Results 1 to 8 of 8

Thread: How am I to Interpret "Threat Level" in the scan report?

  1. #1
    Junior Member
    Join Date
    Aug 2009
    Posts
    8

    Question How am I to Interpret "Threat Level" in the scan report?

    I just ran a scan and got about a dozen hits where the Threat level was a Green Bar that extended about 1/5 of the way into the box. I could not find anything in the Help system that told me how I'm to interpret that indicator. Can anyone explain the Threat Level indicator to me? Obviously no entry would be present in the report if the Green Bar did not exist. Thanks

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello grenneam,

    Could you provide a screenshot please.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Aug 2009
    Posts
    8

    Default

    Quote Originally Posted by tashi View Post
    Hello grenneam,

    Could you provide a screenshot please.

    Best regards.
    Can't really do that any more because I "fixed" all of the entries. Here's a list of what was found, that's the best I can do now.

    Search results from Spybot - Search & Destroy

    4/6/2014 2:26:28 PM
    Scan took 00:27:44.
    23 items found.

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Isobuster: [SBI $FFCD5808] Last save folder (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Smart Projects\IsoBuster\LastSavedPath

    MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1007\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-500\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Office 12.0: [SBI $31A61065] Internet history (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

    Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

    Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

    Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

    Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

    Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

    Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

    Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

    Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

    WinZip: [SBI $1059E532] Number of times run (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-583907252-2147093499-839522115-1003\Software\Nico Mak Computing\WinZip\rrs\Opened

    Cookie: [SBI $49804B54] Browser: Cookie (9) (Browser: Cookie, nothing done)


    Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)


    Cookie: [SBI $49804B54] Browser: Cookie (51) (Browser: Cookie, nothing done)

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello grenneam,

    Quote Originally Posted by grenneam View Post
    I just ran a scan and got about a dozen hits where the Threat level was a Green Bar that extended about 1/5 of the way into the box
    Quote Originally Posted by grenneam View Post
    Can't really do that any more because I "fixed" all of the entries. Here's a list of what was found, that's the best I can do now.
    I don't see any red flag issues.

    Before you start to remove the found threats you should distinguish between usage tracks, cookies and real spyware/malware. The shown ‘Threat Level’ and ‘Type’ should help you here. If you choose to not fix a found item you just need to disable the checkbox in front of it.
    http://www.safer-networking.org/supp...teps-tutorial/

    http://www.safer-networking.org/faq/usage-tracks/

    Hopes that helps, how is the computer running?

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  5. #5
    Junior Member
    Join Date
    Aug 2009
    Posts
    8

    Question

    Quote Originally Posted by tashi View Post
    Hello grenneam,





    I don't see any red flag issues.



    http://www.safer-networking.org/supp...teps-tutorial/

    http://www.safer-networking.org/faq/usage-tracks/

    Hopes that helps, how is the computer running?

    Best regards.
    That's sort of my point. How BIG does the Threat Level bar have to be to raise the level of concern. If the report entries are Significant enough to enumerate but are not threatening to the health and welfare of my PC should they even be listed. I looked throughout the help system and found no explanation as to what a minimal, partial, or extreme Threat Level represented, which was the basis for my entry. Should I be worried if the Bar is 1/2 way, but not worried if it's only 1/5 of the way?

  6. #6
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hi grenneam,

    Please see this topic: http://forums.spybot.info/showthread...8-Threat-level

    I will leave a request for the team to provide more documentation on the web site.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  7. #7
    Junior Member
    Join Date
    Aug 2009
    Posts
    8

    Thumbs up

    Quote Originally Posted by tashi View Post
    Hi grenneam,

    Please see this topic: http://forums.spybot.info/showthread...8-Threat-level

    I will leave a request for the team to provide more documentation on the web site.

    Best regards.
    You know I could have sworn I did a search in the 'general Spybot' area and it came up dry. I must have screwed it up. Be that as it may, THANKS for the link. I'm sure they'll fix it up in the future. In the meantime if anything shows up in the list I'll nuke it. Thanks again for your time & help!

  8. #8
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Cheers.

    If in doubt please feel free to ask.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •