Something's wrong, please help

Discussion in 'Malware Help (A Specialist Will Reply)' started by roberto07, Apr 14, 2007.

  1. roberto07

    roberto07 Private E-2

    Hey, I know you can help me out with this. A couple of days ago my pc started to freeze whenever I use my TV tuner/capture device, or open my webcam. I can move my mouse and the image (tv/webcam) shows normally but nothing responds. Plus, i have noticed an IEXPLORE.EXE process running constantly in the background though i'm not using that browser (I mostly use FireFox) and it would immediately restart itself when i try to finish it. I knew by Spybot S&D that it was the real IE process, not something else running by its name, and that it was related to an unknown BHO. So, got BHODemon and it told me that the file the BHO refers to was missing: {4FE69883-DD8E-4CEB-AD2O-A5B5764A3286} (~DP17F.DLL)

    So, i disabled the BHO from within IE, deleted all registry related to it, but the process refuses to close.
    Have done everything in the READ & RUN ME FIRST. Spybot found/fixed a couple trojans, CounterSpy found nothing, BitDefender found something it couldn't fix and Panda fixed one virus but asked for money to fix the other five Spyware it found (hmm...). By the the way, the infected files Spybot and Panda said to have fixed are still there, should I delete them mannualy?
    Well, here are the logs, hope you can take a look at them.
    I´m very much thankfull in advance.
    Miguel
     

    Attached Files:

    roberto07, Apr 14, 2007
    #1
  2. roberto07

    roberto07 Private E-2

    It can't upload the "newfiles.txt" file, don't know why. I'll try zipping it.
     

    Attached Files:

    roberto07, Apr 15, 2007
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Your problems did not sound like malware. And after look at the logs that you posted, I pretty sure that what you are describing is not related to malware. You may want to post in either the Software or Hardware forum to check for a software or hardware conflict of some type. However you do need to delete the below files and avoid dowloading keygens and cracks which are quite often infected (like yours is):

    E:\Instaladores\DivX.Create.Bundle.v6.4.0.Final.Incl.Keygen-DVT.rar
    C:\WINDOWS\system32\windword.exe

    Then you should also uninstall CounterSpy since you do not need it anymore.

    And just to be on the safe side, let's run a rootkit scan!

    Now please download F-Secure's BlacklightBeta
    • Download fsbl.exe and save it to the Desktop.
    • Once saved... double click fsbl.exe to install the program.
    • Click accept agreement and Click scan
    • This application may trigger a warning from your antivirus. Let the driver load. Wait for it to finish.
    • If it displays any items...don't do anything with them yet. Just hit exit (close)
    • It will drop a log on Desktop that starts with fsbl....big number
    Please attach the BlackLight log.
     
    chaslang, Apr 15, 2007
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds