1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

mixer volume fluctuating

Discussion in 'Malware and Virus Removal Archive' started by shaunywhu, 2008/03/01.

  1. 2008/03/01
    shaunywhu

    shaunywhu Inactive Thread Starter

    Joined:
    2008/03/01
    Messages:
    9
    Likes Received:
    0
    I am having problems with the mixer volume fluctuating when i am using msn messenger. I assume i have a trojan/worm that it is causing this but i am unable to track it. can anyone help


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:50:54, on 01/03/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)
    Boot mode: Normal

    Running processes:
    c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Hp\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Oxigen\bin\Oxigen.exe
    C:\Program Files\Oxigen\bin\OxiTray.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\sdclt.exe
    C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Windows\system32\sndvol.exe
    C:\Users\Shaun\Desktop\aswclnr.exe
    C:\Users\Shaun\Desktop\aswclnr.tmp
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=Pavilion&pf=laptop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=Pavilion&pf=laptop
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe "
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe "
    O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll "
    O4 - HKLM\..\Run: [OxigenClientAdmin] "C:\Program Files\Oxigen\bin\Oxigen.exe "
    O4 - HKLM\..\Run: [OxigenTrayIcon] "C:\Program Files\Oxigen\bin\OxiTray.exe "
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe "
    O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O13 - Gopher Prefix:
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSNPUplden-gb.cab
    O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: APSHook.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe

    --
    End of file - 12001 bytes
     
    shaunywhu,
    #1
  2. 2008/03/02
    Geri Lifetime Subscription

    Geri Inactive Alumni

    Joined:
    2003/03/02
    Messages:
    4,580
    Likes Received:
    7
    Hi shaunywhu
    Welcome to Windowsbbs. :)
    I'm not seeing anything in your HJT log.

    What virus did you read about doing this?

    Please post a link to where you read it.

    Thanks
    Geri
     
    Geri,
    #2


  3. to hide this advert.

  4. 2008/03/03
    shaunywhu

    shaunywhu Inactive Thread Starter

    Joined:
    2008/03/01
    Messages:
    9
    Likes Received:
    0
    shaunywhu,
    #3
  5. 2008/03/04
    Geri Lifetime Subscription

    Geri Inactive Alumni

    Joined:
    2003/03/02
    Messages:
    4,580
    Likes Received:
    7
    Hi
    OK lets get a on-line scan.

    Please do an online scan with Kaspersky WebScanner

    Click on “Accept” If your pop –up blocker blocks the ActiveX download, allow it, click on “Accept” again

    You will be promted to install an ActiveX component from Kaspersky, Click Yes or Install.
    • The program will launch and then begin downloading the latest definition files:
    • Once the files have been downloaded click on NEXT
    • Now click on Scan Settings
    • In the scan settings make that the following are selected:
      • Scan using the following Anti-Virus database:
      • Extended (if available otherwise Standard)
      • Scan Options:
      • Scan Archives
        Scan Mail Bases
    • Click OK
    • Now under select a target to scan:
      • Select My Computer
    • This will start the program and scan your system.
    • The scan will take a while so be patient and let it run.
    • Once the scan is complete it will display if your system has been infected.
      • Now click on the Save as Text button:
    • Save the file to your desktop.
    • Copy and paste that information in your next post.

    Please post the Kaspersky log.

    Thanks
    Geri
     
    Geri,
    #4
  6. 2008/03/04
    shaunywhu

    shaunywhu Inactive Thread Starter

    Joined:
    2008/03/01
    Messages:
    9
    Likes Received:
    0
    mixerl volume fluctuating

    Hi Geri

    Tuesday, March 04, 2008 7:18:16 PM
    Operating System: Microsoft Windows Vista Home Edition, (Build 6000)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 4/03/2008
    Kaspersky Anti-Virus database records: 595714
    Scan Settings
    Scan using the following antivirus database extended
    Scan Archives true
    Scan Mail Bases true
    Scan Target My Computer
    C:\
    D:\
    E:\
    Scan Statistics
    Total number of scanned objects 150690
    Number of viruses found 0
    Number of infected objects 0
    Number of suspicious objects 0
    Duration of the scan process 01:45:51

    Infected Object Name Virus Name Last Action
    C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
    C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
    C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
    C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
    C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
    C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped
    C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.ilg Object is locked skipped
    C:\ProgramData\CyberLink\TinyDB\EPGSignal Object is locked skipped
    C:\ProgramData\CyberLink\TinyDB\Schedule Object is locked skipped
    C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7166296a305116d221e5d410a6639560_4fd8ab0f-1f64-422c-b4ef-bf359549cc3b Object is locked skipped
    C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_4fd8ab0f-1f64-422c-b4ef-bf359549cc3b Object is locked skipped
    C:\ProgramData\Microsoft\User Account Pictures\Shaun_2.dat Object is locked skipped
    C:\System.sav\util\App.Evt Object is locked skipped
    C:\System.sav\util\Sec.Evt Object is locked skipped
    C:\System.sav\util\Sys.Evt Object is locked skipped
    C:\Users\Public\StarzEntertainment\Vongo\Data\vongo.dat Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\InputPersonalization\edb.log Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\InputPersonalization\inkStore.mdb Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\InputPersonalization\tmp.edb Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Messenger\shaun1968@hotmail.com\SharingMetadata\activitylog.dat Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Messenger\shaun1968@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Messenger\shaun1968@hotmail.com\SharingMetadata\pending.dat Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Messenger\shaun1968@hotmail.com\SharingMetadata\Working\database_745A_A867_73EF_406E\dfsr.db Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Messenger\shaun1968@hotmail.com\SharingMetadata\Working\database_745A_A867_73EF_406E\fsr.log Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Messenger\shaun1968@hotmail.com\SharingMetadata\Working\database_745A_A867_73EF_406E\fsrtmp.log Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Messenger\shaun1968@hotmail.com\SharingMetadata\Working\database_745A_A867_73EF_406E\tmp.edb Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012008030420080305\index.dat Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\UsrClass.dat{7fa8c788-6de7-11dc-a5fe-001a6bdf6244}.TM.blf Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\UsrClass.dat{7fa8c788-6de7-11dc-a5fe-001a6bdf6244}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows\UsrClass.dat{7fa8c788-6de7-11dc-a5fe-001a6bdf6244}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows Defender\FileTracker\{60999DF9-23CA-46C4-B71D-8037288F833D} Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows Live Contacts\shaun1968@hotmail.com\real\members.stg Object is locked skipped
    C:\Users\Shaun\AppData\Local\Microsoft\Windows Live Contacts\shaun1968@hotmail.com\shadow\members.stg Object is locked skipped
    C:\Users\Shaun\AppData\Local\Mozilla\Firefox\Profiles\fgsvh3kw.default\Cache\_CACHE_001_ Object is locked skipped
    C:\Users\Shaun\AppData\Local\Mozilla\Firefox\Profiles\fgsvh3kw.default\Cache\_CACHE_002_ Object is locked skipped
    C:\Users\Shaun\AppData\Local\Mozilla\Firefox\Profiles\fgsvh3kw.default\Cache\_CACHE_003_ Object is locked skipped
    C:\Users\Shaun\AppData\Local\Mozilla\Firefox\Profiles\fgsvh3kw.default\Cache\_CACHE_MAP_ Object is locked skipped
    C:\Users\Shaun\AppData\Local\Temp\Low\~DF58E5.tmp Object is locked skipped
    C:\Users\Shaun\AppData\Local\Temp\~DF17D2.tmp Object is locked skipped
    C:\Users\Shaun\AppData\Local\Temp\~DF17D7.tmp Object is locked skipped
    C:\Users\Shaun\AppData\Local\Temp\~DF22AD.tmp Object is locked skipped
    C:\Users\Shaun\AppData\Local\Temp\~DF22B2.tmp Object is locked skipped
    C:\Users\Shaun\AppData\Local\Temp\~PI79AC.tmp Object is locked skipped
    C:\Users\Shaun\AppData\Local\Temp\~PI79DB.tmp Object is locked skipped
    C:\Users\Shaun\AppData\Local\Temp\~PI7F2A.tmp Object is locked skipped
    C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped
    C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat Object is locked skipped
    C:\Users\Shaun\AppData\Roaming\Mozilla\Firefox\Profiles\fgsvh3kw.default\cert8.db Object is locked skipped
    C:\Users\Shaun\AppData\Roaming\Mozilla\Firefox\Profiles\fgsvh3kw.default\formhistory.dat Object is locked skipped
    C:\Users\Shaun\AppData\Roaming\Mozilla\Firefox\Profiles\fgsvh3kw.default\history.dat Object is locked skipped
    C:\Users\Shaun\AppData\Roaming\Mozilla\Firefox\Profiles\fgsvh3kw.default\key3.db Object is locked skipped
    C:\Users\Shaun\AppData\Roaming\Mozilla\Firefox\Profiles\fgsvh3kw.default\parent.lock Object is locked skipped
    C:\Users\Shaun\AppData\Roaming\Mozilla\Firefox\Profiles\fgsvh3kw.default\search.sqlite Object is locked skipped
    C:\Users\Shaun\AppData\Roaming\Mozilla\Firefox\Profiles\fgsvh3kw.default\urlclassifier2.sqlite Object is locked skipped
    C:\Users\Shaun\ntuser.dat Object is locked skipped
    C:\Users\Shaun\ntuser.dat.LOG1 Object is locked skipped
    C:\Users\Shaun\ntuser.dat.LOG2 Object is locked skipped
    C:\Users\Shaun\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
    C:\Users\Shaun\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
    C:\Users\Shaun\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
    C:\Windows\bthservsdp.dat Object is locked skipped
    C:\Windows\Debug\PASSWD.LOG Object is locked skipped
    C:\Windows\Debug\sam.log Object is locked skipped
    C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped
    C:\Windows\Logs\CBS\CBS.log Object is locked skipped
    C:\Windows\Logs\CBS\CBS.persist.log Object is locked skipped
    C:\Windows\Logs\DPX\setupact.log Object is locked skipped
    C:\Windows\Logs\DPX\setuperr.log Object is locked skipped
    C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config Object is locked skipped
    C:\Windows\panther\diagerr.xml Object is locked skipped
    C:\Windows\panther\diagwrn.xml Object is locked skipped
    C:\Windows\panther\setupact.log Object is locked skipped
    C:\Windows\panther\setuperr.log Object is locked skipped
    C:\Windows\panther\UnattendGC\diagerr.xml Object is locked skipped
    C:\Windows\panther\UnattendGC\diagwrn.xml Object is locked skipped
    C:\Windows\panther\UnattendGC\setupact.log Object is locked skipped
    C:\Windows\panther\UnattendGC\setuperr.log Object is locked skipped
    C:\Windows\security\database\secedit.sdb Object is locked skipped
    C:\Windows\SoftwareDistribution\EventCache\{B9FAEDD5-B901-4414-922A-3C35529C2E4E}.bin Object is locked skipped
    C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
    C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
    C:\Windows\System32\catroot2\edb.log Object is locked skipped
    C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
    C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
    C:\Windows\System32\config\components Object is locked skipped
    C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped
    C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped
    C:\Windows\System32\config\default Object is locked skipped
    C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped
    C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped
    C:\Windows\System32\config\sam Object is locked skipped
    C:\Windows\System32\config\SAM.LOG1 Object is locked skipped
    C:\Windows\System32\config\SAM.LOG2 Object is locked skipped
    C:\Windows\System32\config\security Object is locked skipped
    C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped
    C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped
    C:\Windows\System32\config\software Object is locked skipped
    C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped
    C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped
    C:\Windows\System32\config\system Object is locked skipped
    C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped
    C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped
    C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms Object is locked skipped
    C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms Object is locked skipped
    C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms Object is locked skipped
    C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf Object is locked skipped
    C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped
    C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
    C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
    C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000003.regtrans-ms Object is locked skipped
    C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000004.regtrans-ms Object is locked skipped
    C:\Windows\System32\Ikeext.etl Object is locked skipped
    C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
    C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
    C:\Windows\System32\restore\MachineGuid.txt Object is locked skipped
    C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped
    C:\Windows\System32\sysprep\Panther\diagerr.xml Object is locked skipped
    C:\Windows\System32\sysprep\Panther\diagwrn.xml Object is locked skipped
    C:\Windows\System32\sysprep\Panther\setupact.log Object is locked skipped
    C:\Windows\System32\sysprep\Panther\setuperr.log Object is locked skipped
    C:\Windows\System32\wbem\AutoRecover\3460B7617E0429A960E481B197F238A3.mof Object is locked skipped
    C:\Windows\System32\wbem\AutoRecover\E478A5DB75C9721E744C05D78DBACFD3.mof Object is locked skipped
    C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped
    C:\Windows\System32\wbem\repository\INDEX.BTR Object is locked skipped
    C:\Windows\System32\wbem\repository\MAPPING1.MAP Object is locked skipped
    C:\Windows\System32\wbem\repository\MAPPING2.MAP Object is locked skipped
    C:\Windows\System32\wbem\repository\OBJECTS.DATA Object is locked skipped
    C:\Windows\System32\winevt\Logs\Antivirus.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Help%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteAssistance%4Admin.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteAssistance%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\ODiag.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\OSession.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\Setup.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped
    C:\Windows\System32\winevt\Logs\VeriSoft.evtx Object is locked skipped
    C:\Windows\Tasks\HPCeeScheduleForShaun_2.job Object is locked skipped
    C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped
    C:\Windows\Temp\fwtsqmfile00.sqm Object is locked skipped
    C:\Windows\Temp\fwtsqmfile01.sqm Object is locked skipped
    C:\Windows\Temp\fwtsqmfile02.sqm Object is locked skipped
    C:\Windows\Temp\fwtsqmfile03.sqm Object is locked skipped
    C:\Windows\Temp\fwtsqmfile04.sqm Object is locked skipped
    C:\Windows\Temp\sqlite_gcqtJctPS5u4LL0 Object is locked skipped
    C:\Windows\Temp\_avast4_\Webshlock.txt Object is locked skipped
    C:\Windows\tracing\BAP.LOG Object is locked skipped
    C:\Windows\tracing\IpHlpSvc.LOG Object is locked skipped
    C:\Windows\tracing\KMDDSP.LOG Object is locked skipped
    C:\Windows\tracing\NDPTSP.LOG Object is locked skipped
    C:\Windows\tracing\PPP.LOG Object is locked skipped
    C:\Windows\tracing\RASAPI32.LOG Object is locked skipped
    C:\Windows\tracing\RASBACP.LOG Object is locked skipped
    C:\Windows\tracing\RASCCP.LOG Object is locked skipped
    C:\Windows\tracing\RASDLG.LOG Object is locked skipped
    C:\Windows\tracing\RASEAP.LOG Object is locked skipped
    C:\Windows\tracing\RASIPCP.LOG Object is locked skipped
    C:\Windows\tracing\RASIPHLP.LOG Object is locked skipped
    C:\Windows\tracing\RASIPV6CP.LOG Object is locked skipped
    C:\Windows\tracing\RASMAN.LOG Object is locked skipped
    C:\Windows\tracing\RASPAP.LOG Object is locked skipped
    C:\Windows\tracing\RASQEC.LOG Object is locked skipped
    C:\Windows\tracing\RASTAPI.LOG Object is locked skipped
    C:\Windows\tracing\svchost_RASCHAP.LOG Object is locked skipped
    C:\Windows\tracing\svchost_RASTLS.LOG Object is locked skipped
    C:\Windows\tracing\tapi32.LOG Object is locked skipped
    C:\Windows\tracing\tapisrv.LOG Object is locked skipped
    C:\Windows\WindowsUpdate.log Object is locked skipped
    C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16386_none_cef7ceb03914a67f\dnary.xsd Object is locked skipped
    Scan process completed.
     
    shaunywhu,
    #5
  7. 2008/03/04
    Geri Lifetime Subscription

    Geri Inactive Alumni

    Joined:
    2003/03/02
    Messages:
    4,580
    Likes Received:
    7
    Hi shaunywhu

    Well that came up clean. :) and your HJT log doesn't show anything.

    I don't believe you're infected with that virus.

    I would post the problem in the Hardware section here at bbs or maybe the Vista section.

    Someone there would be better to help you then I would be.

    Geri
     
    Geri,
    #6
  8. 2008/03/05
    shaunywhu

    shaunywhu Inactive Thread Starter

    Joined:
    2008/03/01
    Messages:
    9
    Likes Received:
    0
    Thanx Geri for your help

    I will try there.Its just strange that only when I use cam on msn then the volume mixer does this.

    Many thanks
    Shaun
     
    shaunywhu,
    #7

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...