Page 1 of 2 12 LastLast
  1.    22 Jun 2016 #1
    Join Date : Jun 2016
    Posts : 19
    Win 10

    Spybot picked up Malware in System32


    Click image for larger version. 

Name:	2016_06_22_17_14_571.png 
Views:	6 
Size:	11.5 KB 
ID:	86338
    This si what was picked-up from spybot. I'm hesitant to fix the selected items since is in system32.
    Should i go ahead with the clean up?
      My ComputerSystem Spec
  2.    22 Jun 2016 #2
    Join Date : Aug 2015
    Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)

    Hi:

    Is this the same computer?
    Solved Strange Registry Key- Possible spyware - Windows 10 Forums

    If so, it's probably advisable to stick with support in one thread in one place at a time.
    Malware removal can be tricky, picky and sticky.
    And it can be -- at best -- confusing or -- at worst -- dangerous to work simultaneously in multiple places.
    A step advised by one helper may be unknown to another helper and that can lead to problems.
    So, it might be a good idea to resume that existing thread.
    And no two computer disinfection tools/scanners will pick up the same, exact things.

    Having said all, that Spybot S&D is not one of the more highly-regarded anti-malware scanners these days.
    And, without a scan log or more data, it would be hard to say if this detection might or might not be a false positive.

    Just my thoughts,
    MM
      My ComputerSystem Spec
  3.    22 Jun 2016 #3
    Join Date : Apr 2015
    Posts : 13,001
    W10Prox64

    Quote Originally Posted by jman1505 View Post
    Click image for larger version. 

Name:	2016_06_22_17_14_571.png 
Views:	6 
Size:	11.5 KB 
ID:	86338
    This si what was picked-up from spybot. I'm hesitant to fix the selected items since is in system32.
    Should i go ahead with the clean up?
    Quote Originally Posted by MoxieMomma View Post
    Hi:

    Is this the same computer?
    Solved Strange Registry Key- Possible spyware - Windows 10 Forums

    If so, it's probably advisable to stick with support in one thread in one place at a time.
    Malware removal can be tricky, picky and sticky.
    And it can be -- at best -- confusing or -- at worst -- dangerous to work simultaneously in multiple places.
    A step advised by one helper may be unknown to another helper and that can lead to problems.
    So, it might be a good idea to resume that existing thread.
    And no two computer disinfection tools/scanners will pick up the same, exact things.

    Having said all, that Spybot S&D is not one of the more highly-regarded anti-malware scanners these days.
    And, without a scan log or more data, it would be hard to say if this detection might or might not be a false positive.

    Just my thoughts,
    MM
    You've already done a full scan with Malwarebytes, TDSSKiller, ADWCleaner and Avast - nothing found. Did you do the ESET Online Scanner as well? (you never mentioned that.) I see ESET found 1 thing, which you deleted.

    I agree with MM - Spybot should be uninstalled. If you want something, use SuperAntiSpyware Free.
      My ComputerSystem Spec
  4.    22 Jun 2016 #4
    Join Date : Oct 2013
    Penns Forrest
    Posts : 3,506
    Win_8.1-Pro, Win_10.1607-Pro, Mint_17.3

    Quote Originally Posted by jman1505 View Post
    Click image for larger version. 

Name:	2016_06_22_17_14_571.png 
Views:	6 
Size:	11.5 KB 
ID:	86338
    This si what was picked-up from spybot. I'm hesitant to fix the selected items since is in system32.
    Should i go ahead with the clean up?
    Google search winemt.dat turns up a lot of results for Mountain and wine, but I didn't see winemt.dat

    Visit VirusTotal - Free Online Virus, Malware and URL Scanner, upload the file and have them check it.

    If it is a virus, yes remove it
    Then launch Command Prompt (Admin)
    enter the following commnad

    SFC /ScanNow

    that makes sure that system files from the component store are in the right place. It will put the correct file back if it is needed.
      My ComputerSystem Spec
  5.    22 Jun 2016 #5
    Join Date : Jun 2016
    Posts : 19
    Win 10
    Thread Starter

    Quote Originally Posted by MoxieMomma View Post
    Hi:

    Is this the same computer?
    Solved Strange Registry Key- Possible spyware - Windows 10 Forums

    If so, it's probably advisable to stick with support in one thread in one place at a time.
    Malware removal can be tricky, picky and sticky.
    And it can be -- at best -- confusing or -- at worst -- dangerous to work simultaneously in multiple places.
    A step advised by one helper may be unknown to another helper and that can lead to problems.
    So, it might be a good idea to resume that existing thread.
    And no two computer disinfection tools/scanners will pick up the same, exact things.

    Having said all, that Spybot S&D is not one of the more highly-regarded anti-malware scanners these days.
    And, without a scan log or more data, it would be hard to say if this detection might or might not be a false positive.

    Just my thoughts,
    MM
    Sorry about that, i'm used to using new threads for new issues so that it helps others when searching for similar problems
    Last edited by jman1505; 22 Jun 2016 at 15:58. Reason: Grammer
      My ComputerSystem Spec
  6.    22 Jun 2016 #6
    Join Date : Jun 2016
    Posts : 19
    Win 10
    Thread Starter

    Quote Originally Posted by simrick View Post
    You've already done a full scan with Malwarebytes, TDSSKiller, ADWCleaner and Avast - nothing found. Did you do the ESET Online Scanner as well? (you never mentioned that.) I see ESET found 1 thing, which you deleted.
    Quote Originally Posted by simrick View Post
    I agree with MM - Spybot should be uninstalled. If you want something, use SuperAntiSpyware Free.

    Quote Originally Posted by Slartybart View Post
    Google search winemt.dat turns up a lot of results for Mountain and wine, but I didn't see winemt.dat

    Visit VirusTotal - Free Online Virus, Malware and URL Scanner, upload the file and have them check it.

    If it is a virus, yes remove it
    Then launch Command Prompt (Admin)
    enter the following commnad

    SFC /ScanNow

    that makes sure that system files from the component store are in the right place. It will put the correct file back if it is needed.
    VirusTotal found nothing suspicious
    Click image for larger version. 

Name:	2016_06_22_20_51_571.png 
Views:	6 
Size:	122.4 KB 
ID:	86377
    Here's a picture of the file (The file is in a different place than what Spybot reported. Additionally, I had to "Show hidden files" in order to find this)

    Click image for larger version. 

Name:	2016_06_22_20_47_391.png 
Views:	5 
Size:	44.8 KB 
ID:	86375
    I've scanned it with Avast and Malwarebytes and they found nothing either
    (If it helps, I don't use Norton. I have a hunch that the Norton symbol is there because of the Norton free trial that was pre-installed in my computer when i got it a few years back)

    SuperAntiSpyware only found tracking cookies
    Click image for larger version. 

Name:	2016_06_22_20_54_221.png 
Views:	4 
Size:	60.4 KB 
ID:	86381
    Last edited by jman1505; 22 Jun 2016 at 16:10. Reason: SuperAntiSpyware Pics
      My ComputerSystem Spec
  7.    22 Jun 2016 #7
    Join Date : Apr 2015
    Posts : 13,001
    W10Prox64

    Quote Originally Posted by jman1505 View Post


    VirusTotal found nothing suspicious
    Click image for larger version. 

Name:	2016_06_22_20_51_571.png 
Views:	6 
Size:	122.4 KB 
ID:	86377
    Here's a picture of the file (The file is in a different place than what Spybot reported. Additionally, I had to "Show hidden files" in order to find this)

    Click image for larger version. 

Name:	2016_06_22_20_47_391.png 
Views:	5 
Size:	44.8 KB 
ID:	86375
    I've scanned it with Avast and Malwarebytes and they found nothing either
    (If it helps, I don't use Norton. I have a hunch that the Norton symbol is there because of the Norton free trial that was pre-installed in my computer when i got it a few years back)

    SuperAntiSpyware only found tracking cookies
    Click image for larger version. 

Name:	2016_06_22_20_54_221.png 
Views:	4 
Size:	60.4 KB 
ID:	86381
    Just looking at that screenshot of the file - in a different position than what Spybot says? That's odd. But, the fact that it has a Norton icon would lead me to believe it's possibly a leftover from Norton? It's all of 1 byte.
      My ComputerSystem Spec
  8.    22 Jun 2016 #8
    Join Date : Jun 2016
    Posts : 19
    Win 10
    Thread Starter

    Quote Originally Posted by simrick View Post
    Just looking at that screenshot of the file - in a different position than what Spybot says? That's odd. But, the fact that it has a Norton icon would lead me to believe it's possibly a leftover from Norton? It's all of 1 byte.
    Yhea, i dunno what to do. I know that, they type of malware spybot picked up is very nasty, but none of the other programs picked it up, nor can i manually find it either.
    I'm at a loss of what to do
      My ComputerSystem Spec
  9.    22 Jun 2016 #9
    Join Date : Apr 2015
    Posts : 13,001
    W10Prox64

    Quote Originally Posted by jman1505 View Post
    Yhea, i dunno what to do. I know that, they type of malware spybot picked up is very nasty, but none of the other programs picked it up, nor can i manually find it either.
    I'm at a loss of what to do
    Add the extension .old to it - renaming a file's extension makes it unusable. I doubt you'll find any issues. I think it's a leftover from Norton to be honest, and a FP from Spybot.
      My ComputerSystem Spec
  10.    22 Jun 2016 #10
    Join Date : Jun 2016
    Posts : 19
    Win 10
    Thread Starter

    Quote Originally Posted by simrick View Post
    Add the extension .old to it - renaming a file's extension makes it unusable. I doubt you'll find any issues. I think it's a leftover from Norton to be honest, and a FP from Spybot.
    k thanks for the help
      My ComputerSystem Spec

 
Page 1 of 2 12 LastLast


Similar Threads
Thread Forum
Is there a tool like Spybot's TeaTimer to monitor registry and such?
I'm still using Spybot 1.6.2 - only for TeaTimer, but its a resource hog. I do like it for monitoring the registry and such. Is there a free lightweight tool I can use to replace TeaTimer? Thx!! I currently use for security: Avast free...
AntiVirus, Firewalls and System Security
Spybot
Spybot will shortly be bringing out Spybot 2.5 for win 10, but 2.4 works fine anyway. If, like me, you have some passwords saved, spybot will remove them BUT, there is a solution: - Open Spybot by right clicking on the Spybot icon and choosing...
AntiVirus, Firewalls and System Security
Spybot
I just ran Spybot, but I had not done it for a couple of weeks. It found loads of spyware all labelled within Firefox folders. These must have crept in on a recent update. Very naughty Firefox. I cleaned them out and spybot reminded me I had not...
AntiVirus, Firewalls and System Security
SpyBot anti-beacon for W10
SpyBot Anti-Beacon
Software and Apps
Possible Malware that Malwarebytes hasn't picked up?
Hey, I recently installed a new SSD and did a clean install of Windows 10 onto it. I've had Windows Defender and Malwarebytes on the machine, and roughly used about 94/232 available GB on my drive. All of a sudden, I get a notification...
AntiVirus, Firewalls and System Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 10:03.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums