Solved

Is DifXInstall32.exe a virus or spyware?

Posted on 2008-10-14
5
21,067 Views
Last Modified: 2012-05-05
I think I found a undefined virus or spyware that seemed to try to install on my system (without prompts from UAC) It's name is DifXInstall32.exe I did not find much on it with the exception of this link:

http://spywarefiles.prevx.com/RRIDAI045037065/DIFXINSTALL32.EXE.html

It seems to be unclassified... not sure. I found it trying to install after I downloaded mail with Outlook 2007 along with a few other exe's that I did not catch.

Does anybody have any idea what this is? - And if so, how to remove it since it slipped right past Norton 360, and a cocktail of anti-spyware apps installed on this Vista machine.
0
Comment
Question by:Thaidog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 2

Accepted Solution

by:
WebSvrPro earned 250 total points
ID: 22719970
Yes, I had this on my Laptop. It also slipped past my AV because it had attached itself to another file so it didn't pick it up. I took a look into it and it seems to me Spyware. It will randoms display popup advertising if installed even if you are not connected to the internet.

I had to rebuild my laptop because it pulled down a load of other nasty things with it. My sister who also downloaded but didn't install it just deleted it and its been fine since.

So best option for you would be to delete it!
0
 

Author Comment

by:Thaidog
ID: 22737585
Can you tell me how to locate it so i can delete it?
0
 
LVL 8

Assisted Solution

by:-Mystique-
-Mystique- earned 250 total points
ID: 22739488
http://info.prevx.com/aboutprogramtext.asp?PX5=4cb4161068a8a8a2d56e00c84de30300023a114a
From the above link I googled for more info and found the below page and had google translate it.

http://translate.google.com/translate?hl=en&sl=zh-CN&u=http://file.ikaka.com/Info/FileInfo.aspx%3FFileID%3D2949835%26FileMD5%3DBFC01B2E453A904406694174428087FF&sa=X&oi=translate&resnum=2&ct=result&prev=/search%3Fq%3DDIFx%2BDriver%2BInstaller%2BDIFXINSTALL32.EXE%26hl%3Den%26sa%3DG

Software details
oö DifXInstall32.exe Software name: DifXInstall32.exe

úÁlø GEAR Software, Inc. Production company: GEAR Software, Inc.

§ÁðDIFx Driver Installer Product Name: DIFx Driver Installer

H,÷    1.1.0.1 No. version: 1.1.0.1

‡ö'54632byte File Size: 54632byte


¥öô2008-10-9 0:30:58 Time reported: For-10-9 0:30:58

MD5<   BFC01B2E453A904406694174428087FF MD5 value: BFC01B2E453A904406694174428087FF

From this information I googled for Gear software and found their homepage.

Gear Software is DVD & CD burning software
Gear software's homepage:  
http://www.gearsoftware.com/


I also found Indepth information on DIFx Drivers
Windows Driver Kit: Device Installation
DIFx Driver Package Requirements
http://msdn.microsoft.com/en-us/library/ms790263.aspx

This file may be legitimate.
To try to ferret out other files on your system that may be malware related, I suggest downloading HijackThis and running it and obtaining a log of its findings.  Then you can either use the below freeware or online analyzers or post the log in one of many forums,including here, to get help with analyzing your log.
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis

Freeware hijackthis reader
http://www.hollmen.dk/content/view/69/31/


Online hijack this log analyzers
http://hjt.networktechs.com/
http://www.hijackthis.de/
http://www.prevx.com/hijackthis.asp
http://www.help2go.com/component/detective/
http://www.2-spyware.com/hjt.php



0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show you HOW TO: Install VMware Tools for Windows on a VMware Windows virtual machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, using the VMware Host Client. The virtual machine has Windows Server 2016 instal…
Learn how to PXE Boot both BIOS & UEFI machines with DHCP Policies and Custom Vendor Classes
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question