybot calls fixing, anyway), because that obviously isn't actually getting rid of them if they're still showing up on a later scan.

    If you need any of the previous logs in order to help, please just let me know and I'll get them to you ASAP. I didn't realize I'd need help in getting rid of them, so I didn't even think about not attempting to fix it first. Sorry

    Oh, and I did read the "Before You Post"; however, I'm on Windows 7 64-bit and ERUNT doesn't support that OS, so I'm not sure which program to use to backup my registry. Also, I wasn't clear on whether I needed to run DDS and aswMBR before posting or not. If I need to run those so you can help, just tell me and I'll do that and then edit this post and attach the logs of those.



    Search results from Spybot - Search & Destroy

    8/16/2013 3:13:22 PM
    Scan took 00:24:46.
    17 items found.

    W3i.IQ5.fraud: [SBI $467B1F92] Settings (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-3654640660-319668628-2157615120-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name

    MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-3654640660-319668628-2157615120-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id

    MS DirectInput: [SBI $6533916A] Last mapped application ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-3654640660-319668628-2157615120-1001\Software\Microsoft\DirectInput\MostRecentMapperApplication\ID

    MS DirectInput: [SBI $31B11F6A] Last mapped application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-3654640660-319668628-2157615120-1001\Software\Microsoft\DirectInput\MostRecentMapperApplication\Name

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-3654640660-319668628-2157615120-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Cache: [SBI $49804B54] Browser: Cache (3) (Browser: Cache, nothing done)


    History: [SBI $49804B54] Browser: History (5) (Browser: History, nothing done)


    Cookie: [SBI $49804B54] Browser: Cookie (73) (Browser: Cookie, nothing done)



    --- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

    2013-05-16 blindman.exe (2.1.18.151)
    2013-05-16 explorer.exe (2.1.18.177)
    2013-05-16 SDBootCD.exe (2.1.18.109)
    2013-05-16 SDCleaner.exe (2.1.18.110)
    2013-05-16 SDDelFile.exe (2.1.18.94)
    2013-06-18 SDDisableProxy.exe
    2013-05-16 SDFiles.exe (2.1.18.135)
    2013-03-20 SDFileScanHelper.exe (2.1.16.1)
    2013-05-16 SDFSSvc.exe (2.1.18.208)
    2013-05-16 SDHookHelper.exe (2.1.18.2)
    2013-05-16 SDHookInst32.exe (2.1.18.2)
    2013-05-16 SDHookInst64.exe (2.1.18.2)
    2013-05-16 SDImmunize.exe (2.1.18.130)
    2013-05-16 SDLogReport.exe (2.1.18.107)
    2013-05-16 SDOnAccess.exe (2.1.18.4)
    2013-05-16 SDPESetup.exe (2.1.18.3)
    2013-05-16 SDPEStart.exe (2.1.18.86)
    2013-05-16 SDPhoneScan.exe (2.1.18.28)
    2013-05-16 SDPRE.exe (2.1.18.22)
    2013-05-16 SDPrepPos.exe (2.1.18.10)
    2013-05-16 SDQuarantine.exe (2.1.18.103)
    2013-05-16 SDRootAlyzer.exe (2.1.18.116)
    2013-05-16 SDSBIEdit.exe (2.1.18.39)
    2013-05-16 SDScan.exe (2.1.18.177)
    2013-05-16 SDScript.exe (2.1.18.53)
    2013-05-16 SDSettings.exe (2.1.18.136)
    2013-05-16 SDShell.exe (2.1.18.2)
    2013-05-16 SDShred.exe (2.1.18.107)
    2013-05-16 SDSysRepair.exe (2.1.18.101)
    2013-05-16 SDTools.exe (2.1.18.150)
    2013-07-25 SDTray.exe (2.1.21.129)
    2013-05-16 SDUpdate.exe (2.1.18.91)
    2013-05-16 SDUpdSvc.exe (2.1.18.76)
    2013-07-10 SDWelcome.exe (2.1.21.129)
    2013-05-15 SDWSCSvc.exe (2.1.18.2)
    2013-06-19 spybotsd2-translation-frx.exe
    2013-08-16 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
    2013-05-16 SDAV.dll
    2013-05-16 SDECon32.dll (2.1.18.113)
    2013-05-16 SDECon64.dll (2.1.18.113)
    2013-04-05 SDEvents.dll (2.1.16.2)
    2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
    2013-05-16 SDHook32.dll (2.1.18.2)
    2013-05-16 SDHook64.dll (2.1.18.2)
    2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
    2013-05-16 SDLicense.dll (2.1.18.0)
    2013-05-16 SDLists.dll (2.1.18.4)
    2013-05-16 SDResources.dll (2.1.18.7)
    2013-05-16 SDScanLibrary.dll (2.1.18.131)
    2013-05-16 SDTasks.dll (2.1.18.15)
    2013-05-16 SDWinLogon.dll (2.1.18.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2013-05-16 Tools.dll (2.1.18.36)
    2012-12-18 Includes\Adware.sbi (*)
    2013-07-30 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2012-11-14 Includes\Dialer.sbi (*)
    2012-11-14 Includes\DialerC.sbi (*)
    2012-11-14 Includes\HeavyDuty.sbi (*)
    2012-11-14 Includes\Hijackers.sbi (*)
    2012-11-14 Includes\HijackersC.sbi (*)
    2012-11-14 Includes\iPhone.sbi (*)
    2013-06-25 Includes\Keyloggers.sbi (*)
    2012-12-18 Includes\KeyloggersC.sbi (*)
    2013-05-29 Includes\Malware.sbi (*)
    2013-08-06 Includes\MalwareC.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2013-08-06 Includes\PUPSC.sbi (*)
    2012-11-14 Includes\Security.sbi (*)
    2012-11-14 Includes\SecurityC.sbi (*)
    2013-05-22 Includes\Spyware.sbi (*)
    2013-08-06 Includes\SpywareC.sbi (*)
    2011-06-07 Includes\Tracks.sbi (*)
    2012-11-19 Includes\Tracks.uti (*)
    2013-01-16 Includes\Trojans.sbi (*)
    2013-05-13 Includes\TrojansC-02.sbi (*)
    2013-07-31 Includes\TrojansC-03.sbi (*)
    2013-08-06 Includes\TrojansC-04.sbi (*)
    2013-05-08 Includes\TrojansC-05.sbi (*)
    2013-08-06 Includes\TrojansC.sbi (*)
    Attached Files Attached Files
    Last edited by tashi; 2013-08-17 at 03:42. Reason: Moved from malware forum

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •