Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unknown virus


  • This topic is locked This topic is locked
7 replies to this topic

#1 Just-Because

Just-Because

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:14 AM

Posted 28 July 2018 - 06:16 PM

I am unable to play my windows media player files from a USB flash drive or click any exe files on my pc.  I keep getting an error telling me to change windows default and also to associate the files I want to play.  After going into default to change still having the same problem.  Also when I reinstalled windows media player still the same problem.  The only way I can play a file from my usb is to open manually the music folder, then open manually the exact mp3 I want to play in windows media player.  I ran antivirus and malware and still no solution.  This also caused many windows media player errors and exe extension freezes.  I am unable to left click any files.   I can second click them and scroll down to open option only.

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:14 AM

Posted 29 July 2018 - 07:57 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.


Start

CreateRestorePoint:
CloseProcesses:

() C:\windows\SysWOW64\Codecs\TrayMenu.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2018-05-20]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\windows\SysWOW64\Codecs\TrayMenu.exe ()
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Default Search
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx

HKU\S-1-5-21-3516788874-3282520140-3105564892-1017\...\ChromeHTML: ->  <==== ATTENTION
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} =>  -> No File
ContextMenuHandlers1: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll -> No File
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers2: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll -> No File
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} =>  -> No File
ContextMenuHandlers6: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll -> No File
FolderExtensions: [] -> {F6BF8414-962C-40FE-90F1-B80A7E72DB9A} => C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\neth.dll -> No File
FolderExtensions_S-1-5-21-3516788874-3282520140-3105564892-1017: [] -> {F6BF8414-962C-40FE-90F1-B80A7E72DB9A} => C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\neth.dll -> No File
2017-11-08 12:49 - 2017-11-08 12:49 - 000894416 _____ () C:\windows\SysWOW64\Codecs\TrayMenu.exe

Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.

Please let me know what problem persists with this computer.

#3 Just-Because

Just-Because
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:14 AM

Posted 29 July 2018 - 02:29 PM

Im still having a problem left clicking any files. They will not open.  i can only open by second clicking manually scrolling to open option.  even on my media files they will not open when i try to left click them to play in windows media player.  help please.  an error box pops up telling me that: "this file does not have a program associated with it for performing this action.  Please install a program, or if one is already installed create an association in the default programs control panel"

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018
Ran by Maximillion (29-07-2018 14:53:17) Run:1
Running from C:\Users\Maximillion\Downloads
Loaded Profiles: Maximillion (Available Profiles: PC & Maximillion)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
 
CreateRestorePoint:
CloseProcesses:
 
() C:\windows\SysWOW64\Codecs\TrayMenu.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2018-05-20]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\windows\SysWOW64\Codecs\TrayMenu.exe ()
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Default Search
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
 
HKU\S-1-5-21-3516788874-3282520140-3105564892-1017\...\ChromeHTML: ->  <==== ATTENTION
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} =>  -> No File
ContextMenuHandlers1: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll -> No File
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers2: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll -> No File
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} =>  -> No File
ContextMenuHandlers6: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll -> No File
FolderExtensions: [] -> {F6BF8414-962C-40FE-90F1-B80A7E72DB9A} => C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\neth.dll -> No File
FolderExtensions_S-1-5-21-3516788874-3282520140-3105564892-1017: [] -> {F6BF8414-962C-40FE-90F1-B80A7E72DB9A} => C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\neth.dll -> No File
2017-11-08 12:49 - 2017-11-08 12:49 - 000894416 _____ () C:\windows\SysWOW64\Codecs\TrayMenu.exe
 
Reboot:
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\windows\SysWOW64\Codecs\TrayMenu.exe => Could not close process
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk => moved successfully
C:\windows\SysWOW64\Codecs\TrayMenu.exe => moved successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccjleegmemocfpghkhpjmiccjcacackp" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nladljmabboanhihfkjacnnkgjhnokhj" => removed successfully
"HKU\S-1-5-21-3516788874-3282520140-3105564892-1017_Classes\ChromeHTML" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AVG Shell Extension" => removed successfully
HKLM\Software\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Comodo Cloud Antivirus" => removed successfully
"HKLM\Software\Classes\CLSID\{299C868F-0FB0-46B2-8973-205982E04C7D}" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MagicISO" => removed successfully
"HKLM\Software\Classes\CLSID\{DB85C504-C730-49DD-BEC1-7B39C6103B7A}" => removed successfully
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Comodo Cloud Antivirus" => removed successfully
HKLM\Software\Classes\CLSID\{299C868F-0FB0-46B2-8973-205982E04C7D} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\AVG Shell Extension" => removed successfully
HKLM\Software\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Comodo Cloud Antivirus" => removed successfully
HKLM\Software\Classes\CLSID\{299C868F-0FB0-46B2-8973-205982E04C7D} => not found
"HKLM\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}" => removed successfully
"HKLM\Software\Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}" => removed successfully
"HKU\S-1-5-21-3516788874-3282520140-3105564892-1017\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}" => removed successfully
HKU\S-1-5-21-3516788874-3282520140-3105564892-1017\SOFTWARE\Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A} => not found
"C:\windows\SysWOW64\Codecs\TrayMenu.exe" => not found
 
 
The system needed a reboot.
 
==== End of Fixlog 14:54:08 ====


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:14 AM

Posted 30 July 2018 - 07:18 AM

Hi,

Im still having a problem left clicking any files. They will not open. i can only open by second clicking manually scrolling to open option


It's probably some File Association problem.

Navigate to this page.
https://www.winhelponline.com/blog/file-asso-fixes-for-windows-7/

Follow the instructions on this page for the file type you have problems with.

Keep me posted.

#5 Just-Because

Just-Because
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:14 AM

Posted 31 July 2018 - 10:29 AM

This is not working at all.  I cant left click anything on my pc no matter what the file format is.  I also tried to follow you last instruction and still got an error message.  this message stated that all information could not be added to registry.  Also upon starting my laptop this morning another error code stating that this cant be edited to your pc popped up as if a program was either trying to start up or add something to my pc.  My pc is running no different than my first request for help.  I need your help.  You can even take over my pc by remote if you wish.  Just get me out of this twilight zone my friend.  Thanks as always.



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:14 AM

Posted 31 July 2018 - 10:36 AM

Hi,

Repair these services.

Boot with Safe Mode with Networking. Execute the following.

Please Download Tweaking.com - Windows Repair from Here
  • Install and then run the program
  • Execute the instructions on Step 1 Important
  • Click Next on Step 2 Optional, do the Pre Scan skip Step 3 and 4 Optional for now.
  • On Step 5 Backup System Restore Do a Registry backup. When you have completed this click Next
  • Click Repairs - Open Repairs in the bottom right corner
  • Uncheck the All repair button then select just the item(s) listed below

  • 01 - Repair Registry Permissions
    03 - Reset Service permissions
    04 - Register System Files
    05 - Repair WMI
    10 - Remove Policies Set By Infections
    16 - Repair Windows Updates
    20 - Repair MSI (Windows Installer)
    22 - Repair File Associations (12)
    .. 22.01 - Repair bat Associations
    .. 22.02 - Repair cmd Associations
    .. 22.03 - Repair com Associations
    .. 22.04 - Repair Directory Associations
    .. 22.05 - Repair Drive Associations
    .. 22.06 - Repair exe Associations
    .. 22.07 - Repair Folder Associations
    .. 22.08 - Repair inf Associations
    .. 22.09 - Repair lnk (Shortcut) Associations
    .. 22.10 - Repair msc Associations
    .. 22.11 - Repair reg Associations
    .. 22.12 - Repair scr Associations
    25 - Restore Important Windows Services
    26 - Set Windows Service to Default Startup
  • Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)
  • Please copy and paste the Contents of this file on your next reply.
===

Restart the computer normally.

How is the computer running now?

#7 Just-Because

Just-Because
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:14 AM

Posted 01 August 2018 - 12:34 PM

It truly amazes me at the dedication put forth by all the guys and gals here at the bleeping computer.  at a time when I felt loss at my laptop, yet again I am blessed to have a solution.  I am more than thankful for all your efforts and words cant express my gratitude precisely.  My laptop seems to be working now.  I will keep you posted if anything changes.  Thanks so much!!!  



#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:14 AM

Posted 01 August 2018 - 12:46 PM

Glad we could help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users