This morning, MEE quarantined 100 threats from different clients related to the Fujitsu Scan Snap program, labeling them as "Spyware.Zbot.VXGen". It's the same four .exe's on each client. I restored the four .exe's on one client and ran a scan, attached is the zip file. Nothing new was installed recently, the only difference is the new definitions. ------------------------------------------ Malwarebytes Anti-Malware (MEE) 1.75.0.1300www.malwarebytes.org Database version: v2014.10.20.04 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 8.0.7601.17514Desksupport :: UCT258652PARK [administrator] Protection: Enabled 10/20/2014 10:35:37 AMMBAM-log-2014-10-20 (14-30-11).txt Scan type: Full scan (C:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled: Objects scanned: 943563Time elapsed: 41 minute(s), 50 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 4C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLaunDone.exe (Spyware.Zbot.VXGen) -> No action taken. [9064c4525725b581c200c1fc6b96a35d]C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardRegClear.exe (Spyware.Zbot.VXGen) -> No action taken. [6d871df94e2e0b2bdbe7beff639e9c64]C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardRegRunOff.exe (Spyware.Zbot.VXGen) -> No action taken. [5f955cba43397fb70cb6615c33ce11ef]C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardRegRunOn.exe (Spyware.Zbot.VXGen) -> No action taken. [b63e0214e795d4623191605d8c7557a9] (end) CardLaunDone.zip