PDA

View Full Version : HELP! Anybody heard of this?



hrb1968
15-07-2010, 08:58 PM
Yesterday morning I received an invite from a friend on my windows instant messenger list, who I know well. He asked me to take an i.q test and to go to explorer and enter [edit: dodgy website URL removed] and it would come up. As he is a friend of mine and had no idea that window instant messenger could be hi jacked I did so. Ever since my Windows media player wont recognise the Divx or MPEG4 codec, even some . avi files, amongst other things. Videos that used to play fine in Windows media player yesterday now will only play the audio component. Anybody know how to get rid of this thing? Ive run an AVG and spybot scan with no luck. Ive thought of reporting this to microsoft, but thier website is like a sales maze, if you have a direct web address to report this kind of potentially dangerous stuff, id appreciate it. Thanks:badpc:

Speedy Gonzales
15-07-2010, 09:02 PM
What version of windows? Disable system restore, reboot.. If you can post a hijackthis log, its below. Get trojan remover below as well. Update it then scan. Then select all options under the utils menu. I would also scan the whole hdd with something better than AVG

hrb1968
15-07-2010, 09:46 PM
Windows XP Pro Speedy.

hrb1968
15-07-2010, 09:48 PM
New user, how do I disable system, restore, reboot?

hrb1968
15-07-2010, 09:52 PM
Im downloading the trojan remover right now, wish me luck.

Speedy Gonzales
15-07-2010, 09:52 PM
Right mouse on my computer if its on the desktop / properties / system restore tab. Disable it

Then reboot. Then get trojan remover <- direct link (http://www.simplysupersoft.com/download/dl/trjsetup682.exe). Update it then click on scan. Then select all of the options, under the utilities menu. Whatever it finds, let it remove, then reboot

hrb1968
15-07-2010, 09:58 PM
can you tell me how to reboot? i havent done it for a while. the trojan tool is taking a while to download

hrb1968
15-07-2010, 09:59 PM
do I type in the start>cmd reboot? the trojan removal tool is at 42% downloaded (slow download) will check back in a few minutes.

Speedy Gonzales
15-07-2010, 10:00 PM
No you reboot normally / Go to start / select restart

hrb1968
15-07-2010, 10:06 PM
I do have the restart button, under the start button but I have to press "Turn computer off" first to get to it, then it offers me 3 choices, one of which is restart, should I do that?

hrb1968
15-07-2010, 10:10 PM
btw, after this started screwing up my system i did an AVG clean, and I got an infection in my local settings/temporary internet files folder, I think it may have helped but Im still not getting images back with my .avi files on media player. I think I may end up having to re download the codecs.

Speedy Gonzales
15-07-2010, 10:13 PM
Thats it thats the restart I'm talking about. If you want boot into safe mode / networking (press F8 after you reboot, select safe mode / networking).

Are you on dialup or broadband? If you re on broadband, I could log in using teamviewer (www.teamviewer.com).

All you have to do is download teamviewer, install it, then send the password and ID to me in a PM. Be CAREFUL what codecs you install. Some are trojans / malware. Get ccleaner (www.ccleaner.com) install it then run it (close browsers first). It'll remove the temp files etc off the hard drive

hrb1968
15-07-2010, 10:26 PM
OK, ive downloaded the trojan tool, and run it and found nothing. Not sure what do try now. Should I try the restart Speedy? Im on Broadband btw, brb,

Thanks Speedy, im gonna give try the reboot, the weird thing about this is in my file converting software, prism and format factory, i can still watch my .avi files. but not in Quicktime for WMP. How weird is that?

Speedy Gonzales
15-07-2010, 10:39 PM
k., Well you can get teamviewer, if you want (boot into safe mode / networking). Install it / run it , come back here. Then send the password and ID to me in a PM. And I'll check it out. Select all of the options under the utilities menu as well (in trojan remover)

hrb1968
15-07-2010, 10:50 PM
I tried the start>restart option, I think thats what you meant, I pressed F8 which didnt do anything. I just checked the Windows Media player and its still just giving me sound only, im not sure how to boot into safe mode/networking. Im going to try the ccleaner link you gave me, ill let you know, im going to delete the trojan tool

Im in microsoft at the moment and am downloading the codecs package, hopefully that might fix some of this stuff. im also downloading the ccleaner tool

Speedy Gonzales
15-07-2010, 10:53 PM
Reboot press/hold F8 down, till the menu appears. Then select safe mode / networking. It sounds (since you can only hear sound), there's no codecs to see the video. Start/shut down / restart

Greven
15-07-2010, 10:57 PM
Try installing the Xvid codec if you think the infection is cleaned out. http://www.xvid.org/Downloads.15.0.html

The malware probably cleaned out all your codecs & installed its own infected codec

hrb1968
15-07-2010, 11:28 PM
Thanks guys, Speedy, can you guide me through the use of the ccleaner? I've downloaded it and it looks pretty intimidating. It keep going on about backing up and has highlighted essential software like my browser.

Speedy Gonzales
15-07-2010, 11:34 PM
ccleaner is a program, that shows you what you've installed (under tools / uninstall). It'll also show you whats in startup (under tools/startup). Its a good program to use (if you've been infected with something (if something has disabled regedit, msconfig (you can disable entries in startup with this as well).

It'll also list a list of programs (like browsers) under cleaner (windows/apps tab), which you don't have to worry about.

If you click on cleaner / then click on run cleaner, it'll remove/delete temp files on your system (that programs install). You need to close browsers first (it'll also remove the browsers cache / depending on which browser you use)

hrb1968
16-07-2010, 02:35 AM
Thanks Speedy, I got the ccleaner and pressed registry and cleaned it up. I also went into tools and startup and noticed that my media player was not amongst the programs listed. While software I thought I'd deleted yonks ago like Nero, and Google Earth still seem to be on my system (i tried doing a search on nero and deleting the files manually, which i could do except for 4 files) and I also removed it from my control panel/add remove thingy. The cleaner button is a bit frightening though (all those ticks in boxes like temp internet files and cookies, if i click run cleaner will it delete cookies that i need? Do I untick the boxes of files i dont want touched? Also, does anybody have any idea how i can re download the codecs for my WMP Xp pro (not 64)? Ive been lost in the maze that is the microsoft website for hours. Thanks guys, If this doesnt work Speedy I might have to hassle you with a pm, (If you can tell me how to do it lol)

hrb1968
16-07-2010, 02:33 PM
I tried the ccleaner with no luck, I've also tried the reset computer to an earlier time (I tried turning it back a week) no luck, and I lost the ccleaner as a result. I'm going to try to redownload the codecs for WMP 11, avi and divx especially. Anybody know where I can get these freeware?

Speedy, I havent tried the F8 option yet. If you think its still worth a go Ill give it a try. I've figured out what you mean, Im not exactly sure what good it will do though.

Speedy Gonzales
16-07-2010, 02:41 PM
Speedy, I havent tried the F8 option yet. If you think its still worth a go Ill give it a try. I've figured out what you mean, Im not exactly sure what good it will do though.

The reason you do this if you want me to check it out with teamviewer is:

If youre infected with whatever, it is may not run in safe mode.. Thats why you boot into safe mode / networking. Of course if you use system restore, and go back a week, whatever you've installed after wont be there. And you should have disabled system restore first before doing anything else

hrb1968
16-07-2010, 02:55 PM
Oops, sorry Speedy, seemed like a good idea at the time. I thought that using system restore would remove it, but it hasnt helped. I think I got whatever it is on Tuesday or Wednesday so I turned back the clock to last Friday. No help. I think I'm going to have to go and re-download the codecs. I'm just wondering what it could be that would not be removed by a system restore. A virus should have been. I whatever it was just deleted some of my codecs. Ive checked my WMP and if there were avi and divx codecs there they are gone now.

btw, the ccleaner is a really cool product. Thanks. I'll have to download it again though. D'oh.

Also, how do I use the teamviewer?

Speedy Gonzales
16-07-2010, 03:14 PM
That depends on what the malware is and when it decided to infect the system.

Usually you disable SR to delete / remove the restore points. Since some malware (depends what it is) lives in the restore folder/s). Going back a week or so will probably remove it, but it'll also remove (as you found out) programs you've installed recently. Oh well, not to worry

Henweh
19-07-2010, 10:14 PM
If all of speedy gonzales's advice fails just reinstall windows

Agent_24
20-07-2010, 12:39 AM
If all of speedy gonzales's advice fails just reinstall windows

For someone who is confused by his reset button (no offence intended hrb1968), I don't think reinstalling Windows would be a good idea.

Next step I'd suggest would be to download and run a bootable antivirus scanner such as Bitdefender Rescue CD or Dr.Web bootable CD etc

GreacherTech
20-07-2010, 12:30 PM
WHO CARES ABOUT WMP
DOWNLOAD VLC MEDIA PLAYER

PROBLEM SOLVED
KTHANKS
woops sorry about caps :$

Jester
20-07-2010, 08:13 PM
For someone who is confused by his reset button (no offence intended hrb1968), I don't think reinstalling Windows would be a good idea.

Next step I'd suggest would be to download and run a bootable antivirus scanner such as Bitdefender Rescue CD or Dr.Web bootable CD etc

Umm, he doesn't know much about rebooting a PC I think he will have problems downloading and make a bootable CD. Just a comment.

Agent_24
21-07-2010, 01:19 AM
True, but it's a lot easier than reinstalling Windows properly...

Other than that I can only suggest taking it to a shop

GreacherTech
21-07-2010, 09:34 AM
If all of speedy gonzales's advice fails just reinstall windows

In any case why would you reinstall Windows just because he can't play and avi file? I'm sure he could take the 10min to download and install VLC and have a far superior media player than reinstall his whole OS