Over 1 million tech questions and answers.

Volume wave automatically turned down and invisible voice ad!

Q: Volume wave automatically turned down and invisible voice ad!

Hi,My problems are quite similar to some others we have previously posted, AVG couldn't do anything. Please if you could help me to analys the log.Thanks alot,Anitarun by combofixComboFix 10-07-12.02 - Anita 07/12/2010 22:17:35.2.2 - x86Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.958.330 [GMT 1:00]Running from: c:\documents and settings\Anita\My Documents\Downloads\ComboFix.exeAV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.((((((((((((((((((((((((( Files Created from 2010-06-12 to 2010-07-12 ))))))))))))))))))))))))))))))).2010-07-12 21:06 . 2010-07-12 21:06 -------- d-----w- c:\documents and settings\Anita\Application Data\AVG92010-07-12 20:18 . 2010-07-12 20:18 -------- d-----w- c:\documents and settings\Anita\Application Data\MSN62010-07-12 18:48 . 2010-07-12 18:48 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Threat Expert2010-07-12 18:43 . 2010-07-12 19:11 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP2010-07-12 15:13 . 2010-07-12 15:13 -------- d-----w- c:\documents and settings\Anita\Application Data\Malwarebytes2010-07-12 15:13 . 2010-07-12 15:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes2010-07-12 10:18 . 2010-07-12 10:18 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Yahoo2010-07-11 12:07 . 2010-07-11 12:07 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache2010-07-11 12:06 . 2010-07-11 12:06 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE2010-07-11 12:06 . 2010-07-11 12:06 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Conduit2010-07-11 12:06 . 2010-07-11 12:07 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Vuze_Remote2010-07-11 12:06 . 2010-07-11 12:06 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Yahoo!2010-07-11 12:06 . 2010-07-11 12:06 -------- d-----w- c:\documents and settings\LocalService\Application Data\Yahoo!2010-07-02 17:12 . 2010-07-02 17:12 -------- d-----w- c:\documents and settings\Anita\Local Settings\Application Data\Yahoo2010-07-02 17:11 . 2010-07-02 18:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!2010-07-02 17:09 . 2010-07-02 17:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion2010-07-02 17:09 . 2010-07-02 18:23 -------- d-----w- c:\documents and settings\Anita\Application Data\BitZipper2010-07-02 17:08 . 2010-07-02 17:08 -------- d-----w- c:\documents and settings\Anita\Application Data\Yahoo!2010-07-02 17:08 . 2010-07-02 17:11 -------- d-----w- c:\program files\Yahoo!2010-07-02 16:42 . 2010-07-02 18:27 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2010-07-12 20:18 . 2009-11-22 02:20 -------- d-----w- c:\documents and settings\Anita\Application Data\Skype2010-07-12 20:13 . 2009-12-03 00:37 -------- d-----w- c:\program files\lx_cats2010-07-12 19:59 . 2009-11-22 01:45 -------- d-----w- c:\documents and settings\All Users\Application Data\avg92010-07-12 18:39 . 2009-12-19 22:26 -------- d-----w- c:\documents and settings\Anita\Application Data\skypePM2010-07-12 17:20 . 2009-11-25 17:56 0 ----a-w- c:\documents and settings\Anita\Local Settings\Application Data\prvlcl.dat2010-07-08 15:36 . 2009-11-22 01:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help2010-07-02 18:48 . 2010-03-27 12:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton2010-07-02 18:48 . 2010-03-27 12:25 -------- d-----w- c:\program files\Common Files\Symantec Shared2010-07-02 18:24 . 2010-03-27 11:53 -------- d-----w- c:\documents and settings\Anita\Application Data\Azureus2010-06-07 19:46 . 2009-11-22 00:00 -------- d--h--w- c:\program files\InstallShield Installation Information2010-06-07 18:44 . 2010-06-07 18:44 -------- d-----w- c:\program files\Electronic Arts2010-06-05 02:01 . 2010-03-27 11:52 -------- d-----w- c:\program files\Vuze2010-06-04 03:38 . 2010-03-27 11:52 -------- d-----w- c:\program files\Vuze_Remote2010-06-04 02:30 . 2010-06-04 02:30 31048 ------w- c:\documents and settings\Anita\Application Data\Tencent\QQ\SafeBase\selfupdate.exe2010-06-04 02:30 . 2010-06-04 01:56 -------- d-----w- c:\documents and settings\Anita\Application Data\Tencent2010-06-04 02:10 . 2010-06-04 02:10 18718 ----a-r- c:\documents and settings\Anita\Application Data\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut2_E88611396FF84AFCB2EE5C1594058E02.exe2010-06-04 02:10 . 2010-06-04 02:10 18718 ----a-r- c:\documents and settings\Anita\Application Data\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\ARPPRODUCTICON.exe2010-06-04 02:10 . 2010-06-04 02:10 106496 ----a-r- c:\documents and settings\Anita\Application Data\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut311_0951773981FA4AB2BC21B7DCEC95892A.exe2010-06-04 02:10 . 2010-06-04 02:10 106496 ----a-r- c:\documents and settings\Anita\Application Data\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut31_2F252077BA3F4362913955273A708467.exe2010-06-04 02:10 . 2010-06-04 02:10 106496 ----a-r- c:\documents and settings\Anita\Application Data\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut1_EDD4ABB1C1B34A9D84CE33FBFB5D3639.exe2010-06-04 02:10 . 2010-06-04 02:10 -------- d-----w- c:\program files\Common Files\Tencent2010-06-04 02:09 . 2010-06-04 02:09 -------- d-----w- c:\program files\Tencent2010-06-03 12:22 . 2009-11-23 19:45 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys2010-06-03 12:22 . 2009-11-23 19:45 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys2010-05-28 13:59 . 2010-05-28 13:59 61440 ----a-w- c:\documents and settings\Anita\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1469736a-n\decora-sse.dll2010-05-28 13:59 . 2010-05-28 13:59 348160 ----a-w- c:\documents and settings\Anita\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-504903c9-n\msvcr71.dll2010-05-28 13:59 . 2010-05-28 13:59 503808 ----a-w- c:\documents and settings\Anita\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-504903c9-n\msvcp71.dll2010-05-28 13:59 . 2010-05-28 13:59 499712 ----a-w- c:\documents and settings\Anita\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-504903c9-n\jmc.dll2010-05-28 13:59 . 2010-05-28 13:59 12800 ----a-w- c:\documents and settings\Anita\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1469736a-n\decora-d3d.dll2010-05-10 05:07 . 2009-11-25 22:53 186 ----a-w- c:\documents and settings\All Users\Application Data\SafeNet Sentinel\Sentinel RMS Development Kit\System\prsgrc.dll2010-05-06 10:41 . 2003-03-31 12:00 916480 ----a-w- c:\windows\system32\wininet.dll2010-05-02 05:22 . 2003-03-31 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys2010-04-24 00:40 . 2010-03-27 12:03 4141117 ----a-w- c:\documents and settings\Anita\Application Data\Azureus\plugins\vuzexcode\mediainfo.exe2010-04-24 00:40 . 2010-03-27 12:03 7282688 ----a-w- c:\documents and settings\Anita\Application Data\Azureus\plugins\vuzexcode\ffmpeg.exe2010-04-20 05:30 . 2003-03-31 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll.------- Sigcheck -------[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\atapi.sys[-] 2003-03-31 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\atapi.sys[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\asyncmac.sys[-] 2003-03-31 . 03F403B07A884FC2AA54A0916C410931 . 13568 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys[-] 2003-03-31 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys[-] 2003-03-31 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\kbdclass.sys[-] 2003-03-31 . 1E7F78C2FC393356CD884C6FDE7966F9 . 23424 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ndis.sys[-] 2003-03-31 . 3B350E5A2A5E951453F3993275A4523A . 167552 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ndis.sys[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ntfs.sys[-] 2003-03-31 . E3AE9C79498210A5F39FE5A9AD62BC55 . 561920 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ntfs.sys[-] 2003-03-31 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys[-] 2003-03-31 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll[-] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\browser.dll[-] 2003-03-31 . 3671D928554E124A8AC326A1769F2FFB . 49152 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\browser.dll[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe[-] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lsass.exe[-] 2003-03-31 . B2B6BA905D0E3F8A32A0EB3B4051807B . 11776 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\lsass.exe[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll[-] 2005-08-22 . 838B1DF317D55BFFF67F99F1AE7ECEB7 . 154624 . . [5.1.2600.1733] . . c:\windows\SoftwareDistribution\Download\f7a4b3723a3aad7955ede9785b307e88\sp1qfe\netman.dll[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\SoftwareDistribution\Download\f7a4b3723a3aad7955ede9785b307e88\sp2gdr\netman.dll[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:\windows\SoftwareDistribution\Download\f7a4b3723a3aad7955ede9785b307e88\sp2qfe\netman.dll[-] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\netman.dll[-] 2003-03-31 . E7FF9267BBEB1386975278A27378526F . 154112 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\netman.dll[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll[-] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\qmgr.dll[-] 2004-07-01 . 696AC82FB290A03F205901442E0E9589 . 361984 . . [6.6.2600.1569] . . c:\windows\SoftwareDistribution\Download\e9b0377463edd4b6480f6148a1f88bac\sp1qfe\qmgr.dll[-] 2003-03-31 . 6A1CF14D0E7D0B2241F552223769C8A7 . 221696 . . [6.2.2600.1106] . . c:\windows\$NtServicePackUninstall$\qmgr.dll[-] 2003-03-31 . 6A1CF14D0E7D0B2241F552223769C8A7 . 221696 . . [6.2.2600.1106] . . c:\windows\$NtUninstallKB842773$\qmgr.dll[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\SoftwareDistribution\Download\0fd33c77398fa2b50df56456525ef5c3\sp2qfe\spoolsv.exe[-] 2005-06-10 . 6B4BF97957A0B8795811975D4BF1ACFE . 53248 . . [5.1.2600.1699] . . c:\windows\SoftwareDistribution\Download\0fd33c77398fa2b50df56456525ef5c3\sp1qfe\spoolsv.exe[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\SoftwareDistribution\Download\0fd33c77398fa2b50df56456525ef5c3\sp2gdr\spoolsv.exe[-] 2004-08-04 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\spoolsv.exe[-] 2003-03-31 . 9B4155BA58192D4073082B8FC5D42612 . 51200 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe[-] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\winlogon.exe[-] 2003-03-31 . 2246D8D8F4714A2CEDB21AB9B1849ABB . 516608 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\winlogon.exe[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll[-] 2006-08-25 . 44AA778B2329428C9E8D5367BCF91CDD . 561664 . . [5.82] . . c:\windows\SoftwareDistribution\Download\e533f2b7494d7e198f7fd652beea5687\sp1qfe\comctl32.dll[-] 2006-08-25 . 11B508E0D26622D2BD25B60033245F6A . 925184 . . [6.0] . . c:\windows\SoftwareDistribution\Download\e533f2b7494d7e198f7fd652beea5687\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\e533f2b7494d7e198f7fd652beea5687\sp2qfe\comctl32.dll[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\e533f2b7494d7e198f7fd652beea5687\sp2qfe\asms\60\msft\windows\common\controls\comctl32.dll[-] 2006-07-13 . E48A8A28835914878C9716E71032A10C . 925184 . . [6.0] . . c:\windows\SoftwareDistribution\Download\25d72ef1acc6d7256eb94ad3d6a21e9b\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll[-] 2006-03-17 . 551E967F1E08EE6E205FCB5ADCB0DFC5 . 925184 . . [6.0] . . c:\windows\SoftwareDistribution\Download\cb2769f3b1daf367a31ed046299a3790\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll[-] 2005-08-31 . A93B7C3B08B9AC15B4DCDC96A50E4C2C . 925184 . . [6.0] . . c:\windows\SoftwareDistribution\Download\0ad26524c298df9a41026d3b49a38936\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll[-] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\asms\60\msft\windows\common\controls\comctl32.dll[-] 2004-08-04 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\comctl32.dll[-] 2003-03-31 . 0B5D337119929505EE72D4E4A41ED1FD . 557056 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll[-] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\cryptsvc.dll[-] 2003-03-31 . 41C70161BFCB17E7E12ED89BADD2AEF4 . 53248 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll[-] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\imm32.dll[-] 2003-03-31 . C9F9E3E6B59C6D6CBCE7F14494A4518A . 103936 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\imm32.dll[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll[-] 2005-09-01 . 71E9F9E000221536047E059CBE2FE211 . 16384 . . [5.1.2600.1740] . . c:\windows\SoftwareDistribution\Download\0ad26524c298df9a41026d3b49a38936\sp1qfe\linkinfo.dll[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\SoftwareDistribution\Download\0ad26524c298df9a41026d3b49a38936\sp2qfe\linkinfo.dll[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\SoftwareDistribution\Download\0ad26524c298df9a41026d3b49a38936\sp2gdr\linkinfo.dll[-] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\linkinfo.dll[-] 2003-03-31 . 7D8C58C0CBB7331E9296A7357827CA8E . 15360 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll[-] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lpk.dll[-] 2003-03-31 . 55990CA08692E2739A8DDCE0B04352AC . 18944 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\lpk.dll[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\asms\70\msft\windows\mswincrt\msvcrt.dll[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msvcrt.dll[-] 2003-03-31 . 886A6C3C185AAEDECD00477F72279B07 . 323072 . . [7.0.2600.1106] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll[-] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\netlogon.dll[-] 2003-03-31 . 3ADD563ED7A1C66E6F5E0F7A661AA96D . 399360 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\netlogon.dll[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll[-] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\powrprof.dll[-] 2003-03-31 . 865AD7CCB20856727D5BD994B094DC5E . 14848 . . [6.00.2600.0000] . . c:\windows\$NtServicePackUninstall$\powrprof.dll[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll[-] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\scecli.dll[-] 2003-03-31 . 97418A5C642A5C748A28BD7CF6860B57 . 174592 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\scecli.dll[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll[-] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sfc.dll[-] 2003-03-31 . 52BB2A508CB3EB8AAA5F6F142F5B73D6 . 4096 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\sfc.dll[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe[-] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\svchost.exe[-] 2003-03-31 . 0F7D9C87B0CE1FA520473119752C6F79 . 12800 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\svchost.exe[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\SoftwareDistribution\Download\c97484bc3f0a909669b5abb5a1bd9a86\sp2qfe\tapisrv.dll[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\SoftwareDistribution\Download\c97484bc3f0a909669b5abb5a1bd9a86\sp2gdr\tapisrv.dll[-] 2005-07-08 . 5F0469FF26B19790B5A0D7C77871B6CD . 238592 . . [5.1.2600.1715] . . c:\windows\SoftwareDistribution\Download\c97484bc3f0a909669b5abb5a1bd9a86\sp1qfe\tapisrv.dll[-] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\tapisrv.dll[-] 2003-03-31 . 9B3A213B6591A79EBABBFB4E4EA0A23E . 233984 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll[-] 2005-03-02 . 74202EB1BD67E8BE9509E38C8D2234B0 . 561152 . . [5.1.2600.1634] . . c:\windows\SoftwareDistribution\Download\58bffe479c581eda56fcf7412cce5cc0\sp1qfe\user32.dll[-] 2005-03-02 . 74202EB1BD67E8BE9509E38C8D2234B0 . 561152 . . [5.1.2600.1634] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp1qfe\user32.dll[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2qfe\user32.dll[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\user32.dll[-] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\user32.dll[-] 2003-03-31 . DD9269230C21EE8FB7FD3FCCC3B1CFCB . 560128 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\user32.dll[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe[-] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\userinit.exe[-] 2003-03-31 . E931E0A2B8BF0019DB902E98D03662CB . 22016 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\userinit.exe[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll[-] 2006-08-16 . 7B6A08441A4F11320421599D7ECF8D41 . 70656 . . [5.1.2600.1886] . . c:\windows\SoftwareDistribution\Download\fde4a5af73d5aee9b5faba71cbff1d6c\sp1qfe\ws2_32.dll[-] 2006-05-19 . 3748E0FC8C1B6ADA49F98C8E69A4228C . 70656 . . [5.1.2600.1847] . . c:\windows\SoftwareDistribution\Download\7d6100e060a1f93df520847b1cd9dc71\sp1qfe\ws2_32.dll[-] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ws2_32.dll[-] 2003-03-31 . 8529C295DF59B564D37A73B5629162B1 . 75264 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll[-] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ws2help.dll[-] 2003-03-31 . 235C7EF9AEDDE76801169DC61FA72DEF . 18944 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\ws2help.dll[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe[-] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\explorer.exe[-] 2003-03-31 . A82B28BFC2E4455FE43022A498C0EF0A . 1004032 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\explorer.exe[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\srsvc.dll[-] 2003-03-31 . 38E9CFAC7881435764051FD7B1F010FB . 158720 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\srsvc.dll[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wscntfy.exe[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\xmlprov.dll[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll[-] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\eventlog.dll[-] 2003-03-31 . BF3C8CF53C77B48206B39910B6D6CBCC . 49152 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\eventlog.dll[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sfcfiles.dll[-] 2003-03-31 . 2564949DBE5F643F50913BBE45D346E2 . 1157632 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe[-] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ctfmon.exe[-] 2003-03-31 . 414DE7CF9D3F19C3EA902F1BB38EC116 . 13312 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll[-] 2004-10-28 . AD324E21EF7E668C9910EB5ADF6495C0 . 116736 . . [6.00.2800.1605] . . c:\windows\SoftwareDistribution\Download\dfeddbe03266add4998ad4eea2bf3073\sp1qfe\shsvcs.dll[-] 2004-08-04 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\shsvcs.dll[-] 2003-03-31 . 61684089A54936E40F65DA02D47A28AE . 116224 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll[-] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\regsvc.dll[-] 2003-03-31 . 9DF4527D53613601D3F79946EAA1DCB1 . 51712 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\regsvc.dll[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll[-] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\schedsvc.dll[-] 2003-03-31 . 719B05113003A1934EA25EA1FED68C85 . 159232 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll[-] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ssdpsrv.dll[-] 2003-03-31 . 75B5821307B2F4491F9ED06732366872 . 43008 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll[-] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\termsrv.dll[-] 2003-03-31 . FE84E045A09A4ABC4DEEF7270448B64E . 200192 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\termsrv.dll[-] 2003-03-31 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys[-] 2008-04-13 22:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys[-] 2008-04-13 22:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys[-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\aec.sys[-] 2003-03-31 12:00 . FF773FEDA15E8BD97FD54FE87A0ACDBE . 142208 . . [5.1.2601.1095 built by: xpsp1] . . c:\windows\$NtServicePackUninstall$\aec.sys[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\agp440.sys[-] 2003-03-31 . 65880045C51AA36184841CEE915A61DF . 25472 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\agp440.sys[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip6fw.sys[-] 2008-04-14 05:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll[-] 2008-04-14 05:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll[-] 2003-03-31 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll[-] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msgsvc.dll[-] 2003-03-31 . A81487520F11F65BF270D50EE29887B2 . 34304 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll[-] 2008-04-14 05:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll[-] 2008-04-14 05:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll[-] 2004-08-04 07:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ntmssvc.dll[-] 2003-03-31 12:00 . AAC49EF5C84A2EBD7409A51A1B65C542 . 392704 . . [5.1.2400.1106] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll[-] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\upnphost.dll[-] 2003-03-31 . 848CE0601B58410FF2DFB6BC8449AFE7 . 164864 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\upnphost.dll[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll[-] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dsound.dll[-] 2003-03-31 . 9402C9F282AC5FAF8253A4DC2E231B67 . 338944 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\dsound.dll[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\d3d9.dll[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll[-] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ddraw.dll[-] 2003-03-31 . 1D0F6E2A81751F29E6C27CA4FDDC1D49 . 253440 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ddraw.dll[-] 2008-04-14 05:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll[-] 2008-04-14 05:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll[-] 2004-08-04 07:56 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\olepro32.dll[-] 2003-03-31 12:00 . 76E77301A8A73457A5B55E76847DB892 . 106496 . . [5.0.5014] . . c:\windows\$NtServicePackUninstall$\olepro32.dll[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll[-] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\perfctrs.dll[-] 2003-03-31 . 972EFFC80D9E806539489883D37032F5 . 37376 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz1.dll" [2010-06-04 2515552][HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}][HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}][HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]2010-04-19 09:25 2117704 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]2010-06-04 03:38 2515552 ----a-w- c:\program files\Vuze_Remote\tbVuz1.dll[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz1.dll" [2010-06-04 2515552][HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}][HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}][HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuz1.dll" [2010-06-04 2515552][HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}][HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]"SoundMan"="SOUNDMAN.EXE" [2006-08-03 577536]"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-03 2065248]"lxcrmon.exe"="c:\program files\Lexmark 2400 Series\lxcrmon.exe" [2006-12-11 291760]"EzPrint"="c:\program files\Lexmark 2400 Series\ezprint.exe" [2006-12-11 82864]"LXCRCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-11-21 106496]"Microsoft Pinyin IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12L~1\imesc\IMSCMig.exe" [2008-04-11 38432]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\Anita\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]c:\documents and settings\All Users\Start Menu\Programs\Startup\Wireless Utility.lnk - c:\program files\EDIMAX\Common\RaUI.exe [2009-11-22 716800][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]2010-03-14 13:17 12464 ----a-w- c:\windows\system32\avgrsstx.dll[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="c:\\Program Files\\Mozilla Firefox\\firefox.exe"="c:\\Program Files\\SPSSInc\\SPSS16\\spss.exe"="c:\\Program Files\\Vuze\\Azureus.exe"="c:\\Program Files\\Tencent\\QQIntl\\Bin\\QQ.exe"="c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009.SP4\\RpcAgentSrv.exe"="c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009.SP4\\WNt500x86\\RpcSandraSrv.exe"="c:\\Program Files\\Skype\\Phone\\Skype.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]"AllowInboundEchoRequest"= 1 (0x1)R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [11/23/2009 20:45 216200]R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11/23/2009 20:45 242896]R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [3/14/2010 14:17 308064]S0 ttgump;ttgump;c:\windows\system32\drivers\mmslvfi.sys --> c:\windows\system32\drivers\mmslvfi.sys [?]S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe [11/23/2009 19:06 99176]--- Other Services/Drivers In Memory ---*NewlyCreated* - NORMANDY*Deregistered* - Normandy.Contents of the 'Scheduled Tasks' folder..------- Supplementary Scan -------.IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000IE: QQ - c:\program files\Tencent\QQIntl\Bin\AddEmotion.htmDPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} - hxxp://t.live.cctv.com/ieocx/CCTVUpdateInstall.dllFF - ProfilePath - c:\documents and settings\Anita\Application Data\Mozilla\Firefox\Profiles\isq4lujw.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://uk.foxstart.com/?rls=en:uk:mfFF - prefs.js: keyword.URL - hxxp://uk.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_uk&p=FF - component: c:\documents and settings\Anita\Application Data\Mozilla\Firefox\Profiles\isq4lujw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dllFF - component: c:\documents and settings\Anita\Application Data\Mozilla\Firefox\Profiles\isq4lujw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dllFF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dllFF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\[email protected]\components\IGeared_tavgp_xputils2.dllFF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\[email protected]\components\IGeared_tavgp_xputils3.dllFF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\[email protected]\components\IGeared_tavgp_xputils35.dllFF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\[email protected]\components\xpavgtbapi.dllFF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dllFF - plugin: c:\documents and settings\Anita\Application Data\Mozilla\Firefox\Profiles\isq4lujw.default\extensions\[email protected]\plugins\npCCTVplayer.dllFF - plugin: c:\program files\Microsoft\Office Live\npOLW.dllFF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\---- FIREFOX POLICIES ----FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);..------- File Associations -------.txtfile=c:\windows\notepad.exe %1.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2010-07-12 22:23Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCRCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,[email protected]??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]@Denied: (2) (LocalSystem)"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,c6,ce,96,2f,a7,f2,4e,88,59,3c,\"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,c6,ce,96,2f,a7,f2,4e,88,59,3c,\[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]"OODEFRAG10.00.00.01WORKSTATION"="A107FD1917882DCF06D7DEFA5A134EEEBD0FC9A3EAE64CE96A64ADEA5039AAB97685B34EB71CE8C1A6EC2C1BE5231583EECA543104133665A402E2CDAA26058CF62FECEACB5EF2BDC04890AEE86505589FC4FAEA8E04FAD96255B32936A1C777C631C1C85ED3D84086711AB18609B1D9AE7BDE0F70B2D1C0D0F6741DB40BEDA281DD5B0C2CE8FAC31F1365E81AFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452C038D530D6EB34529DB7CE019D40AA5C89FDB2003019F258E27D832C943CCFA146977579A1198898DF1C9156ED433CB7CB9B77F6097DE1FB6A684A26155CB71A45751E5F7350C20778FB02B879F2DD46BF749B27C1265514015FC303018698D4745DC5E6752B77DDD319215F5D36ED889E7B61E204360915E7BA05A05A53CE61422EF39E24D5C0EA28F60421AE6FE8290679126E1E6377A7C628295249EDF585FB1933849E0F7D330DEB474CA4140E877789FB8403F664292728CB5F1716F1BC5623120EA9AD52EAFC248AA29E2C6139589CEC524650D3A9F8101182349E683268A624222C97A5FCDA1D72D61CD5AB8371F5BCFBA2E20E6E8C871CEAB2ED4248AD537E9DB34AA2096A2AA493C0C1F9E2F1ACC09577B2A06D198B983CC900AF9483A63C506D5638E053F14E75D7369A87E8AC58A9C45ADE56B96EB30C53E42161B07A7CFD30DE9A8A236F1E8E4D0C23D34CB5E237320AD988EB521E66CFBECE2BDA7762DE719C3FC0C8F0C862B130EB6077DCC42F0881EE9713328E49E14530A40D1A939F4FDBE1F2991A056ABA248FF6A58867773599B7CCF35A3EA94F440532B7353BDD087E82434EE00F9340FD6E9879F4386A4ABA9826BAE9EAEC041A50ECAE6E88B18076E3080210A640BF652E78F731A556FE62B4D0F358556F8FBA57A327BFAC1F40CB8CCAB6478EC3D998367E8A22267D2CA5F434946CC4FE232D2357BDF65EA4F29DC8CB507710E7D469B1C5FC7F319550A98767F0C381DE160D03BDF1B4D9B16819277D96E9F4E9973B929D835444C88CA7DD38444F5AC5638888BF28F05D2A15847A85B5B70EF9AF0A8B0A320160B4276EAB262DD221602BE38BFBA5732A6510B759BE40CF2E3D4FE0954182B889EA8BE06B652DE8A9CBAE77A3C2975A8831161F20B6A775AD4EC8E1EBB1D10447F244F459DE2BFB4F1C562C319A0C9742CB08BA6EB0C6BEE83818428FF7613EA7458534773071CEEE582B02D4BC7872266A679DA524D8183E7C57CA45E857173CD0A5BD0BA82E756AFADD8D759632020834DCF26E3B7D3E9010495A148B3C9197781DC49B4D75D827F2C074BC4975363C45B574B253BA45CA5DD260489BFC87D3900B8D77D53BB40FA449F299ABE0501FAE60722300781354417BE2F1896CA28D".--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - - - > 'winlogon.exe'(588)c:\windows\system32\Ati2evxx.dll- - - - - - - > 'explorer.exe'(416)c:\windows\system32\WININET.dllc:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dllc:\windows\system32\ieframe.dllc:\windows\system32\webcheck.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.Completion time: 2010-07-12 22:26:07ComboFix-quarantined-files.txt 2010-07-12 21:26Pre-Run: 60,088,696,832 bytes freePost-Run: 60,513,193,984 bytes free- - End Of File - - 3CDCCB439F7AE94D5F3C923EAA8D230B

RELEVANCY SCORE 200
Preferred Solution: Volume wave automatically turned down and invisible voice ad!

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Volume wave automatically turned down and invisible voice ad!

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 2 answers
RELEVANCY SCORE 123.2

I use Google Chrome but recently the wave in my volume control keeps on automatically going to the lowest bar and I would lose all audio until I move the volume bar for Wave back up. I also begin to get mysterious voice ads that I don't see a window for so I can't close it. I'm also getting IE pop ups even though I am using Google Chrome. Finally, when I look at my task manager, I see a lot of iexplore.exe processes by SYSTEM and I am logged in as Administrator. I've ran system restore to a date before this all happens but it didn't seem to work. I currently have Symantec antivirus. Please help!!!
 

A:Invisible IE, invisible voice ads, wave audio control automatically resets to low

Hi and Welcome,

Please do the following:

Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.

Disable any script blocking protection
Double click dds.pif to run the tool.
When done, two DDS.txt's will open.
Save both reports to your desktop.
---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt
Attach.txt.
NEXT


Download GMER Rootkit Scanner from here to your desktop. It will be a randomly named executable.

Double click the exe file.
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO, then use the following settings for a more complete scan.

Click the image to enlarge it

In the right panel, you will see several boxes that have been checked. Ensure the following are unchecked
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.

Save it where you can easily find it, such as your desktop, and attach it in reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries [/QUOTE]
 

Read other 3 answers
RELEVANCY SCORE 116

I am experiencing identical symptoms to this thread which has been resolved.
http://forums.techguy.org/virus-other-malware-removal/938968-adverts-playing-wave-volume-random.html
The only additional issue I am having is that I started receiving the BSOD in addition to the Wave Volume being turned down and the invisible pop up adds.(2 days after the first 2 symptoms began). Please let me know how I should proceed. Thank you for your help.
 

Read other answers
RELEVANCY SCORE 111.6

Hi, i've been having the same problem as this topic : http://www.bleepingcomputer.com/forums/t/328595/invisible-ads-and-wave-volume-resetting-to-zero/i am going to use combofix and it tells me that i need someone to analyze my logs for further examination and help..i am such a beginner at this, please please please follow and analyze the log i post afterwards!ComboFix 10-07-14.02 - Administrator 5/2010 Thu 0:41.1.2 - x86Microsoft Windows XP Professional 5.1.2600.3.949.82.1033.18.2038.1378 [GMT -7:00]Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exeAV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\system32\Process.exe.((((((((((((((((((((((((( Files Created from 2010-06-15 to 2010-07-15 ))))))))))))))))))))))))))))))).2010-07-13 02:15 . 2010-07-15 07:38 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\AskToolbar2010-07-13 01:04 . 2010-07-13 01:04 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE2010-07-13 01:03 . 2010-07-13 01:03 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE2010-07-13 01:03 . 2010-07-13 01:03 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache2010-07-13 01:02 . 2010-07-15 07:00 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\... Read more

A:Invisible ads and wave volume resetting to zero automatically

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 17 answers
RELEVANCY SCORE 88.4

Hi ive been getting the reseting wave volume and invisible internet explorer popups recently.

Help would be appreciated : )

thanks

A:Wave volume/Invisible IE popups

Hello please run these first.Next run MBAM (MalwareBytes):Please download Malwarebytes Anti-Malware (v1.46) and save it to your desktop.Before you save it rename it to say zztoy.exe alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "... Read more

Read other 12 answers
RELEVANCY SCORE 88.4

My problem is the same as here: http://www.bleepingcomputer.com/forums/t/328595/invisible-ads-and-wave-volume-resetting-to-zero/ and here: http://www.bleepingcomputer.com/forums/t/328813/wave-volume-reset-and-invisible-adds-in-background/I've tried the items mentioned but nothing is working. I also tried deleting IE but it just replaces itself and the problem persists. Please help!

A:invisible IE and wave volume reset

Hello,Please follow the instructions in ==>This Guide<==.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to try to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 88.4

ok, i ran some antispyware and what not to remove a virus. now im getting this invisible ad in the background about completely random stuff (hot tub time machine and toyota?) with the occasional clicking sound like when i double click to start a program and then it sets my wave volume to zero. i tried reinstalling my sound driver and i thought that worked but it didnt.... the virus just came right back. infact i hear the clicking as im typing this. i did the things litsted in this thread (http://www.bleepingcomputer.com/forums/topic327141.html) PLEASE HELP! DXDDS
 DDS.txt   13.6KB
  4 downloads
 Attach.txt   19.08KB
  4 downloadsRKUnhooker
 Report.txt   24.21KB
  6 downloads

A:invisible ads and wave volume resetting to zero

Hello I Would like you to do the following.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first. The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.Once installed, you should see a blue screen prompt that says:The Recovery Console was successfully installed.Please continue as follows:Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Click Yes to allow ComboFix to continue scanning for malware.When the tool is finished, it will produce a report for you. Please include the report in your next post:C:\ComboFix.txt"information and logs"In your next post I need the followingLog from Combofixlet me know of any problems you may have hadHow is the computer doing now?Gringo

Read other 10 answers
RELEVANCY SCORE 88.4

OK, I've been doing some research to find a solution, and it seems this problem is widespread, but I found need someone to personally help me. I ran AVG and Malwarebytes and they found nothing. The "wave" sound setting keeps muting itself every few minutes or so for no reason, and even if I drag it back up after a few minutes it just mutes itself again. Also, I will occasionally hear an ad (that sometimes isn't even in English) in the background of my computer, even if I don't have anything open! I'm not sure what's causing this, and I really don't want to do a system wipe. Please help!

A:Wave volume keeps muting itself and invisible ads!

Hello and Welcome.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed. I currently have as many open topics as I can effectively handle; this will have you back in queue with the proper logs so an available helper would be able to assist.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 87.2

Every minute or so, the volume will shut off, and when I check the Master Volume, Wave is always muted. I can bring it back up, but after random intervals (ranging from 2 seconds to 5 minutes), the wave will be muted again. Also,invisible sound adds randomly appear and the only way to shut them off is to end svchost.exe in the Processes bar of Task Manager. iexplorer.exe is also using CPU in the Processes as well.

A:Wave volume keeps muting itself and invisible sound ads

Hello Jonotron I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same"... Read more

Read other 18 answers
RELEVANCY SCORE 87.2

HiI'm running on Windows XP and Google Chrome.I had no idea how it happened but recently i got this problem where the wave volume keeps muting by itself every now and then. Besides that, there are sound ads which keep appearing together with IE pop ups. Even when gaming, it keeps returning to the desktop page by itself.I've read up on the forum and i realised i'm not the only one with this problem. I tried following the steps given by the replies but it was rather confusing and i encountered some problems along the way. For instance, the scan using GMER.exe was taking hours and it became non-responsive suddenly.So i was wondering if there is any one familiar with solving this problem that is willing to help me.Thank you for your time.

A:Wave volume keeps muting, invisible sound ads, IE pop ups

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Note** If you are having problems posting the complete log into this thread upload them here http://www.rapidshare.com/ and post the links in this thread We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.I order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is ... Read more

Read other 11 answers
RELEVANCY SCORE 87.2

Help,
 
I've seen fixes to this problem but want to make sure that I do it right.  Your fourm seems to have competent individuals that are much more qualified than I am to fix.  I have the issue of the wave volume setting going to zero and when volume turned up I receive ad's playing in the background.  also I'm constantly downloading / uploading packets of information even with nothing open.  Please HELP!!!
 
PaullyD
 
Moderator Edit: moved from the Anti-Virus and Anti-Malware Software forum to the Am I Infected Forum
Roger

A:Wave volume keeps muting itself and invisible sound ads

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end, be sure a checkmark is placed next to Up... Read more

Read other 12 answers
RELEVANCY SCORE 87.2

I've been battling this invisible foe for two days and it seems I met my match. It varies in severity, sometimes it does nothing and other times it clicks and clacks and makes funny noises from invisible ads. My wave volume will mysteriously be lowered so it seems I have no sound. I did all the steps and all the logs, I just need some help. Thank you. Below is my DDS log and the attachment is in a zip...DDS (Ver_10-03-17.01) - NTFSx86 Run by DELL OWNER at 16:43:32.05 on Thu 07/15/2010Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.55 [GMT -4:00]============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\WINDOWS\system32\S24EvMon.exesvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\WINDOWS\system32\ZCfgSvc.exeC:\WINDOWS\system32\1XConfig.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Zune\ZuneLauncher.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Fil... Read more

A:INVISIBLE ADS/CLICKING AND LOWERED WAVE VOLUME

Hello Kaji the CatWelcome to BleepingComputer ==========================Please download mbrcheck from HereSave that file to your desktop and double click on it to run it.It will show a Black screen with some data on it Right click on the screen and select MarkThen take your mouse and select the info in the black screen then hit the enter key to copy it to the clipboard.Open a notepad and press Control+V to paste in the contents.Post the resultant text here please.

Read other 3 answers
RELEVANCY SCORE 86.4

I believe I have the same issue as http://www.bleepingcomputer.com/forums/t/328595/invisible-ads-and-wave-volume-resetting-to-zero/I followed a few of the steps in that topicRemoved Adobe reader 9.1Updated JavaCleared Java cacheDownloaded and ran TFCThis didn't fix my PC so I ran ComboFix. The following is my log, please review it and help me get this annoying Malware off my PC, thank you.ComboFix 10-07-01.02 - New Administrator 07/03/2010 1:52.2.2 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.2679 [GMT -5:00]Running from: c:\documents and settings\New Administrator\Desktop\ComboFix.exeAV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\documents and settings\All Users\Application Data\sysReserve.ini.((((((((((((((((((((((((( Files Created from 2010-06-03 to 2010-07-03 ))))))))))))))))))))))))))))))).2010-07-03 06:47 . 2010-07-03 06:47 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE2010-07-03 05:46 . 2010-07-03 05:46 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE2010-07-03 05:33 . 2010-07-03 05:33 503808 ----a-w- c:\documents and settings\New Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5f192ca1-n\msvcp71.dll2010-07-03 05:33 . ... Read more

A:Wave Volume reset and invisible adds in background.

I have ran a few Full scans usingKasperskySpybotMalwarebytes' Anti-MalwareEach scan reports nothing, Ive read other threads in the forums and my issue is also similar to http://www.bleepingcomputer.com/forums/t/328604/random-audio-playingpopups/Any help with my topic is highly appreciated. Thank you

Read other 4 answers
RELEVANCY SCORE 86.4

Hi,I'm having a similar problem to one of the other posters on this forum. I'm also hearing advertisements when the browser window is closed, my wave volume keeps resetting to zero, I'm hearing cursor clicking noises all the time and occasionally I get a pop up. I've gone through the motions in the preparation guide and below is my DSS log. I couldn't get through the GMER log without my computer crashing but I managed to save some of it.Could you please tell me what to do to stop this from happening because it's really beginning to bug me!Many thanks,KirstenDSS:DDS (Ver_10-03-17.01) - NTFSx86 Run by Administrator at 11:04:05.35 on 13/07/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_01Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2039.1087 [GMT 1:00]AV: Sophos Anti-Virus *On-access scanning enabled* (Updated) {3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exesvchost.exe 4svchost.exesvchost.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\WINDOWS\system32\spoolsv.exesvchost.exe 4svchost.exeC:\WINDOWS\system32\agrsmsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Su... Read more

A:Wave Volume Resetting to Zero, Invisible Ads & Constant Clicking

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

Read other 3 answers
RELEVANCY SCORE 86.4

I first noticed this problem when the volume (wave) would lower completely to 0% (on its own). When I turn it up, every few minutes I would hear the sounds of unseen pop-ups, clicks and ads going on. This is followed by the volume being lowered again (not long after...). Occasionally I would see a visible pop up from Internet Explorer browser even though I always use Mozilla Firefox. However I still experience all of this even when im offline. In the past, I would run several full scans with my security software which didn't find any threat or problem. And another one I downloaded would delete several "Adware.Tracking Cookies" which could range from 50-600 each time I would run a full scan.I've also been getting alerts that my system has serious cases of malware while surfing online and I'm unable to use wi-fi connections for security warnings would appear. Lastly, I just recently found "Tango" in the add and remove programs that gave me another alert "If you were sent to this page it most likely you downloaded some kind of adware or malware etc." This could be one of several problems though. (I replaced my name with "anonymous" in several file paths)(DDS.txt)DDS (Ver_10-03-17.01) - NTFSx86 Run by Anonymous at 21:48:44.79 on Tue 08/17/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1271.516 [GMT -4:00]AV: Norton Internet Security *On-access scann... Read more

A:Invisible pops ups and volume (wave) muting problems

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEmsconfigsafebootminimalactivexdrivers32netsvcs%SYSTEMDRIVE%\*.exe/md5st... Read more

Read other 11 answers
RELEVANCY SCORE 86.4

I have been reading this thread with interest as I have a very similar problem. In the last few days I realised my audio was not working. The wave volume keeps getting turned right down. When I turn it up, I hear random ads. Now and again I am getting random ads popping up in IE. I have scanned with Spyware Doctor, Mcafee, Malwarebytes and I tried Spyware Search and Destroy but they don't pick anything up. I can see the iexplore and smss.exe processes running though. I am hoping that you will be able to help me to get rid of this annoying plague please. I have attached logs. Please let me know if I missed anything.Thanks in advance for any advice and help you can offer.

A:invisible audio ads, ie popups minimized wave volume

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Note** If you are having problems posting the complete log into this thread upload them here http://www.rapidshare.com/ and post the links in this thread We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.I order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is ... Read more

Read other 21 answers
RELEVANCY SCORE 85.6

I believe that I have the same issue as http://www.bleepingcomputer.com/forums/t/328595/invisible-ads-and-wave-volume-resetting-to-zero/As suggested by another post, I have updated Java.I have also run scans using my Norton 360, Malwarebyte's Anti-Malware and downloaded and used CCleaner.Pretty much the problem is:On my master volume, the wave randomly resets and slides to 0. Also, invisible ads have been playing in the background. Currently, pop-ups have also started to appear. NOTE:While running GMER as suggested from the preparation guide, my computer froze and I was unable to complete it. I have attempted numerous times without success. Is there a way to run in safe mode?DDS:
 Attach.txt   13.24KB
  2 downloads
 DDS.txt   22.27KB
  6 downloadsThank you.

A:Wave volume randomly turns itself down, invisible ads play, commercials pop up

I believe that I have the same issue as http://www.bleepingcomputer.com/forums/t/328595/invisible-ads-and-wave-volume-resetting-to-zero/As suggested by another post, I have updated Java.I have also run scans using my Norton 360, Malwarebyte's Anti-Malware and downloaded and used CCleaner.Pretty much the problem is:On my master volume, the wave randomly resets and slides to 0. Also, invisible ads have been playing in the background. Currently, pop-ups have also started to appear. BTW:While running GMER as suggested from the preparation guide, my computer froze and I was unable to complete it. I have attempted numerous times without success. Is there a way to run in safe mode?DDS:
 Attach.txt   13.24KB
  1 downloads
 DDS.txt   22.27KB
  3 downloadsROOTKIT:Bootkit Remover version 1.0.0.1? 2009 eSage Labwww.esagelab.com\\.\C: -> \\.\PhysicalDrive0MD5: b19ee33a0168d5f0bb9afbe12e2bc035\\.\E: -> \\.\PhysicalDrive1MD5: 6def5ffcbcdbdb4082f1015625e597bdSize Device Name MBR Status--------------------------------------------149 GB \\.\PhysicalDrive0 Unknown boot code465 GB \\.\PhysicalDrive1 OK (DOS/Win32 Boot code found)Unknown boot code has been found on some of your physical disks.To inspect the boot code manually, dump the master boot sector:remover.exe dump [output_file]To disinfect the master boot sector, use the following command:remover.exe fix NOTE: The 465 GB thing is my external harddrive

Read other 4 answers
RELEVANCY SCORE 85.6

i get random pop ups both invisble (i only here an ad playing) and normal whther internet explorer is running or not. the wave section on the volume control goes down all the way every few minutes. after i restore the wave, i hear random clicking noises. its been going on for a few days. i guess its some kind of malware but i cant get rid of it no matter what to do and its getting frustrating. my computer freezes when i try to save the gmer, but ill post the dds. DDS (Ver_10-03-17.01) - NTFSx86 Run by Gabriel Rocha at 16:43:44.87 on Wed 07/14/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1009 [GMT -5:00]FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exe 4svchost.exeC:\Program Files\COMODO\COMODO Internet Security\cmdagent.exeC:\WINDOWS\system32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exe 4svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\stsystra.exeC:\Program Files\COMODO\COMODO Internet Security\cfp.exeC:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exeC:\Program Files\RegTool\RegTool.exe... Read more

A:pop ups(invisible and normal)/clicking noises/wave volume muting

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

Read other 2 answers
RELEVANCY SCORE 84.4

Hi, i need help... The virus downloaded it self through a website running a javascript i think. The remaining exe files were located in local settings/temp called "smss.exe" "5266262.exe" "loader.exe" and they were infected with some trojan cryptic and torjan clicker. My AVG removed these, but i think the damage is already done because these files were probably already executed on my machine. Now im getting an fake iexplorer.exe in my taskbar that gives me weird clicking noises and it randomly lowers my sound wave volume to 0, it also throws up an popup add every now and then.GMER wouldn't finnish properly, ill try running it tomorrow again if nessesary, i got bluescreen twice (no clue why, i never bsod otherwise).I found this while googling and i saw this thread was created only a few hours before mine, so im thinking this virus is new.http://www.bleepingcomputer.com/forums/t/332088/invisible-adsclicking-and-lowered-wave-volume/ Thanks for the help guys!DDS Log:CODEDDS (Ver_10-03-17.01) - NTFSx86??Run by Joneri at??3:21:48,71 on 2010-07-16Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Professional??5.1.2600.3.1252.46.1053.18.2013.1100 [GMT 2:00]============== Running Processes ===============C:\WINDOWS\system32\ibmpmsvc.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program\Intel\WiFi\bin\S24EvMon.exesvchost.exeC:\Program\Lenovo\ATK Hotkey\GFNEXSrv.exeC:\Program\Lenovo\ATK Hotkey\LFKAS.ex... Read more

A:IEXPLORER.EXE - Invisible Clicks, Lowered Wave Volume, Random popups...

bah, finally managed to fix the issue, downloaded http://www.esagelab.com/resources.php?s=bootkit_remover ran remove.exe, said there was another boot sector.ran command to clean mbrstart > run > "%userprofile%\Desktop\remover.exe" fix \\.\PhysicalDrive0(meaning you must place remover.exe on your desktop taking that you're running a english os).rebootno more click n clacks, try at your own risk, doing anything with the bootsectors can screw your computer

Read other 2 answers
RELEVANCY SCORE 83.6

Hi there,I'm experiencing all the above problems, plus the infrequent blue screen. The wave volume automatically mutes itself every 5 minutes. There is usually one IE Explorer ad present upon startup, but I can hear the sounds from the invisible ads every now and then. I normally use Google Chrome as a browser.My computer blue-screens whenever I attempt to request a ark.txt file.DDS (Ver_10-03-17.01) - NTFSx86 Run by George Zuo at 20:34:16.37 on Sun 07/18/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.670 [GMT -4:00]AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}============== Running Processes ===============C:\WINDOWS\system32\ibmpmsvc.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exesvchost.exe 4C:\WINDOWS\system32\IPSSVC.EXEC:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exeC:\WINDOWS\system32\acs.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:... Read more

A:IE Explorer Invisible Ads, Google Search Unwanted Redirect, Wave Volume Muted

Hi, georgejags8 Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.Please download ComboFix from Here or Here to your Desktop.**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**Please, never rename Combofix unless instructed.Close any open browsers.Close/disable all anti virus and anti malware programs so the... Read more

Read other 18 answers
RELEVANCY SCORE 82.4

Hi Guys
I'm relatively green when it comes to computer tech stuff. So I'll keep it short and sweet. I have an ASUS EEE PC and recently my volume started muting by itself. I clicked for advanced options to find out what was happening. The wave slider is always muted. Even after I un mute it, it remutes itself about 1 min to 2 minutes later. I saw some past posts that addressed this in 2010. I tried to go through the steps but the MBRCheck doesn't appropriately function per those instructions. Please help me.
Thanks
 

Read other answers
RELEVANCY SCORE 72

Hi! I use Firefox for everything but one thing I need IE for work. All of a sudden started getting these IE pop ups when I had IE closed all of the time, I get "You have won an Ipod, WalMart card, etc." voice ads with no window at all, I also get an IE that shows up if I do Alt+tab but doesn't show if I try to bring it up. I have XP Professional Service Pack 3. I have done Spybot, Housecall, Panda, I don't even know, I have done so many antivirus/scan/spyware things over the last four days and nothing is doing it. I think I am wasting my time and am bowing to you all, begging for help.

BTW I don't NORMALLY run w/o anything, I normally have AVG but yesterday I uninstalled it to run Kaspersky because it (AVG) was giving me trouble and now it will not completely uninstall to allow me to run Kaspersky. I am on my way to making a mess and stopped to beg for help before I kill the machine.

Edited to add - I also HAD the Antivirus 2009 but managed to get rid of that, or at least most outward appearances of it. I am left with these lingering pop up things though. I think I picked it all up in a spam email that looked very real from my brother-in-law.

EDITED -I have run a couple of more things - Ad-Aware, Stinger, Housecall, so this is an updated HJT log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:08:16 AM, on 8/19/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running p... Read more

A:Solved: Invisible IE Window, Invisible Voice Ads Random Popups

Read other 16 answers
RELEVANCY SCORE 65.6

I tried to just follow the stuff in the other topics but I still get the problem here are the logs they might not all be required but here they are, any help would be greatly appreciated

A:Invisible ads and wave goes to zero

bump I guessEDIT: Please be patient. There are over 300 unanswered topics in this forum at present and the current average wait time to receive help is 5 days. ~BP

Read other 9 answers
RELEVANCY SCORE 65.6

This on is quite perplexing to me. This is stemming from a volume problem that I had posted before. I have more detail and have narrowed down the problem but not the cause of such. When ever I click the volume control in winamp, not adjust necessarily, just click, my wave setting in my volume control (pannel that comes up by double clicking the speaker in the tray) drops. Of course this affects my overall volume. It is sparatic and does not drop the same amount two times in a row but will drop everytime I click volume in winamp. I am running winXP pro and have not installed so much as an update since the last time this was happening. The only thing I did change is I set up voice recognition in Office XP but I was having this problem before that. I have uninstalled and cleaned out all winamp files and reinstalled. Any suggestions? Winamp is the only player of any kind that this currently happens with.

Also, whenever I am using winamp to play an mp3 or streaming audio and I open another program, any program, or even just minimize/maximize a window, the audio starts cracking. This also has never happend before except of course when there is a heavy load on the system. As I said I am running XP pro, and FYI a Duron 900 cpu and 448MB RAM. As I am having these problems I am using 5% to 10% of my cpu and have 21000k physical memory availible according to task mgr.

Thanks.
 

A:When clicking volume in WinAmp my wave setting in Volume Ctrl drops.

I did some research at the Winamp message board and came up with this.

JP
 

Read other 1 answers
RELEVANCY SCORE 64.8

I have had this issue for about two days.
About every 15 to 30 minutes my Wave on my volume control keeps going down.
Also I have multiple IEXPLORE.EXE processes running, and I use chrome. When I stop them in the task manager they reappear.
Sometimes I have IE visible pop-up ads, and they ALL make noise but most the time they are invisible. When I turn my wave up I can hear that these invisible pages are surfing the web in some way. The ads change every 30 mins or so also.
Computer is really slow, and chrome is having trouble loading pages since this started.

I have ran Malware Bytes, Superantispyware, Ccleaner, Ad-Aware, Prevx, Security Task Manager, and a few other things I don't remember the names of. None of them have caught anything but cookies.

A:Wave control keeps going down, and invisible pop-ups

Hi, Looks like the newest rootkit variant.Please go here....Preparation Guide ,do steps 6 - 9.Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.If Gmer won't run,skip it and move on.Let me know if that went well.

Read other 1 answers
RELEVANCY SCORE 64.8

hey guys and girls. iv been all over this site checking out the fix's for this virus or what ever it is that seems to have take on my computer. i was reading that each fix was personalized and not to try it on my own PC. so i made my own post, basically iv got the problem that i have the wave turning itself down. random IE pop ups and such, hearing mouse clicks. iv ran mutiple virus scan. malwear scans and spybot but i cant find anything. where do i go from here >.<

A:Invisible Ads, IE pop ups. Wave turns itself down

Hello.Please follow the instructions in This Guide starting at Step 6.Once the proper logs are created, then make a NEW TOPIC and post it HERE Please include a description of your computer issues and what you have done to try to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.~Blade

Read other 5 answers
RELEVANCY SCORE 64.8

Hi guys.

Recently my computer has been playing multiple random adverts such as "febreeze" and "cillit bang" with no source as to where they are coming from at all. Also the Wave bar in volume control keeps changing itself to 0!

As you can imagine this is bugging the hell out of me, as the adverts make the computer run very slow while they are on, and I have to stop everything I am doing and wait for the ad to finish. They are also alot louder than whatever I am playing/watching at the time.

As of today the Wave seems to be fine, and it hasn't reset itself at all, but the ads are a lot more frequent.

I have ran multiple virus scans, both of which came back with no results.

I do not wish to system recover the machine, as I have a lot of stuff that I cannot back up. Please help me guys !

A:Invisible Ads and Wave keeps muting.

Hello -

I think the machine is infected. I've moved your topic to the Security section.


Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 15 answers
RELEVANCY SCORE 64

Even though I use Google Chrome for most of my internet browsing, I keep getting invisible pop ups from Internet Explorer. I'll just hear the sound of some ad, or clicking sounds like someone is browsing. Also, the wave control under the sound menu keeps getting muted automatically. I'll move the slider back up, but after 5 minutes or so, the wave slider is muted again. Superantispyware and avast virus search haven't found anything. Is there anything I can do? I've attached the files you requested on the website. Thanks DDS (Ver_10-03-17.01) - NTFSx86 Run by Andy St.Martin at 16:30:25.53 on Thu 07/22/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3034.2067 [GMT -5:00]AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exe 4svchost.exesvchost.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\Program Files\Alwil Software\Avast5\AvastSvc.exesvchost.exe 4C:\WINDOWS\system32\spoolsv.exec:\drivers\audio\r215959\STacSV.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\DellTP... Read more

A:Invisible pop ups and wave control being muted

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Do not Attach logs unless I ask you to.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Note** If you are having problems posting the complete log into this thread upload them here http://www.rapidshare.com/ and post the links in this thread Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.MBRCheckPlease also download MBRCheck to your desktop Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)It will show a Black screen with some data on it a report called MBRcheck will be on your desktopopen this reportRight click on the screen and select > Select All Press Control+Cnow please copy that report to thi... Read more

Read other 38 answers
RELEVANCY SCORE 63.6

Every time I do anything with a modem, I get the 'Windows wants to find (again) Wave Device for Voice Modem. ' Weird.
Havng seen this on almost every comp now that has either
a 56k winmodem and/or a cost effective sound card , I'm guessing Others,
many others, have seen this only to try everything to get it
to go away. What is it? What does it want? When I send it to modem 9x folder on CD where modem drivers came from the message says, ' nothing was installed '. Does it want something
from my sound card drivers???

When I remove in device mgr, it comes right back up on next boot.
Is this one for CMOS adjustment and if so, tell me how........

Wishing windows 98se would let him be,
- M
 

A:Wave Device for Voice Modem

medallion
This should be included with the MODEM software and installed as you install the modem. Are you using the modem disk when you install? This is only true with modems with voice functions and should be part of the install.

SeeYa
 

Read other 2 answers
RELEVANCY SCORE 63.2

Short Story
Wave meter in volume control keeps stopping. I googled it, seems to be a virus. Performed a virus scan, came up with nothing. Did it with another anti-virus program, also showed nothing. Need help. Thanks.

Long Story
So basically, I wanted to watch a youtube video. When I played it, there was no sound. Thinking it was a simple volume problem, I checked the video volume, the small icon on the taskbar, and even went into the control panel to adjust the volume settings. I thought it might be my headphones, but I tried using the speakers and neither worked. I tried doing the voice playback, and then I could hear my voice. I thought maybe it was fixed. Played the video, no sound. At that point I thought it was my sound card. I didn't want to replace it, so I kept trying to look for a better solution. After much frustration, I managed to make my way into the volume control. Start - Control Panel - Sounds, Speech, and Audio Devices - Adjust the System Volume - Audio - Sound Playback: Default Device: SoundMAX Digital Audio - Volume - Wave. I saw that the Wave option was all the way down, and moved it up. After moving it, I could hear the video crystal clear, so I closed all the windows I didn't need anymore. Well, after about 30 seconds, the volume shut off again. I went back into volume control, and the wave bar was all the way down again. I raised it, and closed the window. I was looking for the apply button to become available, for I had assumed that not app... Read more

A:Volume Control - Wave volume keeps stopping

Read other 9 answers
RELEVANCY SCORE 62.8

hi,

is it possible to play a wave file through my phone line into my voicemail?

I need to use some passwords to get in the recording menu on the voicemail. I tried Auto Dialer Pro but it doesnt work...

I figured if i get a cable to connect the headphone jacket of my soundcard to the microphone jacket and play the file with a phone dialer program it should work, right??

Any ideas are appreciated.

Thanks
 

A:wave files through phone o voice mail

:wave: wave files.... haha sorry can't help. In a weird mood! :blush:
 

Read other 1 answers
RELEVANCY SCORE 62.8

i recently wiped my comp, and reinstalled the software, i am now getting a wave device for voice modem error, driver not installed, i have the discs, my modem is working ok, but when i go to wave device reinstaller drivers and select disc, the windows message says cannot find correct driver, i was trying to instal my cheyenne bitware fax when i got another error, saying that bitware driver biwared.drv is in use by another program, but as far as i know there are no other programmes running, then i checked the modem and saw the wave device error message. the modem is a conexant v90 HCF P85 data/fax/voice modem, can any one help getting the wave device error straightened out, then i can try the cheyenne bitware fax again.

thanks

b
 

A:wave device for voice modem problem

Hi and welcome. I think you need to pull that off the sound card driver disk or folder.
 

Read other 3 answers
RELEVANCY SCORE 62.8

Hello, Recently, I started to notice that my Wave on my Volume Control gets muted. (Sometimes a couple minutes but sometimes a couple of seconds.) Theres random pop ups that I've never had before, and I hear invisible audio ads and clicking sounds. I've tried using gmer to scan but it never completes. DDS:DDS (Ver_10-03-17.01) - NTFSx86 Run by hello at 8:32:04.85 on 15/07/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.2.1033.18.1014.332 [GMT -7:00]AV: Microsoft Forefront Client Security *On-access scanning enabled* (Updated) {926A3D4F-E4E7-4F47-9902-4EDD55FFE1AF}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exe 4svchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\CyberLink\Shared files\RichVideo.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPo... Read more

A:Wave Mute, Invisible Audio Ads, Clicking sound, Pop ups

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

Read other 2 answers
RELEVANCY SCORE 62.8

Hi there, my computer is near enough dead I think, it's crashing all the time now and running incredibly slowly. It was the Internet explorer, invisible ads, clicking MBR virus which i've tried to get rid of with anti-virus to no luck. Here is the DDS log
DDS (Ver_10-03-17.01) - NTFSx86
Run by User at 18:48:04.73 on 15/07/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.41 [GMT 1:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
svchost.exe 4
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Creat... Read more

A:I.Explorer invisible ads, wave muting, slow pc, clicks.

Hello,I'm afraid you posted your log in the wrong forum. Had I seen this a lot sooner, I would move it to the correct forum, but given the time lapse, we need fresh logs.Please follow the instructions in ==>This Guide<== starting at Step 6.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 62.8

Hi all, new to the forum and unbelievably frustrated at what is apparently an increasing problem lately.

Lately my p.c. (Windows X.P.) has developed a bunch of annoying symptons. Internet Explorer keeps popping up in the task manager with invisible adverts, it happens spontaneously, varying from rarely to every few minutes. Usually its followed by the muting of the wave in the sound panel, and occasional clicking noises. Other than that my p.c. is just running so unbelievably slowly.

I used McAfee anti-virus which came up with nothing, which was also the case with Malwarebyte and Avast! (even with the pre-windows load up scan). I read on another forum to use bootkit-removal.rar which came up saying "unknown boot code has been found on some of your physical disks."

On this other forum it stated to use a code in the Run functions, but for me it was completely useless. I'm really desperate ancreasingly frustrated, please help!

A:I.Explorer invisible ads, wave muting, slow pc, clicks.

Hello ,let's take one more look with ESETPlease perform a scan with Eset Online Antiivirus Scanner.(Requires Internet Explorer to work. If given the option, choose "Quarantine" instead of delete.)Vista users need to run Internet Explorer as Administrator. Right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.Click the green ESET Online Scanner button.Read the End User License Agreement and check the box: YES, I accept the Terms of Use.Click on the Start button next to it.You may receive an alert on the address bar that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then click Insall ActiveX component.A new window will appear asking "Do you want to install this software?"".Answer Yes to download and install the ActiveX controls that allows the scan to run.Click Start.Check Remove found threats and Scan potentially unwanted applications.Click Scan to start. (please be patient as the scan could take some time to complete)If offered the option to get information or buy software. Just close the window.When the scan has finished, a log.txt file will be created and automatically saved in the C:\Program Files\ESET\ESET Online Scanner\log.txt
folder.Click > Run..., then copy and paste this command into the open box: C:\Program Files\ESET\EsetOnlineScanner\l... Read more

Read other 3 answers
RELEVANCY SCORE 62.8

Hello! For a couple of days now, I have been getting Internet Explorer popups for ads, Audio commercials will play at random intervals, and the wave volume keeps resetting to 0.Included is my log from CombofixComboFix 10-07-13.05 - Owner 07/14/2010 3:12.1.1 - x86Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.766.408 [GMT -4:00]Running from: c:\documents and settings\Owner\Desktop\ComboFix.exeAV: Norton Security Suite *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}FW: Norton Security Suite *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\documents and settings\Owner\My Documents\Downloads\Dungeons & Dragons\Eberron\Desktop_.inic:\windows\system32\logs.((((((((((((((((((((((((( Files Created from 2010-06-14 to 2010-07-14 ))))))))))))))))))))))))))))))).2010-07-14 01:20 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe2010-07-13 12:35 . 2010-07-13 12:35 -------- d-sh--w- c:\documents and settings\Owner\IECompatCache2010-07-13 12:03 . 2010-07-13 18:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy2010-07-13 12:03 . 2010-07-13 12:03 -------- d-----w- c:\program files\Spybot - Search & Destroy2010... Read more

A:IE Ad Popups, Invisible Commercials, Wave Volumes muting

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Note** If you are having problems posting the complete log into this thread upload them here http://www.rapidshare.com/ and post the links in this thread Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.I would like to get a better look at your system, please do the following so I can get some more detailed logs.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message w... Read more

Read other 17 answers
RELEVANCY SCORE 62

Hello,

I use Firefox but recently I get see a mysterious voice ads that I don't see a window for so i can't close it. I keep getting strange voice ads even after i ran Malware and AntiSpy software.

Please help me to remove this.

Thank you.
 

A:invisible voice ads

Read other 16 answers
RELEVANCY SCORE 62

For some reason, any time I restart my computer and now recently when I've got winamp open playing a playlist, every time it switches songs the Wave on my computer's volume gets turned down almost to 0. It was bearable when it only did it when I restarted my computer, but now that I have to turn it up every 3-5 minutes it's gotten old fast. Is there a reason it does that and can I fix it? It's really annoying since I have to turn it up any time it changes songs.

Thanks.
 

Read other answers
RELEVANCY SCORE 61.2

Hello,

Recently I've been having invisible voice ads, random pop ups (even when I'm not surfing the web), and also it has been messing with my volume controls (The volume goes to mute automatically by itself). I've tried ad aware, malawarebytes, and so much more. They found a few trojans here and there, but even after I delete those files the problem still persists. I am suspecting it may be a root kit virus based on the research I've done on this type of problem. Below is my hijack log. Thanks.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:27:56 PM, on 7/16/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C... Read more

A:Invisible Voice Ads, Random Pop ups

Hello there Welcome to the TSG Forums.
My name is NeonFx. I'll be glad to help you with your computer problems. Logs can take some time to research, so please be patient with me.
Please note the following:

The fixes are specific to your problem and should only be used on this machine.
Please continue to review my answers until I tell you your machine appears to be clean. Absence of symptoms does not necessarily mean that the system is completely clean.
It's often worth reading through these instructions and printing them for ease of reference. I may ask you to boot into Safe Mode where you will be unable to follow my instructions online.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please refrain from doing any fixing of your own while I am assisting you with this problem. I need to keep track of what is going on as the order in which we do things can often be important.
If this is a company owned system or a work computer let me know.
Please reply to this thread. Do not start a new topic.

Step 1

Download OTS to your Desktop
Close ALL OTHER PROGRAMS.
Double-click on OTS.exe to start the program.
Check the box that says Scan All Users
Under Basic Scans please change the radio button under Registry from Safe List to All.
Under Additional Scans check the following:
Reg - Desktop Components
Reg - Disabled MS Config Items
Reg - NetSvcs
Reg - Shell Spawning
Reg - Unin... Read more

Read other 3 answers
RELEVANCY SCORE 61.2

Hi my computer's operating system is XP. Last week I successfully removed a fake program called ANTIVIRUS PRO 2010 from my system, using malwarebytes anti malware. It came up again this week, and I removed it again. Since, I've noticed a program called Media Impressions on my desktop that I never installed, and that I can't uninstall since it's not in the list of Add/remove programs. I have also had random voice ads from invisible ie pop ups that I can't figure out how to remove.
Could you help me please, I ran a hijackthis log and this is what came up:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:28:33, on 03/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection S... Read more

Read other answers
RELEVANCY SCORE 61.2

Hello,
A few days ago my computer went totally haywire with numerous visible and invisible pop ups and these annoying voice adds as well as periodic clicking noises that get worse when I disable my wifi to make them stop. I've run both Avast and Malwarebytes which found quite a few problems, but after I restart they still persist. Here is my HiJack log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:18:44 PM, on 7/23/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Pro... Read more

A:Invisible pop ups and voice adds

I forgot to mention that it also disabled my firewall, so I had to install a 3rd party firewall (ZoneAlarm Pro).
 

Read other 2 answers
RELEVANCY SCORE 61.2

hello. im first year university student who have almost no knowlege with this stuff
I was just using IE and one day I keep hearing this ad voices. Even after I close the IE window, voice still goes on.
Also random ad IE windows pops up time to time. Please help me fix this. This is getting very annoying.
Thank you very much.

P.S. - My computer is in Korean and if there is any word you need to know, just let me know. Ill get back to you ASAP.('&#47448;&#55148;&#49437;' is computer name)

P.S.S. - I get this error message when I run GMER (LoadDrive("C:\DOCUME~1\&#47448;&#55148;&#49437;\LOCALS~1\Temp\kwndqfog.sys") error 0x000010E: &#48520;&#50504;&#51221;&#54620; &#49345;&#50948;&#53412; &#50500;&#47000;&#50640; &#50504;&#51221;&#46108; &#54616;&#50948; &#53412;&#47484; &#47564;&#46308;&#49688; &#50630;&#49845;&#45768;&#45796;.) Last Korean part is saying like "cant make low stable key under high unstable key." I don't know if its important but i thought its best to let you know first.

P.S.S.S. - I had to attach ark.txt file since it told me this "The text that you have entered is too long (331511 characters) please shorten it to 300000 characters long.")
HERE IS hijackthis file

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at &#50724;&#54980; 5:32:08, on 2011-11-19
Platform: Windows XP SP3 (WinNT... Read more

A:invisible ad voice, random ad pop ups please help

Can anyone help me plz?
 

Read other 1 answers
RELEVANCY SCORE 60.8

HiAs above, I believe that iexplore.exe is causing the following problems (based on what i've read and task manager showing it):Wave volume control is turning right down to the bottom almost every 10 minutes and on start up.I can here audio advertisements playing, even if im not browsing the internet - air wick is one of the main ads, they just play, even if a program/browser isn't open.Random pop up ads are also displaying, but this is less frequent than the audio mute/ad playing problem.I have gone through the whole 'Preparation Guide' topic and have attached 2 of the requested logs, one by pasting and the other by attachment.Whilst attempting to scan using gmer, my computer just goes to the blue error screen - something to do with 'page' (I often have random occasion when this happens but this time gmer seems to trigger it) so i have no logs from this program unfortunately.I use Firefox as my browser and AVG 9.0 to monitor viruses etc. Hopefully someone can help me now that I have posted correctly. Thanks!DDS TXT LOG:DDS (Ver_10-03-17.01) - NTFSx86 Run by Seb's PC at 0:34:29.07 on 18/07/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_01Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.557 [GMT 1:00]AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.ex... Read more

A:iexplore.exe causing wave sound to turn down, invisible audio ads to play and ad popups

Can anyone help?EDIT: Please be patient. There are over 300 unanswered topics in this forum at present and the current average wait time to receive help is 6 days. ~BP

Read other 25 answers
RELEVANCY SCORE 60.8

Hi all.

I've caught the "Internet-Explorer-running-in-the-background-with-phantom-voice-commercials" virus. I've seen by searches that it's quite a common problem.

Essentially, I hear voices for ads (Pine-O-Clean, Razors, and other things, along with random, jarring sound-effects sometimes.) and cannot see where they're coming from. They're linked to Internet Explorer, because when I kill it in task manager the voices stop. I also get the occasional IE popup.

Thanks in advance, and I hope I've done everything right here.

DDS.txt is here:

DDS (Ver_10-10-10.03) - NTFSx86
Run by Administrator at 11:19:37.18 on Mon 18/10/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2701 [GMT 10:00]


============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
svchost.exe 4
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe 4
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Eset\nod32kr... Read more

A:IE running invisible + voice ads virus

Hi

Please run the following:
Please download MBRCheck.exe to your desktop.Be sure to disable your security programs
Double click on the file to run it (Vista and Windows 7 users will have to confirm the UAC prompt)
A window will open on your desktop
if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
If nothing unusual is found just press Enter
A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.
Please post the contents of that file.

NEXT
Scan With RootKitUnHooker
Please Download Rootkit Unhooker and save it to your desktop.
Now double-click on RKUnhookerLE.exe to run it.
Click the Report tab, then click Scan.
Check (Tick) Drivers and Stealth
Uncheck the rest. then click OK
When prompted to Select Disks for Scan, make sure C:\ is checked and click OK
Wait till the scanner has finished and then click File > Save Report.
Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in your next reply.

Note** you may get the following warning, just click OK and continue.

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"
NEXT
I see you have run ComboFix

This is not recommended by the developer of the tool. He would prefer it if it was run only with Security Analyst assistance.

Please post the ComboFix Log(s). It can be found at C:\ComboFix.txt and C&quo... Read more

Read other 8 answers
RELEVANCY SCORE 60.8

EDITED: Never mind - I have gotten help and think I am on my way to a cure. Thanks for being here. Hi! I have a big problem here. I have XP Professional Service Pack 3. Updated Windows and Java over the weekend - I think both were out of date and helped get me in this predicament. I think I have covered everything in the Preparation Guide between last night and this morning - but my brain is so fried, forgive me if I missed something, I am trying to do this right. I did Ad-Aware at least five times - one time it came up clean, only to have the computer start up again with the pop ups when I was running Stinger and now it is a pop-up fest again and I ran Ad-Aware twice more coming up with the same trojan BHO twice. The problems started Friday with the fake messages telling me I had a bunch of infections - Antivirus 2009 - but managed to get rid of that, or at least most outward appearances of it. All of a sudden started getting these IE pop ups when I had IE closed all of the time, I get "You have won an Ipod, WalMart card, etc." voice ads with no window at all, I also get an IE that shows up if I do Alt+tab but doesn't show if I try to bring it up. Over the weekend I have done Spybot, Housecall, Panda, I don't even know, I have done so many antivirus/scan/spyware things over the last four days and nothing is doing it. I think I am wasting my time and am bowing to you all, begging for help.BTW I don't NORMALLY run w/o anything, I normally have AVG but yes... Read more

A:Invisible Voice Ads, Random Popups

Hello lestatbp and sorry for the delay.

Please let us know do you still need help, or you have resolved the problems.

Regards

Read other 2 answers
RELEVANCY SCORE 60.8

I seem to have caught the virus that runs explorer.exe in the background, playing voice ads and occasional pop ups from IE, which I dont use.
I see that Im far from alone, seeing a lot of people running all of the big programs like Norton, AVG, Malware Bytes, and all those other good ones to no avail.

Thanks in advance for any help in solving this.

I followed the directions best I could, let me know if something is wrong.

Here is the DDS.txt file:


DDS (Ver_10-03-17.01) - NTFSx86
Run by Administrator at 13:21:22.81 on Wed 07/28/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1278.434 [GMT -5:00]

AV: avast! antivirus 4.8.1368 [VPS 100728-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\SYSTEM32\3cmlink.exe
C:\WINDOWS\SYSTEM32\3cshtdwn.exe
C:\WINDOWS\SYSTEM32\3cmlink.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\MSN Toolbar\Platfo... Read more

A:IE running invisible in background. voice ads.

Hi MatthewToads and welcome to TSF,

Please subscribe to this thread to get immediate notification of replies (if you haven't already) as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If you have any questions, please ask them before you begin. Then either print out, or copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper at this forum.

-------------------------------------------

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

--------------------------------------------

Download ComboFix from here to your desktop.

NEXTEnsure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. If you are unsure of how to do it, please read here and/or... Read more

Read other 15 answers