KD21 Posted December 19, 2013 ID:766419 Share Posted December 19, 2013 Hi I did a scan with MBAM and it detected 8 files as a Trojan.Dorkbot.ED Files Detected: 8C:\Program Files\Synaptics\SynTP\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.C:\SwSetup\Drivers\Touchpad\WinWDF\x64\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.C:\SwSetup\Drivers\Touchpad\WinWDF\x86\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.C:\SwSetup\sp49522\WinWDF\x64\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.C:\SwSetup\sp49522\WinWDF\x86\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.c:\windows\system32\driverstore\filerepository\synpd.inf_amd64_neutral_70364bb2f0f827e0\synzmetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.c:\windows\system32\driverstore\filerepository\synpd.inf_amd64_neutral_703ad70e03ca80ab\synzmetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.c:\windows\system32\driverstore\filerepository\synpd.inf_amd64_neutral_c7be43ec68176fed\synzmetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully. The files are in quarantine right now and I'm not sure if they are bad or not Link to post Share on other sites More sharing options...
KD21 Posted December 19, 2013 Author ID:766423 Share Posted December 19, 2013 Here is the log file Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.12.18.08 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476Chocomuffins :: CHOCOMUFFINS-PC [administrator] 12/18/2013 11:35:42 AMmbam-log-2013-12-18 (11-35-42).txt Scan type: Full scan (C:\|D:\|E:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled: Objects scanned: 508481Time elapsed: 2 hour(s), 36 minute(s), 24 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 8C:\Program Files\Synaptics\SynTP\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.C:\SwSetup\Drivers\Touchpad\WinWDF\x64\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.C:\SwSetup\Drivers\Touchpad\WinWDF\x86\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.C:\SwSetup\sp49522\WinWDF\x64\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.C:\SwSetup\sp49522\WinWDF\x86\SynZMetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.c:\windows\system32\driverstore\filerepository\synpd.inf_amd64_neutral_70364bb2f0f827e0\synzmetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.c:\windows\system32\driverstore\filerepository\synpd.inf_amd64_neutral_703ad70e03ca80ab\synzmetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.c:\windows\system32\driverstore\filerepository\synpd.inf_amd64_neutral_c7be43ec68176fed\synzmetr.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully. (end) Link to post Share on other sites More sharing options...
kevinf80 Posted December 20, 2013 ID:766470 Share Posted December 20, 2013 They appear to be legit files, maybe a good idea to open a thread here: https://forums.malwarebytes.org/index.php?showforum=42 Link to post Share on other sites More sharing options...
KD21 Posted December 20, 2013 Author ID:766490 Share Posted December 20, 2013 So I have re-scanned 5 of the files and they came back with nothing. So they were legit.I just can't restore 3 of the files c:\windows\system32\driverstore\filerepository\synpd.inf_amd64_neutral_70364bb2f0f827e0\synzmetr.exec:\windows\system32\driverstore\filerepository\synpd.inf_amd64_neutral_703ad70e03ca80ab\synzmetr.exec:\windows\system32\driverstore\filerepository\synpd.inf_amd64_neutral_c7be43ec68176fed\synzmetr.exe Should I post about it in another section of the forum? Link to post Share on other sites More sharing options...
kevinf80 Posted December 20, 2013 ID:766492 Share Posted December 20, 2013 Yes is not a malware issue, post to the FP forum... Link to post Share on other sites More sharing options...
KD21 Posted December 20, 2013 Author ID:766494 Share Posted December 20, 2013 Okay Link to post Share on other sites More sharing options...
kevinf80 Posted December 20, 2013 ID:766559 Share Posted December 20, 2013 You`re very welcome.... Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 25, 2013 Root Admin ID:768703 Share Posted December 25, 2013 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts