Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Re:c: windows\system32\pctspk.EXE is infect,


  • This topic is locked This topic is locked
13 replies to this topic

#1 maxson

maxson

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 02 September 2010 - 07:07 PM

this is the log from your previous recommendation from the post above in the topic title if you can take a look at this mole would be much appreciated.

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:45 PM

Posted 02 September 2010 - 07:46 PM

This shows an infected file for your modem.

Please reinstall the modem's software and then rerun Combofix.
Posted Image
m0le is a proud member of UNITE

#3 maxson

maxson
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 03 September 2010 - 09:43 PM

i didn't use any software to install this modem I got it through my phone company plugged it in and then everything worked i do see a driver in the properties when I did device manager check all the other drivers in there which was 6 the pctspk driver was the only one unknown or not signed digitally so what do you suggest I do I guess I am not sure how to reinstall the modem soft ware I never used any that I can remember

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:45 PM

Posted 04 September 2010 - 04:35 AM

Delete the pctspk driver in Device Manager and reboot the PC. The system will reinstall the driver on reboot.

Rerun Combofix after the booting is completed.
Posted Image
m0le is a proud member of UNITE

#5 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:45 PM

Posted 07 September 2010 - 08:38 AM

Hi,

I have not had a reply from you for 3 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open. The time taken between posts can also change the situation with your PC making it more difficult to help you.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#6 maxson

maxson
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 08 September 2010 - 09:15 AM

just got back from holiday weekend I will delete this driver and rerun combo fix will post today thanks mole

#7 maxson

maxson
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 10 September 2010 - 10:15 AM

this is what I get after uninstalling the modem in device manager and then reinstalling it I then ran the comfix this is the log.

Attached Files



#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:45 PM

Posted 10 September 2010 - 04:45 PM

Let's see if there's a backup copy on the machine.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    CODE
    :filefind
    pctspk.exe

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
Posted Image
m0le is a proud member of UNITE

#9 maxson

maxson
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 11 September 2010 - 09:53 AM

here is the system look log as directed.

Attached Files



#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:45 PM

Posted 11 September 2010 - 10:01 AM

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the box below into it:

QUOTE
FCopy::
C:\WINDOWS\PCTEL\pctspk.exe | C:\WINDOWS\system32\pctspk.exe


Save this as CFScript.txt, in the same location as Comfix.exe (called ComboFix.exe in the below graphic)




Refering to the picture above, drag CFScript into ComboFix.exe

If the program requests for you to update Combofix then click Yes.

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
Posted Image
m0le is a proud member of UNITE

#11 maxson

maxson
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 13 September 2010 - 03:13 AM

I did what you instructed and I hope this is the log of that when comfix finished it said log would be in C:temp file but was not there but I found this log in the my documents folder so I don't know let me know if this is it or I don't know where it went?

Attached Files



#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:45 PM

Posted 13 September 2010 - 04:24 PM

That's it, and that's been dealt with thumbup2.gif


Please run the ESET online scanner
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Leave the top box checked and then check
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
  11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the button.
  13. Push
NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
Posted Image
m0le is a proud member of UNITE

#13 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:45 PM

Posted 15 September 2010 - 07:45 PM

You still here, maxson?
Posted Image
m0le is a proud member of UNITE

#14 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:45 PM

Posted 16 September 2010 - 07:38 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. smile.gif

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users