Results 1 to 2 of 2

Thread: 19 malware entries still left

  1. #1
    Member
    Join Date
    Jun 2013
    Posts
    31

    Default 19 malware entries still left

    Here is the scan log of what spybot was not able to remove:

    Search results from Spybot - Search & Destroy

    6/14/2013 8:16:07 PM
    Scan took 00:28:02.
    19 items found.

    Delta.Toolbar: [SBI $20319BF7] User settings (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-3424881192-682032277-1479730417-1000\Software\DataMngr

    Delta.Toolbar: [SBI $15E43F9C] Settings (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr

    Delta.Toolbar: [SBI $6BE91D8E] User settings (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-3424881192-682032277-1479730417-1000\Software\DataMngr_Toolbar

    Delta.Toolbar: [SBI $4FE1D2EF] User settings (Registry Key, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

    Delta.Toolbar: [SBI $4FE1D2EF] User settings (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-3424881192-682032277-1479730417-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

    Delta.Toolbar: [SBI $4FE1D2EF] User settings (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-3424881192-682032277-1479730417-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

    Delta.Toolbar: [SBI $4FE1D2EF] User settings (Registry Key, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

    Delta.Toolbar: [SBI $72F3A704] User settings (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-3424881192-682032277-1479730417-1000\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

    Delta.Toolbar: [SBI $D84848E6] User settings (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-3424881192-682032277-1479730417-1000\Software\Microsoft\Internet Explorer\SearchScopes\bProtectorDefaultScope

    Delta.Toolbar: [SBI $601A04F4] Configuration file (File, nothing done)
    C:\Users\Severin\AppData\Roaming\Mozilla\Firefox\Profiles\4sbx0wty.default\searchplugins\babylon.xml
    Properties.size=6503
    Properties.md5=0603237E6766DBD199956C2049BCFED2
    Properties.filedate=1370346554
    Properties.filedatetext=2013-06-04 12:49:14

    Delta.Toolbar: [SBI $3349937E] Data (File, nothing done)
    C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Default\bprotector web data
    Properties.size=96256
    Properties.md5=14EDB20FB2510A978FAB78682EAAC268
    Properties.filedate=1371227845
    Properties.filedatetext=2013-06-14 17:37:24

    Facebook.Messenger: [SBI $917BFFAB] Program directory (Directory, nothing done)
    C:\Users\Janet\AppData\Local\Facebook\
    Directory.subfile=C:\Users\Janet\AppData\Local\Facebook\Update\FacebookUpdate.exe_old
    Directory.subfile.size=138096
    Directory.subfile.md5=2A3FB4C98F139038E23330D2439DB8A4
    Directory.subfile.filedate=1367690099
    Directory.subfile.filedatetext=2013-05-04 18:54:59

    Facebook.Messenger: [SBI $05D5B32B] Program directory (Directory, nothing done)
    C:\Users\Janet\AppData\Local\Facebook\Update\
    Directory.subfile=C:\Users\Janet\AppData\Local\Facebook\Update\FacebookUpdate.exe_old
    Directory.subfile.size=138096
    Directory.subfile.md5=2A3FB4C98F139038E23330D2439DB8A4
    Directory.subfile.filedate=1367690099
    Directory.subfile.filedatetext=2013-05-04 18:54:59

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Cache: [SBI $49804B54] Browser: Cache (4) (Browser: Cache, nothing done)


    Cache: [SBI $49804B54] Browser: Cache (2) (Browser: Cache, nothing done)


    Cache: [SBI $49804B54] Browser: Cache (4) (Browser: Cache, nothing done)


    History: [SBI $49804B54] Browser: History (43) (Browser: History, nothing done)



    --- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

    2013-05-16 blindman.exe (2.1.18.151)
    2013-05-16 explorer.exe (2.1.18.177)
    2013-05-16 SDBootCD.exe (2.1.18.109)
    2013-05-16 SDCleaner.exe (2.1.18.110)
    2013-05-16 SDDelFile.exe (2.1.18.94)
    2013-05-16 SDFiles.exe (2.1.18.135)
    2013-03-20 SDFileScanHelper.exe (2.1.16.1)
    2013-05-16 SDFSSvc.exe (2.1.18.208)
    2013-05-16 SDHookHelper.exe (2.1.18.2)
    2013-05-16 SDHookInst32.exe (2.1.18.2)
    2013-05-16 SDHookInst64.exe (2.1.18.2)
    2013-05-16 SDImmunize.exe (2.1.18.130)
    2013-05-16 SDLogReport.exe (2.1.18.107)
    2013-05-16 SDOnAccess.exe (2.1.18.4)
    2013-05-16 SDPESetup.exe (2.1.18.3)
    2013-05-16 SDPEStart.exe (2.1.18.86)
    2013-05-16 SDPhoneScan.exe (2.1.18.28)
    2013-05-16 SDPRE.exe (2.1.18.22)
    2013-05-16 SDPrepPos.exe (2.1.18.10)
    2013-05-16 SDQuarantine.exe (2.1.18.103)
    2013-05-16 SDRootAlyzer.exe (2.1.18.116)
    2013-05-16 SDSBIEdit.exe (2.1.18.39)
    2013-05-16 SDScan.exe (2.1.18.177)
    2013-05-16 SDScript.exe (2.1.18.53)
    2013-05-16 SDSettings.exe (2.1.18.136)
    2013-05-16 SDShell.exe (2.1.18.2)
    2013-05-16 SDShred.exe (2.1.18.107)
    2013-05-16 SDSysRepair.exe (2.1.18.101)
    2013-05-16 SDTools.exe (2.1.18.150)
    2013-05-16 SDTray.exe (2.1.18.127)
    2013-05-16 SDUpdate.exe (2.1.18.91)
    2013-05-16 SDUpdSvc.exe (2.1.18.76)
    2013-05-16 SDWelcome.exe (2.1.18.129)
    2013-05-15 SDWSCSvc.exe (2.1.18.2)
    2013-06-14 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
    2013-05-16 SDAV.dll
    2013-05-16 SDECon32.dll (2.1.18.113)
    2013-05-16 SDECon64.dll (2.1.18.113)
    2013-04-05 SDEvents.dll (2.1.16.2)
    2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
    2013-05-16 SDHook32.dll (2.1.18.2)
    2013-05-16 SDHook64.dll (2.1.18.2)
    2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
    2013-05-16 SDLicense.dll (2.1.18.0)
    2013-05-16 SDLists.dll (2.1.18.4)
    2013-05-16 SDResources.dll (2.1.18.7)
    2013-05-16 SDScanLibrary.dll (2.1.18.131)
    2013-05-16 SDTasks.dll (2.1.18.15)
    2013-05-16 SDWinLogon.dll (2.1.18.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2013-05-16 Tools.dll (2.1.18.36)
    2012-12-18 Includes\Adware.sbi (*)
    2013-06-12 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2012-11-14 Includes\Dialer.sbi (*)
    2012-11-14 Includes\DialerC.sbi (*)
    2012-11-14 Includes\HeavyDuty.sbi (*)
    2012-11-14 Includes\Hijackers.sbi (*)
    2012-11-14 Includes\HijackersC.sbi (*)
    2012-11-14 Includes\iPhone.sbi (*)
    2012-11-14 Includes\Keyloggers.sbi (*)
    2012-12-18 Includes\KeyloggersC.sbi (*)
    2013-05-29 Includes\Malware.sbi (*)
    2013-06-12 Includes\MalwareC.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2013-06-12 Includes\PUPSC.sbi (*)
    2012-11-14 Includes\Security.sbi (*)
    2012-11-14 Includes\SecurityC.sbi (*)
    2013-05-22 Includes\Spyware.sbi (*)
    2013-05-08 Includes\SpywareC.sbi (*)
    2011-06-07 Includes\Tracks.sbi (*)
    2012-11-19 Includes\Tracks.uti (*)
    2013-01-16 Includes\Trojans.sbi (*)
    2013-05-13 Includes\TrojansC-02.sbi (*)
    2013-06-12 Includes\TrojansC-03.sbi (*)
    2013-03-14 Includes\TrojansC-04.sbi (*)
    2013-05-08 Includes\TrojansC-05.sbi (*)
    2013-04-19 Includes\TrojansC.sbi (*)

    Any help much appreciated

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello doubleoseverin2,

    To request malware removal assistance the FAQ includes forum guidelines in post #1 and instructions in post #2 on how to provide the preliminary DDSand aswMBR logs used for analysis.

    http://forums.spybot.info/showthread.php?t=288

    Once you provide the logs in this topic I will remove my post and merge yours.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •