Zbot.gen!AP and Fraud.Fedexword

Status
Not open for further replies.
Hi, Adam,

I just updated and ran the new Spybot and lookie what it found. The first entry is Fraud.FedexWord. Does that mean it is still in there and if so, why, and what do I do with it? Also, after hitting the "Fix" button, all the entries say "Nothing done". So now I am thinking that I don't understand the Spybot program and I'm doing things wrong? I'm sorry to take up more of your time! Thanks so much.

Search results from Spybot - Search & Destroy

7/6/2014 4:06:11 PM
Scan took 00:17:14.
109 items found.

Fraud.FedexWord: [SBI $04FDF9E1] User settings (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Sft

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\opf.ooyala.com\com.conviva.livePass.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\player.ooyala.com\auth.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\player.ooyala.com\auth2.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\player.ooyala.com\auth_id.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\player.ooyala.com\ooyala_guid.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\player.ooyala.com\perf.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\secure-us.imrworldwide.com\_ggCvar.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\secure-us.imrworldwide.com\_ggCvar_temp.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\secure-us.imrworldwide.com\_ggMCvar_1.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\The Arnolds\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KAFF8CFK\static-cdn1.ustream.tv\flash.viewer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\The Arnolds\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KAFF8CFK\skype.com\#ui\preferences.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\Greg\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XX3MLS82\opf.ooyala.com\3rdparty\ESPNAnalytics_comscore_3.48b_omniture_3.42.swf\com.comscore.ESPNAnalytics_comscore_3.48b_omniture_3.42.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (User): The Arnolds) (Browser: Cookie, nothing done)


DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (User): The Arnolds) (Browser: Cookie, nothing done)


BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


WebTrends live: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


FastClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Right Media: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_DEFAULT (default)) (Browser: Cookie, nothing done)


Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\PE_C_DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Microsoft Management Console\Recent File List

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List

MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (47) (Browser: Cookie, nothing done)


Cache: [SBI $49804B54] Browser: Cache (722) (Browser: Cache, nothing done)


History: [SBI $49804B54] Browser: History (183) (Browser: History, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (3072) (Browser: Cookie, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (9) (Browser: Cookie, nothing done)



--- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2014-06-24 SDCleaner.exe (2.4.40.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDHookInst64.exe (2.3.39.2)
2014-06-24 SDImmunize.exe (2.4.40.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2014-06-24 SDScan.exe (2.4.40.181)
2014-06-24 SDScript.exe (2.4.40.54)
2014-06-24 SDSettings.exe (2.4.40.139)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2013-06-19 spybotsd2-translation-frx.exe
2014-07-06 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2014-04-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDECon64.dll (2.3.39.113)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDHook64.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2014-06-24 SDScanLibrary.dll (2.4.40.131)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-07-02 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-04-15 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-07-02 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-07-02 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-07-02 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
 
Hi Maureen,

Many apologies for the delay!

When you close this thread, will I still have access to it for all the reading material you provided within the replies? I will be digging in a bit to educate myself!
Click to expand...
You certainly will!

You did a great job walking me through everything and explaining everything along the way. I appreciate it so much!
Click to expand...
You are more than welcome. :)

I just updated and ran the new Spybot and lookie what it found.
Click to expand...
The entries below the first are of no concern at all. We can take a closer look at the first entry. However, I do not believe your machine is infected.


MgeHyNE.png
Reg Export
  • Press the Windows Key
    pdKOQKY.png
    + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the quotebox below and paste into the Notepad document.
    @echo off
    REG EXPORT "HKEY_USERS\S-1-5-21-2307240755-147757143-1248280979-1003\Software\Microsoft\Sft" "%userprofile%\desktop\look.txt"
    notepad "%userprofile%\desktop\look.txt"
    Click to expand...
  • Click Format. Ensure Wordwrap is unchecked.
  • Click File, Save As and name the file find.bat.
  • Select All Files as the Save as type.
  • Save the file to your desktop.
  • Locate find.bat
    iKKSwsh.png
    (W8/7/Vista) on your desktop. Right-click the icon and select Run as Administrator.
  • A file (find.txt) will open on your desktop. Copy the contents of the file and paste in your next reply.
 
Hi, Adam,

No worries about the delay! Life is constantly getting in the way, isn't it? lol

I am sending you the screen shot of what happens when I follow the instructions. Do I want to say yes to create a new file? I didn't want to chose anything without checking with you!

Thanks!
 

Attachments

  • screen shot.jpg
    screen shot.jpg
    94.6 KB · Views: 2
Hi Maureen,

I am sending you the screen shot of what happens when I follow the instructions. Do I want to say yes to create a new file? I didn't want to chose anything without checking with you!
Click to expand...
Please click the Cancel button if you haven't already done so. From your screenshot I can see the registry key does not exist, so no export file was created. This is why you received the error.

Please run a scan with Spybot (just as you did before) and let me know if you see the same detection.
 
Hi Maureen,

Thank you for letting me know. Subject to no further problems, I believe we can finish up here.

All the best,
Adam
 
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

Note: If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh set of DDS log's and a link to your previous thread.

If it has been less than three days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.
 
Status
Not open for further replies.
Back
Top