Convivea Home  -  Downloads  -  Donate!  -  IRC Chat!

*
*
Home
Help
Search
Login
Register
Welcome, Guest. Please login or register.
Did you miss your activation email?
April 23, 2014, 04:11:36 am

Login with username, password and session length
Happy Holidays! Smiley
Search:     Advanced search
19675 Posts in 1934 Topics by 29653 Members Latest Member: - LoPeZ Most online today: 44 - most online ever: 406 (February 03, 2008, 07:41:03 am)
Pages: 1 ... 7 8 9 [10] 11 12 13 ... 16   Go Down
Print
Author Topic: [Old] - Bit Che 2.0 Release Candidate 4 - Build 35  (Read 82904 times)
0 Members and 1 Guest are viewing this topic.
ID101
Devoted Beta Tester
Newbie Member
*

Karma: +3/-0
Offline Offline

Posts: 41



View Profile
« Reply #135 on: April 13, 2012, 09:06:07 pm »

FC@ scrape magnet link form TPB
Logged
chip!
Bad Ass
Administrator
Unstoppable
*****

Karma: +619/-4
Offline Offline

Gender: Male
Posts: 2103



View Profile
« Reply #136 on: April 14, 2012, 05:22:33 pm »

modi84

can you try the attached .exe?  note:  this will not create the error.txt

i am still working on this, but i am curios if the changes I have made thus far have fixed the problem or not Smiley


thanks
chip
« Last Edit: April 15, 2012, 02:12:09 pm by chip! » Logged

  -  http://bitche.es  -   And...  boom goes the dynamite.
modi84
Newbie Member
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 15



View Profile
« Reply #137 on: April 14, 2012, 08:42:27 pm »

still crashes  Smiley
Logged
chip!
Bad Ass
Administrator
Unstoppable
*****

Karma: +619/-4
Offline Offline

Gender: Male
Posts: 2103



View Profile
« Reply #138 on: April 15, 2012, 03:33:39 am »

modi84,

can you go to this folder, and then .rar up all the folders that have bit che in the name?  how many do you have?

%localappdata%\Microsoft\Windows\WER\ReportArchive

type this in either Start | Run or hit  "Windows Key + R"
Logged

  -  http://bitche.es  -   And...  boom goes the dynamite.
chip!
Bad Ass
Administrator
Unstoppable
*****

Karma: +619/-4
Offline Offline

Gender: Male
Posts: 2103



View Profile
« Reply #139 on: April 15, 2012, 04:17:44 am »

modi84,

here are 3 more test builds.. if one of these doesnt crash, then we are making progress Smiley

« Last Edit: April 15, 2012, 01:17:26 pm by chip! » Logged

  -  http://bitche.es  -   And...  boom goes the dynamite.
modi84
Newbie Member
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 15



View Profile
« Reply #140 on: April 15, 2012, 05:22:58 am »

all crashes  Undecided

about "ReportArchive" there are 450+ folders !!
it's too much for you to handle it  Lips Sealed

* ReportArchive.rar (1036.42 KB - downloaded 123 times.)
Logged
chip!
Bad Ass
Administrator
Unstoppable
*****

Karma: +619/-4
Offline Offline

Gender: Male
Posts: 2103



View Profile
« Reply #141 on: April 15, 2012, 01:53:06 pm »

well something interesting in your logs.. more than half of the crashes are related to some file: "ShellIcon32.dll" which is not a Microsoft file, and does not exist on my system. Google searching for that file looks like a number of people are reporting it as a Trojan. My guess is that you are infected with something like this: http://home.mcafee.com/virusinfo/virusprofile.aspx?key=856739

Can you check these locations for "ShellIcon32.dll":

C:\windows\
C:\windows\system32\


If it exists, upload it to www.virustotal.com

Also, put it in an .rar and upload it to me too.


NEXT, I'm going to recommend you do a ComboFix scan on your PC.

Download here: http://www.bleepingcomputer.com/download/anti-virus/combofix

Usage guide: http://www.bleepingcomputer.com/combofix/

When that completes, send me: C:\ComboFix.txt

Thanks
Chip
« Last Edit: April 15, 2012, 02:17:09 pm by chip! » Logged

  -  http://bitche.es  -   And...  boom goes the dynamite.
modi84
Newbie Member
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 15



View Profile
« Reply #142 on: April 15, 2012, 07:30:33 pm »

do u want me to delete ShellIcon32 from my computer ?

* 2.rar (43 KB - downloaded 137 times.)
« Last Edit: April 15, 2012, 07:52:26 pm by modi84 » Logged
chip!
Bad Ass
Administrator
Unstoppable
*****

Karma: +619/-4
Offline Offline

Gender: Male
Posts: 2103



View Profile
« Reply #143 on: April 16, 2012, 12:32:27 am »

modi84,
you are definitely infected with a spy trojan, which very closely resembles that one I posted from the mcafee database (above):

2012-04-16 09:01 . 2012-02-20 18:26   47104   ----a-w-   c:\windows\system32\ShellIcon32.dll
2012-03-16 04:40 . 2012-02-20 18:26   261632   ----a-w-   c:\windows\system32\ShellIcon64.dll
2012-03-15 23:48 . 2012-02-20 18:26   261632   ----a-w-   c:\windows\system32\ShellIcon64.dll_[20120316].bak
2012-03-14 06:50 . 2012-02-20 18:26   261632   ----a-w-   c:\windows\system32\ShellIcon64.dll_[20120315].bak
2012-03-12 23:26 . 2012-02-20 18:26   261632   ----a-w-   c:\windows\system32\ShellIcon64.dll_[20120314].bak
2012-03-12 22:02 . 2012-02-20 18:26   261632   ----a-w-   c:\windows\system32\ShellIcon64.dll_[20120313].bak
2012-02-20 18:26 . 2012-02-20 18:26   261632   ----a-w-   c:\windows\system32\ShellIcon64.dll_[20120312].bak

there could be other files, which the mcafee site has shown, but from that log, you were infected back in February 20, 2012.

REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShellIcon1.01]
@="{C5994580-53D9-4125-87C9-F193FC689CC0}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShellIcon1.02]
@="{C5994580-53D9-4125-87C9-F193FC689CC0}"
[HKEY_CLASSES_ROOT\CLSID\{C5994580-53D9-4125-87C9-F193FC689CC0}]
2012-04-16 09:01   47104   ----a-w-   c:\windows\System32\ShellIcon32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShellIcon1.01]
@="{C5994580-53D9-4125-87C9-F193FC689CC0}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShellIcon1.02]
@="{C5994580-53D9-4125-87C9-F193FC689CC0}"
[HKEY_CLASSES_ROOT\CLSID\{C5994580-53D9-4125-87C9-F193FC689CC0}]
2012-04-16 09:01   47104   ----a-w-   c:\windows\System32\ShellIcon32.dll


the .rar file you posted says the ShellIcon32.dll is corrupt, so I'm not sure if you were able to submit to virustotal.com? 

1. first boot back into Safe Mode
2. Move *all* of those files above into a new folder c:\infected
3. .rar them with a password AND encrypt the file names
4. use regedit to remove those Registry entries above
5. update MBAM and scan your computer
6. Reboot back into regular mode, send me the password protected .rar file.
7. I would try using the trial version of McAfee to scan your computer (I would never normally recommend McAfee, but unless we can confirm from virustotal that other antivirus products are detecting your trojan, then I must suggest using the one which we know detects it.  I would also recommend using Microsoft Security Essentials to scan.)

note:  if you are not familiar with any of these steps, then I will have to suggest you consult with a computer technician to help you clean your computer.

the only good news here is that for the past week I have been trying to fix a bug in Bit Che that does not exist Smiley  So, when you clean your computer, Bit Che will work with no problems! Smiley
Logged

  -  http://bitche.es  -   And...  boom goes the dynamite.
TheHalf™
The"better"Half™
Administrator
Hero Member
*****

Karma: +165/-0
Offline Offline

Posts: 715


Road Runner H.S.I. 30Mbps/5Mbps


View Profile WWW
« Reply #144 on: April 16, 2012, 12:44:08 am »

True chip, other than paying for a com. tech. I would suggest the factory restore disk which can be run in Safe Mode; correct me if I'am wrong.

TheHalf™
Logged

modi84
Newbie Member
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 15



View Profile
« Reply #145 on: April 16, 2012, 05:23:26 am »

finally Bit Che works like a boss .. all versions works  Grin

my bro read ur post and he do all the things .. he said everything is ok now

* infected.rar (494.61 KB - downloaded 168 times.)
Logged
biatche
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 2



View Profile
« Reply #146 on: April 28, 2012, 11:27:55 am »

what does it mean when i double click bitche.exe (2.0b18) nothing happens at all?

it was working before i formatted and now with a clean and up to date system clicking on it doesnt do anything.
Logged
chip!
Bad Ass
Administrator
Unstoppable
*****

Karma: +619/-4
Offline Offline

Gender: Male
Posts: 2103



View Profile
« Reply #147 on: May 01, 2012, 06:37:41 am »

what does it mean when i double click bitche.exe (2.0b18) nothing happens at all?

it was working before i formatted and now with a clean and up to date system clicking on it doesnt do anything.

Hmm.. try installing Bit Che 1.0 build 60 first... not sure if your system needs additional files.
Logged

  -  http://bitche.es  -   And...  boom goes the dynamite.
biatche
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 2



View Profile
« Reply #148 on: May 01, 2012, 10:45:00 am »

worked after installing bit che first... care to explain what happened? what was i lacking? I had %appdata%\... from a backup

registries?
Logged
nissensp
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 3



View Profile
« Reply #149 on: May 05, 2012, 06:09:09 pm »

According to AVG Antivirus 2012 the file zlibwapi.dll is a treath: Trojan Horse BackDoor.Hipigon.3.AE

Patrick
Logged
Pages: 1 ... 7 8 9 [10] 11 12 13 ... 16   Go Up
Print
Convivea Forums  |  Bit Che  |  Bugs & Feature Requests  |  Topic: [Old] - Bit Che 2.0 Release Candidate 4 - Build 35
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.059 seconds with 18 queries.