Viruses, Spyware and...

Viruses, Spyware and other Nasties RSS

My taskbar changes colors and I lose my volume

Thread Solved

•

Join Date: Apr 2009

Posts: 13

Reputation: lizardc4 is an unknown quantity at this point

Solved Threads: 0

lizardc4

Offline

Newbie Poster

Re: My taskbar changes colors and I lose my volume

Apr 8th, 2009

Hi! I have the same problem... my taskbar changes and my volume doesn't start if I use another program that has sound (eg. if i listen to winamp, and i decide to go on youtube or a web page with sound it doesn't start. it works vice-versa as well. I used services.msc for the sound reacivation, and it work's but it's a bit annoying doing this over and over again. I already reinstalled windows, changed 3 anti virus programs but none removed this "bug" I am currently using Avira.

I took the HijackThis program and i runed it, after i closed the browser and here is the log:

Logfile of HijackThis v1.99.1
Scan saved at 11:15:23 AM, on 4/8/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Andu\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Shortcut to iTouch.lnk = C:\Program Files\Logitech\iTouch\iTouch.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O17 - HKLM\System\CCS\Services\Tcpip\..\{6526CFEA-8F00-4C61-834C-2855AD97371D}: NameServer = 193.19.192.15,193.19.192.16
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

I would really appreciate a answer! Thank you in advance!

•

Join Date: Jul 2007

Posts: 127

Reputation: MoralTerror is an unknown quantity at this point

Solved Threads: 10

MoralTerror MoralTerror is offline

Offline

Junior Poster

Re: My taskbar changes colors and I lose my volume

Apr 10th, 2009

Hi lizardc4

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Proud member of TSF Security Team
Proud member of ASAP (Alliance of Security Analysis Professionals)
Proud member of UNITE (Unified Network of Instructors and Trained Eliminators)

•

Join Date: Apr 2009

Posts: 13

Reputation: lizardc4 is an unknown quantity at this point

Solved Threads: 0

lizardc4

Offline

Newbie Poster

Re: My taskbar changes colors and I lose my volume

Apr 10th, 2009

Ok! This is my log:

ComboFix 09-04-04.01 - Andu 2009-04-10 13:41:42.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2037.1605 [GMT 3:00]
Running from: c:\documents and settings\Andu\Desktop\ComboFix.exe
AV: Avira Premium Security Suite *On-access scanning disabled* (Outdated)
FW: Avira Firewall *disabled*
.

((((((((((((((((((((((((( Files Created from 2009-03-10 to 2009-04-10 )))))))))))))))))))))))))))))))
.

2009-04-10 02:39 . 2009-04-10 02:46 <DIR> d-------- c:\program files\Boxen Die Championship Simulation
2009-04-06 00:05 . 2009-04-06 00:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Seagate
2009-04-06 00:04 . 2009-04-06 00:04 441,760 --a------ c:\windows\system32\drivers\timntr.sys
2009-04-06 00:04 . 2009-04-06 00:04 368,480 --a------ c:\windows\system32\drivers\tdrpman.sys
2009-04-06 00:04 . 2009-04-06 00:04 132,224 --a------ c:\windows\system32\drivers\snapman.sys
2009-04-06 00:04 . 2009-04-06 00:04 44,384 --a------ c:\windows\system32\drivers\tifsfilt.sys
2009-04-06 00:01 . 2009-04-06 00:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2009-04-05 22:35 . 2009-04-05 22:36 <DIR> d-------- c:\program files\Bonjour
2009-04-05 22:25 . 2009-04-05 22:25 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2009-04-05 16:46 . 2009-04-05 16:46 <DIR> d-------- c:\documents and settings\Andu\Application Data\Avira
2009-04-02 01:10 . 2009-04-02 01:10 <DIR> d-------- c:\program files\EnRo Dictionary
2009-04-01 00:18 . 2009-04-06 01:00 <DIR> d-------- c:\program files\The KMPlayer
2009-03-31 21:25 . 2009-03-31 21:25 54,156 --ah----- c:\windows\QTFont.qfn
2009-03-31 21:25 . 2009-03-31 21:25 1,409 --a------ c:\windows\QTFont.for
2009-03-31 21:21 . 2009-03-31 21:21 172 --a------ c:\windows\wcx_ftp.ini
2009-03-31 21:12 . 2009-03-31 21:12 <DIR> d-------- C:\totalcmd
2009-03-31 21:12 . 2009-03-31 21:37 769 --a------ c:\windows\wincmd.ini
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\UC.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\RAR.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\PKZIP.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\PKUNZIP.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\NOCLOSE.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\LHA.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\ARJ.PIF
2009-03-30 21:11 . 2009-03-30 21:11 <DIR> d-------- c:\program files\Lavalys
2009-03-30 20:51 . 2009-03-30 21:10 <DIR> d-------- c:\program files\Everest
2009-03-30 17:01 . 2009-03-30 17:01 <DIR> d-------- c:\program files\Logitech
2009-03-30 17:01 . 2009-03-30 17:01 <DIR> d-------- c:\program files\Common Files\Logitech
2009-03-30 17:01 . 2003-03-18 22:20 1,060,864 --a------ c:\windows\system32\MFC71.dll
2009-03-30 17:01 . 2003-03-18 21:14 499,712 --a------ c:\windows\system32\msvcp71.dll
2009-03-30 17:01 . 2003-02-21 05:42 348,160 --a------ c:\windows\system32\Msvcr71.dll
2009-03-30 17:01 . 2002-01-05 04:38 54,784 --a------ c:\windows\system32\MSVCI70.DLL
2009-03-30 17:01 . 2004-03-03 09:50 37,887 --a------ c:\windows\system32\drivers\LHidUsb.sys
2009-03-30 17:01 . 2004-03-03 09:50 14,095 --a------ c:\windows\system32\drivers\LCcfltr.sys
2009-03-30 17:01 . 2004-03-10 13:42 12,953 --------- c:\windows\system32\drivers\itchfltr.sys
2009-03-30 17:01 . 2009-04-10 12:37 65 --a------ c:\windows\iTouch.ini
2009-03-30 16:11 . 2009-03-30 16:11 <DIR> d-------- c:\program files\Yahoo!
2009-03-30 16:11 . 2009-03-30 16:11 <DIR> d-------- c:\documents and settings\LocalService\Application Data\PeerNetworking
2009-03-30 16:11 . 2009-03-30 16:11 <DIR> d-------- c:\documents and settings\Andu\Application Data\Yahoo!
2009-03-30 16:11 . 2009-03-30 16:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-03-30 16:11 . 2009-03-30 16:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo!
2009-03-30 16:00 . 2009-03-30 16:00 <DIR> d-------- c:\documents and settings\Andu\Application Data\Realtime Soft
2009-03-30 15:40 . 2009-03-30 15:40 <DIR> d-------- c:\documents and settings\Andu\Application Data\DAEMON Tools
2009-03-30 15:39 . 2009-03-30 16:37 <DIR> d-------- c:\documents and settings\Andu\Application Data\DisplayTune
2009-03-30 15:37 . 2009-03-30 15:37 <DIR> d-------- c:\program files\DAEMON Tools Toolbar
2009-03-30 15:37 . 2009-03-30 15:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-03-30 15:36 . 2009-03-30 15:39 <DIR> d-------- c:\program files\DAEMON Tools Lite
2009-03-30 15:36 . 2009-03-30 19:11 <DIR> d-------- c:\documents and settings\Andu\Application Data\DAEMON Tools Lite
2009-03-30 15:33 . 2004-08-04 01:56 1,392,671 --a------ c:\windows\msvbvm60.dll
2009-03-30 15:33 . 2002-01-05 04:40 487,424 --a------ c:\windows\msvcp70.dll
2009-03-30 15:33 . 2002-01-05 04:37 344,064 --a------ c:\windows\msvcr70.dll
2009-03-30 15:27 . 2006-11-10 08:25 319,456 --a------ c:\windows\system32\difxapi.dll
2009-03-30 15:27 . 2007-09-05 17:13 170,520 --a------ c:\windows\system32\igfxzoom.exe
2009-03-30 15:27 . 2007-08-24 11:29 147,456 --a------ c:\windows\system32\igfxCoIn_v4864.dll
2009-03-30 15:26 . 2009-04-06 00:37 <DIR> d-------- c:\windows\RaidTool
2009-03-30 15:26 . 2009-03-30 15:26 <DIR> d-------- C:\RaidTool
2009-03-30 15:26 . 2007-11-19 11:28 1,966,080 --a------ c:\windows\system32\xRaidSetup.exe
2009-03-30 15:26 . 2008-03-19 10:54 151,552 --a------ c:\windows\system32\xRaidAPI.dll
2009-03-30 15:26 . 2008-10-01 14:32 82,272 --a------ c:\windows\system32\drivers\jraid.sys
2009-03-30 15:20 . 2009-03-30 16:51 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-30 15:20 . 2009-03-30 21:24 <DIR> d-------- c:\program files\Intel
2009-03-30 15:20 . 2009-03-30 15:20 <DIR> d-------- C:\Intel
2009-03-30 15:20 . 2007-07-26 16:15 53,248 --a------ c:\windows\system32\CSVer.dll
2009-03-30 15:19 . 2008-08-05 20:10 1,684,736 --a------ c:\windows\system32\drivers\Ambfilt.sys
2009-03-30 15:19 . 2006-01-04 15:41 1,389,056 --a------ c:\windows\system32\drivers\Monfilt.sys
2009-03-30 15:19 . 2008-10-23 17:42 290,816 --a------ c:\windows\vncutil.exe
2009-03-30 15:19 . 2008-06-24 14:46 104,992 --a------ c:\windows\RtkAudioService.exe
2009-03-30 15:19 . 2009-02-09 14:34 35,840 --a------ c:\windows\system32\RtkCoInstXP.dll
2009-03-30 15:18 . 2009-03-23 11:13 <DIR> d-------- c:\program files\HD_Audio
2009-03-30 14:55 . 2009-03-30 14:55 1,148 --a------ c:\windows\mozver.dat
2009-03-30 14:43 . 2009-03-30 14:43 <DIR> d-------- c:\windows\Sun
2009-03-30 14:43 . 2009-03-30 14:43 <DIR> d-------- c:\program files\SystemRequirementsLab
2009-03-30 14:43 . 2009-03-30 14:43 <DIR> d-------- c:\documents and settings\Andu\Application Data\SystemRequirementsLab
2009-03-30 14:41 . 2009-03-30 14:41 <DIR> d-------- c:\program files\Java
2009-03-30 14:41 . 2009-03-30 14:41 410,984 --a------ c:\windows\system32\deploytk.dll
2009-03-30 14:41 . 2009-03-30 14:41 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-26 11:54 . 2009-04-09 11:39 <DIR> d-------- c:\program files\oDC
2009-03-26 01:31 . 2009-03-26 01:31 <DIR> d-------- c:\documents and settings\Andu\Application Data\vlc
2009-03-26 01:22 . 2009-03-26 01:22 940,794 --a------ c:\windows\system32\LoopyMusic.wav
2009-03-26 01:22 . 2009-03-26 01:22 146,650 --a------ c:\windows\system32\BuzzingBee.wav
2009-03-26 01:19 . 2009-03-26 01:19 <DIR> d-------- c:\program files\Realtek
2009-03-26 01:19 . 2009-04-08 22:19 <DIR> d--h----- c:\program files\InstallShield Installation Information
2009-03-26 01:19 . 2009-03-30 17:00 <DIR> d-------- c:\program files\Common Files\InstallShield
2009-03-26 01:19 . 2009-02-17 15:50 17,508,864 --a------ c:\windows\RTHDCPL.EXE
2009-03-26 01:19 . 2008-06-19 16:27 9,715,200 --a------ c:\windows\RTLCPL.EXE
2009-03-26 01:19 . 2009-02-17 16:55 5,026,816 --a------ c:\windows\system32\drivers\RtkHDAud.sys
2009-03-26 01:19 . 2008-06-19 16:42 2,808,832 --a------ c:\windows\ALCWZRD.EXE
2009-03-26 01:19 . 2008-09-30 16:38 2,168,320 --a------ c:\windows\MicCal.exe
2009-03-26 01:19 . 2007-11-20 18:15 1,826,816 --a------ c:\windows\SkyTel.exe
2009-03-26 01:19 . 2009-01-21 15:54 1,206,816 --a------ c:\windows\RtlUpd.exe
2009-03-26 01:19 . 2008-08-25 16:17 528,384 --a------ c:\windows\RtlExUpd.dll
2009-03-26 01:19 . 2008-06-19 16:24 278,528 --a------ c:\windows\system32\ALSNDMGR.CPL
2009-03-26 01:19 . 2008-03-13 14:52 266,240 --a------ c:\windows\system32\RTSndMgr.CPL
2009-03-26 01:19 . 2008-08-19 13:26 77,824 --a------ c:\windows\SOUNDMAN.EXE
2009-03-26 01:19 . 2008-06-19 16:20 57,344 --a------ c:\windows\ALCMTR.EXE
2009-03-26 01:18 . 2009-03-26 01:18 <DIR> d-------- c:\documents and settings\Andu\Application Data\InstallShield
2009-03-26 00:48 . 2009-03-26 00:48 <DIR> d-------- c:\program files\Common Files\xing shared
2009-03-26 00:47 . 2009-03-26 00:47 <DIR> d-------- c:\windows\system32\QuickTime
2009-03-26 00:47 . 2009-03-26 00:47 <DIR> d-------- c:\program files\Real
2009-03-26 00:47 . 2009-03-26 00:47 <DIR> d-------- c:\program files\QuickTime
2009-03-26 00:47 . 2009-03-26 00:48 <DIR> d-------- c:\program files\Common Files\Real
2009-03-26 00:47 . 1999-11-10 10:35 86,016 --a------ c:\windows\unvise32qt.exe
2009-03-26 00:46 . 2009-03-26 00:46 <DIR> d-------- c:\program files\VideoLAN
2009-03-26 00:46 . 2009-03-26 00:46 <DIR> d-------- c:\documents and settings\All Users\Application Data\QuickTime
2009-03-26 00:43 . 2009-03-26 00:43 <DIR> d-------- c:\program files\uTorrent
2009-03-26 00:43 . 2009-04-10 02:49 <DIR> d-------- c:\documents and settings\Andu\Application Data\uTorrent
2009-03-26 00:38 . 2009-03-26 00:38 <DIR> d-------- c:\program files\Avira
2009-03-26 00:38 . 2009-03-26 00:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avira
2009-03-26 00:38 . 2008-03-06 10:45 71,464 --a------ c:\windows\system32\drivers\avfwim.sys
2009-03-26 00:38 . 2008-02-07 08:30 66,176 --a------ c:\windows\system32\drivers\avfwot.sys
2009-03-26 00:33 . 2009-04-09 22:53 116 --a------ c:\windows\NeroDigital.ini
2009-03-26 00:30 . 2009-03-26 00:30 0 --a------ c:\windows\nsreg.dat
2009-03-26 00:25 . 2009-03-26 00:25 <DIR> d-------- c:\program files\Nero
2009-03-26 00:25 . 2009-03-26 00:25 <DIR> d-------- c:\program files\Common Files\Ahead
2009-03-26 00:25 . 2009-03-26 00:25 <DIR> d-------- c:\documents and settings\Andu\Application Data\Ahead
2009-03-26 00:15 . 2001-08-23 15:00 18,944 --a------ c:\windows\system32\simptcp.dll
2009-03-26 00:15 . 2001-08-23 15:00 18,944 --a--c--- c:\windows\system32\dllcache\simptcp.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-09 07:28 --------- d-----w c:\documents and settings\Andu\Application Data\U3
2009-04-08 17:59 --------- d-----w c:\documents and settings\Andu\Application Data\Winamp
2009-04-05 19:35 --------- d-----w c:\program files\Common Files\Adobe
2009-04-01 20:50 --------- d-----w c:\program files\Winamp
2009-03-30 12:40 --------- d-----w c:\documents and settings\Andu\Application Data\DAEMON Tools Pro
2009-03-25 22:03 --------- d-----w c:\program files\DAEMON Tools Pro
2009-03-23 19:00 --------- d-----w c:\program files\Common Files\Adobe AIR
2009-03-23 18:53 --------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-03-23 18:52 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2009-03-23 18:39 --------- d-----w c:\program files\microsoft frontpage
2009-03-23 18:35 --------- d-----w c:\program files\Windows Media Connect 2
2009-01-29 07:12 993,816 ----a-w c:\windows\system32\igxpun.exe
2009-01-21 08:52 155,648 ----a-w c:\windows\system32\igfxCoIn_v5029.dll
2009-01-21 08:44 3,773,440 ----a-w c:\windows\system32\igxpdx32.dll
2009-01-21 08:44 2,686,368 ----a-w c:\windows\system32\igxpdv32.dll
2009-01-21 08:43 57,344 ----a-w c:\windows\system32\igxprd32.dll
2009-01-21 08:43 183,808 ----a-w c:\windows\system32\igxpgd32.dll
2009-01-21 08:32 294,912 ----a-w c:\windows\system32\igldev32.dll
2009-01-21 08:32 2,342,912 ----a-w c:\windows\system32\iglicd32.dll
2009-01-21 08:20 645,632 ----a-w c:\windows\system32\igfxcfg.exe
2009-01-21 08:20 23,552 ----a-w c:\windows\system32\igfxexps.dll
2009-01-21 08:20 166,912 ----a-w c:\windows\system32\hkcmd.exe
2009-01-21 08:20 165,888 ----a-w c:\windows\system32\igfxext.exe
2009-01-21 08:20 134,656 ----a-w c:\windows\system32\igfxtray.exe
2009-01-21 08:18 51,712 ----a-w c:\windows\system32\igfxsrvc.dll
2009-01-21 08:18 243,712 ----a-w c:\windows\system32\igfxsrvc.exe
2009-01-21 08:18 199,168 ----a-w c:\windows\system32\igfxpph.dll
2009-01-21 08:18 134,656 ----a-w c:\windows\system32\igfxpers.exe
2009-01-21 08:18 130,048 ----a-w c:\windows\system32\igfxdo.dll
2009-01-21 08:17 93,696 ----a-w c:\windows\system32\hccutils.dll
2009-01-21 08:17 5,702,656 ----a-w c:\windows\system32\igfxress.dll
2009-01-21 08:17 205,824 ----a-w c:\windows\system32\igfxdev.dll
2009-01-13 22:16 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-03-18 4363504]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-03-09 37888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avgnt"="c:\program files\Avira\Avira Premium Security Suite\avgnt.exe" [2008-02-12 262401]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-03-26 98304]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-26 185896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-30 148888]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1966080]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-21 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-01-21 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-01-21 134656]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-17 c:\windows\RTHDCPL.EXE]

c:\documents and settings\Andu\Start Menu\Programs\Startup\
Shortcut to iTouch.lnk - c:\program files\Logitech\iTouch\iTouch.exe [2009-03-30 892928]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\THQ\\MotoGP URT 3\\motogp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP

eer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [2009-03-26 66176]
R2 AntiVirFirewallService;Avira Premium Security Suite Firewall;c:\program files\Avira\Avira Premium Security Suite\avfwsvc.exe [2009-03-26 344321]
R2 AntiVirMailService;Avira Premium Security Suite MailGuard;c:\program files\Avira\Avira Premium Security Suite\avmailc.exe [2009-03-26 164097]
R2 antivirwebservice;Avira Premium Security Suite WebGuard;c:\program files\Avira\Avira Premium Security Suite\avwebgrd.exe [2009-03-26 254209]
R2 AVEService;Avira Premium Security Suite MailGuard helper service;c:\program files\Avira\Avira Premium Security Suite\avesvc.exe [2009-03-26 41217]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [2009-03-26 71464]
R3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\drivers\LCcfltr.sys [2009-03-30 14095]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-03-30 1684736]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63b956fb-17da-11de-bd23-db31aced8c58}]
\Shell\AutoRun\command - I:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63b956fc-17da-11de-bd23-db31aced8c58}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\m.exe /s
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
uInternet Settings,ProxyOverride = *.local
LSP: avsda.dll
TCP: {6526CFEA-8F00-4C61-834C-2855AD97371D} = 193.19.192.15,193.19.192.16
FF - ProfilePath - c:\documents and settings\Andu\Application Data\Mozilla\Firefox\Profiles\udxb6omz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ro/
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-10 13:42:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1232)
c:\windows\system32\avsda.dll
.
Completion time: 2009-04-10 13:42:34
ComboFix-quarantined-files.txt 2009-04-10 10:42:33
ComboFix2.txt 2009-04-10 10:37:31

Pre-Run: 27,752,296,448 bytes free
Post-Run: 27,740,418,048 bytes free

250

•

Join Date: Jul 2007

Posts: 127

Reputation: MoralTerror is an unknown quantity at this point

Solved Threads: 10

MoralTerror MoralTerror is offline

Offline

Junior Poster

Re: My taskbar changes colors and I lose my volume

Apr 12th, 2009

Hi lizard

Download and run Flash_Disinfector.exe Follow any prompts that may appear.

Your desktop will vanish for a while, and then reappear. This is normal.
Wait until the program has finished scanning, then please exit the program.
Restart your computer

It appears you have run ComboFix more than once. Please click Start > Run and type the following into the run box:

C:\qoobox\ComboFix2.txt

Press enter. Copy/paste the log which opens into your next reply.

Please also provide an update on system behaviour.

Proud member of TSF Security Team
Proud member of ASAP (Alliance of Security Analysis Professionals)
Proud member of UNITE (Unified Network of Instructors and Trained Eliminators)

•

Join Date: Apr 2009

Posts: 13

Reputation: lizardc4 is an unknown quantity at this point

Solved Threads: 0

lizardc4

Offline

Newbie Poster

Re: My taskbar changes colors and I lose my volume

Apr 12th, 2009

Yes, I did runed combofix twiece, becouse the first time the log was empty. I will make an update on the system behavior in a few hours, I've just come home from some friends... Thank you again for the help

ComboFix 09-04-04.01 - Andu 2009-04-10 13:36:33.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2037.1604 [GMT 3:00]
Running from: c:\documents and settings\Andu\Desktop\ComboFix.exe
AV: Avira Premium Security Suite *On-access scanning disabled* (Outdated)
FW: Avira Firewall *disabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\Andu\LOCALS~1\Temp\tmp2.tmp

.
((((((((((((((((((((((((( Files Created from 2009-03-10 to 2009-04-10 )))))))))))))))))))))))))))))))
.

2009-04-10 02:39 . 2009-04-10 02:46 <DIR> d-------- c:\program files\Boxen Die Championship Simulation
2009-04-06 00:05 . 2009-04-06 00:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Seagate
2009-04-06 00:04 . 2009-04-06 00:04 441,760 --a------ c:\windows\system32\drivers\timntr.sys
2009-04-06 00:04 . 2009-04-06 00:04 368,480 --a------ c:\windows\system32\drivers\tdrpman.sys
2009-04-06 00:04 . 2009-04-06 00:04 132,224 --a------ c:\windows\system32\drivers\snapman.sys
2009-04-06 00:04 . 2009-04-06 00:04 44,384 --a------ c:\windows\system32\drivers\tifsfilt.sys
2009-04-06 00:01 . 2009-04-06 00:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2009-04-05 22:35 . 2009-04-05 22:36 <DIR> d-------- c:\program files\Bonjour
2009-04-05 22:25 . 2009-04-05 22:25 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2009-04-05 16:46 . 2009-04-05 16:46 <DIR> d-------- c:\documents and settings\Andu\Application Data\Avira
2009-04-02 01:10 . 2009-04-02 01:10 <DIR> d-------- c:\program files\EnRo Dictionary
2009-04-01 00:18 . 2009-04-06 01:00 <DIR> d-------- c:\program files\The KMPlayer
2009-03-31 21:25 . 2009-03-31 21:25 54,156 --ah----- c:\windows\QTFont.qfn
2009-03-31 21:25 . 2009-03-31 21:25 1,409 --a------ c:\windows\QTFont.for
2009-03-31 21:21 . 2009-03-31 21:21 172 --a------ c:\windows\wcx_ftp.ini
2009-03-31 21:12 . 2009-03-31 21:12 <DIR> d-------- C:\totalcmd
2009-03-31 21:12 . 2009-03-31 21:37 769 --a------ c:\windows\wincmd.ini
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\UC.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\RAR.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\PKZIP.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\PKUNZIP.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\NOCLOSE.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\LHA.PIF
2009-03-31 21:12 . 2008-08-08 07:04 545 --a------ c:\windows\ARJ.PIF
2009-03-30 21:11 . 2009-03-30 21:11 <DIR> d-------- c:\program files\Lavalys
2009-03-30 20:51 . 2009-03-30 21:10 <DIR> d-------- c:\program files\Everest
2009-03-30 17:01 . 2009-03-30 17:01 <DIR> d-------- c:\program files\Logitech
2009-03-30 17:01 . 2009-03-30 17:01 <DIR> d-------- c:\program files\Common Files\Logitech
2009-03-30 17:01 . 2003-03-18 22:20 1,060,864 --a------ c:\windows\system32\MFC71.dll
2009-03-30 17:01 . 2003-03-18 21:14 499,712 --a------ c:\windows\system32\msvcp71.dll
2009-03-30 17:01 . 2003-02-21 05:42 348,160 --a------ c:\windows\system32\Msvcr71.dll
2009-03-30 17:01 . 2002-01-05 04:38 54,784 --a------ c:\windows\system32\MSVCI70.DLL
2009-03-30 17:01 . 2004-03-03 09:50 37,887 --a------ c:\windows\system32\drivers\LHidUsb.sys
2009-03-30 17:01 . 2004-03-03 09:50 14,095 --a------ c:\windows\system32\drivers\LCcfltr.sys
2009-03-30 17:01 . 2004-03-10 13:42 12,953 --------- c:\windows\system32\drivers\itchfltr.sys
2009-03-30 17:01 . 2009-04-10 12:37 65 --a------ c:\windows\iTouch.ini
2009-03-30 16:11 . 2009-03-30 16:11 <DIR> d-------- c:\program files\Yahoo!
2009-03-30 16:11 . 2009-03-30 16:11 <DIR> d-------- c:\documents and settings\LocalService\Application Data\PeerNetworking
2009-03-30 16:11 . 2009-03-30 16:11 <DIR> d-------- c:\documents and settings\Andu\Application Data\Yahoo!
2009-03-30 16:11 . 2009-03-30 16:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-03-30 16:11 . 2009-03-30 16:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo!
2009-03-30 16:00 . 2009-03-30 16:00 <DIR> d-------- c:\documents and settings\Andu\Application Data\Realtime Soft
2009-03-30 15:40 . 2009-03-30 15:40 <DIR> d-------- c:\documents and settings\Andu\Application Data\DAEMON Tools
2009-03-30 15:39 . 2009-03-30 16:37 <DIR> d-------- c:\documents and settings\Andu\Application Data\DisplayTune
2009-03-30 15:37 . 2009-03-30 15:37 <DIR> d-------- c:\program files\DAEMON Tools Toolbar
2009-03-30 15:37 . 2009-03-30 15:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-03-30 15:36 . 2009-03-30 15:39 <DIR> d-------- c:\program files\DAEMON Tools Lite
2009-03-30 15:36 . 2009-03-30 19:11 <DIR> d-------- c:\documents and settings\Andu\Application Data\DAEMON Tools Lite
2009-03-30 15:33 . 2004-08-04 01:56 1,392,671 --a------ c:\windows\msvbvm60.dll
2009-03-30 15:33 . 2002-01-05 04:40 487,424 --a------ c:\windows\msvcp70.dll
2009-03-30 15:33 . 2002-01-05 04:37 344,064 --a------ c:\windows\msvcr70.dll
2009-03-30 15:27 . 2006-11-10 08:25 319,456 --a------ c:\windows\system32\difxapi.dll
2009-03-30 15:27 . 2007-09-05 17:13 170,520 --a------ c:\windows\system32\igfxzoom.exe
2009-03-30 15:27 . 2007-08-24 11:29 147,456 --a------ c:\windows\system32\igfxCoIn_v4864.dll
2009-03-30 15:26 . 2009-04-06 00:37 <DIR> d-------- c:\windows\RaidTool
2009-03-30 15:26 . 2009-03-30 15:26 <DIR> d-------- C:\RaidTool
2009-03-30 15:26 . 2007-11-19 11:28 1,966,080 --a------ c:\windows\system32\xRaidSetup.exe
2009-03-30 15:26 . 2008-03-19 10:54 151,552 --a------ c:\windows\system32\xRaidAPI.dll
2009-03-30 15:26 . 2008-10-01 14:32 82,272 --a------ c:\windows\system32\drivers\jraid.sys
2009-03-30 15:20 . 2009-03-30 16:51 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-30 15:20 . 2009-03-30 21:24 <DIR> d-------- c:\program files\Intel
2009-03-30 15:20 . 2009-03-30 15:20 <DIR> d-------- C:\Intel
2009-03-30 15:20 . 2007-07-26 16:15 53,248 --a------ c:\windows\system32\CSVer.dll
2009-03-30 15:19 . 2008-08-05 20:10 1,684,736 --a------ c:\windows\system32\drivers\Ambfilt.sys
2009-03-30 15:19 . 2006-01-04 15:41 1,389,056 --a------ c:\windows\system32\drivers\Monfilt.sys
2009-03-30 15:19 . 2008-10-23 17:42 290,816 --a------ c:\windows\vncutil.exe
2009-03-30 15:19 . 2008-06-24 14:46 104,992 --a------ c:\windows\RtkAudioService.exe
2009-03-30 15:19 . 2009-02-09 14:34 35,840 --a------ c:\windows\system32\RtkCoInstXP.dll
2009-03-30 15:18 . 2009-03-23 11:13 <DIR> d-------- c:\program files\HD_Audio
2009-03-30 14:55 . 2009-03-30 14:55 1,148 --a------ c:\windows\mozver.dat
2009-03-30 14:43 . 2009-03-30 14:43 <DIR> d-------- c:\windows\Sun
2009-03-30 14:43 . 2009-03-30 14:43 <DIR> d-------- c:\program files\SystemRequirementsLab
2009-03-30 14:43 . 2009-03-30 14:43 <DIR> d-------- c:\documents and settings\Andu\Application Data\SystemRequirementsLab
2009-03-30 14:41 . 2009-03-30 14:41 <DIR> d-------- c:\program files\Java
2009-03-30 14:41 . 2009-03-30 14:41 410,984 --a------ c:\windows\system32\deploytk.dll
2009-03-30 14:41 . 2009-03-30 14:41 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-26 11:54 . 2009-04-09 11:39 <DIR> d-------- c:\program files\oDC
2009-03-26 01:31 . 2009-03-26 01:31 <DIR> d-------- c:\documents and settings\Andu\Application Data\vlc
2009-03-26 01:22 . 2009-03-26 01:22 940,794 --a------ c:\windows\system32\LoopyMusic.wav
2009-03-26 01:22 . 2009-03-26 01:22 146,650 --a------ c:\windows\system32\BuzzingBee.wav
2009-03-26 01:19 . 2009-03-26 01:19 <DIR> d-------- c:\program files\Realtek
2009-03-26 01:19 . 2009-04-08 22:19 <DIR> d--h----- c:\program files\InstallShield Installation Information
2009-03-26 01:19 . 2009-03-30 17:00 <DIR> d-------- c:\program files\Common Files\InstallShield
2009-03-26 01:19 . 2009-02-17 15:50 17,508,864 --a------ c:\windows\RTHDCPL.EXE
2009-03-26 01:19 . 2008-06-19 16:27 9,715,200 --a------ c:\windows\RTLCPL.EXE
2009-03-26 01:19 . 2009-02-17 16:55 5,026,816 --a------ c:\windows\system32\drivers\RtkHDAud.sys
2009-03-26 01:19 . 2008-06-19 16:42 2,808,832 --a------ c:\windows\ALCWZRD.EXE
2009-03-26 01:19 . 2008-09-30 16:38 2,168,320 --a------ c:\windows\MicCal.exe
2009-03-26 01:19 . 2007-11-20 18:15 1,826,816 --a------ c:\windows\SkyTel.exe
2009-03-26 01:19 . 2009-01-21 15:54 1,206,816 --a------ c:\windows\RtlUpd.exe
2009-03-26 01:19 . 2008-08-25 16:17 528,384 --a------ c:\windows\RtlExUpd.dll
2009-03-26 01:19 . 2008-06-19 16:24 278,528 --a------ c:\windows\system32\ALSNDMGR.CPL
2009-03-26 01:19 . 2008-03-13 14:52 266,240 --a------ c:\windows\system32\RTSndMgr.CPL
2009-03-26 01:19 . 2008-08-19 13:26 77,824 --a------ c:\windows\SOUNDMAN.EXE
2009-03-26 01:19 . 2008-06-19 16:20 57,344 --a------ c:\windows\ALCMTR.EXE
2009-03-26 01:18 . 2009-03-26 01:18 <DIR> d-------- c:\documents and settings\Andu\Application Data\InstallShield
2009-03-26 00:48 . 2009-03-26 00:48 <DIR> d-------- c:\program files\Common Files\xing shared
2009-03-26 00:47 . 2009-03-26 00:47 <DIR> d-------- c:\windows\system32\QuickTime
2009-03-26 00:47 . 2009-03-26 00:47 <DIR> d-------- c:\program files\Real
2009-03-26 00:47 . 2009-03-26 00:47 <DIR> d-------- c:\program files\QuickTime
2009-03-26 00:47 . 2009-03-26 00:48 <DIR> d-------- c:\program files\Common Files\Real
2009-03-26 00:47 . 1999-11-10 10:35 86,016 --a------ c:\windows\unvise32qt.exe
2009-03-26 00:46 . 2009-03-26 00:46 <DIR> d-------- c:\program files\VideoLAN
2009-03-26 00:46 . 2009-03-26 00:46 <DIR> d-------- c:\documents and settings\All Users\Application Data\QuickTime
2009-03-26 00:43 . 2009-03-26 00:43 <DIR> d-------- c:\program files\uTorrent
2009-03-26 00:43 . 2009-04-10 02:49 <DIR> d-------- c:\documents and settings\Andu\Application Data\uTorrent
2009-03-26 00:38 . 2009-03-26 00:38 <DIR> d-------- c:\program files\Avira
2009-03-26 00:38 . 2009-03-26 00:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avira
2009-03-26 00:38 . 2008-03-06 10:45 71,464 --a------ c:\windows\system32\drivers\avfwim.sys
2009-03-26 00:38 . 2008-02-07 08:30 66,176 --a------ c:\windows\system32\drivers\avfwot.sys
2009-03-26 00:33 . 2009-04-09 22:53 116 --a------ c:\windows\NeroDigital.ini
2009-03-26 00:30 . 2009-03-26 00:30 0 --a------ c:\windows\nsreg.dat
2009-03-26 00:25 . 2009-03-26 00:25 <DIR> d-------- c:\program files\Nero
2009-03-26 00:25 . 2009-03-26 00:25 <DIR> d-------- c:\program files\Common Files\Ahead
2009-03-26 00:25 . 2009-03-26 00:25 <DIR> d-------- c:\documents and settings\Andu\Application Data\Ahead
2009-03-26 00:15 . 2001-08-23 15:00 18,944 --a------ c:\windows\system32\simptcp.dll
2009-03-26 00:15 . 2001-08-23 15:00 18,944 --a--c--- c:\windows\system32\dllcache\simptcp.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-09 07:28 --------- d-----w c:\documents and settings\Andu\Application Data\U3
2009-04-08 17:59 --------- d-----w c:\documents and settings\Andu\Application Data\Winamp
2009-04-05 19:35 --------- d-----w c:\program files\Common Files\Adobe
2009-04-01 20:50 --------- d-----w c:\program files\Winamp
2009-03-30 12:40 --------- d-----w c:\documents and settings\Andu\Application Data\DAEMON Tools Pro
2009-03-25 22:03 --------- d-----w c:\program files\DAEMON Tools Pro
2009-03-23 19:00 --------- d-----w c:\program files\Common Files\Adobe AIR
2009-03-23 18:53 --------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-03-23 18:52 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2009-03-23 18:39 --------- d-----w c:\program files\microsoft frontpage
2009-03-23 18:35 --------- d-----w c:\program files\Windows Media Connect 2
2009-01-29 07:12 993,816 ----a-w c:\windows\system32\igxpun.exe
2009-01-21 08:52 155,648 ----a-w c:\windows\system32\igfxCoIn_v5029.dll
2009-01-21 08:44 3,773,440 ----a-w c:\windows\system32\igxpdx32.dll
2009-01-21 08:44 2,686,368 ----a-w c:\windows\system32\igxpdv32.dll
2009-01-21 08:43 57,344 ----a-w c:\windows\system32\igxprd32.dll
2009-01-21 08:43 183,808 ----a-w c:\windows\system32\igxpgd32.dll
2009-01-21 08:32 294,912 ----a-w c:\windows\system32\igldev32.dll
2009-01-21 08:32 2,342,912 ----a-w c:\windows\system32\iglicd32.dll
2009-01-21 08:20 645,632 ----a-w c:\windows\system32\igfxcfg.exe
2009-01-21 08:20 23,552 ----a-w c:\windows\system32\igfxexps.dll
2009-01-21 08:20 166,912 ----a-w c:\windows\system32\hkcmd.exe
2009-01-21 08:20 165,888 ----a-w c:\windows\system32\igfxext.exe
2009-01-21 08:20 134,656 ----a-w c:\windows\system32\igfxtray.exe
2009-01-21 08:18 51,712 ----a-w c:\windows\system32\igfxsrvc.dll
2009-01-21 08:18 243,712 ----a-w c:\windows\system32\igfxsrvc.exe
2009-01-21 08:18 199,168 ----a-w c:\windows\system32\igfxpph.dll
2009-01-21 08:18 134,656 ----a-w c:\windows\system32\igfxpers.exe
2009-01-21 08:18 130,048 ----a-w c:\windows\system32\igfxdo.dll
2009-01-21 08:17 93,696 ----a-w c:\windows\system32\hccutils.dll
2009-01-21 08:17 5,702,656 ----a-w c:\windows\system32\igfxress.dll
2009-01-21 08:17 205,824 ----a-w c:\windows\system32\igfxdev.dll
2009-01-13 22:16 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-03-18 4363504]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-03-09 37888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avgnt"="c:\program files\Avira\Avira Premium Security Suite\avgnt.exe" [2008-02-12 262401]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-03-26 98304]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-26 185896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-30 148888]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1966080]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-21 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-01-21 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-01-21 134656]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-17 c:\windows\RTHDCPL.EXE]

c:\documents and settings\Andu\Start Menu\Programs\Startup\
Shortcut to iTouch.lnk - c:\program files\Logitech\iTouch\iTouch.exe [2009-03-30 892928]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\THQ\\MotoGP URT 3\\motogp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP

eer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [2009-03-26 66176]
R2 AntiVirFirewallService;Avira Premium Security Suite Firewall;c:\program files\Avira\Avira Premium Security Suite\avfwsvc.exe [2009-03-26 344321]
R2 AntiVirMailService;Avira Premium Security Suite MailGuard;c:\program files\Avira\Avira Premium Security Suite\avmailc.exe [2009-03-26 164097]
R2 antivirwebservice;Avira Premium Security Suite WebGuard;c:\program files\Avira\Avira Premium Security Suite\avwebgrd.exe [2009-03-26 254209]
R2 AVEService;Avira Premium Security Suite MailGuard helper service;c:\program files\Avira\Avira Premium Security Suite\avesvc.exe [2009-03-26 41217]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [2009-03-26 71464]
R3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\drivers\LCcfltr.sys [2009-03-30 14095]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-03-30 1684736]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63b956fb-17da-11de-bd23-db31aced8c58}]
\Shell\AutoRun\command - I:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63b956fc-17da-11de-bd23-db31aced8c58}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\m.exe /s
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
uInternet Settings,ProxyOverride = *.local
LSP: avsda.dll
TCP: {6526CFEA-8F00-4C61-834C-2855AD97371D} = 193.19.192.15,193.19.192.16
FF - ProfilePath - c:\documents and settings\Andu\Application Data\Mozilla\Firefox\Profiles\udxb6omz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ro/
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-10 13:37:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1232)
c:\windows\system32\avsda.dll
.
Completion time: 2009-04-10 13:37:31
ComboFix-quarantined-files.txt 2009-04-10 10:37:29

Pre-Run: 27,322,925,056 bytes free
Post-Run: 27,730,276,352 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

261

•

Join Date: Apr 2009

Posts: 13

Reputation: lizardc4 is an unknown quantity at this point

Solved Threads: 0

lizardc4

Offline

Newbie Poster

Re: My taskbar changes colors and I lose my volume

Apr 12th, 2009

For the moment it runs well.. no sound stops no taskbar color change.. But it might be just luck... Only if you know that is because something you made

I'll make another post if something shows up!

•

Join Date: Jul 2007

Posts: 127

Reputation: MoralTerror is an unknown quantity at this point

Solved Threads: 10

MoralTerror MoralTerror is offline

Offline

Junior Poster

Re: My taskbar changes colors and I lose my volume

Apr 13th, 2009

Hi lizard

A few more things to do. Please update your anti-virus program and make sure both the anti-virus and firewall are enabled.

P2P - I see you have P2P software <uTorrent>) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Establish an internet connection & perform an online scan with Firefox or Internet Explorer at Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

Click Run at the Security prompt.
The program will then begin downloading and installing and will also update the database.
Please be patient as this can take several minutes.
Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
Click View scan report at the bottom.
Click the Save Report As... button.
Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

To optimize scanning time and produce a more sensible report for review:

Close any open programs
Turn off the real time scanner of any existing antivirus program while performing the online scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

Proud member of TSF Security Team
Proud member of ASAP (Alliance of Security Analysis Professionals)
Proud member of UNITE (Unified Network of Instructors and Trained Eliminators)

•

Join Date: Apr 2009

Posts: 13

Reputation: lizardc4 is an unknown quantity at this point

Solved Threads: 0

lizardc4

Offline

Newbie Poster

Re: My taskbar changes colors and I lose my volume

Apr 14th, 2009

Ok! I didn't run kaspersky on the web, because it blocked after a few minutes so i downloaded a trial from a site and i fully updated the antivirus, and after that i fully scaned my computer. It took a while, but all the bad for the good

. A day ago, my sound disappeared, and i had to manualy start it with run services.msc windows audio start..Here is my log, and i want to tell you again i appreciate your effort!
.

Quick Scan: completed 4/13/2009 10:27:07 PM (events: 33, objects: , time: 00:00:00)
4/13/2009 10:27:07 PM Task completed
4/13/2009 10:25:46 PM Task started
Quick Scan: completed 4/13/2009 10:27:07 PM (events: 33, objects: , time: 00:00:00)
4/13/2009 11:01:10 PM Task started
4/13/2009 11:01:13 PM Detected: http://www.viruslist.com/en/advisories/31822 C:\Program Files\Bonjour\mDNSResponder.exe
4/13/2009 11:01:17 PM Detected: http://www.viruslist.com/en/advisories/31822 C:\Program Files\Bonjour\mDNSResponder.exe
4/13/2009 11:01:21 PM Detected: http://www.viruslist.com/en/advisories/33901 C:\Program Files\adobe\reader 9.0\reader\acrord32.exe
4/13/2009 11:01:24 PM Detected: http://www.viruslist.com/en/advisories/33632 C:\Program Files\quicktime\quicktimeplayer.exe
4/13/2009 11:01:24 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
4/13/2009 11:04:49 PM Task stopped
4/14/2009 2:18:32 AM Task started
4/14/2009 2:21:48 AM Detected: Packed.Win32.Black.d D:\System Volume Information\_restore{01E1345A-81E1-4A91-A58D-26573F54FFD6}\RP157\A0069611.exe/PE_Patch/ASProtect
4/14/2009 2:21:48 AM Untreated: Packed.Win32.Black.d D:\System Volume Information\_restore{01E1345A-81E1-4A91-A58D-26573F54FFD6}\RP157\A0069611.exe/PE_Patch/ASProtect Postponed
4/14/2009 2:26:11 AM Detected: HackTool.Win32.Kiser.i C:\Documents and Settings\Andu\Desktop\Resetter_v1.8.rar/Resetter_v1.8\Resetter.exe
4/14/2009 2:26:11 AM Untreated: HackTool.Win32.Kiser.i C:\Documents and Settings\Andu\Desktop\Resetter_v1.8.rar/Resetter_v1.8\Resetter.exe Postponed
4/14/2009 2:28:17 AM Detected: http://www.viruslist.com/en/advisories/33901 C:\Program Files\adobe\reader 9.0\reader\acrord32.exe
4/14/2009 2:28:34 AM Detected: http://www.viruslist.com/en/advisories/31822 C:\Program Files\Bonjour\mDNSResponder.exe
4/14/2009 2:31:03 AM Detected: http://www.viruslist.com/en/advisories/34012 C:\Program Files\Common Files\Adobe AIR\Versions\1.0\NPSWF32.dll
4/14/2009 2:31:05 AM Detected: http://www.viruslist.com/en/advisories/34012 C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll
4/14/2009 2:32:09 AM Detected: http://www.viruslist.com/en/advisories/33632 C:\Program Files\quicktime\quicktimeplayer.exe
4/14/2009 2:32:10 AM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
4/14/2009 2:33:57 AM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\system32\msxml4.dll
4/14/2009 2:34:47 AM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9849.0_x-ww_1c078e1b\msxml4.dll
4/14/2009 9:42:01 AM Detected: http://www.viruslist.com/en/advisories/34012 D:\Program Files\Adobe\Adobe Bridge CS3\browser\plugins\NPSWF32.dll
4/14/2009 11:05:44 AM Detected: http://www.viruslist.com/en/advisories/34471 E:\back up\Mozilla Firefox\firefox.exe
4/14/2009 11:09:26 AM Detected: not-a-virus:AdWare.Win32.Dap.c E:\DIVERSE\etc\Miscelaneous\Download Accelerator Plus\Download Accelerator Plus 7.0.1.0.exe/WISE0021.BIN/dapiebar.dll
4/14/2009 11:09:27 AM Untreated: not-a-virus:AdWare.Win32.Dap.c E:\DIVERSE\etc\Miscelaneous\Download Accelerator Plus\Download Accelerator Plus 7.0.1.0.exe/WISE0021.BIN/dapiebar.dll Postponed
4/14/2009 11:10:32 AM Detected: http://www.viruslist.com/en/advisories/34471 E:\DIVERSE\Mozilla Firefox\firefox.exe
4/14/2009 11:22:55 AM Detected: Packed.Win32.Black.d D:\System Volume Information\_restore{01E1345A-81E1-4A91-A58D-26573F54FFD6}\RP157\A0069611.exe/PE_Patch/ASProtect
4/14/2009 11:23:04 AM Detected: not-a-virus:AdWare.Win32.Dap.c E:\DIVERSE\etc\Miscelaneous\Download Accelerator Plus\Download Accelerator Plus 7.0.1.0.exe/WISE0021.BIN/dapiebar.dll
4/14/2009 11:23:04 AM Untreated: not-a-virus:AdWare.Win32.Dap.c E:\DIVERSE\etc\Miscelaneous\Download Accelerator Plus\Download Accelerator Plus 7.0.1.0.exe/WISE0021.BIN/dapiebar.dll Skipped by user
4/14/2009 11:23:05 AM Detected: HackTool.Win32.Kiser.i C:\Documents and Settings\Andu\Desktop\Resetter_v1.8.rar/Resetter_v1.8\Resetter.exe
4/14/2009 11:23:05 AM Untreated: HackTool.Win32.Kiser.i C:\Documents and Settings\Andu\Desktop\Resetter_v1.8.rar/Resetter_v1.8\Resetter.exe Skipped by user
4/14/2009 11:23:05 AM Task completed

•

Join Date: Apr 2009

Posts: 13

Reputation: lizardc4 is an unknown quantity at this point

Solved Threads: 0

lizardc4

Offline

Newbie Poster

Re: My taskbar changes colors and I lose my volume

Apr 14th, 2009

I also observed that, sometimes my Keyboard fastkeys (i have a Logitech wireless kit) sometimes interfere with YahooMessenger; what happens is my shortcut keys are blocked, not functioning properly, and after i exit ym they are back on.

•

Join Date: Jul 2007

Posts: 127

Reputation: MoralTerror is an unknown quantity at this point

Solved Threads: 10

MoralTerror MoralTerror is offline

Offline

Junior Poster

Re: My taskbar changes colors and I lose my volume

#10

Apr 15th, 2009

•

Originally Posted by lizardc4

I also observed that, sometimes my Keyboard fastkeys (i have a Logitech wireless kit) sometimes interfere with YahooMessenger; what happens is my shortcut keys are blocked, not functioning properly, and after i exit ym they are back on.

Have you always had interference with your wireless kit in yahoo messenger?

--------------------

To avoid any conflicts with your Avira AntiVirus program please uninstall the trial version of Kaspersky.
--------------------

The following programs have had vulnerabilities detected. Please make sure you update all of these programs to the latest versions available.

Mozilla Firefox
Apple Bonjour for Windows
Adobe Reader
Adobe Air
Quick Time
Real Player

Please also install Microsoft Security Update KB954430 along with any other Security Updates available from the Windows Updates page.

------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

•

Folder::
C:\Documents and Settings\Andu\Desktop\Resetter_v1.8.rar

Save this as CFScript.txt, in the same location as ComboFix.exe

Click image for larger version

Name: CFScriptB-4.gif
Views: 0
Size: 12.8 KB
ID: 9843

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

---------------

From Control Panel > System click on the Hardware tab then click Device Manager. Do you have any yellow exclamations next to any of the hardware?

Proud member of TSF Security Team
Proud member of ASAP (Alliance of Security Analysis Professionals)
Proud member of UNITE (Unified Network of Instructors and Trained Eliminators)