Re:c: windows\system32\pctspk.EXE is infect,

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Forum Guidelines

Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

Posted Image

Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.

Posted Image

DO NOT RUN ComboFix unless requested to.

Posted Image

Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.

Posted Image

When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.

Posted Image

Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

Page 1 of 1

You cannot start a new topic
This topic is locked

Re:c: windows\system32\pctspk.EXE is infect,

#1 maxson

Member

Group: Members
Posts: 69
Joined: 25-May 10

Posted 02 September 2010 - 07:07 PM

this is the log from your previous recommendation from the post above in the topic title if you can take a look at this mole would be much appreciated.

Attached File(s)

ComboFix.txt (26.66K)
Number of downloads: 8

#2 m0le

I know the drill!

Group: Malware Response Instructor
Posts: 27,041
Joined: 24-July 08
Gender:Male
Location:London, UK

Posted 02 September 2010 - 07:46 PM

This shows an infected file for your modem.

Please reinstall the modem's software and then rerun Combofix.

If I have helped you fix your PC then please donate to the anti-malware cause. Thanks

Posted Image

m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#3 maxson

Member

Group: Members
Posts: 69
Joined: 25-May 10

Posted 03 September 2010 - 09:43 PM

i didn't use any software to install this modem I got it through my phone company plugged it in and then everything worked i do see a driver in the properties when I did device manager check all the other drivers in there which was 6 the pctspk driver was the only one unknown or not signed digitally so what do you suggest I do I guess I am not sure how to reinstall the modem soft ware I never used any that I can remember

#4 m0le

I know the drill!

Group: Malware Response Instructor
Posts: 27,041
Joined: 24-July 08
Gender:Male
Location:London, UK

Posted 04 September 2010 - 04:35 AM

Delete the pctspk driver in Device Manager and reboot the PC. The system will reinstall the driver on reboot.

Rerun Combofix after the booting is completed.

If I have helped you fix your PC then please donate to the anti-malware cause. Thanks

Posted Image

m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#5 m0le

I know the drill!

Group: Malware Response Instructor
Posts: 27,041
Joined: 24-July 08
Gender:Male
Location:London, UK

Posted 07 September 2010 - 08:38 AM

Hi,

I have not had a reply from you for 3 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open. The time taken between posts can also change the situation with your PC making it more difficult to help you.

If you like you can PM me.

Thanks,

m0le

If I have helped you fix your PC then please donate to the anti-malware cause. Thanks

Posted Image

m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#6 maxson

Member

Group: Members
Posts: 69
Joined: 25-May 10

Posted 08 September 2010 - 09:15 AM

just got back from holiday weekend I will delete this driver and rerun combo fix will post today thanks mole

#7 maxson

Member

Group: Members
Posts: 69
Joined: 25-May 10

Posted 10 September 2010 - 10:15 AM

this is what I get after uninstalling the modem in device manager and then reinstalling it I then ran the comfix this is the log.

Attached File(s)

ComboFix.txt (34.58K)
Number of downloads: 5

#8 m0le

I know the drill!

Group: Malware Response Instructor
Posts: 27,041
Joined: 24-July 08
Gender:Male
Location:London, UK

Posted 10 September 2010 - 04:45 PM

Let's see if there's a backup copy on the machine.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

Double-click SystemLook.exe to run it.
Copy the content of the following codebox into the main textfield:
CODE
:filefind
pctspk.exe
Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

If I have helped you fix your PC then please donate to the anti-malware cause. Thanks

Posted Image

m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#9 maxson

Member

Group: Members
Posts: 69
Joined: 25-May 10

Posted 11 September 2010 - 09:53 AM

here is the system look log as directed.

Attached File(s)

SystemLook.txt (878bytes)
Number of downloads: 2

#10 m0le

I know the drill!

Group: Malware Response Instructor
Posts: 27,041
Joined: 24-July 08
Gender:Male
Location:London, UK

Posted 11 September 2010 - 10:01 AM

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the box below into it:

QUOTE

FCopy::
C:\WINDOWS\PCTEL\pctspk.exe | C:\WINDOWS\system32\pctspk.exe

Save this as CFScript.txt, in the same location as Comfix.exe (called ComboFix.exe in the below graphic)

Refering to the picture above, drag CFScript into ComboFix.exe

If the program requests for you to update Combofix then click Yes.

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

If I have helped you fix your PC then please donate to the anti-malware cause. Thanks

Posted Image

m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#11 maxson

Member

Group: Members
Posts: 69
Joined: 25-May 10

Posted 13 September 2010 - 03:13 AM

I did what you instructed and I hope this is the log of that when comfix finished it said log would be in C:temp file but was not there but I found this log in the my documents folder so I don't know let me know if this is it or I don't know where it went?

Attached File(s)

ComboFix.txt (61.32K)
Number of downloads: 2

#12 m0le

I know the drill!

Group: Malware Response Instructor
Posts: 27,041
Joined: 24-July 08
Gender:Male
Location:London, UK

Posted 13 September 2010 - 04:24 PM

That's it, and that's been dealt with

Please run the ESET online scanner

Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
1. Click on to download the ESET Smart Installer. Save it to your desktop.
2. Double click on the icon on your desktop.
Check
Click the button.
Accept any security warnings from your browser.
Leave the top box checked and then check
Push the Start button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push
Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Push the button.
Push

NOTE: If no malware is found then no log will be produced. Let me know if this is the case.

If I have helped you fix your PC then please donate to the anti-malware cause. Thanks

Posted Image

m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#13 m0le

I know the drill!

Group: Malware Response Instructor
Posts: 27,041
Joined: 24-July 08
Gender:Male
Location:London, UK

Posted 15 September 2010 - 07:45 PM

You still here, maxson?

If I have helped you fix your PC then please donate to the anti-malware cause. Thanks

Posted Image

m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#14 m0le

I know the drill!

Group: Malware Response Instructor
Posts: 27,041
Joined: 24-July 08
Gender:Male
Location:London, UK

Posted 16 September 2010 - 07:38 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.

If I have helped you fix your PC then please donate to the anti-malware cause. Thanks

Posted Image

m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)