Results 1 to 4 of 4

Thread: Weird Problem

  1. 2006-07-02, 15:38 #1
    Hidden
    Hidden is offline
    Junior Member
    Join Date
    Jul 2006
    Posts
    3

    Default Weird Problem

    Last night, my computer appeared to contract something that made the spyboy resident alarm go off. I ran spybot search and destroy and it found one item, and easily fixed it.

    No weird processes were running, computer wasn't slow or lagged, everything seemed to be fine. However, the resident alarm continually keeps going off.

    I did a search for any .exe's created yesterday and found this weird file in my My Documents folder. Had to go into safe mode to delete it, but it is gone now.

    Booted up again and the resident alarm still goes off.

    It has found two registry changes. Both considered Browder Helper Objects. Registries are:

    5CA3D70E-1895-11CF-8E15-001234567890

    4D25F921-B9FE-4682-BF72-8AB8210D6D75

    The "Deny changes" object also is not highlighted, so I can't continually block this threat. I also ran hijack this, and it found no errors.

    Any idea what this problem is? Thanks
    Reply With Quote Reply With Quote
  2. 2006-07-02, 15:59 #2
    Hidden
    Hidden is offline
    Junior Member
    Join Date
    Jul 2006
    Posts
    3

    Default

    Just ran pandascan....apparently it is coming up with some spyware and two viruses.

    It deleted the viruses but the spyware/dialers are still there.
    Reply With Quote Reply With Quote
  3. 2006-07-02, 16:14 #3
    md usa spybot fan
    md usa spybot fan is offline
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    Quote Originally Posted by Hidden
    The "Deny changes" object also is not highlighted, so I can't continually block this threat. I also ran hijack this, and it found no errors.

    Any idea what this problem is?
    If the TeaTimer pup-up dialog was for the deletion of those BHOs then the "Deny change" would be grayed out and not be an option.

    Go into Spybot > Mode > Advanced Mode > Tools > Resident. If the log shows "deleted in Browser Helper Object!" for those CLSIDs than the objects were being deleted.

    Note: From CastleCops CLSID BHO List those BHOs are:
    • Object Name: DriveLetterAccess
      GUID: {5CA3D70E-1895-11CF-8E15-001234567890}
      Status: Legitimate
      Filename: tfswshx.dll, dlashx_w.dll
      Description: "Direct Media Access" module belonging to Sonic or Hewlett-Packard/Veritas DLA (Disk Letter Assignment ) packet writing software
    • Object Name: (no name)
      GUID: {4D25F921-B9FE-4682-BF72-8AB8210D6D75}
      Status: Open to debate
      Filename: deSrcAs.dll
      Description: MyWebSearch/MySearch - now owned by Ask Jeeves Inc - see note

    Getting an answer is one thing, learning is another.

    Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
    Reply With Quote Reply With Quote
  4. 2006-07-02, 16:45 #4
    Hidden
    Hidden is offline
    Junior Member
    Join Date
    Jul 2006
    Posts
    3

    Default

    Ah yes, it does show the "deleted in browser helper object!"

    Another problem...I tried running Pandascan a few more times. Either the scanner is really fast and it takes 5-10 seconds to scan the entire C drive, or something is wrong. It either does that, or closes internet explorer entirely.

    Hijackthis still finds no errors...spybot finds no errors...and adaware finds no errors.

    Any recommendations?
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules