Hello. I think i got an easy Problem. The detection shows me some Problems with breaks ( is not ). I dont know what it means.
Perhaps you can explain me?
Backi
Detection ( is not )
Hello. I think i got an easy Problem. The detection shows me some Problems with breaks ( is not ). I dont know what it means.
Perhaps you can explain me?
Backi
"Is not" just usually means that Spybot found something during your scan,and what it found is not equal to what it expects to be there,so if you press fix selected,it's going to change it to that.
I couldn't find any logfiles with Is not in them,so I'll just use this.
The "!=",if I recall correctly,means the same as "is not".Later on,the != was changed to show Is not to avoid confusion.Microsoft.Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1579139565-534010669-2603711333-1006\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1
So,basically what the above is saying is that iexplore.exe reg_dword is not equal to value data 1,so Spybot is going to change it to value data 1 when you press fix selected.
detection
Ok. Thank you! It is in the Version 2.0. I think i got around 15 entries with this message. I wasn't sure if it is dangerous. But thank you!
Best regards
Backi
You're welcome.
Unfortunately,I don't know it as normal for the "is not" to be shown in the Spybot 2.0 version,so we may both be talking about 2 different things.Ok. Thank you! It is in the Version 2.0.
Would you like to show your Spybot logfile here,just to maybe figure out what it is?
If you'd like to do that,open Spybot start center,checkmark advanced mode,click Report Creator,click Show logs over to the left,then open the Checks logfile with the date of when you were seeing the 'is not's.
The checks logfiles are dated at the end of them,if that helps to find the one you're looking for,here's the name of one of mine from today,as an example....Checks.131205-0006.txt.
Once you find the logfile,you can doubleclick it,it will open in notepad,go to Edit,select all,then rightclick somewhere in the notepad window,select Copy,then paste it here.
Logfile
Search results from Spybot - Search & Destroy
04.12.2013 18:21:13
Scan took 00:13:06.
15 items found.
DownloadSponsor: [SBI $CC437C6B] Settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2174910466-2621421538-1860139024-1000\Software\OCS\lastPID
DownloadSponsor: [SBI $980DE8E4] Settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2174910466-2621421538-1860139024-1000\Software\OCS\PID
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2174910466-2621421538-1860139024-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2174910466-2621421538-1860139024-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2174910466-2621421538-1860139024-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Gen:Packer.Krucky.B.EeW@aq1f0Qk: [SBI $SpybotAV] Executable (File, nothing done)
C:\ProgramData\Kaspersky Lab\AVP13\QB\93f9e6b8ee097bc8.klq
Properties.size=507539
Properties.md5=A04582B073F6D8E38549BFF06FD5FAF2
Properties.filedate=1385929284
Properties.filedatetext=2013-12-01 21:21:24
--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---
2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-12-04 spybotsd2-installer.exe (2.2.25.0)
2013-06-19 spybotsd2-translation-frx.exe
2013-12-04 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2013-11-12 Includes\Adware.sbi (*)
2013-12-03 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2013-10-16 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2013-10-29 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-11-19 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-12-03 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2013-10-29 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-12-03 Includes\TrojansC-03.sbi (*)
2013-10-22 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-08-06 Includes\TrojansC.sbi (*)
Looks like Spybot picked up on a Kaspersky backup file in Kaspersky's quarantine:
You don't need to worry about fixing that,since it's a backup file for something Kaspersky removed.Gen:Packer.Krucky.B.EeW@aq1f0Qk: [SBI $SpybotAV] Executable (File, nothing done)
C:\ProgramData\Kaspersky Lab\AVP13\QB\93f9e6b8ee097bc8.klq
Properties.size=507539
Properties.md5=A04582B073F6D8E38549BFF06FD5FAF2
Properties.filedate=1385929284
Properties.filedatetext=2013-12-01 21:21:24
I'm not seeing the breaks with (Is not) in your logfile.There are around fifteen (Registry Change, nothing done) or similar variations shown,is that what you meant?
Last edited by Zenobia; 2013-12-08 at 03:24.
Yes. In the Programm it is called (is not ) and in the Logfile (nothing done).
Thank you for your efforts!
Backi
Aha,I see them now.I didn't have my location over enough to see the (is not) when I did a scan.Sorry about that.
The first explanation I posted above applies,then.And everything is as it should be.
Posting Permissions
Reply With Quote