PDA

View Full Version : Should files appear automatically in "Ignore System Internals"?



Janet Mac
2005-11-12, 03:39
A few days ago I upgraded SpyBot and started learning to use the advanced mode.

Today I noticed 4 files in "Ignore System Internals".

I never put them there. Is this normal?

These are the files:

%JavaDir%\QTJava.zip

install.exe

MsoHtmEd.exe

winnt32.exe

Under "category" all but one of these files says "wrong app path"

The other (which is the Java file) says "missing shared DLL

I googled a couple of them and it looks like "install.exe" can be used for legitimate purposes, as well as malicious purposes.

Also, my computer was infected with Sony BMG's "rootkit." (ever since my CPU usage keeps spiking.

As a matter of fact, I came across this, because I was running my spyware programs after doing the uninstall (full uninstall, not the decloaker) that Sony linked me to.

Any advise?

I also just noticed that in the pop up ignore "PUPS.sbi" catagory, "CDila" and "SideStep" were ticked. (without mm ticking them)
I am concerned because my pc is still not acting correctly and I have heard of malicious programs that change settings in Anti Virus and Spyware detection programs.

Thanks, Janet Mac

tashi
2005-11-12, 04:46
Hi there.
The 4 files in "Ignore System Internals" are there by default, so no need for concern.

You say your computer is not acting normally; someone should take a look.

Please go here and follow instructions to post a hjt log.
http://forums.spybot.info/forumdisplay.php?f=22

Thanks.

Janet Mac
2005-11-12, 19:12
Thanks Tashi,

I used Spy Sweeper to run the first scan instead of one of the three programs listed is that OK?

Also when I ran spybot "Windows Security Center, Antivirus Disable Notify" came up.
However, I believe that is due to what is dicussed in this post:

http://forums.spybot.info/showthread.php?t=75

I am using Norton Antivirus for security (firewall). I just need to reread and understand it a little better before I go changing settings.

I will post the Hijack This log file separately. The post was too long.

Janet Mac

tashi
2005-11-14, 08:59
Hi there.
I removed the hjt log as you have posted in the malware forum, thanks.

Spy Sweeper is not an on line virus scanner.

A helper will assist you in the malware forum as soon as available.

Cheers. :)