-
I'm back
Ken - did post in forum 2 days ago & just now went to support @spybot & believe there is overall problem with my program kept getting scrip error on each step of the way giving them message. For ha-ha's I went to my event viewer & found errors in past 3 days in security log 1 is system files distributed com server local host; other is sync host 8d91dof - this I believe when I tried to upgrade spybot as fits time frame, another kernel power & NPT client. Just wondering if there is anything I can run while I'm waiting to hear back from spybot to see if I'm infected again (or still?) Sorry to bother you again, but trying to be viligant. Thank you!
-
sorry sent twice - first time said there was an error & wait 30 secs so thought it didn't go thru - the 2nd time it told me it was duplicate.
-
-
Does this mean I unstall spybot again before I use this eset scanner? I did write spybot directly for help & they gave me instructions on how to update & it worked. Going to run a scan now from spybot & will wait till I hear from you about what to disable before doing eset - does this mean Malware Bytes also? Thanks Ken.
-
spybot scan results
As noted in last reply I did run spybot & it found adware threats - I saved the log (below) & when I went to fix problems I just got the swirling ball - so after 10 mins. of that went to close it & said that it was not finished - it never fixed problems & said malware program not responding. Don't know if this is any use to you but here it is:
Search results from Spybot - Search & Destroy
1/28/2016 7:27:47 PM
Scan took 00:24:24.
12 items found.
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3611819408-1750479240-3027513373-1000\Software\Microsoft\Microsoft Management Console\Recent File List
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3611819408-1750479240-3027513373-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Cookie: [SBI $49804B54] Browser: Cookie (2) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (12) (Browser: Cache, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (2) (Browser: Cookie, nothing done)
Adware.Agent.NXO: [SBI $SpybotAV] Executable (File, nothing done)
C:\Users\Corinne\Downloads\api_Downloader (1).exe
Properties.size=4671944
Properties.md5=40997DF90235ADCDE6E5253ED5CA0082
Properties.filedate=1373088876
Properties.filedatetext=2013-07-06 00:34:35
Adware.Agent.NXO: [SBI $SpybotAV] Executable (File, nothing done)
C:\Users\Corinne\Downloads\api_Downloader (2).exe
Properties.size=4671944
Properties.md5=40997DF90235ADCDE6E5253ED5CA0082
Properties.filedate=1373265253
Properties.filedatetext=2013-07-08 01:34:13
Gen:Variant.Adware.Kazy.517148: [SBI $SpybotAV] Executable (File, nothing done)
C:\Users\Corinne\Downloads\api_Downloader (3).exe
Properties.size=4677064
Properties.md5=2B06DF6B05EB4824E11F55ACAF1BCCDB
Properties.filedate=1373691752
Properties.filedatetext=2013-07-13 00:02:32
Gen:Variant.Adware.Kazy.517148: [SBI $SpybotAV] Executable (File, nothing done)
C:\Users\Corinne\Downloads\api_Downloader (4).exe
Properties.size=4677064
Properties.md5=E2E7F4FEF629DDD6632340B568BD107A
Properties.filedate=1374120741
Properties.filedatetext=2013-07-17 23:12:21
Gen:Variant.Adware.Kazy.517148: [SBI $SpybotAV] Executable (File, nothing done)
C:\Users\Corinne\Downloads\api_Downloader (5).exe
Properties.size=4677064
Properties.md5=E2E7F4FEF629DDD6632340B568BD107A
Properties.filedate=1374120771
Properties.filedatetext=2013-07-17 23:12:51
Gen:Variant.Adware.Kazy.559039: [SBI $SpybotAV] Executable (File, nothing done)
C:\Users\Corinne\Downloads\api_Downloader (6).exe
Properties.size=4868040
Properties.md5=F44E3D7DE35C73E6B307E88A06CA4A25
Properties.filedate=1374207167
Properties.filedatetext=2013-07-18 23:12:46
Application.Downloader.TT: [SBI $SpybotAV] Executable (File, nothing done)
C:\Users\Corinne\Downloads\api_Downloader.exe
Properties.size=4671432
Properties.md5=F0749A4C86CAE476D649B123AA523BF9
Properties.filedate=1372998396
Properties.filedatetext=2013-07-04 23:26:35
--- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) ---
2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2016-01-25 sd2-installer.exe
2014-06-24 SDBootCD.exe (2.4.40.109)
2014-06-24 SDCleaner.exe (2.4.40.110)
2015-06-16 SDDelFile.exe (2.5.42.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2015-06-16 SDFileScanHelper.exe (2.5.42.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2015-06-16 SDHelp.exe (2.5.42.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDHookInst64.exe (2.3.39.2)
2014-06-24 SDImmunize.exe (2.4.40.130)
2015-07-24 SDLicense.exe (2.4.40.0)
2014-06-24 SDLogReport.exe (2.4.40.107)
2015-06-16 SDOnAccess.exe (2.5.42.11)
2015-06-16 SDPESetup.exe (2.5.42.3)
2015-06-16 SDPEStart.exe (2.5.42.86)
2015-06-16 SDPhoneScan.exe (2.5.42.28)
2015-06-16 SDPRE.exe (2.5.42.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2015-06-16 SDQuarantine.exe (2.5.42.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2015-06-16 SDSBIEdit.exe (2.5.42.39)
2014-06-24 SDScan.exe (2.4.40.181)
2014-06-24 SDScript.exe (2.4.40.54)
2014-06-24 SDSettings.exe (2.4.40.139)
2015-06-16 SDShell.exe (2.5.42.2)
2015-06-16 SDShred.exe (2.5.42.108)
2015-06-16 SDSysRepair.exe (2.5.42.102)
2015-06-16 SDTools.exe (2.5.42.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2015-03-25 spybotsd2-install-av-update-2015b.exe (2.4.40.0)
2015-03-25 spybotsd2-install-av-update.exe (2.4.40.0)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2014-10-01 spybotsd2-install-scannerservice.exe (2.4.40.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2015-03-25 spybotsd2-translation-hrx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0)
2016-01-25 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2015-06-16 NotificationSpreader.dll (2.5.42.4)
2015-06-16 SDAdvancedCheckLibrary.dll (2.5.42.98)
2015-06-16 SDAV.dll (2.5.42.1)
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDECon64.dll (2.3.39.113)
2014-06-24 SDEvents.dll (2.4.40.2)
2015-06-16 SDFileScanLibrary.dll (2.5.42.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDHook64.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2015-06-16 SDLicense.dll (2.5.42.0)
2015-06-16 SDLists.dll (2.5.42.4)
2015-06-16 SDResources.dll (2.5.42.7)
2014-06-24 SDScanLibrary.dll (2.4.40.131)
2015-06-17 SDTasks.dll (2.5.42.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2015-06-16 Tools.dll (2.5.42.36)
2015-04-22 Includes\Adware-000.sbi (*)
2015-08-05 Includes\Adware-001.sbi (*)
2016-01-27 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2015-07-29 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2015-12-23 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-11-14 Includes\Keyloggers-000.sbi (*)
2014-09-24 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2014-11-14 Includes\Malware-002.sbi (*)
2015-11-19 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2016-01-27 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2016-01-20 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2015-12-02 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2015-08-12 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2016-01-20 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2015-03-31 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2016-01-27 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2016-01-13 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
-
You can temporarily disable Spybot
https://www.safer-networking.org/faq...d-temporarily/
Malwarebytes
Open Malwarebytes
Go to setting
Detection and Protection
Disable Malware Protection
Disable Malicious Website Protection
Then OK your way out
After you run ESET, besure to go back into both Spybot and Malwarebytes and re enable all protection
-
Go into your Downloads folder and delete everything in there but not the downloads folder itself
C:\Users\Corinne\Downloads
-
Esets scan
Ken, here is list & I did run archives. Had to disable spybot different way than link you sent me as have home pro ver 2.4 & now will reapply protection. Thanks for your help
C:\$Recycle.Bin\S-1-5-21-3611819408-1750479240-3027513373-1000\$R1YRE24.exe a variant of Win32/BundleInstaller.D potentially unwanted application
C:\$Recycle.Bin\S-1-5-21-3611819408-1750479240-3027513373-1000\$R39816W.exe a variant of Win32/BundleInstaller.D potentially unwanted application
C:\$Recycle.Bin\S-1-5-21-3611819408-1750479240-3027513373-1000\$RA7KN7V.exe a variant of Win32/BundleInstaller.D potentially unwanted application
C:\$Recycle.Bin\S-1-5-21-3611819408-1750479240-3027513373-1000\$RB0R9XS.exe a variant of Win32/BundleInstaller.D potentially unwanted application
C:\$Recycle.Bin\S-1-5-21-3611819408-1750479240-3027513373-1000\$RKL295Y.exe a variant of Win32/BundleInstaller.D potentially unwanted application
C:\$Recycle.Bin\S-1-5-21-3611819408-1750479240-3027513373-1000\$RVGSXB2.exe a variant of Win32/BundleInstaller.D potentially unwanted application
C:\$Recycle.Bin\S-1-5-21-3611819408-1750479240-3027513373-1000\$RW8PMI5.exe a variant of Win32/BundleInstaller.D potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Corinne\AppData\LocalLow\Zynga\hk64tbZyn0.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Corinne\AppData\LocalLow\Zynga\hk64tbZyn2.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Corinne\AppData\LocalLow\Zynga\hktbZyn0.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Corinne\AppData\LocalLow\Zynga\ldrtbZyng.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Corinne\AppData\LocalLow\Zynga\tbZyn0.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Corinne\AppData\LocalLow\Zynga\tbZyn1.dll.vir a variant of Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Corinne\AppData\LocalLow\Zynga\tbZyng.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
-
Nothing to worry about Corrine, 7 of those files are in your Recycle Bin and the other 7 are backups of what AdwCleaner removed.
1. Right click on your Recycle Bin and select Empty Recycle Bin
2. Double click on AdwCleaner.exe to run the tool again.
- Click on the Uninstall button.
- Click Yes when asked are you sure you want to uninstall.
- Both AdwCleaner.exe, its folder and all logs will be removed.
3. Did you empty out your Downloads folder like I previously posted ??
-
Yes I did except for my spybot license & TDS killer in download folder hope it's OK to leave those?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules