Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1]   Go Down

Author Topic: No sound on my PC- Detected malware  (Read 6041 times)

0 Members and 1 Guest are viewing this topic.

nshah

    Topic Starter


    Newbie

    • Experience: Beginner
    • OS: Unknown
    No sound on my PC- Detected malware
    « on: April 10, 2011, 11:57:13 AM »
    Hi ,
    I was watching a few shows on Vlc and the sound started disappearing slowly. Since then I have not had any sound on my PC. I have run anti-spywares, ccleaners and updated all drivers. I also tried system restore to a previous time and it failed 5 times. Finally I came to this forum. I have done all the 6 steps mentioned in your "read before you ask for help" and below are the logs from
    - SuperAntispyware
    - Malwarebytes' Anti-Malware
    - HijackThis

    I'd really appreciate if someone can help me with this problem...

    LOG FROM SuperAntispyware


    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 04/10/2011 at 10:18 PM

    Application Version : 4.50.1002

    Core Rules Database Version : 6799
    Trace Rules Database Version: 4611

    Scan type       : Complete Scan
    Total Scan Time : 01:43:04

    Memory items scanned      : 753
    Memory threats detected   : 0
    Registry items scanned    : 10921
    Registry threats detected : 0
    File items scanned        : 155425
    File threats detected     : 119

    Adware.Tracking Cookie
       C:\Users\Namrata\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
       C:\Users\Namrata\AppData\Roaming\Microsoft\Windows\Cookies\namrata@directtrack[2].txt
       C:\Users\Namrata\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
       C:\Users\Namrata\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
       C:\Users\Namrata\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt
       C:\Users\Namrata\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
       C:\Users\Namrata\AppData\Roaming\Microsoft\Windows\Cookies\namrata@doubleclick[2].txt
       C:\Users\Namrata\AppData\Roaming\Microsoft\Windows\Cookies\namrata@mywebsearch[1].txt
       C:\Users\Namrata\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
       C:\Users\Namrata\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
       C:\Users\Namrata\AppData\Roaming\Microsoft\Windows\Cookies\namrata@zedo[2].txt
       s0.2mdn.net [ C:\Users\Guest\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\3ENSHXAY ]
       .chitika.net [ C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\piiaz0s2.default\cookies.sqlite ]
       .statcounter.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       ad.yieldmanager.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       statse.webtrendslive.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .content.yieldmanager.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .doubleclick.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       fidelity.rotator.hadj7.adjuggler.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       fidelity.rotator.hadj7.adjuggler.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       fidelity.rotator.hadj7.adjuggler.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .mm.chitika.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .technoratimedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .technoratimedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .technoratimedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .technoratimedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .technoratimedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .technoratimedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .advertising.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .advertising.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       wstat.wibiya.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .advertising.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .yieldmanager.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       www.googleadservices.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .zedo.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .zedo.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .zedo.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .imrworldwide.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .imrworldwide.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       vlc-media-player.en.softonic.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       vlc-media-player.en.softonic.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       vlc-media-player.en.softonic.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .zedo.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .vlcmediaplayer.org [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .vlcmediaplayer.org [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .vlcmediaplayer.org [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       trekmedia.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       www.trekmedia.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       www.visit-tracker.biz [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       ad.yieldmanager.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       www.trekmedia.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       www.visit-tracker.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       www.visit-tracker.biz [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       www.visit-tracker.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       ad.yieldmanager.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .smartadserver.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .smartadserver.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .smartadserver.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .smartadserver.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .kontera.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .xiti.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .revsci.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .collective-media.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .kontera.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .smartadserver.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .revsci.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .interclick.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .kontera.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .kontera.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .revsci.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .revsci.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .interclick.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .revsci.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .revsci.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       segment-pixel.invitemedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .invitemedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .collective-media.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .atdmt.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .atdmt.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .at.atwola.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .tacoda.at.atwola.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .tacoda.at.atwola.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .tacoda.at.atwola.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .tacoda.at.atwola.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .at.atwola.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .tacoda.at.atwola.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .tacoda.net [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .invitemedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .invitemedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .advertising.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .advertising.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .ar.atwola.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       ad.yieldmanager.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       ad.yieldmanager.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .adserver.adtechus.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .www.burstnet.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .burstnet.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .casalemedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .casalemedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .casalemedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .casalemedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .casalemedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .casalemedia.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .burstnet.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       www.burstnet.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .tribalfusion.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .content.yieldmanager.com [ C:\Users\Namrata\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
       .adserver.adtechus.com [ C:\Users\Namrata\AppData\Roaming\Mozilla\Firefox\Profiles\febi2yip.default\cookies.sqlite ]
       .statcounter.com [ C:\Users\Namrata\AppData\Roaming\Mozilla\Firefox\Profiles\febi2yip.default\cookies.sqlite ]
       .doubleclick.net [ C:\Users\Namrata\AppData\Roaming\Mozilla\Firefox\Profiles\febi2yip.default\cookies.sqlite ]
       .mm.chitika.net [ C:\Users\Namrata\AppData\Roaming\Mozilla\Firefox\Profiles\febi2yip.default\cookies.sqlite ]
       .zedo.com [ C:\Users\Namrata\AppData\Roaming\Mozilla\Firefox\Profiles\febi2yip.default\cookies.sqlite ]
       .zedo.com [ C:\Users\Namrata\AppData\Roaming\Mozilla\Firefox\Profiles\febi2yip.default\cookies.sqlite ]
       .zedo.com [ C:\Users\Namrata\AppData\Roaming\Mozilla\Firefox\Profiles\febi2yip.default\cookies.sqlite ]
       .zedo.com [ C:\Users\Namrata\AppData\Roaming\Mozilla\Firefox\Profiles\febi2yip.default\cookies.sqlite ]
       .zedo.com [ C:\Users\Namrata\AppData\Roaming\Mozilla\Firefox\Profiles\febi2yip.default\cookies.sqlite ]
       .zedo.com [ C:\Users\Namrata\AppData\Roaming\Mozilla\Firefox\Profiles\febi2yip.default\cookies.sqlite ]
       .2o7.net [ C:\Users\Namrata\AppData\Roaming\Mozilla\Firefox\Profiles\febi2yip.default\cookies.sqlite ]

    Adware.Agent/Gen-Zango
       C:\USERS\NAMRATA\DOWNLOADS\EMULESETUP.EXE

    LOG FROM Malwarebytes' Anti-Malware


    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org


    Database version: 6325


    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385


    10-04-2011 23:09:12
    mbam-log-2011-04-10 (23-09-12).txt


    Scan type: Quick scan
    Objects scanned: 184349
    Time elapsed: 4 minute(s), 3 second(s)


    Memory Processes Infected: 0
    Memory Modules Infected: 1
    Registry Keys Infected: 5
    Registry Values Infected: 1
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 3


    Memory Processes Infected:
    (No malicious items detected)


    Memory Modules Infected:
    c:\Windows\System32\supxwatraqwvcgdch.dll (Adware.AdRotator) -> Delete on reboot.


    Registry Keys Infected:
    HKEY_CLASSES_ROOT\CLSID\{862C6A68-E35F-A359-9031-79DFA8FF365E} (Adware.AdRotator) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{862C6A68-E35F-A359-9031-79DFA8FF365E} (Adware.AdRotator) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{862C6A68-E35F-A359-9031-79DFA8FF365E} (Adware.AdRotator) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{862C6A68-E35F-A359-9031-79DFA8FF365E} (Adware.AdRotator) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hfdfwjpsrmiowup (Adware.AdRotator) -> Quarantined and deleted successfully.


    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kbgrecvqxkyyg (Adware.AdRotator) -> Value: kbgrecvqxkyyg -> Quarantined and deleted successfully.


    Registry Data Items Infected:
    (No malicious items detected)


    Folders Infected:
    (No malicious items detected)


    Files Infected:
    c:\Windows\System32\supxwatraqwvcgdch.dll (Adware.AdRotator) -> Delete on reboot.
    c:\Users\Namrata\AppData\Local\Temp\browserhotfix1.exe (Adware.Agent) -> Quarantined and deleted successfully.
    c:\Users\Namrata\local settings\temporary internet files\Content.IE5\3MMH8ISL\setup[1].exe (Adware.Agent) -> Quarantined and deleted successfully.


    LOG FROM hijackthis


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 23:20:25, on 10-04-2011
    Platform: Windows 7  (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16722)
    Boot mode: Normal


    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
    C:\Program Files\DellTPad\Apoint.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Windows\OEM13Mon.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\System32\regsvr32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
    C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
    C:\Program Files\SUPERAntiSpyware\6354c80e-8a16-4371-beda-9ff4579d8d9e.com
    C:\Windows\system32\wuauclt.exe
    C:\Windows\System32\NOTEPAD.EXE
    C:\Users\Namrata\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Namrata\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Namrata\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\System32\NOTEPAD.EXE
    C:\Windows\System32\NOTEPAD.EXE
    C:\Users\Namrata\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Namrata\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HiJackThis\sniper.exe


    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USSMB/1
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2405280
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office12\GR469A~1.DLL
    O2 - BHO: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
    O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
    O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
    O3 - Toolbar: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
    O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
    O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [googletalk] C:\Users\Namrata\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
    O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe" /NoDialog
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Namrata\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [TimeSheet] C:\Program Files\TimeSheet\TimeSheet.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: []  (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [TimeSheet] C:\Program Files\TimeSheet\TimeSheet.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: []  (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MIF5BA~1\Office12\GRA32A~1.DLL
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
    O23 - Service: O2FLASH - O2Micro International - C:\Windows\system32\DRIVERS\o2flash.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5f120bca41bba11b\STacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe


    --
    End of file - 9975 bytes




    Waiting for help from someone.....please!!
    Logged

    SuperDave

    • Malware Removal Specialist


      • Genius
      • Thanked: 1020
    • Certifications: List
    • Experience: Expert
    • OS: Windows 10
    Re: No sound on my PC- Detected malware
    « Reply #1 on: April 10, 2011, 07:14:54 PM »
    Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

    1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
    2. The fixes are specific to your problem and should only be used for this issue on this machine.
    3. If you don't know or understand something, please don't hesitate to ask.
    4. Please DO NOT run any other tools or scans while I am helping you.
    5. It is important that you reply to this thread. Do not start a new topic.
    6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
    7. Absence of symptoms does not mean that everything is clear.

    If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
    ************************************************
    Open HijackThis and select Do a system scan only

    Place a check mark next to the following entries: (if there)

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
    O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
    O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
    O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
    O3 - Toolbar: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
    O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

    Important: Close all open windows except for HijackThis and then click

    Fix checked.

    Once completed, exit HijackThis.
    *********************************************
    Download ComboFix by sUBs from one of the below links.  Be sure to save it to the Desktop.

    link # 1
    Link # 2
    If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

    Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

    Right-click combofix.exe and select Run as Administrator and follow the prompts.
    When finished, ComboFix will produce a log for you.
    Post the ComboFix log and a new HijackThis log in your next reply.

    NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

    Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.
    Logged
    Windows 8 and Windows 10 dual boot with two SSD's
    Pages: [1]   Go Up
    « previous next »