sound has disappeared after spy busting

Discussion in 'adware, spyware & hijack cleaning' started by mooncrow, Jun 13, 2004.

Thread Status:
Not open for further replies.
  1. mooncrow

    mooncrow Registered Member

    Joined:
    Jun 13, 2004
    Posts:
    2
    I was already running spybot and adaware 6 ... but in an attempt to get rid of all spyware, I downloaded adaware 6.181 Build, Hyjack This, Shredder, and Spyblaster. The good news is that I've regained control of my computer ... the bad news is that I have no sound ... nothing. I've checked connections, reinstalled driver, done control panel and looked at settings, but have found nothing. I feel like one of the above mentioned software programs somehow "instructed" my computer to be "mute" but I'm really not sure. I'm running a pentium III Gateway with Creative Technology Sound Blaster. As a matter of note, when I upgraded from Win98 to XP, I had the same problem, but when I downloaded the newer driver for XP it corrected it. Has anyone else had or seen this problem and/or can offer solution? Thanks ... o_O
     
  2. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Hi mooncrow, and welcome to the forum.

    Please follow ALL the instructions in this link:
    https://www.wilderssecurity.com/showthread.php?t=15913

    Once you have downloaded HijackThis, create a permanent folder for it on your C: (call the folder whatever you'd like) then unzip Hijackthis.exe into the new folder (do not put it in a Temp folder or desktop).

    Then open Hijackthis and run it by clicking on the Scan button. When the scan has finished, the "Scan" button will then change to a Save Log button. Press the "Save Log" button and save it to a location you can easily find it. Open the saved log and copy and paste the entire contents of the log here in your next post.

    Please do NOT fix anything in Hijackthis by yourself. Most of what it lists will be harmless and even essential. Someone will review your log and reply back with instructions on what needs to be fixed.

    Regards,

    snap
     
  3. mooncrow

    mooncrow Registered Member

    Joined:
    Jun 13, 2004
    Posts:
    2
    Thanks for your help ... here is log:
    Logfile of HijackThis v1.97.7
    Scan saved at 6:51:50 AM, on 06/17/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Xerox\NWWia\XrxFTPLt.exe
    C:\PROGRA~1\NORTON~2\NORTON~1\navapw32.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\GIANT Company Software\Spam Inspector\siService.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\Program Files\Microsoft Home Publishing\Mhprmind.exe
    C:\Program Files\MSWorks\Calendar\Wkcalrem.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files\GIANT Company Software\Spam Inspector\siMailProxyServer.exe
    C:\Program Files\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Outlook Express\Msimn.exe
    C:\Program Files\GIANT Company Software\Spam Inspector\siClientUI.exe
    C:\Program Files\GIANT Company Software\Spam Inspector\siMain.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Ellen Schwartz\My Documents\Hijack This\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\SYSTEM\blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.cnn.com/
    R3 - Default URLSearchHook is missing
    N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.excite.com/"); (C:\Program Files\Netscape\Users\schwartz\prefs.js)
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [XeroxScannerDaemon] C:\Program Files\Xerox\NWWia\XrxFTPLt.exe
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~2\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [siService.exe] "C:\Program Files\GIANT Company Software\Spam Inspector\siService.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE"
    O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - Global Startup: Microsoft Greetings Reminders.lnk = C:\Program Files\Microsoft Home Publishing\MHPRMIND.EXE
    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\MSWorks\Calendar\WKCALREM.EXE
    O4 - Global Startup: Billminder.lnk = C:\QUICKENW\billmind.exe
    O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM32\E_SRCV02.EXE
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O9 - Extra button: Yahoo! Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O12 - Plugin for .aif: C:\ITOOL30\Program\PLUGINS\NPAUDIO.DLL
    O12 - Plugin for .mov: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\NPQTW32.DLL
    O16 - DPF: Sametime Meeting Toolkit ST25 - file://C:\WINDOWS\Java\ControlF1\STMeeting25.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
    O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.25.152/code/PWActiveXImgCtl.CAB
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - https://support.gateway.com/support/serialharvest/gwCID.CAB
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37875.7089814815
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.communities.msn.com/controls/PhotoUC/MsnPUpld.cab
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
    O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
    O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} (MSN Chat Control 4.0) - http://sc.communities.msn.com/controls/chat/msnchat4.cab
    O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
     
Thread Status:
Not open for further replies.