Malware removed but Laptop wouldn't restart - Windows 8.1
- Thread starter nadia19
- Start date
- Status
Ooops, I started running ESET but realised I'd missed out the step at the beginning of your post saying to untick "remove infections". It found 8 things but I stopped it about half way through scanning and restarted the scan and removed the tick. I'm hoping that it would've removed anything at the end and not as it went along.
C:\Users\Nadia\AppData\Local\Microsoft\Windows\FileHistory\Data\95\C\Users\Nadia\Downloads\ccsetup412 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Nadia\AppData\Local\Microsoft\Windows\FileHistory\Data\95\C\Users\Nadia\Downloads\ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC Desire HD A9191(G10)_20120715125452\com.omgpop.dstfree.apk a variant of Android/Inmobi.A potentially unsafe application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC Desire HD A9191(G10)_20120927202954\atticlab.MosquitoRepellent.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC Desire HD A9191(G10)_20120927202954\com.rovio.angrybirds.apk a variant of Android/Inmobi.A potentially unsafe application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC Desire HD A9191(G10)_20121126195445\com.rovio.angrybirds.apk a variant of Android/Inmobi.A potentially unsafe application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC Desire HD A9191(G10)_20121126201344\com.rovio.angrybirds.apk a variant of Android/Inmobi.A potentially unsafe application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20130606201905\com.appeffectsuk.bustracker.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20130718152938\com.appeffectsuk.bustracker.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20130916175726\com.appeffectsuk.bustracker.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20130916175726\com.mp3.mp3pro.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20131002220856\com.appeffectsuk.bustracker.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20131002220856\com.mp3.mp3pro.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20131209130353\com.appeffectsuk.bustracker.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20131209130353\com.mp3.mp3pro.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\MobileGo_120515091619\com.omgpop.dstfree.apk a variant of Android/Inmobi.A potentially unsafe application
C:\Users\Nadia\Downloads\cbsidlm-cbsi183-Free_MKV_Player-ORG-75978742.exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Nadia\Downloads\ccsetup412 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Nadia\Downloads\ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Nadia\Downloads\Mud {2013} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Users\Nadia\Downloads\Oblivion {2013} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Windows\KMSEmulator.exe Win32/HackKMS.A potentially unsafe application
C:\Users\Nadia\AppData\Local\Microsoft\Windows\FileHistory\Data\95\C\Users\Nadia\Downloads\ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC Desire HD A9191(G10)_20120715125452\com.omgpop.dstfree.apk a variant of Android/Inmobi.A potentially unsafe application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC Desire HD A9191(G10)_20120927202954\atticlab.MosquitoRepellent.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC Desire HD A9191(G10)_20120927202954\com.rovio.angrybirds.apk a variant of Android/Inmobi.A potentially unsafe application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC Desire HD A9191(G10)_20121126195445\com.rovio.angrybirds.apk a variant of Android/Inmobi.A potentially unsafe application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC Desire HD A9191(G10)_20121126201344\com.rovio.angrybirds.apk a variant of Android/Inmobi.A potentially unsafe application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20130606201905\com.appeffectsuk.bustracker.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20130718152938\com.appeffectsuk.bustracker.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20130916175726\com.appeffectsuk.bustracker.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20130916175726\com.mp3.mp3pro.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20131002220856\com.appeffectsuk.bustracker.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20131002220856\com.mp3.mp3pro.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20131209130353\com.appeffectsuk.bustracker.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\HTC One X_20131209130353\com.mp3.mp3pro.apk a variant of Android/Leadbolt.E potentially unwanted application
C:\Users\Nadia\Documents\Wondershare\MobileGo\Backup\MobileGo_120515091619\com.omgpop.dstfree.apk a variant of Android/Inmobi.A potentially unsafe application
C:\Users\Nadia\Downloads\cbsidlm-cbsi183-Free_MKV_Player-ORG-75978742.exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Nadia\Downloads\ccsetup412 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Nadia\Downloads\ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Nadia\Downloads\Mud {2013} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Users\Nadia\Downloads\Oblivion {2013} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar_Internet Explorer.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Windows\KMSEmulator.exe Win32/HackKMS.A potentially unsafe application
Sorry for the delay.
Nothing that was found is a real threat but some programs in your ‘Downloads’ folder are bundled with 3rd-party software, such as unwanted/undesirable toolbars.
Also, there is an entry that suggests you have a ‘cracked’ copy of MS Office which brings its own problems.
In the top forums there is a general consensus amongst the malware experts/helpers that if people come to us with cracked software we will refuse to help; one reason being that it is illegal and the other is that the infections that have ended up on their computers have been invited by introducing cracked software.
We’ll run one more scan and then I think we should be OK to tidy up.
Download Malwarebytes-Anti-Malware
Click here (at the top of the page, click on "Download Current Version")
Can you tell me if there are any outstanding problems.
Satchfan
Nothing that was found is a real threat but some programs in your ‘Downloads’ folder are bundled with 3rd-party software, such as unwanted/undesirable toolbars.
Also, there is an entry that suggests you have a ‘cracked’ copy of MS Office which brings its own problems.
In the top forums there is a general consensus amongst the malware experts/helpers that if people come to us with cracked software we will refuse to help; one reason being that it is illegal and the other is that the infections that have ended up on their computers have been invited by introducing cracked software.
We’ll run one more scan and then I think we should be OK to tidy up.
Download Malwarebytes-Anti-Malware
Click here (at the top of the page, click on "Download Current Version")
- double-click mbam-setup.exe and follow the prompts to install the program – (Note: Vista & Windows 7 users, please right-click and select “Run as Administrator”)
- at the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware. and Launch Malwarebytes' Anti-Malware, then click Finish..
- if an update is found, it will download and install the latest version.
- once the program has loaded, select Perform quick scan, then click Scan.
- when the scan is complete, click OK, then Show Results to view the results.
- be sure that everything is checked, and click Remove Selected.
- when removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
- the log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
- copy and paste the contents of that report in your next reply and exit MBAM.
Can you tell me if there are any outstanding problems.
Satchfan
MBAM found nothing, see log below. All the items that were found in the ESET scan are things that have been on my laptop for months (apart from the ones seemingly installed by CC Cleaner but I installed that after S&D gave me the errors when I told it to delete temporary items it didn't). The rest have never been picked up by S&D, and i run scans regularly, which is why if they are the culprits i'm confused as to why they're showing up now. Could S&D be playing up?
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.04.05.02
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16521
Nadia :: NADIALAPTOP [administrator]
08/04/2014 14:12:07
mbam-log-2014-04-08 (14-12-07).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 230986
Time elapsed: 5 minute(s), 36 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.04.05.02
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16521
Nadia :: NADIALAPTOP [administrator]
08/04/2014 14:12:07
mbam-log-2014-04-08 (14-12-07).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 230986
Time elapsed: 5 minute(s), 36 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Search results from Spybot - Search & Destroy
08/04/2014 18:11:51
Scan took 00:24:07.
6 items found.
Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2536830986-821511902-3680961864-1001\Software\Microsoft\Internet Explorer\TypedURLs
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2536830986-821511902-3680961864-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Cache: [SBI $49804B54] Browser: Cache (3) (Browser: Cache, nothing done)
History: [SBI $49804B54] Browser: History (7) (Browser: History, nothing done)
--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---
2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-11-03 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-03-31 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-01-09 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-03-31 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-03-31 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-03-31 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
08/04/2014 18:11:51
Scan took 00:24:07.
6 items found.
Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2536830986-821511902-3680961864-1001\Software\Microsoft\Internet Explorer\TypedURLs
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2536830986-821511902-3680961864-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Cache: [SBI $49804B54] Browser: Cache (3) (Browser: Cache, nothing done)
History: [SBI $49804B54] Browser: History (7) (Browser: History, nothing done)
--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---
2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-11-03 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-03-31 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-01-09 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-03-31 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-03-31 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-03-31 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
They aren't harmful, they are only ‘usage tracks’, (traces of your computer’s history). If you turn off Tracks.uti you should be fine:
Open SS&D, double-click on Settings and then click on the "Categories" tab. Scroll down to the bottom where you’ll see “Usage tracks”; remove the check mark beside Tracks.uti.
Any other outstanding problems?
Open SS&D, double-click on Settings and then click on the "Categories" tab. Scroll down to the bottom where you’ll see “Usage tracks”; remove the check mark beside Tracks.uti.
Any other outstanding problems?
Ok all done. I think Spybot developers need to be made aware of this issue as users shouldn't need to go through all the above. I've been using it for years and something in the program has changed in a recent update without my knowledge for these tracks to now start showing up. Thank you for all your help.
I don’t think that this is an “issue” but merely indicates how thoroughly SS&D analyses and reports any changes to the computer.
Spybot – Search & Destroy has always been, (and still is), the best real-time spyware program on the market and as the developers continue to make it even more efficient, I appreciate that it can be difficult to interpret some results. There are, however, various tutorials available with reference to the most common results and if you are unable to find an answer to your specific query, that’s what this forum is here to help with.
There is a tutorial here that also has a link about “Usage Tracks”. I hope that helps.
You are welcome and I’m pleased that we managed to solve your query.
Let’s tidy up.
Uninstall OTL
- double-click OTL.exe
- click the CleanUp! button.
- select Yes when the Begin cleanup Process? prompt appears.
- if you are prompted to reboot during the cleanup, select Yes.
- the tool will delete itself once it finishes, if not delete it by yourself.
You can delete all other logs and programs we’ve used that are on your desktop.
Safe computing
Satchfan
- Status