Page 9 of 9 FirstFirst ... 56789
Results 81 to 88 of 88

Thread: Zbot.gen!AP and Fraud.Fedexword

  1. 2014-07-06, 22:11 #81
    mla34
    mla34 is offline
    Senior Member
    Join Date
    Jan 2010
    Posts
    115

    Default

    Hi, Adam,

    I just updated and ran the new Spybot and lookie what it found. The first entry is Fraud.FedexWord. Does that mean it is still in there and if so, why, and what do I do with it? Also, after hitting the "Fix" button, all the entries say "Nothing done". So now I am thinking that I don't understand the Spybot program and I'm doing things wrong? I'm sorry to take up more of your time! Thanks so much.

    Search results from Spybot - Search & Destroy

    7/6/2014 4:06:11 PM
    Scan took 00:17:14.
    109 items found.

    Fraud.FedexWord: [SBI $04FDF9E1] User settings (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Sft

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\opf.ooyala.com\com.conviva.livePass.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\player.ooyala.com\auth.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\player.ooyala.com\auth2.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\player.ooyala.com\auth_id.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\player.ooyala.com\ooyala_guid.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\player.ooyala.com\perf.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\secure-us.imrworldwide.com\_ggCvar.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\secure-us.imrworldwide.com\_ggCvar_temp.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\secure-us.imrworldwide.com\_ggMCvar_1.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\The Arnolds\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KAFF8CFK\static-cdn1.ustream.tv\flash.viewer.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
    C:\Users\The Arnolds\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KAFF8CFK\skype.com\#ui\preferences.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
    C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\opf.ooyala.com\3rdparty\ESPNAnalytics_comscore_3.48b_omniture_3.42.swf\com.comscore.ESPNAnalytics_comscore_3.48b_omniture_3.42.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (User): The Arnolds) (Browser: Cookie, nothing done)


    DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (User): The Arnolds) (Browser: Cookie, nothing done)


    BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    WebTrends live: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    FastClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


    Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Internet Explorer\TypedURLs

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\PE_C_DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Microsoft Management Console\Recent File List

    MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Microsoft Management Console\Recent File List

    MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name

    MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id

    MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List

    MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

    Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

    Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

    Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

    Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

    Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

    Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

    Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

    Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

    Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

    Cookie: [SBI $49804B54] Browser: Cookie (47) (Browser: Cookie, nothing done)


    Cache: [SBI $49804B54] Browser: Cache (722) (Browser: Cache, nothing done)


    History: [SBI $49804B54] Browser: History (183) (Browser: History, nothing done)


    Cookie: [SBI $49804B54] Browser: Cookie (3072) (Browser: Cookie, nothing done)


    Cookie: [SBI $49804B54] Browser: Cookie (9) (Browser: Cookie, nothing done)



    --- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) ---

    2014-06-24 blindman.exe (2.4.40.151)
    2014-06-24 explorer.exe (2.4.40.181)
    2014-06-24 SDBootCD.exe (2.4.40.109)
    2014-06-24 SDCleaner.exe (2.4.40.110)
    2014-06-24 SDDelFile.exe (2.4.40.94)
    2013-06-18 SDDisableProxy.exe
    2014-06-24 SDFiles.exe (2.4.40.135)
    2014-06-24 SDFileScanHelper.exe (2.4.40.1)
    2014-06-24 SDFSSvc.exe (2.4.40.217)
    2014-06-24 SDHelp.exe (2.4.40.1)
    2014-04-25 SDHookHelper.exe (2.3.39.2)
    2014-04-25 SDHookInst32.exe (2.3.39.2)
    2014-04-25 SDHookInst64.exe (2.3.39.2)
    2014-06-24 SDImmunize.exe (2.4.40.130)
    2014-06-24 SDLogReport.exe (2.4.40.107)
    2014-06-24 SDOnAccess.exe (2.4.40.11)
    2014-06-24 SDPESetup.exe (2.4.40.3)
    2014-06-24 SDPEStart.exe (2.4.40.86)
    2014-06-24 SDPhoneScan.exe (2.4.40.28)
    2014-06-24 SDPRE.exe (2.4.40.22)
    2014-06-24 SDPrepPos.exe (2.4.40.15)
    2014-06-24 SDQuarantine.exe (2.4.40.103)
    2014-06-24 SDRootAlyzer.exe (2.4.40.116)
    2014-06-24 SDSBIEdit.exe (2.4.40.39)
    2014-06-24 SDScan.exe (2.4.40.181)
    2014-06-24 SDScript.exe (2.4.40.54)
    2014-06-24 SDSettings.exe (2.4.40.139)
    2014-06-24 SDShell.exe (2.4.40.2)
    2014-06-24 SDShred.exe (2.4.40.108)
    2014-06-24 SDSysRepair.exe (2.4.40.102)
    2014-06-24 SDTools.exe (2.4.40.157)
    2014-06-24 SDTray.exe (2.4.40.129)
    2014-06-27 SDUpdate.exe (2.4.40.94)
    2014-06-27 SDUpdSvc.exe (2.4.40.77)
    2014-06-24 SDWelcome.exe (2.4.40.130)
    2014-04-25 SDWSCSvc.exe (2.3.39.2)
    2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
    2013-06-19 spybotsd2-translation-frx.exe
    2014-07-06 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2014-04-25 NotificationSpreader.dll
    2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
    2014-04-25 SDAV.dll
    2014-06-24 SDECon32.dll (2.4.40.114)
    2014-06-24 SDECon64.dll (2.3.39.113)
    2014-06-24 SDEvents.dll (2.4.40.2)
    2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
    2014-04-25 SDHook32.dll (2.3.39.2)
    2014-04-25 SDHook64.dll (2.3.39.2)
    2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
    2014-06-24 SDLicense.dll (2.4.40.0)
    2014-06-24 SDLists.dll (2.4.40.4)
    2014-06-24 SDResources.dll (2.4.40.7)
    2014-06-24 SDScanLibrary.dll (2.4.40.131)
    2014-06-24 SDTasks.dll (2.4.40.15)
    2014-06-24 SDWinLogon.dll (2.4.40.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2014-06-24 Tools.dll (2.4.40.36)
    2014-03-05 Includes\Adware-000.sbi (*)
    2014-01-08 Includes\Adware-001.sbi (*)
    2014-07-02 Includes\Adware-C.sbi (*)
    2014-01-13 Includes\Adware.sbi (*)
    2014-01-13 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2014-01-08 Includes\Dialer-000.sbi (*)
    2014-01-08 Includes\Dialer-001.sbi (*)
    2014-01-08 Includes\Dialer-C.sbi (*)
    2014-01-13 Includes\Dialer.sbi (*)
    2014-01-13 Includes\DialerC.sbi (*)
    2014-01-09 Includes\Fraud-000.sbi (*)
    2014-01-09 Includes\Fraud-001.sbi (*)
    2014-03-31 Includes\Fraud-002.sbi (*)
    2014-01-09 Includes\Fraud-003.sbi (*)
    2012-11-14 Includes\HeavyDuty.sbi (*)
    2014-01-08 Includes\Hijackers-000.sbi (*)
    2014-01-08 Includes\Hijackers-001.sbi (*)
    2014-01-08 Includes\Hijackers-C.sbi (*)
    2014-01-13 Includes\Hijackers.sbi (*)
    2014-01-13 Includes\HijackersC.sbi (*)
    2014-01-08 Includes\iPhone-000.sbi (*)
    2014-01-08 Includes\iPhone.sbi (*)
    2014-01-08 Includes\Keyloggers-000.sbi (*)
    2014-03-19 Includes\Keyloggers-C.sbi (*)
    2014-01-13 Includes\Keyloggers.sbi (*)
    2014-01-13 Includes\KeyloggersC.sbi (*)
    2014-01-09 Includes\Malware-001.sbi (*)
    2014-01-09 Includes\Malware-002.sbi (*)
    2014-02-05 Includes\Malware-003.sbi (*)
    2014-01-28 Includes\Malware-004.sbi (*)
    2014-04-15 Includes\Malware-005.sbi (*)
    2014-02-26 Includes\Malware-006.sbi (*)
    2014-01-09 Includes\Malware-007.sbi (*)
    2014-07-02 Includes\Malware-C.sbi (*)
    2014-01-13 Includes\Malware.sbi (*)
    2013-12-23 Includes\MalwareC.sbi (*)
    2014-01-15 Includes\PUPS-000.sbi (*)
    2014-01-15 Includes\PUPS-001.sbi (*)
    2014-01-15 Includes\PUPS-002.sbi (*)
    2014-07-02 Includes\PUPS-C.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2014-01-07 Includes\PUPSC.sbi (*)
    2014-01-08 Includes\Security-000.sbi (*)
    2014-01-08 Includes\Security-C.sbi (*)
    2014-01-21 Includes\Security.sbi (*)
    2014-01-21 Includes\SecurityC.sbi (*)
    2014-01-08 Includes\Spyware-000.sbi (*)
    2014-01-08 Includes\Spyware-001.sbi (*)
    2014-01-08 Includes\Spyware-C.sbi (*)
    2014-01-21 Includes\Spyware.sbi (*)
    2014-01-21 Includes\SpywareC.sbi (*)
    2011-06-07 Includes\Tracks.sbi (*)
    2012-11-19 Includes\Tracks.uti (*)
    2014-01-15 Includes\Trojans-000.sbi (*)
    2014-01-15 Includes\Trojans-001.sbi (*)
    2014-01-15 Includes\Trojans-002.sbi (*)
    2014-01-15 Includes\Trojans-003.sbi (*)
    2014-01-15 Includes\Trojans-004.sbi (*)
    2014-03-19 Includes\Trojans-005.sbi (*)
    2014-01-15 Includes\Trojans-006.sbi (*)
    2014-01-15 Includes\Trojans-007.sbi (*)
    2014-01-15 Includes\Trojans-008.sbi (*)
    2014-01-15 Includes\Trojans-009.sbi (*)
    2014-07-02 Includes\Trojans-C.sbi (*)
    2014-01-15 Includes\Trojans-OG-000.sbi (*)
    2014-01-15 Includes\Trojans-TD-000.sbi (*)
    2014-01-15 Includes\Trojans-VM-000.sbi (*)
    2014-01-15 Includes\Trojans-VM-001.sbi (*)
    2014-01-15 Includes\Trojans-VM-002.sbi (*)
    2014-01-15 Includes\Trojans-VM-003.sbi (*)
    2014-01-15 Includes\Trojans-VM-004.sbi (*)
    2014-01-15 Includes\Trojans-VM-005.sbi (*)
    2014-01-15 Includes\Trojans-VM-006.sbi (*)
    2014-01-15 Includes\Trojans-VM-007.sbi (*)
    2014-01-15 Includes\Trojans-VM-008.sbi (*)
    2014-01-15 Includes\Trojans-VM-009.sbi (*)
    2014-01-15 Includes\Trojans-VM-010.sbi (*)
    2014-01-15 Includes\Trojans-VM-011.sbi (*)
    2014-01-15 Includes\Trojans-VM-012.sbi (*)
    2014-01-15 Includes\Trojans-VM-013.sbi (*)
    2014-01-15 Includes\Trojans-VM-014.sbi (*)
    2014-01-15 Includes\Trojans-VM-015.sbi (*)
    2014-01-15 Includes\Trojans-VM-016.sbi (*)
    2014-01-15 Includes\Trojans-VM-017.sbi (*)
    2014-01-15 Includes\Trojans-VM-018.sbi (*)
    2014-01-15 Includes\Trojans-VM-019.sbi (*)
    2014-01-15 Includes\Trojans-VM-020.sbi (*)
    2014-01-15 Includes\Trojans-VM-021.sbi (*)
    2014-01-15 Includes\Trojans-VM-022.sbi (*)
    2014-01-15 Includes\Trojans-VM-023.sbi (*)
    2014-01-15 Includes\Trojans-VM-024.sbi (*)
    2014-01-15 Includes\Trojans-ZB-000.sbi (*)
    2014-01-15 Includes\Trojans-ZL-000.sbi (*)
    2014-01-09 Includes\Trojans.sbi (*)
    2014-01-16 Includes\TrojansC-01.sbi (*)
    2014-01-16 Includes\TrojansC-02.sbi (*)
    2014-01-16 Includes\TrojansC-03.sbi (*)
    2014-01-16 Includes\TrojansC-04.sbi (*)
    2014-01-16 Includes\TrojansC-05.sbi (*)
    2014-01-09 Includes\TrojansC.sbi (*)
  2. 2014-07-09, 13:12 #82
    LiquidTension
    LiquidTension is offline
    Security Expert- Visiting Fellow LiquidTension's Avatar
    Join Date
    May 2014
    Posts
    121

    Default

    Hi Maureen,

    Many apologies for the delay!

    When you close this thread, will I still have access to it for all the reading material you provided within the replies? I will be digging in a bit to educate myself!
    You certainly will!

    You did a great job walking me through everything and explaining everything along the way. I appreciate it so much!
    You are more than welcome.

    I just updated and ran the new Spybot and lookie what it found.
    The entries below the first are of no concern at all. We can take a closer look at the first entry. However, I do not believe your machine is infected.


    Reg Export
    • Press the Windows Key + r on your keyboard at the same time. Type Notepad and click OK.
    • Copy the entire contents of the quotebox below and paste into the Notepad document.
      @echo off
      REG EXPORT "HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Sft" "%userprofile%\desktop\look.txt"
      notepad "%userprofile%\desktop\look.txt"
    • Click Format. Ensure Wordwrap is unchecked.
    • Click File, Save As and name the file find.bat.
    • Select All Files as the Save as type.
    • Save the file to your desktop.
    • Locate find.bat (W8/7/Vista) on your desktop. Right-click the icon and select Run as Administrator.
    • A file (find.txt) will open on your desktop. Copy the contents of the file and paste in your next reply.
    Member of UNITE, and graduate from WTT.
  3. 2014-07-09, 14:39 #83
    mla34
    mla34 is offline
    Senior Member
    Join Date
    Jan 2010
    Posts
    115

    Smile

    Hi, Adam,

    No worries about the delay! Life is constantly getting in the way, isn't it? lol

    I am sending you the screen shot of what happens when I follow the instructions. Do I want to say yes to create a new file? I didn't want to chose anything without checking with you!

    Thanks!
    Attached Images Attached Images
  4. 2014-07-10, 15:11 #84
    LiquidTension
    LiquidTension is offline
    Security Expert- Visiting Fellow LiquidTension's Avatar
    Join Date
    May 2014
    Posts
    121

    Default

    Hi Maureen,

    I am sending you the screen shot of what happens when I follow the instructions. Do I want to say yes to create a new file? I didn't want to chose anything without checking with you!
    Please click the Cancel button if you haven't already done so. From your screenshot I can see the registry key does not exist, so no export file was created. This is why you received the error.

    Please run a scan with Spybot (just as you did before) and let me know if you see the same detection.
    Member of UNITE, and graduate from WTT.
  5. 2014-07-10, 19:24 #85
    mla34
    mla34 is offline
    Senior Member
    Join Date
    Jan 2010
    Posts
    115

    Default

    Hi, Adam,

    It seems you were right - the entry is gone with this last Spybot scan. Here you go!
    Attached Files Attached Files
  6. 2014-07-11, 13:52 #86
    LiquidTension
    LiquidTension is offline
    Security Expert- Visiting Fellow LiquidTension's Avatar
    Join Date
    May 2014
    Posts
    121

    Default

    Hi Maureen,

    Thank you for letting me know. Subject to no further problems, I believe we can finish up here.

    All the best,
    Adam
    Member of UNITE, and graduate from WTT.
  7. 2014-07-11, 19:50 #87
    mla34
    mla34 is offline
    Senior Member
    Join Date
    Jan 2010
    Posts
    115

    Default

    Hi, Adam,

    Thanks again for all of your help and expertise! It is much appreciated!
    Take care!
    Maureen
  8. 2014-07-11, 21:57 #88
    Dakeyras
    Dakeyras is offline
    Security Expert-Emeritus Dakeyras's Avatar
    Join Date
    Sep 2008
    Location
    The Tundra
    Posts
    1,173

    Default

    Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

    Note: If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh set of DDS log's and a link to your previous thread.

    If it has been less than three days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.
    Mammuthus Hibernian Scouserus, member of ASAP and UNITE.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules