Wolvesfan
2013-11-11, 20:17
Hi,
I have used spybot for years and always found it great.
However a few weeks back v1.6 found 'montera' and other items. I could not remove it, even as administrator and even after adjusting the tea timer protection - I was logged in as administrator on a new admin account but spybot said I wasn't so would not remove it.
So I downloaded V2.2 - this again finds 'montera' and when I ask to 'fix selected problems' when logged in as admin, it puts a green tick to say it has worked, but then on a rescan it identifies it again.
Am I doing something really silly? Have I missed an easy instruction I can use? Apologies if I have but I have looked a lot on these forums and the help feature and I am lost.
Many thanks :)
Search results for spybot 11/11/2013 13:30:24
Scan took 00:27:16.
18 items found.
Montera.Toolbar: [SBI $C595B0E4] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Montera.Toolbar: [SBI $C595B0E4] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Montera.Toolbar: [SBI $2212EF94] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\AppID\escort.DLL
Montera.Toolbar: [SBI $2212EF94] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\AppID\escort.DLL
Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane
Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane.1
Montera.Toolbar: [SBI $07586C96] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DBF5819-8634-464E-92F4-1F29C1EFF773}
Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane.1
Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-627662350-1526151905-1139825278-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)
History: [SBI $49804B54] Browser: History (1) (Browser: History, nothing done)
--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---
2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-11-09 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2013-11-06 Includes\Adware.sbi (*)
2013-11-06 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2013-10-16 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2013-10-29 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-11-06 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-10-22 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2013-10-29 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-11-06 Includes\TrojansC-03.sbi (*)
2013-10-22 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-08-06 Includes\TrojansC.sbi (*)
I have used spybot for years and always found it great.
However a few weeks back v1.6 found 'montera' and other items. I could not remove it, even as administrator and even after adjusting the tea timer protection - I was logged in as administrator on a new admin account but spybot said I wasn't so would not remove it.
So I downloaded V2.2 - this again finds 'montera' and when I ask to 'fix selected problems' when logged in as admin, it puts a green tick to say it has worked, but then on a rescan it identifies it again.
Am I doing something really silly? Have I missed an easy instruction I can use? Apologies if I have but I have looked a lot on these forums and the help feature and I am lost.
Many thanks :)
Search results for spybot 11/11/2013 13:30:24
Scan took 00:27:16.
18 items found.
Montera.Toolbar: [SBI $C595B0E4] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Montera.Toolbar: [SBI $C595B0E4] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Montera.Toolbar: [SBI $2212EF94] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\AppID\escort.DLL
Montera.Toolbar: [SBI $2212EF94] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\AppID\escort.DLL
Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane
Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane.1
Montera.Toolbar: [SBI $07586C96] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DBF5819-8634-464E-92F4-1F29C1EFF773}
Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane.1
Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-627662350-1526151905-1139825278-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)
History: [SBI $49804B54] Browser: History (1) (Browser: History, nothing done)
--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---
2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-11-09 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2013-11-06 Includes\Adware.sbi (*)
2013-11-06 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2013-10-16 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2013-10-29 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-11-06 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-10-22 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2013-10-29 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-11-06 Includes\TrojansC-03.sbi (*)
2013-10-22 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-08-06 Includes\TrojansC.sbi (*)