TheTechGuide Forum
General Category => Tech Clinic => Topic started by: bluestar on September 10, 2006, 09:19:20 PM
-
I am having problems getting sound to play for internet applications (youtube, etc.). However, I can get sound for my music programs (limewire, realplayer, etc.) on my computer. I also cannot get the sound icon to register in my tool bar, including going through the control panel to show it and have checked that there is nothing muted. A couple of times on startup, I get a error message about WIN32/svchost.exe. But I do not receive it everytime. So I have no clue what else to do. If someone could help me with this, it would be very much appreciated. Here is the HiJack log:
Logfile of HijackThis v1.99.1
Scan saved at 10:09:48 PM, on 9/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Java\jre1.5.0_01\bin\jucheck.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp_adb.../search/ie.html (http://\"http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sb/*http://www.yahoo.com/search/ie.html\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com\")
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com\")
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab (http://\"http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab\")
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx (http://\"https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx\")
O16 - DPF: {E9348280-2D74-4933-BE25-73D946926795} (DeviceEnum Class) - http://h20270.www2.hp.com/ediags/gmn/insta...cdetection3.cab (http://\"http://h20270.www2.hp.com/ediags/gmn/install/hpbasicdetection3.cab\")
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing)
O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)
-
I'm not seeing much wrong
but I don't see an Active AV running
Do you need a free solution
For now, can you do the following
From my signature below
Use INTERNET EXPLORER
Run an online virus scan at Kaspersky's
Accept the prompt at the Welcome screen
You will be promted to install an ActiveX component from Kaspersky, Click Yes.
- The program will launch and then begin downloading the latest definition files:
- Once the files have been downloaded click on NEXT
- Now click on Scan Settings
- In the scan settings make sure that the following are selected:
***Scan using the following Anti-Virus database:
Extended (if available otherwise Standard)
***Scan Options:
Scan Archives
Scan Mail Bases
- Click OK
- Now under select a target to scan:
Select My Computer
- This program will start and scan your system.
- The scan will take a while so be patient and let it run.
- Once the scan is complete it will display if your system has been infected.
***Now click on the Save as Text button:
- Save the file to your desktop.
* Copy and paste that information in your next post
Also, supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents
-
(warning, long) Kaspersky info:
Scan Statistics
Total number of scanned objects 100890
Number of viruses found 19
Number of infected objects 47 / 0
Number of suspicious objects 0
Duration of the scan process 02:11:51
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x0kfxm08.Default User\cert8.db Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x0kfxm08.Default User\formhistory.dat Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x0kfxm08.Default User\history.dat Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x0kfxm08.Default User\key3.db Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x0kfxm08.Default User\parent.lock Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-3c936701-62b8d23a.zip/javainstaller/InstallerApplet.class Infected: Trojan-Downloader.Java.OpenStream.w skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-3c936701-62b8d23a.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\x0kfxm08.Default User\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\x0kfxm08.Default User\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\x0kfxm08.Default User\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\x0kfxm08.Default User\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012006091120060912\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\xwhs9igv.exe Infected: Trojan-Dropper.Win32.Agent.qh skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\17BKNHNM\a771ab73[1].js Infected: Trojan-Downloader.JS.Small.af skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\1GTXZHLB\popup[1].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\1GTXZHLB\popup[2].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\BPJ853R8\popup[1].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\DMFHPA0E\popup[1].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\DSRYF7L3\popup[2].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\DSRYF7L3\popup[3].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\E6NJTSVJ\popup[1].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\E6NJTSVJ\popup[2].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\FLKOH7Z1\popup[1].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\MJ6VEAOQ\popup[1].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\TPC2SFHN\popup[1].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temp\MegaHost.dll Infected: Trojan.Win32.StartPage.rn skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temp\MegaInstaller.exe Infected: Trojan.Win32.StartPage.rn skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temp\trickler_4010.ex_/ Infected: not-a-virus:AdWare.Win32.Gator.4010 skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temp\trickler_4010.ex_ MS Expand: infected - 1 skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temporary Internet Files\Content.IE5\0GIQV0ZG\MegaInstaller[1].exe Infected: Trojan.Win32.StartPage.rn skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temporary Internet Files\Content.IE5\6BIBA1EN\pi[2].exe Infected: Trojan-Downloader.Win32.Small.afq skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temporary Internet Files\Content.IE5\G1EBOTAF\IeBHOs[1].dll Infected: not-a-virus:AdWare.Win32.E2Give.a skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temporary Internet Files\Content.IE5\X8FD7ZJA\sext01[1].chm/index.html Infected: Exploit.HTML.CodeBaseExec skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temporary Internet Files\Content.IE5\X8FD7ZJA\sext01[1].chm/MegaInstaller.exe Infected: not-a-virus:AdWare.Win32.MetaDirect.c skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temporary Internet Files\Content.IE5\X8FD7ZJA\sext01[1].chm CHM: infected - 2 skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temporary Internet Files\Content.IE5\XN1GJUL6\MegaInstaller[1].exe Infected: not-a-virus:AdWare.Win32.MetaDirect.c skipped
C:\Old_HD\Documents and Settings\CM\Local Settings\Temporary Internet Files\Content.IE5\Y53SHKVY\g[1].htm Infected: Trojan-Downloader.JS.Agent.ab skipped
C:\Old_HD\Documents and Settings\CM\My Documents\Brians Jobs\Courtney\John_Sykes_skin.exe/WISE0016.BIN/data0002 Infected: not-a-virus:AdWare.Win32.Sidesearch.d skipped
C:\Old_HD\Documents and Settings\CM\My Documents\Brians Jobs\Courtney\John_Sykes_skin.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.Sidesearch.d skipped
C:\Old_HD\Documents and Settings\CM\My Documents\Brians Jobs\Courtney\John_Sykes_skin.exe/WISE0017.BIN/WISE0011.BIN Infected: not-a-virus:AdWare.Win32.Exact.a skipped
C:\Old_HD\Documents and Settings\CM\My Documents\Brians Jobs\Courtney\John_Sykes_skin.exe/WISE0017.BIN/WISE0012.BIN Infected: not-a-virus:AdWare.Win32.Exact.a skipped
C:\Old_HD\Documents and Settings\CM\My Documents\Brians Jobs\Courtney\John_Sykes_skin.exe/WISE0017.BIN/WISE0013.BIN Infected: not-a-virus:AdWare.Win32.Exact.a skipped
C:\Old_HD\Documents and Settings\CM\My Documents\Brians Jobs\Courtney\John_Sykes_skin.exe/WISE0017.BIN Infected: not-a-virus:AdWare.Win32.Exact.a skipped
C:\Old_HD\Documents and Settings\CM\My Documents\Brians Jobs\Courtney\John_Sykes_skin.exe/WISE0018.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\Old_HD\Documents and Settings\CM\My Documents\Brians Jobs\Courtney\John_Sykes_skin.exe WiseSFX: infected - 7 skipped
C:\Old_HD\Program Files\E2G\IeBHOs.dll Infected: not-a-virus:AdWare.Win32.E2Give.a skipped
C:\Old_HD\Program Files\Lycos\Sidesearch\sidesearch.dll Infected: not-a-virus:AdWare.Win32.Sidesearch.d skipped
C:\Old_HD\WINDOWS\Lycos\ss_IGN1_setup.exe/data0002 Infected: not-a-virus:AdWare.Win32.Sidesearch.d skipped
C:\Old_HD\WINDOWS\Lycos\ss_IGN1_setup.exe NSIS: infected - 1 skipped
C:\Program Files\Evrsoft\1st Page 2000\IScripts\Buttons\Six buttons from hell.izs Infected: Trojan.JS.Loop skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\master.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\mastlog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\model.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\modellog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\tempdb.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\templog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\LOG\ERRORLOG Object is locked skipped
C:\RECYCLER\S-1-5-21-789336058-813497703-1957994488-1003\Dc5.exe/data0008/NHInstall.exe Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped
C:\RECYCLER\S-1-5-21-789336058-813497703-1957994488-1003\Dc5.exe/data0008/v2.0.4b.cab/NHelper.dll Infected: not-a-virus:AdWare.Win32.NavExcel.g skipped
C:\RECYCLER\S-1-5-21-789336058-813497703-1957994488-1003\Dc5.exe/data0008/v2.0.4b.cab/NHUninstaller.exe Infected: not-a-virus:AdWare.Win32.NavExcel skipped
C:\RECYCLER\S-1-5-21-789336058-813497703-1957994488-1003\Dc5.exe/data0008/v2.0.4b.cab/NHUpdater.exe Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped
C:\RECYCLER\S-1-5-21-789336058-813497703-1957994488-1003\Dc5.exe/data0008/v2.0.4b.cab Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped
C:\RECYCLER\S-1-5-21-789336058-813497703-1957994488-1003\Dc5.exe/data0008 Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped
C:\RECYCLER\S-1-5-21-789336058-813497703-1957994488-1003\Dc5.exe Inno: infected - 6 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{DC1AA841-C6AD-41B4-82A7-48BA0FF117BD}\RP221\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{3D586809-E5DF-4DB6-9A99-3C8E12E76C14}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_220.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
HiJack log uninstall:
1st Page 2000 2.00 Free
ABBYY FineReader 5.0 Sprint
AceMenu Creator
Adobe Download Manager 2.0 (Remove Only)
Adobe Photoshop Elements 2.0
Adobe Reader 7.0.5
Art Explosion Label Factory Deluxe
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Audacity 1.2.3
BitTorrent 4.0.3
Broadcom 802.11 Driver
Cakewalk Audio Finder Tool
Cakewalk Pyro 1.5
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DS for ZoomBrowser EX
Canon Camera Window MC 5 for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities PhotoStitch 3.1
Canon ZoomBrowser EX
CDBurnerXP Pro 3
Conexant 56K ACLink Modem
Conexant AC-Link Audio
DivX Player
DreamStation DXi2
EPSON Copy Utility
EPSON PERF 3170Guide
EPSON Photo Print
EPSON Scan
EPSON Smart Panel
FileZilla (remove only)
Google Toolbar for Internet Explorer
GTK+ 2.6.4 runtime environment
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
HP Wireless LAN Driver
iTunes
J2SE Runtime Environment 5.0 Update 1
Kaspersky Online Scanner
LimeWire 4.12.6
Macromedia Flash Player 8
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office Professional Edition 2003
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
Microsoft Windows Journal Viewer
Microsoft Works 2003 Setup Launcher
Microsoft Works 7.0
Microsoft Works Suite Add-in for Microsoft Word
Mozilla Firefox (1.5.0.6)
Music Creator 2
Nvu 0.90
Presto! BizCard 4.1 Eng
QuickTime
RealPlayer
rgc:audio Triangle II
ScanToWeb
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
SoftSound Shorten for Windows 2.3b
Spelling Dictionaries For Adobe Reader Package
Synaptics Pointing Device Driver
The GIMP 2.2.6
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
VideoLAN VLC media player 0.8.1
Virtual Sound Canvas DXi
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
Yahoo! extras
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar
-
*bump
I updated and reinstalled Explorer and sound device. Win32 box doesn't seem to be coming up anymore. However, I can get sound on my music programs still (realplayer, quicktime, limewire, etc.) but still cannot get sound on any internet applications, and the sound icon still will not register on my taskbar. When I go under Customize, under the Task Bar Menu, it says the volume is muted, which it isn't and is located in past history. I clicked "always show", but nothing happens after I apply and OK it. What other methods are there to troubleshoot this issue?
Any further suggestions would be appreciated!
-
If you right click the task bar and click properties
Uncheck Hide Inactive Icons, apply it and ok
Does the volume button show?
Access your Windows control panel and open the Java icon
Under the General tab select Delete Files
Leave all 3 selections checked and click OK
I would update your version of Java
For now
Access your add/remove programs and remove
J2SE Runtime Environment 5.0 Update 1
Don't update it yet, we'll do it in a bit
Download, install, and update Ewido anti-spyware (http://\"http://www.ewido.net/en/download/\")
Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.
After the update finishes (the status bar at the bottom will display "Update successful")
Don't run it yet
Please download [color=\"#FF0000\"]ATF-Cleaner[/color] (http://\"http://www.atribune.org/ccount/click.php?id=1\") by Atribune.
This program is for XP and Windows 2000 only
Don't run it yet
Reboot your computer into Safe mode
In safe mode
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browser
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
This will remove all files from the items that are checked so if you have some cookies you'd like to save. please move them to a different directory first.
Ewido
Open Ewido and Click on the Scanner tab at the top and then click on Complete System Scan.
Don't use your computer while running the scan, let it complete
Ewido will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will display "All actions have been applied" on the right hand side.
Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).
Reboot the computer afterwards back to Normal windows
Post the report from Ewido's please and a fresh hijackthis log
-
Post the report from Ewido's please and a fresh hijackthis log
Isn't this pretty much the same thing I just did with Kaspersky's? Nothing different happens when I uncheck Hide Inactive icons. The key is trying to figure out why even though volume is listed, it is under Past History. It says the volume is muted, which it isn't. I've made sure to go under advanced options and make sure no lines were being muted. Yet, the volume still will not register. Is this a virus attacking the internet browser or something else?
-
I had you run an online virus scanner because you aren't running your own on your system
Ewido should remove some of those files for you, plus we should of had you install a Virus scanner
But, scanning the Internet, I see you have been warned about this in the past on other forums
I guess no one can get through to you
Seems you know best>>>but looking at your kaspersky's log, you really don't
I'm locking this as you have not done the last set of instructions
Hopefully someone can talk you into properly protecting your computer
Take care