Results 1 to 2 of 2

Thread: What to do after the scan and fixing?

  1. #1
    Junior Member
    Join Date
    Nov 2013
    Posts
    1

    Default What to do after the scan and fixing?

    Hello,
    I have recently downloaded Scratch with Linkury quickshare in it. I do not remember seeing an option not to include Linkury when downloading Scratch. This has infected our computer. Our Mcafee crashed and so I had to download Spybot Search and Destroy + AV. I have also used other programs such as CC cleaner, Malware, Kaspersky antivirus trial. With the help of Revo uninstaller we managed to unistall the Linkury quickshare. I run Spybot an hour ago and it found malware Savesaver.BHO, high level. There have been 12 other tracks and registry keys. So I pressed fix selected and run the scan again 10 min later but same things popped up. Does it mean I have to find them on our laptop and delete them manually or will the Spybot fix everything?

    I have read that Savesaver installs on Mozilla Firefox. We unistalled it yesterday but we have kept the Mozilla Thunderbird (may be this is causing the problem). We use Chrome and Internet Explorer.

    Here what we have got after the scan:
    Search results from Spybot - Search & Destroy

    14/11/2013 18:14:33
    Scan took 00:41:01.
    13 items found.

    SafeSaver.BHO: [SBI $75D1178A] Settings (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\SProtector

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2501058653-2415110728-2907925837-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2501058653-2415110728-2907925837-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Cache: [SBI $49804B54] Browser: Cache (4) (Browser: Cache, nothing done)


    History: [SBI $49804B54] Browser: History (2) (Browser: History, nothing done)



    --- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

    2013-09-20 blindman.exe (2.2.18.151)
    2013-09-20 explorer.exe (2.2.18.177)
    2013-09-20 SDBootCD.exe (2.2.18.109)
    2013-09-20 SDCleaner.exe (2.2.18.110)
    2013-09-20 SDDelFile.exe (2.2.18.94)
    2013-06-18 SDDisableProxy.exe
    2013-09-20 SDFiles.exe (2.2.18.135)
    2013-09-20 SDFileScanHelper.exe (2.2.16.1)
    2013-10-15 SDFSSvc.exe (2.2.25.211)
    2013-10-10 SDHookHelper.exe (2.3.30.2)
    2013-10-10 SDHookInst32.exe (2.3.30.2)
    2013-10-10 SDHookInst64.exe (2.3.30.2)
    2013-09-20 SDImmunize.exe (2.2.18.130)
    2013-05-16 SDLogReport.exe (2.1.18.107)
    2013-10-14 SDOnAccess.exe (2.2.25.4)
    2013-09-20 SDPESetup.exe (2.2.18.3)
    2013-09-20 SDPEStart.exe (2.2.18.86)
    2013-09-20 SDPhoneScan.exe (2.2.18.28)
    2013-09-20 SDPRE.exe (2.2.18.22)
    2013-09-20 SDPrepPos.exe (2.2.18.10)
    2013-09-20 SDQuarantine.exe (2.2.18.103)
    2013-09-20 SDRootAlyzer.exe (2.2.18.116)
    2013-09-20 SDSBIEdit.exe (2.2.18.39)
    2013-09-20 SDScan.exe (2.2.18.177)
    2013-09-20 SDScript.exe (2.2.18.53)
    2013-10-15 SDSettings.exe (2.2.25.138)
    2013-09-20 SDShell.exe (2.2.18.2)
    2013-09-20 SDShred.exe (2.2.18.107)
    2013-09-20 SDSysRepair.exe (2.2.18.101)
    2013-09-20 SDTools.exe (2.2.18.150)
    2013-07-25 SDTray.exe (2.1.21.129)
    2013-09-20 SDUpdate.exe (2.2.18.91)
    2013-09-20 SDUpdSvc.exe (2.2.18.76)
    2013-09-20 SDWelcome.exe (2.2.21.129)
    2013-09-13 SDWSCSvc.exe (2.2.22.2)
    2013-11-12 spybotsd2-installer.exe (2.2.25.0)
    2013-06-19 spybotsd2-translation-frx.exe
    2013-11-12 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
    2013-05-16 SDAV.dll
    2013-05-16 SDECon32.dll (2.1.18.113)
    2013-05-16 SDECon64.dll (2.1.18.113)
    2013-04-05 SDEvents.dll (2.1.16.2)
    2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
    2013-10-10 SDHook32.dll (2.3.30.2)
    2013-10-10 SDHook64.dll (2.3.30.2)
    2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
    2013-05-16 SDLicense.dll (2.1.18.0)
    2013-05-16 SDLists.dll (2.1.18.4)
    2013-05-16 SDResources.dll (2.1.18.7)
    2013-05-16 SDScanLibrary.dll (2.1.18.131)
    2013-05-16 SDTasks.dll (2.1.18.15)
    2013-05-16 SDWinLogon.dll (2.1.18.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2013-05-16 Tools.dll (2.1.18.36)
    2013-11-12 Includes\Adware.sbi (*)
    2013-11-12 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2012-11-14 Includes\Dialer.sbi (*)
    2012-11-14 Includes\DialerC.sbi (*)
    2012-11-14 Includes\HeavyDuty.sbi (*)
    2012-11-14 Includes\Hijackers.sbi (*)
    2012-11-14 Includes\HijackersC.sbi (*)
    2013-10-16 Includes\iPhone.sbi (*)
    2013-06-25 Includes\Keyloggers.sbi (*)
    2013-10-29 Includes\KeyloggersC.sbi (*)
    2013-05-29 Includes\Malware.sbi (*)
    2013-11-06 Includes\MalwareC.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2013-10-22 Includes\PUPSC.sbi (*)
    2012-11-14 Includes\Security.sbi (*)
    2013-10-29 Includes\SecurityC.sbi (*)
    2013-05-22 Includes\Spyware.sbi (*)
    2013-08-06 Includes\SpywareC.sbi (*)
    2011-06-07 Includes\Tracks.sbi (*)
    2012-11-19 Includes\Tracks.uti (*)
    2013-01-16 Includes\Trojans.sbi (*)
    2013-05-13 Includes\TrojansC-02.sbi (*)
    2013-11-12 Includes\TrojansC-03.sbi (*)
    2013-10-22 Includes\TrojansC-04.sbi (*)
    2013-05-08 Includes\TrojansC-05.sbi (*)
    2013-08-06 Includes\TrojansC.sbi (*)


    Would be grateful for any help. Thank you!
    Last edited by Elderberry; 2013-11-14 at 19:15.

  2. #2
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,168

    Default

    If you are using Windows Vista or higher,and you haven't already tried it,you should try running the next System Scan as administrator:
    http://www.safer-networking.org/faq/...indows-vista7/
    Please let me know how that goes.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •