Jump to content

camera sound playing at random times


Per
 Share

Recommended Posts

I'm having a very odd issue, and are trying to pin it down.

From time to time I hear the sound like somone taking a picture from my computer.

Being the paranoiac I am I started digging and have only found some references to the search dog animation in windows XP, this don't help me thou :)

The sound plays back at what seems to be random intervalls (anywhere from 30 seconds to 45 minutes)

I had an infection that MBAM cleared out for me about a month ago (C:\Users\perk\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.) and it havent shown up afterwards

I am running Windows 7 Ultimate 64 bit.

I have gone through the Check List

the ark.txt and attach.txt is in the attached.zip

I've also added a hijackthis log to the attachments.

And now follows the MBAM and DDS logs:

###

Malwarebytes' Anti-Malware 1.45

www.malwarebytes.org

Database version: 3955

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

05.04.2010 13:54:25

mbam-log-2010-04-05 (13-54-25).txt

Scan type: Full scan (C:\|)

Objects scanned: 207384

Time elapsed: 8 minute(s), 51 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

###

DDS (Ver_10-03-17.01) - NTFSX64

Run by perk at 13:38:35,25 on 05.04.2010

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_19

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.47.1033.18.6135.4351 [GMT 2:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\SysWOW64\svchost.exe -k Akamai

C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Input Director\IDWinService.exe

C:\Program Files (x86)\Input Director\InputDirectorSessionHelper.exe

C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe

C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

C:\Program Files (x86)\LogMeIn\x64\LMIGuardian.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Fraps\fraps.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

C:\Program Files (x86)\LogMeIn\x64\LMIGuardian.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Free Download Manager\fdm.exe

C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe

C:\Program Files (x86)\EXPERTool ATI\TBPANEL.exe

C:\Program Files (x86)\Belvedere\Belvedere.exe

C:\Program Files (x86)\Citrus Alarm Clock\Citrus Alarm Clock.exe

C:\Program Files (x86)\Stardock\Impulse\Now\ImpulseNow.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe

C:\Program Files (x86)\EVGA Precision\EVGAPrecision.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe

C:\Program Files\EVGA\ELeetTune.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\EVGA Precision\Bundle\OSDServer\RTSS.exe

C:\Program Files\Windows Media Player\WMPSideShowGadget.exe

C:\Program Files\Logitech\SetPointG\SetPointII.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\explorer.exe

C:\Fraps\fraps64.dat

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\explorer.exe

C:\Users\perk\Desktop\dds.scr

C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

mLocal Page = c:\windows\syswow64\blank.htm

BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files (x86)\siber systems\ai roboform\roboform.dll

BHO: P

Attach.zip

hijackthis.zip

Link to post
Share on other sites

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.