Hi all...I'm David...new to the Forums here. I've been using Spy-Bot exclusively for the last 3 1/2 years without any problems until yesterday....when I was checking my Yahoo email....then all of a sudden my hard-drive was making a lot of noise for some reason.

I ALWAYS have my Task Manager open.....so I looked at that....and saw Acro32.exe running for some reason.....so I killed that....then saw a "amybdc.exe" running and killed that too. I then rebooted up in Safe Mode and did a scan with Spy-Bot....and found several things....which I then SUPPOSEDLY fixed....but after the fix....I could not log back on into Windows (I had a password protection)....and ended up re-installing Windows.

Any of the rest of you run across this...or have any thoughts?

The process you are seeing "Acro32.exe" is part of Adobe Reader 9.x. It is safe.

As for the other process, I would be concerned because the search for "amybdc.exe" had no results on Google.

What I would do to confirm the security of the machine is to visit this forums, Malware Removal Forum.
http://forums.spybot.info/forumdisplay.php?f=22
-
Start your own thread with a HJT log and be patient. Instructions and everything you need to know is in this thread:
http://forums.spybot.info/showthread.php?t=288
-

The process you are seeing "Acro32.exe" is part of Adobe Reader 9.x. It is safe.

I think you're wrong. Acro32.exe is NOT a part of Adobe Reader 9.x.
AcroRd32.exe is a part of Adobe Reader 9.x.
Google results for searching "Acro32.exe" by some reason gave results of AcroRd32.exe.

Thank you Tom K. for the correction :rockon:.
Well, if that process is not Adobe Reader it is not the real thing. Along with your buddy "amydbc.exe" on the process manager (I have it feeling it is set to autostart everytime you boot your machine), these two do not make sound nice on your machine.

Follow the instructions above to the Malware Removal Forums.

My apologies folks....it was Acrord32.exe.

Like I said though...I re-installed Windows.....and that cleared up my problems.

After I revived my Internet access, I went to Signin to my Yahoo email....at which point that was a Security notice just beneath my password block that said I needed an Adobe update, so I clicked on the link and went and got it.

I see on the Adobe site that there are a couple of security issues that are very recent.

http://www.adobe.com/support/security/

Also.....I just did a search for Adobe + "security issues" on Yahoo and got several recent things...

http://search.yahoo.com/search?p=Adobe+%2B+%22security+issue%22&toggle=1&cop=mss&ei=UTF-8&fr=yfp-t-701

I am sure that the other .exe (amybdc.exe) was probably what downloaded all the nasty stuff....as I found it in my Temp folder....along with a file that was titled "jar_cache12994.temp"...which I deleted both before doing the SpyBot scan.

Here's a few things I wrote down that SpyBot had found though...

Win32.Agent.chh
Supsav.Smss32
M.Windows.ActiveDesktop

It was after I zapped them with SpyBot that I couldn't Log on anymore...and then decided to do the Windows re-install.

I did another SpyBot scan afterwards and found nothing, so at this point I'm OK.

I would not say I am "glad" that you had it resolved, but you took the easy path. I hope you backed up your data before you reformatted the machine.

I have an external hard drive that I save MOST of my stuff to.

At the same time though...the Windows disc I have (from Microsoft) didn't delete things like "My Documents"...or for that matter.....even my old Profile under Documents and Settings.

Unfortunatley....I didn't think about the SpyBot "repair log" in my old profile Application Data folder...so when I deleted the old profile...I lost all those.

I also lost any (from what I can tell) is accessability to any downloaded software that I had.....but I will work through that as necessary.

Hm. A "Windows" disc. Was it an OEM disc? E.g. You purchased a DELL desktop. The box will also supply a disc:[Operating System] [32/64-bit] [Brand] Recovery Disc.

Have fun working your way through :p:.

IF you...and others on this Forum...are more interested in TRYING to clown me rather than exchange info etc....then MAYBE I should send an email to the MASTER on here.

I didn't join the Forums to have someone make azzumptions and jump to conclusions :sick:

FYI...I have 8 years experience working Software QA for a major US corporation.....and I'm not too bad in that department :bigthumb:


Hm. A "Windows" disc. Was it an OEM disc? E.g. You purchased a DELL desktop. The box will also supply a disc:[Operating System] [32/64-bit] [Brand] Recovery Disc.

Have fun working your way through :p:.

I consider it an OEM disc since Microsoft sent it to me to repair a used computer I had bought...and at one point after I had done all the software updates and spyware removal...it got jacked up as I tried to download some software from the Microsoft website.

After talking and emails with their Tech Support...they then sent me the disc :)

It doesn't have drivers on it....so when I use it I have work to do....but considering what I have been through in the past will viruses / malware...it's an easier solution!

I apologize if it appears that I was attempting to "clown" you. But truthfully I am not. I do not know if it was the way my post was worded, but I had no intentions of "making fun of you".

You can send emails all you like, but I hope I made my point.
I was just offering suggestions, but it was your choice if you wish to follow it or not.

I am not trying to clown you. Frankly, I have better things to do than that. :x There are a few things I would never ever do, and that includes (what you refer to) "clowning" members.


...then MAYBE I should send an email to the MASTER on here.

No worries...and I do appreciate you stating such :thanks:

If I hadn't gotten locked out on it after the SpyBot scan I wouldn't have given up so quickly. But my laptop was in getting repaired....and I still need to reformat my backup desktop computer...so I couldn't be without 'Net access for much time.

Ironically....this was the only virus that I have gotten in the past 3+ years....and SpyBot is the ONLY type of software I have running....so I have a lot of respect for the staff here. :bigthumb:


I apologize if it appears that I was attempting to "clown" you. But truthfully I am not. I do not know if it was the way my post was worded, but I had no intentions of "making fun of you".

You can send emails all you like, but I hope I made my point.
I was just offering suggestions, but it was your choice if you wish to follow it or not.

I am not trying to clown you. Frankly, I have better things to do than that. :x There are a few things I would never ever do, and that includes (what you refer to) "clowning" members.