Windows 10: Spybot picked up Malware in System32 Solved

Page 1 of 2 12 LastLast
  1.    22 Jun 2016 #1

    Spybot picked up Malware in System32


    Click image for larger version. 

Name:	2016_06_22_17_14_571.png 
Views:	6 
Size:	11.5 KB 
ID:	86338
    This si what was picked-up from spybot. I'm hesitant to fix the selected items since is in system32.
    Should i go ahead with the clean up?
      My ComputerSystem Spec

  2. MoxieMomma's Avatar
    Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       22 Jun 2016 #2

    Hi:

    Is this the same computer?
    Solved Strange Registry Key- Possible spyware - Windows 10 Forums

    If so, it's probably advisable to stick with support in one thread in one place at a time.
    Malware removal can be tricky, picky and sticky.
    And it can be -- at best -- confusing or -- at worst -- dangerous to work simultaneously in multiple places.
    A step advised by one helper may be unknown to another helper and that can lead to problems.
    So, it might be a good idea to resume that existing thread.
    And no two computer disinfection tools/scanners will pick up the same, exact things.

    Having said all, that Spybot S&D is not one of the more highly-regarded anti-malware scanners these days.
    And, without a scan log or more data, it would be hard to say if this detection might or might not be a false positive.

    Just my thoughts,
    MM
      My ComputerSystem Spec

  3.    22 Jun 2016 #3

    jman1505 said: View Post
    Click image for larger version. 

Name:	2016_06_22_17_14_571.png 
Views:	6 
Size:	11.5 KB 
ID:	86338
    This si what was picked-up from spybot. I'm hesitant to fix the selected items since is in system32.
    Should i go ahead with the clean up?
    MoxieMomma said: View Post
    Hi:

    Is this the same computer?
    Solved Strange Registry Key- Possible spyware - Windows 10 Forums

    If so, it's probably advisable to stick with support in one thread in one place at a time.
    Malware removal can be tricky, picky and sticky.
    And it can be -- at best -- confusing or -- at worst -- dangerous to work simultaneously in multiple places.
    A step advised by one helper may be unknown to another helper and that can lead to problems.
    So, it might be a good idea to resume that existing thread.
    And no two computer disinfection tools/scanners will pick up the same, exact things.

    Having said all, that Spybot S&D is not one of the more highly-regarded anti-malware scanners these days.
    And, without a scan log or more data, it would be hard to say if this detection might or might not be a false positive.

    Just my thoughts,
    MM
    You've already done a full scan with Malwarebytes, TDSSKiller, ADWCleaner and Avast - nothing found. Did you do the ESET Online Scanner as well? (you never mentioned that.) I see ESET found 1 thing, which you deleted.

    I agree with MM - Spybot should be uninstalled. If you want something, use SuperAntiSpyware Free.
      My ComputerSystem Spec

  4. Slartybart's Avatar
    Posts : 3,506
    Win_8.1-Pro, Win_10.1607-Pro, Mint_17.3
       22 Jun 2016 #4

    jman1505 said: View Post
    Click image for larger version. 

Name:	2016_06_22_17_14_571.png 
Views:	6 
Size:	11.5 KB 
ID:	86338
    This si what was picked-up from spybot. I'm hesitant to fix the selected items since is in system32.
    Should i go ahead with the clean up?
    Google search winemt.dat turns up a lot of results for Mountain and wine, but I didn't see winemt.dat

    Visit VirusTotal - Free Online Virus, Malware and URL Scanner, upload the file and have them check it.

    If it is a virus, yes remove it
    Then launch Command Prompt (Admin)
    enter the following commnad

    SFC /ScanNow

    that makes sure that system files from the component store are in the right place. It will put the correct file back if it is needed.
      My ComputerSystem Spec

  5.    22 Jun 2016 #5

    MoxieMomma said: View Post
    Hi:

    Is this the same computer?
    Solved Strange Registry Key- Possible spyware - Windows 10 Forums

    If so, it's probably advisable to stick with support in one thread in one place at a time.
    Malware removal can be tricky, picky and sticky.
    And it can be -- at best -- confusing or -- at worst -- dangerous to work simultaneously in multiple places.
    A step advised by one helper may be unknown to another helper and that can lead to problems.
    So, it might be a good idea to resume that existing thread.
    And no two computer disinfection tools/scanners will pick up the same, exact things.

    Having said all, that Spybot S&D is not one of the more highly-regarded anti-malware scanners these days.
    And, without a scan log or more data, it would be hard to say if this detection might or might not be a false positive.

    Just my thoughts,
    MM
    Sorry about that, i'm used to using new threads for new issues so that it helps others when searching for similar problems
    Last edited by jman1505; 22 Jun 2016 at 15:58. Reason: Grammer
      My ComputerSystem Spec

  6.    22 Jun 2016 #6

    simrick said: View Post
    You've already done a full scan with Malwarebytes, TDSSKiller, ADWCleaner and Avast - nothing found. Did you do the ESET Online Scanner as well? (you never mentioned that.) I see ESET found 1 thing, which you deleted.
    simrick said: View Post
    I agree with MM - Spybot should be uninstalled. If you want something, use SuperAntiSpyware Free.

    Slartybart said: View Post
    Google search winemt.dat turns up a lot of results for Mountain and wine, but I didn't see winemt.dat

    Visit VirusTotal - Free Online Virus, Malware and URL Scanner, upload the file and have them check it.

    If it is a virus, yes remove it
    Then launch Command Prompt (Admin)
    enter the following commnad

    SFC /ScanNow

    that makes sure that system files from the component store are in the right place. It will put the correct file back if it is needed.
    VirusTotal found nothing suspicious
    Click image for larger version. 

Name:	2016_06_22_20_51_571.png 
Views:	6 
Size:	122.4 KB 
ID:	86377
    Here's a picture of the file (The file is in a different place than what Spybot reported. Additionally, I had to "Show hidden files" in order to find this)

    Click image for larger version. 

Name:	2016_06_22_20_47_391.png 
Views:	5 
Size:	44.8 KB 
ID:	86375
    I've scanned it with Avast and Malwarebytes and they found nothing either
    (If it helps, I don't use Norton. I have a hunch that the Norton symbol is there because of the Norton free trial that was pre-installed in my computer when i got it a few years back)

    SuperAntiSpyware only found tracking cookies
    Click image for larger version. 

Name:	2016_06_22_20_54_221.png 
Views:	4 
Size:	60.4 KB 
ID:	86381
    Last edited by jman1505; 22 Jun 2016 at 16:10. Reason: SuperAntiSpyware Pics
      My ComputerSystem Spec

  7.    22 Jun 2016 #7

    jman1505 said: View Post


    VirusTotal found nothing suspicious
    Click image for larger version. 

Name:	2016_06_22_20_51_571.png 
Views:	6 
Size:	122.4 KB 
ID:	86377
    Here's a picture of the file (The file is in a different place than what Spybot reported. Additionally, I had to "Show hidden files" in order to find this)

    Click image for larger version. 

Name:	2016_06_22_20_47_391.png 
Views:	5 
Size:	44.8 KB 
ID:	86375
    I've scanned it with Avast and Malwarebytes and they found nothing either
    (If it helps, I don't use Norton. I have a hunch that the Norton symbol is there because of the Norton free trial that was pre-installed in my computer when i got it a few years back)

    SuperAntiSpyware only found tracking cookies
    Click image for larger version. 

Name:	2016_06_22_20_54_221.png 
Views:	4 
Size:	60.4 KB 
ID:	86381
    Just looking at that screenshot of the file - in a different position than what Spybot says? That's odd. But, the fact that it has a Norton icon would lead me to believe it's possibly a leftover from Norton? It's all of 1 byte.
      My ComputerSystem Spec

  8.    22 Jun 2016 #8

    simrick said: View Post
    Just looking at that screenshot of the file - in a different position than what Spybot says? That's odd. But, the fact that it has a Norton icon would lead me to believe it's possibly a leftover from Norton? It's all of 1 byte.
    Yhea, i dunno what to do. I know that, they type of malware spybot picked up is very nasty, but none of the other programs picked it up, nor can i manually find it either.
    I'm at a loss of what to do
      My ComputerSystem Spec

  9.    22 Jun 2016 #9

    jman1505 said: View Post
    Yhea, i dunno what to do. I know that, they type of malware spybot picked up is very nasty, but none of the other programs picked it up, nor can i manually find it either.
    I'm at a loss of what to do
    Add the extension .old to it - renaming a file's extension makes it unusable. I doubt you'll find any issues. I think it's a leftover from Norton to be honest, and a FP from Spybot.
      My ComputerSystem Spec

  10.    22 Jun 2016 #10

    simrick said: View Post
    Add the extension .old to it - renaming a file's extension makes it unusable. I doubt you'll find any issues. I think it's a leftover from Norton to be honest, and a FP from Spybot.
    k thanks for the help
      My ComputerSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
I'm still using Spybot 1.6.2 - only for TeaTimer, but its a resource hog. I do like it for monitoring the registry and such. Is there a free lightweight tool I can use to replace TeaTimer? Thx!! I currently use for security: Avast free...
Spybot in AntiVirus, Firewalls and System Security
Spybot will shortly be bringing out Spybot 2.5 for win 10, but 2.4 works fine anyway. If, like me, you have some passwords saved, spybot will remove them BUT, there is a solution: - Open Spybot by right clicking on the Spybot icon and choosing...
Spybot in AntiVirus, Firewalls and System Security
I just ran Spybot, but I had not done it for a couple of weeks. It found loads of spyware all labelled within Firefox folders. These must have crept in on a recent update. Very naughty Firefox. I cleaned them out and spybot reminded me I had not...
SpyBot anti-beacon for W10 in Software and Apps
SpyBot Anti-Beacon
Possible Malware that Malwarebytes hasn't picked up? in AntiVirus, Firewalls and System Security
Hey, I recently installed a new SSD and did a clean install of Windows 10 onto it. I've had Windows Defender and Malwarebytes on the machine, and roughly used about 94/232 available GB on my drive. All of a sudden, I get a notification...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 21:49.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums