Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Media Player Wont work


  • This topic is locked This topic is locked
14 replies to this topic

#1 SkipDiver

SkipDiver

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:11:01 AM

Posted 29 November 2008 - 04:29 PM

My windows media player now says no matter what song I try to play that an error has occured and to send error report. It did this before, so I COMPLETELY reformated my hard drive and reinstalled everything. It worked beautifully, now all of sudden it doesn't. I can't find the trigger, so I decided it might be a virus or something. Here is the HiJack this log, see if anything pops out to you, I couldn't find it. :-( I do know I have had some issues with the sound card (Audigy 2) and this motherboard, with installing the drivers. But I have opened songs and played other files with different media players and it works fine. PLEASE help.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:21:53 PM, on 11/29/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\E_S00RP1.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.excite.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.excite.com
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/...101/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1227383883711
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15106/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 6608 bytes

BC AdBot (Login to Remove)

 


#2 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:08:01 AM

Posted 14 December 2008 - 01:12 PM

Hello and :thumbsup: to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#3 SkipDiver

SkipDiver
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:11:01 AM

Posted 14 December 2008 - 07:21 PM

Here are the logs you requested for this venture to start. I just can't figure out why it runs sooo slow. Thanks for ALL of your help.




DDS (Version 1.0.1) - NTFSx86
Run by DJ at 19:18:13.18 on Sun 12/14/2008
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1515 [GMT -5:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\E_S00RP1.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Creative\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\DJ\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.excite.com/
uInternet Settings,ProxyOverride = *.local
BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [CTDVDDET] "c:\program files\creative\dvdaudio\CTDVDDET.EXE"
mRun: [CTSysVol] c:\program files\creative\sbaudigy2\surround mixer\CTSysVol.exe
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SEH: {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-12-3 28544]
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\ViewpointService.exe" [2008-11-22 24652]
R3 ctgame;Game Port;c:\windows\system32\drivers\ctgame.sys [2007-4-10 19112]

=============== Created Last 30 ================

2008-12-09 02:02 120 a------- C:\drmHeader.bin
2008-12-09 01:43 243,712 a------- c:\windows\Kpcp32.dll
2008-12-09 01:43 156,672 a------- c:\windows\sprof32.dll
2008-12-09 01:43 70,144 a------- c:\windows\Kpfp32.dll
2008-12-09 01:43 58,368 a------- c:\windows\pfpick.dll
2008-12-09 01:43 53,760 a------- c:\windows\Ptpick32.dll
2008-12-09 01:43 48,128 a------- c:\windows\Kpsys32.dll
2008-12-09 01:43 42,483 a------- c:\windows\Icccodes.dat
2008-12-09 01:43 39,095 a------- c:\windows\Iccsigs.dat
2008-12-09 01:43 31,744 a------- c:\windows\Kpsharp.dll
2008-12-09 01:43 31,232 a------- c:\windows\Kpscale.dll
2008-12-09 01:43 20,992 a------- c:\windows\icccodes.dll
2008-12-09 01:43 156 a------- c:\windows\Kpcms.ini
2008-12-09 01:42 401,484 a------- c:\windows\system32\Msvcrtd.dll
2008-12-09 01:42 322,832 a------- c:\windows\system32\Mfc30.dll
2008-12-09 01:42 210,944 a------- c:\windows\system32\Msvcrt10.dll
2008-12-09 01:42 133,392 a------- c:\windows\system32\Mfco30.dll
2008-12-09 01:42 94,285 a------- c:\windows\system32\Msvcirtd.dll
2008-12-09 01:42 33,424 a------- c:\windows\system32\Urlcache.dll
2008-12-09 01:42 32,792 a------- c:\windows\Spwhpt.dll
2008-12-09 01:42 6,144 a------- c:\windows\system32\W95fiber.dll
2008-12-09 01:42 212,480 a------- c:\windows\Pcdlib32.dll
2008-12-09 01:41 <DIR> --d----- c:\windows\system32\Color
2008-12-09 01:41 <DIR> --d----- C:\Kpcms
2008-12-09 00:04 <DIR> --d----- c:\docume~1\dj\applic~1\Windows Search
2008-12-03 23:03 28,544 a------- c:\windows\system32\drivers\pavboot.sys
2008-12-03 23:03 <DIR> --d----- c:\program files\Panda Security
2008-12-02 16:41 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-02 16:41 73,728 a------- c:\windows\system32\javacpl.cpl
2008-12-01 21:38 <DIR> --d----- c:\program files\MSXML 4.0
2008-11-30 23:00 28 a------- c:\windows\ODBC.INI
2008-11-30 18:30 95,352 a------- c:\windows\system32\drivers\eeyehv64.sys
2008-11-30 18:30 76,920 a------- c:\windows\system32\drivers\eeyehv.sys
2008-11-30 18:30 59,000 a------- c:\windows\system32\drivers\eeyetv64.sys
2008-11-30 18:30 50,296 a------- c:\windows\system32\drivers\eeyenv64.sys
2008-11-30 18:30 47,736 a------- c:\windows\system32\drivers\eeyetv.sys
2008-11-30 18:30 42,104 a------- c:\windows\system32\drivers\eeyenv.sys
2008-11-30 18:23 8 a------- c:\windows\system32\winsusrx.dll
2008-11-30 18:23 136 a------- c:\windows\system32\winsusrm.dll
2008-11-30 18:22 296,852 a------- c:\windows\system32\RulesData2.xml
2008-11-30 18:22 296,684 a------- c:\windows\system32\RulesData1.xml
2008-11-30 18:22 100,201 a------- c:\windows\system32\RulesData.xml
2008-11-30 18:22 47,595 a------- c:\windows\system32\RulesData3.xml
2008-11-30 18:22 33,804 a------- c:\windows\system32\ath.mgf
2008-11-30 18:22 24,879 a------- c:\windows\system32\RulesFactors.xml
2008-11-30 18:22 10,304 a------- c:\windows\system32\sub.mgf
2008-11-30 18:22 3,474 a------- c:\windows\system32\sze.mgf
2008-11-30 18:22 704 a------- c:\windows\system32\snd.mgf
2008-11-30 18:22 204 a------- c:\windows\system32\frb.mgf
2008-11-30 18:22 55 a------- c:\windows\system32\bnr.mgf
2008-11-30 18:22 380,928 a------- c:\windows\system32\VCWebInstall.exe
2008-11-30 18:22 <DIR> --d----- c:\program files\eEye Digital Security
2008-11-30 18:22 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Applications
2008-11-30 18:20 <DIR> --d----- c:\program files\RogueRemover FREE
2008-11-29 16:21 <DIR> --d----- c:\program files\Trend Micro
2008-11-29 16:06 342 a------- c:\windows\system32\CTHELPER.RPT
2008-11-29 16:04 60,160 ac------ c:\windows\system32\dllcache\drmk.sys
2008-11-29 16:04 60,160 a------- c:\windows\system32\drivers\drmk.sys
2008-11-29 15:56 23,392 a------- c:\windows\system32\nscompat.tlb
2008-11-29 15:56 16,832 a------- c:\windows\system32\amcompat.tlb
2008-11-29 15:11 <DIR> --d----- c:\program files\Windows Media Connect 2
2008-11-29 15:02 <DIR> --d----- C:\MP3'z
2008-11-28 14:17 446,464 a------- c:\windows\system32\nvudisp.exe
2008-11-28 14:17 186,097 a------- c:\windows\system32\nvapps.xml
2008-11-28 14:17 18,070 a------- c:\windows\system32\nvdisp.nvu
2008-11-28 14:17 <DIR> --d----- c:\windows\nview
2008-11-28 14:17 446,464 a------- c:\windows\system32\NVUNINST.EXE
2008-11-28 14:17 <DIR> --d----- C:\NVIDIA
2008-11-28 14:15 <DIR> --d-h--- c:\windows\msdownld.tmp
2008-11-28 14:15 <DIR> --d----- c:\windows\Logs
2008-11-26 21:24 <DIR> --d----- C:\VundoFix Backups
2008-11-26 20:42 766 a------- c:\windows\zeusicon.ico
2008-11-25 21:58 127 a------- c:\windows\wininit.ini
2008-11-25 19:32 <DIR> --d----- c:\windows\pss
2008-11-25 05:28 766 a------- c:\windows\attwns.ico
2008-11-24 14:48 4,398 a------- c:\windows\caesar3.ico
2008-11-24 14:44 <DIR> --d----- C:\SIERRA
2008-11-24 14:44 <DIR> --d----- c:\program files\Sierra On-Line
2008-11-24 14:44 379 a------- c:\windows\SIERRA.INI
2008-11-24 14:44 <DIR> --d----- c:\documents and settings\dj\WINDOWS
2008-11-23 23:45 <DIR> --d----- c:\program files\EA GAMES
2008-11-23 23:27 5,632 a------- c:\windows\system32\ptpusb.dll
2008-11-23 23:27 15,104 ac------ c:\windows\system32\dllcache\usbscan.sys
2008-11-23 23:27 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2008-11-23 23:27 159,232 a------- c:\windows\system32\ptpusd.dll
2008-11-23 23:13 <DIR> --d----- c:\program files\Microsoft CAPICOM 2.1.0.2
2008-11-23 22:57 <DIR> --d----- C:\EPSONREG
2008-11-23 22:56 44,344 -------- c:\windows\system32\drivers\SEQCAL.SYS
2008-11-23 22:56 81,920 -------- c:\windows\system32\SipCal.dll
2008-11-23 22:56 1,078 -------- c:\windows\system32\NOTE12.ICO
2008-11-23 22:56 4,493,364 -------- c:\windows\system32\Mpl.dll
2008-11-23 22:56 40,960 -------- c:\windows\system32\Mplps.dll
2008-11-23 22:55 <DIR> --d----- c:\program files\Monaco Systems
2008-11-23 22:55 <DIR> --d----- C:\epson
2008-11-23 22:54 90,112 a------- c:\windows\unvise32.exe
2008-11-23 22:54 <DIR> --d----- c:\program files\nik Color Efex Pro 2.0 Promo
2008-11-23 22:52 <DIR> --d----- c:\program files\EPSON Print CD
2008-11-23 22:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\UDL
2008-11-23 22:47 122,880 a------- c:\windows\system32\SAgent4.exe
2008-11-23 22:47 65,536 a------- c:\windows\system32\E_S00RP1.EXE
2008-11-23 22:45 <DIR> --d----- c:\program files\EPSON
2008-11-23 22:43 <DIR> --d----- c:\program files\Microsoft Games
2008-11-23 17:28 292 a------- c:\windows\system32\DVCStateBkp-{00000003-00000000-00000004-00001102-00000004-10071102}.dat
2008-11-23 17:28 292 a------- c:\windows\system32\DVCState-{00000003-00000000-00000004-00001102-00000004-10071102}.dat
2008-11-23 17:27 404,736 a----r-- c:\windows\system32\drivers\ALCXSENS.SYS
2008-11-23 17:27 141,016 a----r-- c:\windows\system32\ALSNDMGR.WAV
2008-11-23 17:26 10,435,072 a----r-- c:\windows\system32\ALSNDMGR.CPL
2008-11-23 17:26 57,344 a----r-- c:\windows\SOUNDMAN.EXE
2008-11-23 17:26 462,940 a----r-- c:\windows\system32\drivers\ALCXWDM.SYS
2008-11-23 17:25 17 a------- c:\windows\system32\auto.ini
2008-11-23 17:21 4,990,228 a------- c:\windows\{00000003-00000000-00000004-00001102-00000004-10071102}.BAK
2008-11-23 17:21 4,990,228 a------- c:\windows\{00000003-00000000-00000004-00001102-00000004-10071102}.CDF
2008-11-23 17:21 32,148 a------- c:\windows\system32\BMXCtrlState-{00000003-00000000-00000004-00001102-00000004-10071102}.rfx
2008-11-23 17:21 32,148 a------- c:\windows\system32\BMXBkpCtrlState-{00000003-00000000-00000004-00001102-00000004-10071102}.rfx
2008-11-23 17:21 31,628 a------- c:\windows\system32\BMXStateBkp-{00000003-00000000-00000004-00001102-00000004-10071102}.rfx
2008-11-23 17:21 31,628 a------- c:\windows\system32\BMXState-{00000003-00000000-00000004-00001102-00000004-10071102}.rfx
2008-11-23 17:16 68,908 a------- c:\windows\system32\Emu10kx.ini
2008-11-23 17:16 189,120 a------- c:\windows\system32\drivers\CTOSS9X.SYS
2008-11-23 17:16 114,688 a------- c:\windows\system32\OpenAL32.dll
2008-11-23 17:16 49,152 a------- c:\windows\MIDIDEF.EXE
2008-11-23 17:16 20,480 a------- c:\windows\system32\ENSDEF.EXE
2008-11-23 17:16 5,515 a------- c:\windows\system32\ENSDEF.INI
2008-11-23 17:16 184,320 a------- c:\windows\PSCONV.EXE
2008-11-23 17:16 180,224 a------- c:\windows\READREG.EXE
2008-11-23 17:16 94,208 a------- c:\windows\DEVREG.DLL
2008-11-23 17:16 2,259,067 a------- c:\windows\system32\default.ecw
2008-11-23 17:16 4,174,814 a------- c:\windows\system32\CT4MGM.SF2
2008-11-23 17:16 12,288 a------- c:\windows\system32\AHQCpURes.dll
2008-11-23 17:16 32,768 a------- c:\windows\system32\AudioHQU.cpl
2008-11-23 17:14 136 a------- c:\windows\SBWIN.INI
2008-11-23 17:13 62,976 a------- c:\windows\system32\CTDetres.dll
2008-11-23 17:13 17,350 a------- c:\windows\system32\CTDetect.hlp
2008-11-23 17:13 641 a------- c:\windows\system32\CTDetect.cnt
2008-11-23 17:13 331,776 -------- c:\windows\system32\CTMEDENG.DLL
2008-11-23 17:13 139,264 a------- c:\windows\system32\Video.skn
2008-11-23 17:13 24,576 a------- c:\windows\system32\CTMERes.DLL
2008-11-23 17:12 15,840 -------- c:\windows\system32\pfmodnt.sys
2008-11-23 17:00 14,739 a------- c:\windows\system32\OLYnat.tli
2008-11-23 17:00 14,739 a------- c:\windows\system32\OLYenh.tli
2008-11-23 17:00 5,813 a------- c:\windows\system32\OLYMPUS.xml
2008-11-23 17:00 402 a------- c:\windows\system32\OLYIDs.xml
2008-11-23 17:00 <DIR> --d----- c:\program files\Olympus
2008-11-23 17:00 <DIR> --d----- c:\windows\Downloaded Installations
2008-11-23 12:30 <DIR> --d--r-- C:\Movies
2008-11-23 11:31 268,648 a------- c:\windows\system32\mucltui.dll
2008-11-23 11:31 27,496 a------- c:\windows\system32\mucltui.dll.mui
2008-11-23 02:10 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2008-11-23 02:10 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2008-11-23 02:01 95,218 a------- C:\Adobe Photoshop CS v8.0 - CD1.jpg
2008-11-23 01:59 243,432 a------- C:\Adobe Photoshop CS2 - Front DVD Box.jpg
2008-11-23 01:58 334,873 a------- C:\Nero 6 Reloaded - Dvd Custom - Front Box.jpg
2008-11-23 01:57 117,585 a------- C:\Nero 6 Reloaded - CD Cover.jpg
2008-11-23 01:53 9,464 -------- c:\windows\system32\drivers\cdralw2k.sys
2008-11-23 01:53 9,336 -------- c:\windows\system32\drivers\cdr4_xp.sys
2008-11-23 01:53 129,784 -------- c:\windows\system32\pxafs.dll
2008-11-23 01:52 <DIR> --d----- c:\program files\WinISO
2008-11-23 01:45 <DIR> a-d--r-- C:\My Music
2008-11-23 01:39 3,262 a------- c:\windows\reinstall.ico
2008-11-23 01:39 766 a------- c:\windows\Uninstall.ico
2008-11-23 01:39 <DIR> --d----- c:\windows\Samsung
2008-11-22 23:56 <DIR> --d----- c:\program files\Lavasoft
2008-11-22 23:55 120,056 -------- c:\windows\system32\pxcpyi64.exe
2008-11-22 23:55 118,520 -------- c:\windows\system32\pxinsi64.exe
2008-11-22 23:55 43,528 -------- c:\windows\system32\drivers\PxHelp20.sys
2008-11-22 23:55 <DIR> --d----- c:\program files\DivX
2008-11-22 23:54 <DIR> --d----- c:\program files\K-Lite Codec Pack
2008-11-22 23:48 <DIR> --d----- C:\MP3
2008-11-22 23:17 <DIR> --d----- c:\windows\RegisteredPackages
2008-11-22 23:15 1,746,360 -------- c:\windows\system32\CTAA1.DAT
2008-11-22 23:15 65,536 -------- c:\windows\system32\ctdvda32.dll
2008-11-22 23:13 44,032 -------- c:\windows\system32\CTSVCCDA.EXE
2008-11-22 23:13 25,088 -------- c:\windows\system32\CTSVCCTL.EXE
2008-11-22 23:13 <DIR> --d----- c:\program files\common files\Creative
2008-11-22 23:13 <DIR> --d-h--- c:\program files\Creative Installation Information
2008-11-22 23:10 30,512 a------- c:\windows\system32\mdimon.dll
2008-11-22 23:10 32,592 a------- c:\windows\system32\msonpmon.dll
2008-11-22 23:10 <DIR> --d----- C:\Install Programs
2008-11-22 23:09 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys
2008-11-22 23:05 <DIR> --d----- c:\program files\Microsoft Visual Studio 8
2008-11-22 23:04 <DIR> --d----- c:\windows\SHELLNEW
2008-11-22 23:02 7,062 a------- c:\windows\system32\audiopid.vxd
2008-11-22 23:02 <DIR> --d----- c:\program files\Creative
2008-11-22 22:46 <DIR> --d-h--- c:\windows\PIF
2008-11-22 22:44 <DIR> --d----- c:\docume~1\dj\applic~1\Windows Desktop Search
2008-11-22 19:09 <DIR> --d----- c:\windows\system32\GroupPolicy
2008-11-22 19:09 <DIR> --d----- c:\program files\Windows Desktop Search
2008-11-22 19:09 192,000 -c------ c:\windows\system32\dllcache\offfilt.dll
2008-11-22 19:09 98,304 -c------ c:\windows\system32\dllcache\nlhtml.dll
2008-11-22 19:09 29,696 -c------ c:\windows\system32\dllcache\mimefilt.dll
2008-11-22 19:05 <DIR> --d----- c:\windows\system32\URTTemp
2008-11-22 19:02 <DIR> --d--r-- C:\DJ
2008-11-22 18:57 11,564 a------- c:\windows\system32\DVCState-{00000003-00000000-00000004-00001102-00000004-10071102}.rfx
2008-11-22 18:52 107,368 a------- c:\windows\system32\GEARAspi.dll
2008-11-22 18:52 15,464 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2008-11-22 18:52 <DIR> --d----- c:\program files\iPod
2008-11-22 18:51 <DIR> --d----- c:\program files\iTunes
2008-11-22 18:51 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-22 18:51 <DIR> --d----- c:\program files\Bonjour
2008-11-22 18:51 86,016 a------- c:\windows\system32\cttele.dll
2008-11-22 18:50 409,600 a------- c:\windows\system32\wrap_oal.dll
2008-11-22 18:50 32,000 a------- c:\windows\system32\drivers\usbaapl.sys
2008-11-22 18:50 <DIR> --d----- c:\windows\system32\data
2008-11-22 16:06 6,066,176 -c------ c:\windows\system32\dllcache\ieframe.dll
2008-11-22 16:06 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat
2008-11-22 16:06 991,232 -c------ c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-22 16:06 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll
2008-11-22 16:06 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll
2008-11-22 16:06 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll
2008-11-22 16:06 63,488 -c------ c:\windows\system32\dllcache\icardie.dll
2008-11-22 16:06 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-22 16:06 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe
2008-11-22 15:41 <DIR> --d----- c:\docume~1\dj\applic~1\AOL
2008-11-22 15:40 <DIR> --d----- c:\program files\common files\Nullsoft
2008-11-22 15:40 33,588 a----r-- c:\windows\system32\drivers\wanatw4.sys
2008-11-22 15:39 <DIR> --d----- c:\windows\aolshare
2008-11-22 15:39 <DIR> --d----- c:\program files\common files\aolshare
2008-11-22 15:39 <DIR> --d----- c:\program files\AOL 9.1
2008-11-22 15:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Viewpoint
2008-11-22 15:20 <DIR> --d----- c:\program files\Viewpoint
2008-11-22 15:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\acccore
2008-11-22 15:20 <DIR> --d----- c:\program files\common files\AOL
2008-11-22 15:19 <DIR> --d----- c:\program files\AIM6
2008-11-22 15:18 <DIR> --d----- c:\windows\system32\scripting
2008-11-22 15:18 <DIR> --d----- c:\windows\system32\en
2008-11-22 15:18 <DIR> --d----- c:\windows\l2schemas
2008-11-22 15:18 <DIR> --d----- c:\windows\system32\bits
2008-11-22 15:16 <DIR> --d----- c:\windows\ServicePackFiles
2008-11-22 15:15 <DIR> --d----- c:\windows\network diagnostic
2008-11-22 14:59 138,496 -c------ c:\windows\system32\dllcache\afd.sys
2008-11-22 14:59 26,488 a------- c:\windows\system32\spupdsvc.exe
2008-11-22 14:59 <DIR> --d----- c:\windows\system32\PreInstall
2008-11-22 14:59 <DIR> --d-h--- c:\windows\$hf_mig$
2008-11-22 14:57 <DIR> --dsh--- c:\documents and settings\dj\UserData
2008-11-22 14:57 13,746 a------- c:\windows\system32\wpa.bak
2008-11-22 14:54 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2008-11-22 14:53 1,902 -------- c:\windows\system32\SetupBD.din
2008-11-22 14:53 24,064 a----r-- c:\windows\system32\IntelNic.dll
2008-11-22 14:53 171,152 a------- c:\windows\system32\drivers\e1000325.sys
2008-11-22 14:53 121,440 a------- c:\windows\system32\e1000msg.dll
2008-11-22 14:53 118,784 a------- c:\windows\system32\Prounstl.exe
2008-11-22 14:53 2,878 a------- c:\windows\system32\e1000325.din
2008-11-22 14:47 6,272 a------- c:\windows\system32\drivers\splitter.sys
2008-11-22 14:47 83,072 a------- c:\windows\system32\drivers\wdmaud.sys
2008-11-22 14:47 52,864 a------- c:\windows\system32\drivers\dmusic.sys
2008-11-22 14:47 56,576 a------- c:\windows\system32\drivers\swmidi.sys
2008-11-22 14:47 142,592 a------- c:\windows\system32\drivers\aec.sys
2008-11-22 14:47 172,416 a------- c:\windows\system32\drivers\kmixer.sys
2008-11-22 14:47 2,944 a------- c:\windows\system32\drivers\drmkaud.sys
2008-11-22 14:47 60,800 a------- c:\windows\system32\drivers\sysaudio.sys
2008-11-22 14:47 7,552 a------- c:\windows\system32\drivers\mskssrv.sys
2008-11-22 14:46 4,992 a------- c:\windows\system32\drivers\mspqm.sys
2008-11-22 14:46 5,376 a------- c:\windows\system32\drivers\mspclock.sys
2008-11-22 14:46 720,896 a----r-- c:\windows\system32\Audio3D.dll
2008-11-22 14:44 <DIR> --d----- c:\windows\system32\ReinstallBackups
2008-11-22 14:43 61,440 -------- c:\windows\system32\auto.exe
2008-11-22 14:38 0 a------- c:\windows\frontpg.ini
2008-11-22 14:38 <DIR> --d----- c:\windows\IIS Temporary Compressed Files
2008-11-22 14:38 <DIR> --d----- c:\windows\system32\Cache
2008-11-22 14:33 <DIR> --d----- c:\documents and settings\DJ
2008-11-21 22:28 <DIR> --ds---- c:\windows\system32\Microsoft
2008-11-21 22:28 8,192 a------- c:\windows\REGLOCS.OLD
2008-11-21 22:26 36,927 ac------ c:\windows\system32\dllcache\padrs411.dll
2008-11-21 22:25 57,399 ac------ c:\windows\system32\dllcache\cplexe.exe
2008-11-21 22:24 316,640 a------- c:\windows\WMSysPr9.prx
2008-11-21 22:24 <DIR> --dsh--- c:\documents and settings\all users\DRM
2008-11-21 22:24 488 a---hr-- c:\windows\system32\WindowsLogon.manifest
2008-11-21 22:24 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2008-11-21 22:24 <DIR> --ds---- c:\windows\Downloaded Program Files
2008-11-21 22:24 <DIR> --d--r-- c:\windows\Offline Web Pages
2008-11-21 22:23 <DIR> --d-h--- c:\program files\WindowsUpdate
2008-11-21 22:22 <DIR> --d----- c:\program files\common files\MSSoap
2008-11-21 22:21 <DIR> --d----- c:\program files\Online Services
2008-11-21 22:21 <DIR> --d----- c:\program files\Messenger
2008-11-21 22:21 <DIR> --d----- c:\program files\MSN Gaming Zone
2008-11-21 22:20 <DIR> --d----- c:\program files\Windows NT
2008-11-21 17:11 <DIR> --d----- c:\program files\common files\ODBC
2008-11-21 17:11 <DIR> --d----- c:\program files\common files\SpeechEngines
2008-11-21 17:11 <DIR> --d--r-- c:\documents and settings\all users\Documents

==================== Find3M ====================

2008-11-22 15:20 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-11-21 22:21 21,640 a------- c:\windows\system32\emptyregdb.dat
2008-11-06 06:42 499,712 a------- c:\windows\system32\msvcp71.dll
2008-11-06 06:42 348,160 a------- c:\windows\system32\msvcr71.dll
2008-10-28 17:36 823,296 a------- c:\windows\system32\divx_xx0c.dll
2008-10-28 17:36 823,296 a------- c:\windows\system32\divx_xx07.dll
2008-10-28 17:35 815,104 a------- c:\windows\system32\divx_xx0a.dll
2008-10-28 17:35 802,816 a------- c:\windows\system32\divx_xx11.dll
2008-10-28 17:35 684,032 a------- c:\windows\system32\DivX.dll
2008-10-24 06:21 455,296 a------- c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 07:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-16 15:38 826,368 a------- c:\windows\system32\wininet.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-03 05:02 247,326 a------- c:\windows\system32\strmdll.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-25 03:03 524,288 a------- c:\windows\system32\DivXsm.exe
2008-09-25 03:03 196,608 a------- c:\windows\system32\dtu100.dll
2008-09-25 03:03 81,920 a------- c:\windows\system32\dpl100.dll
2008-09-25 03:03 53,248 a------- c:\windows\system32\dpuGUI10.dll
2008-09-25 03:03 593,920 a------- c:\windows\system32\dpuGUI11.dll
2008-09-25 03:03 344,064 a------- c:\windows\system32\dpus11.dll
2008-09-25 03:03 57,344 a------- c:\windows\system32\dpv11.dll
2008-09-25 03:03 294,912 a------- c:\windows\system32\dpu11.dll
2008-09-25 03:03 294,912 a------- c:\windows\system32\dpu10.dll
2008-09-25 03:03 161,096 a------- c:\windows\system32\DivXCodecVersionChecker.exe
2008-09-19 16:57 3,596,288 a------- c:\windows\system32\qt-dx331.dll
2008-09-19 16:55 1,044,480 a------- c:\windows\system32\libdivx.dll
2008-09-19 16:55 200,704 a------- c:\windows\system32\ssldivx.dll
2008-09-19 16:54 12,288 a------- c:\windows\system32\DivXWMPExtType.dll

============= FINISH: 19:18:38.15 ===============

Attached Files



#4 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:08:01 AM

Posted 14 December 2008 - 11:04 PM

Hello, SkipDiver
After uninstalling windows search, let me know if things speed up a bit :thumbsup:

Viewpoint is considered foistware instead of malware because it is installed without users approval, but doesn't spy or do anything "bad". You may like to read this article about the potential of this Viewpoint software here:
http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Click on Start > Run... > and then paste the following into the "Open" field: "appwiz.cpl" and press OK. From within Add or Remove Programs uninstall the following if they exist: Viewpoint, Viewpoint Manager, and/or Viewpoint Media Player.

We need to uninstall one or more programs
Please click on Start > Control Panel > Add/Remove Programs and uninstall the following programs(if present):
Windows Search 4.0

BillyIII
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#5 SkipDiver

SkipDiver
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:11:01 AM

Posted 22 December 2008 - 04:36 PM

that didn't help speed it up at all, nor take care of my Windows media player. I have installed and deleted it now a few times. I can get ONE good song to play, then that is it....not even twice. It just goes to error.

#6 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:08:01 AM

Posted 22 December 2008 - 11:42 PM

Hello, SkipDiver
We need to repair some of windows' internal registration settings
  • Please download Dial-A-Fix from one of the following mirrors:
  • Extract the zip file to your desktop.
  • Double click Dial-a-Fix.exe to start the program.
  • Press the green double checkmark box (Looks like this: Posted Image)
  • UNcheck "Empty Temp Folders", as well as "Adjust Time/Date" in the prep section. The prep section should then look like this:
    Posted Image
  • When the window looks like this, press the GO button in the bottom of the window.
    Posted Image
  • Exit/Close Dial-A-Fix
I would like us to use ESET (NOD32)'s Online Scanner
  • Please go to ESET OnlineScan (NOD32)
  • You will then see the Terms of Use, tick the check-box infront of YES, I accept the Terms of Use
  • Now click Start
  • Should you face a Security Warning that asks if you want to install and run a file called "OnlineScanner.cab", click Yes
  • Click Start
    • Note: (the Onlinescanner will now prepare itself for running on your pc)
  • To do a full-scan, tick: "Remove found threats" and "Scan potentially unwanted applications"
  • Press Scan
  • The Onlinescan will now start and scan your pc (this could take a while)
  • When the scan has finished, it will show a screen with two tabs "overview" and "details" and the option to get information or buy software, just close the window
  • Click Start >> Run... >> type: C:\Program Files\EsetOnlineScanner\log.txt
  • The Scanresults will now open in Notepad
  • Click into the text area, right-click and chose "select all" (or use <Control>+A)
  • Right-click again and chose "Copy" (or <Control>+C)
  • Close/Exit Notepad
  • Navigate to this thread and post your log along with anything else requested from us, by right-clicking and "paste" (or ctrl+v) in the text area of the reply post you just created.
Note: For Vista Users: Eset is compatible but Internet Explorer must be run as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select "Run as Administrator" from the context menu.)

In your next reply, please include the following:
  • ESET OnlineScan's Log

BillyIII
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#7 SkipDiver

SkipDiver
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:11:01 AM

Posted 24 December 2008 - 02:02 AM

ok...I have tried now to run the scanner 3 times and get the log. As soon as the scan finishes, IE closes and NO log is present on the computer. The folder for the online scanner is there, with a bunch of files, but NO log file ANYWHERE. What does that mean?

#8 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:08:01 AM

Posted 24 December 2008 - 02:32 PM

Did it find any infections?

Billy3
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#9 SkipDiver

SkipDiver
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:11:01 AM

Posted 24 December 2008 - 05:13 PM

I can never tell. It takes awhile, and then I leave the computer for a second and come back and it must be done due to ALL internet explorer windows are now closed and I am looking at the desktop. The FOLDER is still on my computer, but the log.txt file is not.....NO .txt is in those folders at all. I remember it catching 1 the first time...but I haven't seen one since.

#10 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:08:01 AM

Posted 25 December 2008 - 01:29 PM

Hello, SkipDiver

Please give this one a shot instead :thumbsup:

Please do an online scan with Kaspersky WebScanner.
  • Please visit the Kaspersky Online Scanner website.
    Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
In your next reply, please include the following:
  • Kaspersky's Log

BillyIII
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#11 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:08:01 AM

Posted 29 December 2008 - 09:47 AM

Hello, SkipDiver
Are you still here?

BillyIII
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#12 SkipDiver

SkipDiver
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:11:01 AM

Posted 30 December 2008 - 06:16 PM

Yes...sorry...couldn't get the scanners to work. FINALLY after 8 hours this one worked. Here is what they gave me.


--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, December 30, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, December 30, 2008 01:40:24
Records in database: 1530520
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 112166
Threat name: 9
Infected objects: 13
Suspicious objects: 0
Duration of the scan: 07:58:42


File name / Threat name / Threats count
C:\Documents and Settings\DJ\Desktop\EDT Scanner.exe Infected: not-a-virus:FraudTool.Win32.EtdScanner.b 1
C:\Install Programs\Video\DivXPro503GAINBundle.exe Infected: not-a-virus:AdWare.Win32.Gator.3202 1
C:\Install Programs\Virus Protection\EDT Scanner.exe Infected: not-a-virus:FraudTool.Win32.EtdScanner.b 1
C:\UBCD4Win\plugin\Network\CrossLoop\files\VNCHooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.b 1
C:\UBCD4Win\plugin\Network\CrossLoop\files\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.h 1
C:\UBCD4Win\plugin\Network\ipscan\ipscan.exe Infected: not-a-virus:NetTool.Win32.Portscan.c 1
C:\UBCD4Win\plugin\Network\ultravnc\files\vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c 1
C:\UBCD4Win\plugin\Network\ultravnc\files\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c 1
C:\UBCD4Win\plugin\Network\VNCServer\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1
C:\UBCD4Win\plugin\Network\VNCServer\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1
C:\UBCD4Win\plugin\Network\VNCServer\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1
C:\UBCD4Win\plugin\Password\passwordspro\files\PasswordsPro.exe Infected: not-a-virus:PSWTool.Win32.PasswordsPro.k 1
D:\DJ\Online info\Jokes\OPEN ME!.exe Infected: Hoax.Win32.BadJoke.JepRuss 1

The selected area was scanned.

Attached Files



#13 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:08:01 AM

Posted 30 December 2008 - 07:33 PM

Hello, SkipDiver
At this point, I believe the machine is clean and you're having some other issue. None of the items kaspersky found were active, nor did they do anything beyond display ads.

I would ask in the Audio and Video forum: http://www.bleepingcomputer.com/forums/f/65/audio-and-video/

They'll know more about diagnosing these types of problems there.

We need to execute an OTMoveIt3 script
  • Please download OTMoveIt3 by OldTimer and save it to your desktop.
  • Double click the Posted Image icon on your desktop.
  • Paste the following code under the Posted Image area. Do not include the word "Code".
    :files
    D:\DJ\Online info\Jokes\OPEN ME!.exe
    C:\Documents and Settings\DJ\Desktop\EDT Scanner.exe
    c:\Install Programs\Video\DivXPro503GAINBundle.exe
    C:\Install Programs\Virus Protection\EDT Scanner.exe
  • Push the large Posted Image button.
  • OTMI3 may ask to reboot the machine. Please do so if asked.
  • Copy/Paste the contents under the Posted Image line here in your next reply.
  • If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
In your next reply, please include the following:
  • OTMoveIt3's Log

BillyIII
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#14 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:08:01 AM

Posted 03 January 2009 - 10:14 PM

Hello, SkipDiver
Are you still here?

BillyIII
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#15 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:08:01 AM

Posted 05 January 2009 - 11:15 PM

Hello, SkipDiver
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please send me or another moderator a PM.

Everyone else please begin a new topic.

BillyIII
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users