« previous next »
Pages: 1 2 [3]

Author Topic: sound issues  (Read 1550 times)

Offline Juggernaut

  • Full Member
  • ***
  • Posts: 110
  • Karma: +0/-0
    • View Profile
sound issues
« Reply #40 on: September 20, 2007, 10:00:00 AM »
HJK Log...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:58:48 AM, on 9/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\program files\powerstrip\pstrip.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\program files\steam\steam.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User \'LOCAL SERVICE\')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User \'NETWORK SERVICE\')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User \'SYSTEM\')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User \'Default user\')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra \'Tools\' menuitem: IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra \'Tools\' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: IBM HDD APS Logging Service (TPHDEXLGSVC) - IBM Corporation - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe (file missing)

--
End of file - 6367 bytes


ComboFix log...

ComboFix 07-09-19.8 - "Colin Thorner" 2007-09-20 10:45:53.4 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.57 [GMT -4:00]
 * Created a new restore point

FILE::
C:\WINDOWS\system32\gzmrotate.dll
C:\WINDOWS\system32\adssite-remove.exe
C:\WINDOWS\system32\gzmrot-uninst.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint\Viewpoint Experience Technology\MetaStreamConfig.ini
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint\Viewpoint Experience Technology\MetaStreamID.ini
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9\FLFBootStrap.mtx
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9Plus\FLFBootStrap.mtx
C:\Program Files\Viewpoint
C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\ClassIDs.ini
C:\Program Files\Viewpoint\Viewpoint Experience Technology\ComponentMgr.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\MetaStreamID.ini
C:\Program Files\Viewpoint\Viewpoint Experience Technology\MtsAxInstaller.exe
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\AOLArt.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\AOLShell.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\AOLUserShell.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\Cursors.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\DataTracking.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\GifReader.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\JpegReader.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\LensFlares.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\Mts3Reader.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\ObjectMovie.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\SceneComponent.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\ServiceComponent.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\SreeDMMX.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\SWFView.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\VectorView.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\VMPAudio.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\VMPExtras.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\VMPSpeech.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\VMPVideo.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\WaveletReader.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents\ZoomView.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.xpt
C:\WINDOWS\system32\adssite-remove.exe
C:\WINDOWS\system32\gzmrot-uninst.exe
C:\WINDOWS\system32\gzmrotate.dll

.
(((((((((((((((((((((((((   Files Created from 2007-08-20 to 2007-09-20  )))))))))))))))))))))))))))))))
.

2007-09-19 20:55   <DIR>   d--------   C:\Program Files\iPod
2007-09-16 01:21   664   --a------   C:\WINDOWS\system32\d3d9caps.dat
2007-09-08 08:52   <DIR>   d--------   C:\Program Files\Common Files\Nullsoft
2007-09-08 08:51   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\AIM
2007-09-06 23:01   25,856   --a------   C:\WINDOWS\system32\drivers\usbprint.sys
2007-09-06 23:01   25,856   --a------   C:\WINDOWS\system32\dllcache\usbprint.sys
2007-09-06 22:07   51,200   --a------   C:\WINDOWS\nircmd.exe
2007-09-04 20:57   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\InterVideo
2007-09-03 21:00   172,032   --a------   C:\WINDOWS\system32\igfxres.dll
2007-09-03 20:56   <DIR>   d--------   C:\Program Files\PowerStrip
2007-09-03 20:32   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\Ventrilo
2007-09-03 20:08   17,920   --a------   C:\WINDOWS\system32\mdimon.dll
2007-09-03 19:56   <DIR>   d--------   C:\Program Files\Microsoft.NET
2007-09-03 19:56   <DIR>   d--------   C:\Program Files\Microsoft ActiveSync
2007-09-03 19:54   <DIR>   d--------   C:\WINDOWS\SHELLNEW
2007-09-03 19:49   <DIR>   dr-h-----   C:\MSOCache
2007-09-03 19:46   <DIR>   d--------   C:\Program Files\Microsoft IntelliPoint
2007-09-03 19:40   <DIR>   d--------   C:\Program Files\Microsoft IntelliType Pro
2007-09-03 19:40   <DIR>   d--------   C:\Program Files\Common Files\xing shared
2007-09-03 19:34   <DIR>   d--------   C:\Program Files\Real
2007-09-03 19:33   <DIR>   d--------   C:\Program Files\Common Files\Real
2007-09-03 19:33   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\Real
2007-09-03 19:32   <DIR>   d--------   C:\Program Files\VideoLAN
2007-09-03 19:30   118,784   --a------   C:\WINDOWS\system32\MSSTDFMT.DLL
2007-09-03 19:30   <DIR>   d--------   C:\Program Files\SpywareBlaster
2007-09-03 19:15   221,184   --a------   C:\WINDOWS\system32\wmpns.dll
2007-09-03 19:14   <DIR>   d--------   C:\Program Files\Windows Media Connect 2
2007-09-03 19:08   <DIR>   d--------   C:\WINDOWS\system32\LogFiles
2007-09-03 19:08   <DIR>   d--------   C:\WINDOWS\system32\drivers\UMDF
2007-09-03 18:54   <DIR>   d--------   C:\DOCUME~1\COLINT~1\Incomplete
2007-09-03 18:54   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\LimeWire
2007-09-03 18:52   <DIR>   d--------   C:\Program Files\EndItAll
2007-09-03 18:42   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\WinRAR
2007-09-03 18:37   <DIR>   d--------   C:\Program Files\mIRC
2007-09-03 18:37   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\mIRC
2007-09-03 18:31   <DIR>   d--------   C:\Program Files\LimeWire
2007-09-03 18:30   <DIR>   d--------   C:\Program Files\PokerStars
2007-09-03 17:43   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\Apple Computer
2007-09-03 17:42   <DIR>   d----c---   C:\WINDOWS\system32\DRVSTORE
2007-09-03 17:42   <DIR>   d--------   C:\Program Files\iTunes
2007-09-03 17:42   <DIR>   d--------   C:\Program Files\Apple Software Update
2007-09-03 17:41   <DIR>   d--------   C:\Program Files\Common Files\Apple
2007-09-03 17:39   <DIR>   d--------   C:\Program Files\QuickTime
2007-09-03 17:39   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-09-03 17:38   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-09-03 17:35   23,040   ---------   C:\WINDOWS\system32\dllcache\fltmc.exe
2007-09-03 17:35   16,896   ---------   C:\WINDOWS\system32\dllcache\fltlib.dll
2007-09-03 17:35   128,896   ---------   C:\WINDOWS\system32\dllcache\fltmgr.sys
2007-09-03 17:33   <DIR>   d--------   C:\Program Files\MSXML 4.0
2007-09-03 17:28   <DIR>   d--------   C:\Program Files\Trend Micro
2007-09-03 17:17   1,156   --a------   C:\WINDOWS\mozver.dat
2007-09-03 17:10   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\acccore
2007-09-03 17:09   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
2007-09-03 17:09   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
2007-09-03 17:08   <DIR>   d--------   C:\Program Files\Combined Community Codec Pack
2007-09-03 17:03   <DIR>   d--------   C:\Program Files\Common Files\AOL
2007-09-03 17:03   <DIR>   d--------   C:\Program Files\AIM6
2007-09-03 17:02   23,856   --a------   C:\WINDOWS\system32\spupdsvc.exe
2007-09-03 17:02   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
2007-09-03 16:59   335   --a------   C:\WINDOWS\nsreg.dat
2007-09-03 16:50   26,496   --a------   C:\WINDOWS\system32\dllcache\usbstor.sys
2007-09-03 16:38   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\Symantec
2007-09-03 16:38   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\Sonic
2007-09-03 16:38   <DIR>   d--------   C:\DOCUME~1\COLINT~1\APPLIC~1\IBM
2007-09-03 16:37   <DIR>      C:\RRUbackups
2007-09-03 16:24   <DIR>   d--hs----   C:\Recycled
2007-09-03 16:23   4,442   --a------   C:\WINDOWS\system32\drivers\TPPWRIF.SYS
2007-09-03 16:23   16,384   --a------   C:\WINDOWS\PWMBTHLP.EXE
2007-09-03 16:19   77,824   --a------   C:\WINDOWS\system32\WindowsAccessBridge.dll
2007-09-03 16:19   28,672   --a------   C:\WINDOWS\system32\JAWTAccessBridge.dll
2007-09-03 16:19   139,264   --a------   C:\WINDOWS\system32\JavaAccessBridge.dll
2007-09-03 16:18   86,016   --a------   C:\WINDOWS\system32\PcdrKernelModeServices.dll
2007-09-03 16:18   77,824   --a------   C:\WINDOWS\system32\QCONSVC.EXE
2007-09-03 16:18   65,536   --a------   C:\WINDOWS\system32\ProgressTrace.dll
2007-09-03 16:18   577,536   --a------   C:\WINDOWS\system32\tvt_gina.dll
2007-09-03 16:18   282,624   --a------   C:\WINDOWS\system32\tvt_gina_api.dll
2007-09-03 16:18   262,144   --a------   C:\WINDOWS\system32\QConGina.dll
2007-09-03 16:18   2,432   --a------   C:\WINDOWS\system32\drivers\IBMBLDID.SYS
2007-09-03 16:18   12,288   --a------   C:\WINDOWS\system32\drivers\qcndisif.sys
2007-09-03 16:18   11,520   --a------   C:\WINDOWS\system32\drivers\ANC.sys
2007-09-03 16:18   <DIR>   d--------   C:\Program Files\PC-Doctor for Windows
2007-09-03 16:16   32,256   --a------   C:\WINDOWS\system32\drivers\psasrv.exe
2007-09-03 16:16   13,184   --a------   C:\WINDOWS\system32\drivers\psadd.sys
2007-09-03 16:16   <DIR>   d--------   C:\IBMSHARE
2007-09-03 16:13   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
2007-09-03 16:13   <DIR>   d--------   C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
2007-09-03 16:12   204,800   --a------   C:\WINDOWS\system32\IVIresizeW7.dll
2007-09-03 16:12   200,704   --a------   C:\WINDOWS\system32\IVIresizeA6.dll
2007-09-03 16:12   20,480   --a------   C:\WINDOWS\system32\IVIresize.dll
2007-09-03 16:12   192,512   --a------   C:\WINDOWS\system32\IVIresizeP6.dll
2007-09-03 16:12   192,512   --a------   C:\WINDOWS\system32\IVIresizeM6.dll
2007-09-03 16:12   188,416   --a------   C:\WINDOWS\system32\IVIresizePX.dll
2007-09-03 16:12   <DIR>   d--------   C:\Program Files\InterVideo
2007-09-03 16:12   <DIR>   d--------   C:\icons
2007-09-03 16:11   <DIR>   d--------   C:\Program Files\IBM DLA
2007-09-03 16:11   <DIR>   d--------   C:\Program Files\Common Files\Sonic
2007-09-03 16:11   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\ibm
2007-09-03 16:11   <DIR>   d--------   C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
2007-09-03 16:10   <DIR>   d--------   C:\WINDOWS\system32\thinkpad_features
2007-09-03 16:10   <DIR>   d--------   C:\Program Files\Sonic

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-03 16:39   47   --a------   C:\WINDOWS\system32\drivers\IBM_1871_C1U.MRK
2007-09-03 15:59   0   -rah-----   C:\WINDOWS\system32\drivers\IBM_1871_C1U_TP.MRK
.

((((((((((((((((((((((((((((((((((((((((((((   Look   )))))))))))))))))))))))))))))))))))))))))))))))))))))))))


---- Directory of C:\RRUbackups ----

         C:\RRUbackups\


(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
 
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-09-14 08:44]
"PWRMGRTR"="C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2005-01-21 04:00]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2006-07-07 19:15]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-07-07 19:14]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-01-13 09:47]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-01-13 09:47]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-01-13 09:46]
"PowerStrip"="c:\program files\powerstrip\pstrip.exe" [2007-07-14 05:35]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 09:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [2007-09-03 14:59]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 20:05]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-04-27 17:17]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\QConGina]
QConGina.dll 2005-03-18 06:07 262144 C:\WINDOWS\system32\QConGina.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
tphklock.dll 2004-08-12 23:11 24576 C:\WINDOWS\system32\tphklock.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli pwdmon

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"Aim6"=
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
"UC_Start"=C:\Program Files\IBM\Updater\\ucstartup.exe
"UC_SMB"=
"TpShocks"=TpShocks.exe
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
"TPHOTKEY"=C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
"TP4EX"=tp4ex.exe
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"QCWLICON"=C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe
"IBMPRC"=C:\IBMTOOLS\UTILS\ibmprc.exe
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot

R0 Shockprf;Shockprf;C:\WINDOWS\system32\drivers\Shockprf.sys
R0 TPDiskPM;TPDiskPM;C:\WINDOWS\system32\drivers\TPDiskPM.sys
R1 ANC;ANC;C:\WINDOWS\system32\drivers\ANC.SYS
R1 IBMTPCHK;IBMTPCHK;C:\WINDOWS\system32\drivers\IBMBLDID.SYS
R1 ShockMgr;ShockMgr;C:\WINDOWS\system32\drivers\ShockMgr.sys
R1 TPPWRIF;TPPWRIF;C:\WINDOWS\system32\drivers\Tppwrif.sys
R2 ibmfilter;ibmfilter;\??\C:\WINDOWS\system32\drivers\ibmfilter.sys
R2 PStrip;PStrip;C:\WINDOWS\system32\drivers\pstrip.sys
R3 portio;TPM Service;C:\WINDOWS\system32\DRIVERS\NscTpmDD.sys
R3 TPInput;TPInput;C:\WINDOWS\system32\DRIVERS\TPInput.sys
S3 QCNDISIF;QCNDISIF;C:\WINDOWS\system32\drivers\qcndisif.SYS

.
Contents of the \'Scheduled Tasks\' folder
"2007-09-13 17:27:08 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-09-20 14:50:45 C:\WINDOWS\Tasks\PMTask.job"
.
**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-20 10:50:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-09-20 10:52:29 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-20 10:51
C:\ComboFix2.txt ... 2007-09-19 08:48
.
   --- E O F ---
Logged

Offline Juggernaut

  • Full Member
  • ***
  • Posts: 110
  • Karma: +0/-0
    • View Profile
sound issues
« Reply #41 on: September 20, 2007, 10:01:02 AM »
FSBL Log...

09/20/07 10:53:54 [Info]: BlackLight Engine 1.0.64 initialized
09/20/07 10:53:54 [Info]: OS: 5.1 build 2600 (Service Pack 2)
09/20/07 10:53:54 [Note]: 7019 4
09/20/07 10:53:54 [Note]: 7005 0
09/20/07 10:53:57 [Note]: 7006 0
09/20/07 10:53:57 [Note]: 7011 364
09/20/07 10:53:58 [Note]: 7026 0
09/20/07 10:53:58 [Note]: 7026 0
09/20/07 10:54:00 [Note]: FSRAW library version 1.7.1022
09/20/07 10:58:29 [Note]: 7007 0
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
sound issues
« Reply #42 on: September 20, 2007, 10:58:56 PM »
Looks good, how is everything?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline Juggernaut

  • Full Member
  • ***
  • Posts: 110
  • Karma: +0/-0
    • View Profile
sound issues
« Reply #43 on: September 22, 2007, 12:52:08 AM »
seems to be alright, ill keep you posted if anything else pops up
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
sound issues
« Reply #44 on: September 22, 2007, 08:48:57 AM »
I'll keep this topic open for a few days, let me know how it's working after a couple days
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: 1 2 [3]
« previous next »