Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Speakers occasionaly working & what my Antivir found!!


  • Please log in to reply
17 replies to this topic

#1 waterface

waterface

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 10 July 2009 - 01:46 PM

Hi

My pc of late has had startup issues & also of late my usb speakers have stopped working when playing online sounds! I can still play Windows Media Player sounds, but nothing online, or pc noises like when shutting windows down etc!!

My Avir Antivir found the following detections:-

The file 'C:\System Volume Information\_restore{059FF85F-BE58-454B-A925-461FD9805E4B}\RP1\A0000081.exe'
contained a virus or unwanted program 'HIDDENEXT/Crypted' [heuristic]
Action(s) taken:
The file was deleted!

The file 'C:\System Volume Information\_restore{059FF85F-BE58-454B-A925-461FD9805E4B}\RP1\A0000065.pif'
contained a virus or unwanted program 'HIDDENEXT/Crypted' [heuristic]
Action(s) taken:
The file was deleted!

The file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\90yhb3fy.default\Cache\C2152591d01'
contained a virus or unwanted program 'HIDDENEXT/Crypted' [heuristic]
Action(s) taken:
The file was deleted!

i hope someone can help!!

thanks

wf

BC AdBot (Login to Remove)

 


#2 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 July 2009 - 07:30 AM

anyone please!!!

#3 D_N_M

D_N_M

  • Members
  • 200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 11 July 2009 - 07:53 AM

Hello waterface

Try running this http://www.malwarebytes.org/mbam.php and post back a log and let's see what it finds

D_N_M

#4 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 July 2009 - 08:07 AM

I have run this many times in last few days & there was nothing to delete!! I shall again though if you think i should!! Do i perform a full scan or quick scan?

wf

#5 D_N_M

D_N_M

  • Members
  • 200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 11 July 2009 - 08:11 AM

Hello waterface

Please run a quick scan and post the log

D_N_M

#6 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 July 2009 - 08:24 AM

Malwarebytes' Anti-Malware 1.38
Database version: 2406
Windows 5.1.2600 Service Pack 3

11/07/2009 14:23:49
mbam-log-2009-07-11 (14-23-49).txt

Scan type: Quick Scan
Objects scanned: 82421
Time elapsed: 4 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#7 D_N_M

D_N_M

  • Members
  • 200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 11 July 2009 - 08:29 AM

Hello waterface

next let's try this http://www.superantispyware.com/ Free Home Version
Open SUPER from icon and install and Update it
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining.
Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.

Now reboot into Safe Mode: How to enter safe mode(XP)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode.

If you use Firefox or Opera browser click that browser at the top and choose: Select All
Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

NOW Scan with SUPER
Open from the desktop icon or the program Files list
On the left, make sure you check C:\Fixed Drive.
Perform a Complete scan. After scan,Verify they are all checked.
Click OK on the summary screen to quarantine all found items.
If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

Please ask any needed questions,post logs and Let us know how the PC is running now.

D_N_M

#8 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 July 2009 - 11:22 AM

Hi
I Ran SAS in Safe Mode as said but couldn't do the bit where you say 'If use Firefox Browser click browser & select all & empty selected'. Did you mean double click FF browser desktop icon in Safe mode & then click edit & select all!!

SAS found some stuff however my speakers still don't work with online things!!

Here'e my log.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/11/2009 at 05:03 PM

Application Version : 4.26.1006

Core Rules Database Version : 3986
Trace Rules Database Version: 1926

Scan type : Complete Scan
Total Scan Time : 01:04:02

Memory items scanned : 214
Memory threats detected : 0
Registry items scanned : 4480
Registry threats detected : 0
File items scanned : 22275
File threats detected : 7

Adware.Tracking Cookie
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt

Trojan.Agent/Gen-PEC
C:\32788R22FWJFW\PEV.EXE
C:\WINDOWS\PEV.EXE
C:\WINDOWS\Prefetch\PEV.EXE-0CE2BF4A.pf
C:\WINDOWS\Prefetch\PEV.EXE-2937A365.pf


Thanks

Edited by waterface, 11 July 2009 - 11:24 AM.


#9 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 July 2009 - 12:29 PM

Hi
I saw this link & it says something (in 3rd post down) about registry faults & i wondered..
I have done a minor registry change to attempt to sort an issue with startup. I altered the Sourcepath here
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Setup
from D:\ to C:\ Driver Cache in order to be able to do a sfc scannow without the need for an OS Disk.

http://www.askmehelpdesk.com/computers-beg...line-81655.html

Also could this help:-

http://www.errornerds.com/error/no-sound.p...CFd0B4wod-japLQ

wf

#10 D_N_M

D_N_M

  • Members
  • 200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 11 July 2009 - 12:57 PM

Hello waterface

Please try this http://majorgeeks.com/ATF_Cleaner_d4949.html
and let us know

D_N_M

I don't know about Regcure as i have never used it but someone else here may have some experience with it?

Edited by D_N_M, 11 July 2009 - 12:59 PM.


#11 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 July 2009 - 01:05 PM

Hi
Do i check any of the boxes in atf cleaner?

thanks

wf

#12 D_N_M

D_N_M

  • Members
  • 200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 11 July 2009 - 01:14 PM

Hello waterface

Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.

If you use Firefox or Opera browser click that browser at the top and choose: Select All
Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

D_N_M

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:25 PM

Posted 11 July 2009 - 01:20 PM

Hello.. Afew things of note:
First Always back up your registry before making any changes.

Go to Start » Run and type: regedit
Click OK.
On the left side, click to highlight My Computer at the top.
Go up to File » Export
Make sure in that window there is a tick next to "All" under Export Branch.
Leave the "Save As Type" as "Registration Files".
Under "Filename" put RegBackup.
Choose to save it to C:\
Click save and then go to File » Exit.

Or you can download and use ERUNTwhich is an excellent free tool that allows you to to take a snapshot (backup) of your registry before making changes and restore it when needed.



Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:

• Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.

• Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.

• Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.

• Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.

• The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.


Please download ATF Cleaner by Atribune & save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 July 2009 - 01:27 PM

Ok i done this & now certain webpages don't load up & this site & many more look different!!, lack of graphics etc!!
Youtube etc don't even show the movie clips!! still no sound!!

will be back later, need to go out!!

thanks

ahh !!

Edited by waterface, 11 July 2009 - 01:34 PM.


#15 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 July 2009 - 08:01 PM

Hi
Yeh, everything looks different on this website & many others. On cetain site the pages don't load properly & the youtube look has totally gone, its all text with graphics missing!!
All this since i used ATF cleaner.
I did a system restore to when i used SuperAntiSpyware & before i used ATF & all pages are still messed up!!
What has happened, the things i seem to want sorted out get overtaken by other issues that crop up!

No sound, pages looking different & startup still not working properly!!

Please help!!!!

wf




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users