We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Help needed .... video files need converting...i think :s
Comments
-
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Database version: 3978
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
12/04/2010 11:39:37
mbam-log-2010-04-12 (11-39-37).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 189662
Time elapsed: 1 hour(s), 15 minute(s), 43 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\RECYCLER\S-1-5-21-1004336348-1715567821-682003330-1004\Dc17.Keymaker-AGAiN\Pinnacle.Studio.Ultimate.v12.0.0.6163.Incl.Keymaker-AGAiN\Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1004336348-1715567821-682003330-1004\Dc17.Keymaker-AGAiN\Pinnacle.Studio.Ultimate.v12.0.0.6163.Plugins.Addon-AGAiN\Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{43A3D732-F4A5-4EEC-A6ED-5CB0EA2C84FC}\RP10\A0004126.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{43A3D732-F4A5-4EEC-A6ED-5CB0EA2C84FC}\RP10\A0004129.exe (HackTool.SnadBoy) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{43A3D732-F4A5-4EEC-A6ED-5CB0EA2C84FC}\RP10\A0004173.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.0 -
Please run COMBOFIX
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Shut down your anti virus
Follow the simple instructions it gives
Post the COMPLETE log it creates here (Split into sections if need be) ~ if there are loads of 'SNAPSHOT' pages then leave them out
If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe') Or SAVE as 'QWERTY' on download:idea:0 -
ComboFix 10-04-12.04 - User 13/04/2010 10:20:26.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.502.237 [GMT 1:00]
Running from: c:\documents and settings\User\Desktop\QWERTY.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\User\Application Data\inst.exe
.
((((((((((((((((((((((((( Files Created from 2010-03-13 to 2010-04-13 )))))))))))))))))))))))))))))))
.
2010-04-11 19:31 . 2010-04-11 19:31
d
w- c:\program files\Trend Micro
2010-04-11 18:36 . 2010-04-11 18:36
d
w- c:\documents and settings\User\Application Data\Malwarebytes
2010-04-11 18:36 . 2010-03-29 14:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-11 18:36 . 2010-04-11 18:36
d
w- c:\program files\Malwarebytes' Anti-Malware
2010-04-11 18:36 . 2010-04-11 18:36
d
w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-11 18:36 . 2010-03-29 14:24 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-10 16:28 . 2010-04-10 16:28
d
w- c:\documents and settings\User\Application Data\NCH Software
2010-04-10 16:27 . 2010-04-10 16:28
d
w- c:\program files\NCH Software
2010-04-10 16:26 . 2010-04-10 16:39
d
w- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2010-04-10 16:26 . 2010-04-10 16:39
d
w- c:\program files\NCH Swift Sound
2010-04-09 23:03 . 2010-04-11 00:26 218304 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-04-09 21:41 . 2010-04-09 21:41
d
w- c:\documents and settings\User\Application Data\dvdcss
2010-04-09 19:49 . 2010-04-09 20:40 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-09 13:19 . 2010-04-09 13:19
d
w- C:\THM
2010-04-09 12:34 . 2010-04-09 12:34
d
w- c:\program files\Winnydows
2010-04-09 11:55 . 2010-04-09 11:55
d
w- c:\program files\Microsoft Silverlight
2010-04-08 19:51 . 2010-04-10 17:20
d
w- c:\documents and settings\User\Application Data\DVD Flick
2010-04-08 19:49 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2010-04-08 19:49 . 2010-04-08 19:49
d
w- c:\program files\DVD Flick
2010-04-08 14:30 . 2010-04-08 14:30
d
w- c:\documents and settings\User\Application Data\Sony Corporation
2010-04-08 14:22 . 2006-11-02 15:57 118520 ----a-w- c:\windows\system32\PxInsI64.exe
2010-04-08 14:22 . 2006-10-18 18:43 115960 ----a-w- c:\windows\system32\PxCpyI64.exe
2010-04-08 14:22 . 2010-04-08 14:22
d
w- c:\program files\Sony
2010-04-08 14:21 . 2010-04-08 14:21
d
w- c:\documents and settings\All Users\Application Data\Sony Corporation
2010-03-21 16:18 . 2010-03-21 16:18
d
w- c:\windows\Sun
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-10 17:19 . 2010-01-22 14:46
d
w- c:\documents and settings\User\Application Data\vlc
2010-04-08 14:26 . 2010-01-22 12:53
d--h--w- c:\program files\InstallShield Installation Information
2010-04-07 19:24 . 2010-01-22 14:55
d
w- c:\program files\Common Files\Adobe
2010-03-10 15:09 . 2010-01-22 17:26
d
w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-03-09 11:24 . 2010-01-22 14:57 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-09 11:12 . 2010-01-22 14:58 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-09 11:12 . 2010-01-22 14:58 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-09 11:09 . 2010-01-22 14:58 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-09 11:08 . 2010-01-22 14:57 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-09 11:08 . 2010-01-22 14:57 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-09 11:08 . 2010-01-22 14:58 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-09 11:08 . 2010-01-22 14:57 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-26 05:43 . 2006-02-28 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-02-17 21:22 . 2010-02-17 21:22
d
w- c:\documents and settings\User\Application Data\Epson
2010-02-17 21:18 . 2010-02-17 21:04
d
w- c:\program files\Common Files\EPSON
2010-02-17 21:16 . 2010-02-17 20:59
d
w- c:\documents and settings\All Users\Application Data\EPSON
2010-02-17 21:10 . 2010-02-17 20:59
d
w- c:\program files\epson
2010-02-17 21:10 . 2010-02-17 21:10
d
w- c:\documents and settings\All Users\Application Data\UDL
2010-02-17 21:09 . 2010-02-17 21:06
d
w- c:\program files\Epson Software
2010-02-17 21:07 . 2010-01-22 12:53
d
w- c:\program files\Common Files\InstallShield
2010-02-17 21:05 . 2010-02-17 21:04
d
w- c:\program files\ABBYY FineReader 6.0 Sprint
2010-02-17 21:04 . 2010-02-17 21:03
d
w- c:\program files\EpsonNet
2010-02-17 21:01 . 2010-02-17 21:01
d
w- c:\documents and settings\User\Application Data\InstallShield
2010-02-12 10:03 . 2010-02-24 20:43 293376
w- c:\windows\system32\browserchoice.exe
2010-02-11 18:53 . 2010-01-22 14:57 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-01-27 21:23 . 2010-01-27 21:23 503808 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-403f8f51-n\msvcp71.dll
2010-01-27 21:23 . 2010-01-27 21:23 348160 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-403f8f51-n\msvcr71.dll
2010-01-27 21:23 . 2010-01-27 21:23 499712 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-403f8f51-n\jmc.dll
2010-01-27 21:22 . 2010-01-27 21:22 61440 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-56361994-n\decora-sse.dll
2010-01-27 21:22 . 2010-01-27 21:22 12800 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-56361994-n\decora-d3d.dll
2010-01-25 21:56 . 2010-01-22 17:39 47360 ----a-w- c:\documents and settings\User\Application Data\pcouffin.sys
2010-01-25 21:56 . 2010-01-22 17:39 47360 ----a-w- c:\documents and settings\User\Application Data\pcouffin.sys
2010-01-25 21:52 . 2010-01-22 11:16 122552 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-22 17:39 . 2010-01-22 17:39 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-01-22 14:52 . 2010-01-22 14:52 0 ----a-w- c:\windows\nsreg.dat
2010-01-22 13:12 . 2010-01-22 13:12 17119 ----a-w- c:\windows\system32\drivers\AegisP.sys
2010-01-22 12:43 . 2010-01-22 11:07 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-22 11:16 . 2010-01-22 11:16 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-01-22 11:03 . 2010-01-22 11:03 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-02-22 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-02-22 126976]
"RTHDCPL"="RTHDCPL.EXE" [2005-02-21 13783040]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2003-11-07 114688]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-01-12 669520]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
c:\documents and settings\User\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2010-4-8 385024]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\EpsonNet\\EpsonNet Setup\\tool09\\ENEasyApp.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22/01/2010 15:58 162640]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22/01/2010 15:58 19024]
.
Contents of the 'Scheduled Tasks' folder
2010-04-11 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-01-23 15:03]
2010-04-10 c:\windows\Tasks\expressburnSevenDaysInit.job
- c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-04-10 16:26]
2010-04-10 c:\windows\Tasks\expressburnShakeIcon.job
- c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-04-10 16:26]
2010-04-10 c:\windows\Tasks\videopadSevenDays.job
- c:\program files\NCH Software\VideoPad\videopad.exe [2010-04-10 16:28]
2010-04-10 c:\windows\Tasks\videopadShakeIcon.job
- c:\program files\NCH Software\VideoPad\videopad.exe [2010-04-10 16:28]
2010-04-10 c:\windows\Tasks\wavepadSevenDays.job
- c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2010-04-10 16:26]
2010-04-10 c:\windows\Tasks\wavepadShakeIcon.job
- c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2010-04-10 16:26]
.
.
Supplementary Scan
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\70oq3335.default\
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
AddRemove-CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200 - c:\program files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_104D0200
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-13 10:28
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2010-04-13 10:30:52
ComboFix-quarantined-files.txt 2010-04-13 09:30
Pre-Run: 104,771,100,672 bytes free
Post-Run: 107,167,268,864 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - 848CBC76A8464DFB2663A0E4DAAB00CC0 -
Seems free of nasties now
Clean up the computer by running the following 2 progs ~
Download CCLEANER
http://www.piriform.com/ccleaner/download/slim
Run the CLEANER scan (UNTICK 'cookies')
Then run the REGISTRY scan (Backup the registry when it asks)
reboot
Download GLARY UTILITIES
http://www.glaryutilities.com/download/gusetup_slim.exe
Run the ONE CLICK scan
Goto MODULES / SYSTEM TOOLS / WINDOWS STANDARD TOOLS / then run SYSTEM FILE CHECKER
Then try burning again but at 4* MAXIMUM speed:idea:0 -
Okies, just done everything as you said.
Then started burning using Express Burn.
It started converting, finalized.
When it was starting to verify the burn, the disc thing opens. I close it (as it says, if it remains open, close it
)
Then it starts verifying.
After about 50% completion, I get a message saying @errors burning video dvd disc'.
0 -
What size disc is it?:idea:0
-
Disc is 4.7 GB0
-
It probably wont work at some point, but try it in your dvd player anyways:idea:0
-
erm...it started workng
im well confused lol
thats whats ben happening all the time, and the dvds havent been working LOL
But one prob, its rly blurry!
Oh and another, not all of it is on dvd 0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.5K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.1K Work, Benefits & Business
- 600.7K Mortgages, Homes & Bills
- 177.5K Life & Family
- 258.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards