Jump to content

Issues with audio after removing malware


Recommended Posts

Download ComboFix from one of these locations:

Link 1

Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Link to post
Share on other sites

  • Replies 54
  • Created
  • Last Reply

Top Posters In This Topic

OK, so now I'm not even able to use Malwarebytes at all. It's giving me the following error: Open Event failed to perform desired action Error Code=2. I should add that I have PC Tools Spyware Doctor as my anti-virus software. Should I still proceed with the steps above?

Link to post
Share on other sites

Ok, here's the log from combofix:

ComboFix 11-06-16.01 - Chris 06/16/2011 18:41:22.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.662 [GMT -4:00]

Running from: c:\documents and settings\Chris\Desktop\ComboFix.exe

AV: Spyware Doctor with AntiVirus *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

c:\documents and settings\Chris\WINDOWS

c:\windows\system32\AutoRun.inf

c:\windows\system32\Data

.

----- BITS: Possible infected sites -----

.

hxxp://au.d

.

((((((((((((((((((((((((( Files Created from 2011-05-16 to 2011-06-16 )))))))))))))))))))))))))))))))

.

.

2011-06-16 23:17 . 2011-06-16 23:17 23327 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS

2011-06-16 23:17 . 2011-06-16 23:17 7271 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS

2011-06-16 23:17 . 2011-06-16 23:17 8782 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS

2011-06-16 02:29 . 2011-01-20 17:27 69392 --s---w- c:\windows\system32\drivers\TfSysMon.sys

2011-06-16 02:29 . 2011-01-20 17:27 51984 --s---w- c:\windows\system32\drivers\TfFsMon.sys

2011-06-16 02:29 . 2011-01-20 17:27 33552 --s---w- c:\windows\system32\drivers\TfNetMon.sys

2011-06-16 02:28 . 2011-03-10 13:08 233976 ----a-w- c:\windows\system32\drivers\PCTSD.sys

2011-06-15 11:22 . 2011-05-29 13:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-06-15 11:22 . 2011-06-15 11:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-06-15 11:22 . 2011-05-29 13:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-06-13 01:04 . 2011-06-13 01:05 -------- d-----w- c:\program files\iTunes

2011-06-11 00:11 . 2011-06-11 00:11 -------- d-----w- c:\documents and settings\Chris\Application Data\Malwarebytes

2011-06-11 00:10 . 2011-06-11 00:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-06-10 03:29 . 2011-06-10 03:29 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

2011-06-07 02:48 . 2007-01-17 16:37 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys

2011-06-07 02:48 . 2007-01-17 16:37 49920 ----a-r- c:\windows\system32\drivers\HPZid412.sys

2011-06-07 02:47 . 2007-11-07 02:10 271704 ----a-r- c:\windows\system32\hpzids01.dll

2011-06-07 02:47 . 2007-01-17 16:37 309760 ----a-r- c:\windows\system32\difxapi.dll

2011-06-07 02:47 . 2007-10-31 10:35 729088 ----a-r- c:\windows\system32\hpwwiax4.dll

2011-06-07 02:47 . 2007-10-31 10:35 593920 ----a-r- c:\windows\system32\hpwtscl3.dll

2011-06-07 02:47 . 2007-01-17 16:37 364544 ----a-r- c:\windows\system32\hppldcoi.dll

2011-06-07 02:47 . 2007-01-17 16:31 294912 ----a-r- c:\windows\system32\hpovst11.dll

2011-06-07 02:42 . 2011-06-07 02:42 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant

2011-05-26 23:24 . 2011-06-14 11:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-20 15:44 . 2009-11-03 15:27 149456 ----a-w- c:\windows\SGDetectionTool.dll

2011-05-20 15:44 . 2009-11-03 15:27 2078672 ----a-w- c:\windows\PCTBDCore.dll

2011-05-20 15:44 . 2009-11-03 15:27 1533904 ----a-w- c:\windows\PCTBDRes.dll

2011-05-20 15:44 . 2009-11-03 15:27 767952 ----a-w- c:\windows\BDTSupport.dll

2011-05-11 17:35 . 2009-03-19 03:59 160576 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2011-05-11 13:55 . 2009-03-19 03:59 263888 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2011-05-10 12:06 . 2008-09-10 04:30 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll

2011-05-10 12:06 . 2008-07-17 03:48 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2011-05-06 17:28 . 2009-03-19 03:59 70664 ----a-w- c:\windows\system32\drivers\pctplsg.sys

2011-05-06 17:26 . 2009-03-19 03:59 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys

2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\system32\dnssd.dll

2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\system32\dns-sd.exe

2011-04-14 16:26 . 2011-04-30 16:08 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"PCTools FGuard"="c:\program files\Spyware Doctor\BDT\FGuard.exe" [2010-12-03 108496]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ SDEarlyDelete \??\c:\program files\SpywareDetector\0autocheck autochk *\0et\0???\0;???\0sdLogAction^sd.LogEvent.action.Whitelist^WL_Url^adopt.specificclick.net\0???

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk

backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol]

2003-09-17 16:43 57344 ----a-w- c:\program files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]

2005-05-31 10:33 122941 ----a-w- c:\windows\system32\dla\tfswctrl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]

2005-02-23 22:19 53248 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]

2005-08-05 19:56 64512 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]

2004-05-12 19:18 241664 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-10-15 01:17 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]

2005-07-20 05:06 77824 ----a-w- c:\windows\system32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

2005-07-20 05:10 114688 ----a-w- c:\windows\system32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

2005-07-20 05:09 94208 ----a-w- c:\windows\system32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]

2003-09-04 02:12 221184 ----a-w- c:\program files\Intel\Modem Event Monitor\IntelMEM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]

2006-09-11 09:40 218032 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

2006-09-11 09:40 218032 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

2006-09-11 09:40 86960 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-06-07 21:51 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]

2004-06-10 22:51 60928 ----a-w- c:\windows\system32\P17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]

2000-05-11 07:00 90112 ------w- c:\windows\Updreg.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VerizonServicepoint.exe]

2008-09-17 01:14 2065648 ----a-w- c:\program files\Verizon\VSP\VerizonServicepoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Verizon_McciTrayApp]

2009-01-30 21:52 1553920 ----a-w- c:\program files\Verizon\McciTrayApp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2006-11-04 00:20 866584 ----a-w- c:\program files\Windows Defender\MSASCui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Verizon\\Verizon Media Manager\\Release\\Verizon Media Manager.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Vuze\\Azureus.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

.

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [3/18/2009 11:59 PM 263888]

R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [12/9/2010 7:57 PM 338880]

R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [12/9/2010 7:57 PM 656320]

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7/6/2010 3:31 PM 697328]

R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [6/15/2011 10:29 PM 51984]

R0 TFSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [6/15/2011 10:29 PM 69392]

R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [3/18/2009 11:59 PM 251560]

R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [6/15/2011 10:28 PM 233976]

R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [11/3/2009 11:27 AM 337872]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/1/2010 5:49 PM 136176]

S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 8:19 PM 13592]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/1/2010 5:49 PM 136176]

S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [3/18/2009 11:59 PM 70664]

S3 Radialpoint Security Services;Radialpoint Security Services;c:\windows\system32\dllhost.exe [8/16/2005 6:18 AM 5120]

S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [12/9/2010 7:57 PM 371472]

S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [6/15/2011 10:29 PM 33552]

S3 ThreatFire;ThreatFire;c:\program files\Spyware Doctor\TFEngine\TFService.exe service --> c:\program files\Spyware Doctor\TFEngine\TFService.exe service [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Contents of the 'Scheduled Tasks' folder

.

2011-06-13 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]

.

2011-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-01 21:49]

.

2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-01 21:49]

.

.

------- Supplementary Scan -------

.

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uStart Page = hxxp://www.yahoo.com/

mStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage

uInternet Connection Wizard,ShellNext = hxxp://www.dell4me.com/myway

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://securityresponse.symantec.com/avcenter/fix_homepage

IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000

IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm

IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm

IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm

LSP: c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll

TCP: DhcpNameServer = 192.168.1.1 71.250.0.12

DPF: vzTCPConfig - hxxps://www.verizon.net/WhatsNext/CheckMyPc/vzTCPConfig.CAB

FF - ProfilePath - c:\documents and settings\Chris\Application Data\Mozilla\Firefox\Profiles\9pifip8p.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - www.yahoo.com

FF - prefs.js: keyword.URL - hxxp://flvtubesearch.co/?prt=02ff&clid=&subid=&Keywords=

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-hpqSRMon - (no file)

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe

MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

MSConfigStartUp-ISTray - c:\program files\Spyware Doctor\pctsTray.exe

MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe

AddRemove-AOLAntivirus - c:\program files\mcafee.com\antivirus\uninst.exe

AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb

AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-06-16 19:19

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(832)

c:\windows\system32\WININET.dll

.

- - - - - - - > 'lsass.exe'(892)

c:\windows\system32\WININET.dll

c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll

.

- - - - - - - > 'explorer.exe'(1188)

c:\windows\system32\WININET.dll

c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\CTsvcCDA.EXE

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Motive\McciCMService.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\windows\system32\MsPMSPSv.exe

c:\windows\ehome\mcrdsvc.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\msiexec.exe

c:\program files\iPod\bin\iPodService.exe

.

**************************************************************************

.

Completion time: 2011-06-16 19:33:26 - machine was rebooted

ComboFix-quarantined-files.txt 2011-06-16 23:33

.

Pre-Run: 33,202,245,632 bytes free

Post-Run: 49,060,544,512 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

.

- - End Of File - - DE5DEA3FC19C2BAA4097D92DFB9FECEC

Link to post
Share on other sites

Ok Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

First, we need to backup your registry:

Please go to Start > Run

Paste in the following line:regedit /e c:\registrybackup.reg

Click OK.

It won't appear to be doing anything, that's normal.

Your mouse pointer may turn to an hour glass for a minute.

Please continue when it no longer has the hour glass.

Please open up Notepad and copy all of the items in the code box below.

Change the "Save As Type" to "All Files". Save it as fixthis.reg on your Desktop.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 

"midimapper"="midimap.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msadpcm"="msadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.trspch"="tssoft32.acm"
"vidc.cvid"="iccvid.dll"
"VIDC.I420"="i420vfw.dll"
"vidc.iv31"="ir32_32.dll"
"vidc.iv32"="ir32_32.dll"
"vidc.iv41"="ir41_32.ax"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"VIDC.YVYU"="msyuv.dll"
"wavemapper"="msacm32.drv"
"msacm.msg723"="msg723.acm"
"vidc.M263"="msh263.drv"
"vidc.M261"="msh261.drv"
"msacm.msaudio1"="msaud32.acm"
"msacm.sl_anet"="sl_anet.acm"
"msacm.iac2"="C:\\WINDOWS\\system32\\iac25_32.ax"
"vidc.iv50"="ir50_32.dll"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"VIDC.WMV3"="wmv9vcm.dll"
"VIDC.VP40"="vp4vfw.dll"
"msacm.voxacm160"="vct3216.acm"
"MSVideo"="vfwwdm32.dll"
"MSVideo8"="VfWWDM32.dll"
"wave1"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"aux"="wdmaud.drv"
"vidc.VP70"="vp7vfw.dll"
"vidc.X264"="x264vfw.dll"
"VIDC.FPS1"="frapsvid.dll"
"vidc.VP60"="vp6vfw.dll"
"vidc.VP61"="vp6vfw.dll"
"vidc.VP62"="vp6vfw.dll"
"vidc.DIVX"="DivX.dll"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVU9"="tsbyuv.dll"
"VIDC.DRAW"="DVIDEO.DLL"
"VIDC.YV12"="yv12vfw.dll"
"wave2"="wdmaud.drv"
"midi2"="wdmaud.drv"
"mixer2"="wdmaud.drv"
"aux1"="wdmaud.drv"
"wave3"="wdmaud.drv"
"midi3"="wdmaud.drv"
"mixer3"="wdmaud.drv"
"aux2"="wdmaud.drv"
"VIDC.MSUD"="msulvc05.dll"
"wave4"="wdmaud.drv"
"midi4"="wdmaud.drv"
"mixer4"="wdmaud.drv"
"aux3"="wdmaud.drv"

Now double-click fixthis.reg.

A window will come up asking if you want to let it merge with the registry.

Click yes.

Reboot for the changes to take place and let me know if it repairs the audio.

Link to post
Share on other sites

It is a registry script.

Please download the attached version I will create it for you.

Save it to your desktop.

Right click on it and choose extract all.

Then in the newly extracted folder double click the fix.reg file and choose yes to the prompts.

Do not forget to make a backup of the registry first,the instructions are in the post above this one.

It is important to make the backup so make sure to do that before importing the reg file.

fix.zip

Link to post
Share on other sites

Don't think so, just the Sound Blaster Live! 24-bit. Under Sounds and Audio Devices, it says no audio device under the volume tab. Under the audio tab it says "no playback devices" and the pull down menu is grayed out. Is there something that I should change on the Sounds screen at the bottom under program events that I could change that would bring the sound back? That is pretty much the only tab section under Sounds and Audio Devices that I can actually access.

Link to post
Share on other sites

Well from the logs provided it shows nothing that would have caused this issue.

Please try to do the following.

Visit the link below and follow the directions to reset Internet Explorer 8.

http://windows.microsoft.com/en-US/windows-vista/Reset-Internet-Explorer-8-settings#

Also for Firefox visit here to see how to backup your bookmarks and other things:

http://support.mozilla.com/en-US/kb/Backing%20up%20your%20information

Then please visit this link http://support.mozilla.com/en-US/kb/Uninstalling%20Firefox

To uninstall Firefox then you can re-install it from here > http://www.mozilla.com/en-US/firefox/new/?ref=logo

Let me know if that does anything for the audio.

Link to post
Share on other sites

Still nothing. I don't think it's a browser issue because it's saying NO AUDIO DEVICE and I have no audio through i-Tunes or Windows Media Player either. Maybe I need to reinstall a driver or something? I have no idea. It's weird, it still makes that sound when windows starts up, so it's not my speakers.

Link to post
Share on other sites

Ok let's try going to a newer version of the driver.

Please go to the following web page:

http://support.creative.com/Products/ProductDetails.aspx?catID=1&subCatID=206&prodID=10315&prodName=Live!%2024-bit&subCatName=Live!&CatName=Sound+Blaster

Scroll down and click on the Software auto update and follow the prompts.

Let it finish that then reboot and see if it works.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.