[SOLVED] Random Sounds Virus

[Jpec07]

So about a week ago, I upgraded to Windows 7 on my custom-built gaming rig (screams problems right there, I know). Since then, the audio has been stuttering horribly: skipping and buzzing and producing all manner of broken sounds, especially when doing anything that wants a bit more RAM than nothing.

Anyway, a couple days ago, I heard a random barking noise coming through my speakers. However, since this was an isolated incident and nothing came of it, I really thought nothing of it. But just yesterday while I was sitting on my computer, listening to music through iTunes and browsing the web in Chrome, the system hung for a second, before the sound of a cat meowing played through my speakers. I glanced at the system tray as an extra icon had appeared in that moment, but before I could get a good glimpse of it, my system shut down entirely.

In the sequential reboot, it asked if I wanted to boot into safe mode, which I did, running through Ccleaner (cleaning everything), Spybot s&d, and then doing a thorough scrub with AVG Free. None of these turned up anything worth writing home about: a few tracker cookies according to AVG and Spybot that were dispatched with haste (and somehow managed to get around my hosts file block). I also took the opportunity to wipe out Viewpoint Media Player (which had reinstalled itself from AIM 7 after my most recent upgrade). I figured this would probably at least fix the problem somewhat.

How wrong I was.

Earlier today, as I'm chatting with my dad over AIM before class, the computer starts purring at me through the speakers. However, by the time I get task manager loaded so I can see the culprit, the sound byte has stopped. Since then, I've encountered a few other random sound effects (which are most definitely not system sounds, and are not associated with AIM or any of the other multiple programs I'm running) that happen at random intervals. I've tried a great number of free solutions, and nothing does the trick.

Now, in my research, I've learned that the problem may reside in a spyware program that resides in the driver for the integrated Realtek HD audio chipset on my DX58SO motherboard, but it seems unlikely as that ware just gathers information on customer usage statistics without inviting the type of phenomenon I'm encountering.

Now here's my DDS log (VMER couldn't do anything, said that the files it wanted to use were already in use by another program):


DDS (Ver_09-10-26.01) - NTFSX64
Run by Josh at 14:53:31.06 on Mon 10/26/2009
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_16
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.6133.3614 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Programs\x86\AVG\AVG8\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
D:\Programs\x86\Spybot - Search & Destroy\SDWinSec.exe
D:\Programs\x86\AVG\AVG8\avgrsa.exe
D:\Programs\x86\AVG\AVG8\avgemc.exe
D:\Programs\x86\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\UMonit.exe
D:\Programs\x86\Spybot - Search & Destroy\TeaTimer.exe
D:\Programs\Logitech\SetPoint\SetPoint.exe
D:\Programs\x86\AVG\AVG8\avgtray.exe
D:\Programs\x86\iTunes\iTunesHelper.exe
D:\Programs\x86\CyberLink\PowerDVD\PDVDServ.exe
D:\Programs\Logitech\SetPoint\x86\SetPoint32.exe
D:\Programs\x86\Java\jre6\bin\jusched.exe
D:\Programs\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
D:\Programs\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\svchost.exe -k secsvcs
D:\Programs\x86\AVG\AVG8\avgnsa.exe
C:\Program Files (x86)\AIM\aim.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
D:\Programs\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
D:\Programs\x86\iTunes\iTunes.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Programs\x86\Microsoft Office\Office10\EXCEL.EXE
D:\Programs\x86\AVG\AVG8\avgcsrvx.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - d:\programs\x86\avg\avg8\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\programs\x86\java\jre6\bin\jp2ssv.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [SpybotSD TeaTimer] d:\programs\x86\spybot - search & destroy\TeaTimer.exe
uRun: [TomTomHOME.exe] "d:\programs\x86\tomtom home 2\TomTomHOMERunner.exe" -s
uRun: [Aim6]
uRun: [Google Update] "c:\users\josh\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [AdobeCS4ServiceManager] "c:\program files (x86)\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [AVG8_TRAY] d:\programs\x86\avg\avg8\avgtray.exe
mRun: [DeadAIM] rundll32.exe "d:\programs\x86\aim\\DeadAIM.ocm",ExportedCheckODLs
mRun: [iTunesHelper] "d:\programs\x86\itunes\iTunesHelper.exe"
mRun: [LanguageShortcut] d:\programs\x86\cyberlink\powerdvd\language\Language.exe
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [RemoteControl] d:\programs\x86\cyberlink\powerdvd\PDVDServ.exe
mRun: [SunJavaUpdateSched] "d:\programs\x86\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [StartCCC] "d:\programs\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
StartupFolder: c:\progra~3\microsoft\windows\start menu\programs\startup\logitech setpoint.lnk - d:\programs\logitech\setpoint\SetPoint.exe
StartupFolder: c:\progra~3\microsoft\windows\start menu\programs\startup\microsoft office.lnk - d:\programs\x86\microsoft office\office10\OSA.EXE
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - d:\programs\x86\micros~1\office10\EXCEL.EXE/3000
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - d:\programs\x86\aim\aim.exe
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - c:\program files (x86)\bonjour\ExplorerPlugin.dll
DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} - hxxp://intel-drv-cdn.systemrequirementslab.com/audio/bin/sysreqlab_srlx.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - d:\programs\x86\avg\avg8\avgpp.dll
mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun-x64: [UMonit] c:\windows\syswow64\UMonit.exe

================= FIREFOX ===================

FF - ProfilePath - c:\users\josh\appdata\roaming\mozilla\firefox\profiles\weovzr3h.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: network.proxy.type - 4
FF - component: d:\programs\x86\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files (x86)\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\users\josh\appdata\local\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\users\josh\appdata\roaming\move networks\plugins\npqmp071503000010.dll
FF - plugin: d:\programs\x86\itunes\mozilla plugins\npitunes.dll
FF - plugin: d:\programs\x86\java\jre6\bin\new_plugin\npdeploytk.dll
FF - plugin: d:\programs\x86\java\jre6\bin\new_plugin\npjp2.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - d:\programs\x86\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============

R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2009-10-15 427016]
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2009-10-15 33416]
R1 AvgTdiA;AVG Free8 Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [2009-10-15 133640]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-10-15 59904]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};d:\programs\x86\cyberlink\powerdvd\000.fcl [2009-7-15 32240]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-10-15 203264]
R2 avg8emc;AVG Free8 E-mail Scanner;d:\programs\x86\avg\avg8\avgemc.exe [2009-7-15 908056]
R2 avg8wd;AVG Free8 WatchDog;d:\programs\x86\avg\avg8\avgwdsvc.exe [2009-7-15 297752]
R2 SBSDWSCService;SBSD Security Center Service;d:\programs\x86\spybot - search & destroy\SDWinSec.exe [2009-7-15 1153368]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2009-10-15 110904]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y62x64.sys [2009-6-12 287960]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\common files\macrovision shared\flexnet publisher\FNPLicensingService64.exe [2009-10-15 1038088]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28x.sys [2009-10-15 712704]
R3 USTOR2K;USB Mass Storage Windows Driver;c:\windows\system32\drivers\ustor2k.sys [2009-10-15 34048]
S4 TomTomHOMEService;TomTomHOMEService;d:\programs\x86\tomtom home 2\TomTomHOMEService.exe [2009-8-7 92008]

=============== Created Last 30 ================

2009-10-26 20:40:34 72 ----a-w- c:\windows\syswow64\Partizan.RRI
2009-10-26 20:26:14 2 --shatr- c:\windows\winstart.bat
2009-10-26 20:26:14 2 --shatr- c:\windows\syswow64\CONFIG.NT
2009-10-26 20:26:14 2 --shatr- c:\windows\syswow64\AUTOEXEC.NT
2009-10-23 18:41:56 0 dc----w- c:\programdata\AIM
2009-10-23 18:41:54 0 d-----w- c:\program files (x86)\AIM
2009-10-23 18:18:52 0 d-sh--w- C:\found.000
2009-10-22 15:51:28 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2009-10-22 15:51:28 5958656 ----a-w- c:\windows\syswow64\mshtml.dll
2009-10-20 08:11:05 0 dc----w- c:\programdata\acccore
2009-10-20 08:11:00 0 dc----w- c:\programdata\AOL OCP
2009-10-20 08:11:00 0 dc----w- c:\programdata\AOL
2009-10-20 08:10:46 0 d-----w- c:\program files (x86)\common files\AOL
2009-10-20 08:10:18 702 -c-ha-w- C:\IPH.PH
2009-10-18 23:55:43 0 dc----w- c:\programdata\ATI
2009-10-18 23:28:33 1670176 ----a-w- c:\windows\system32\RtkAPO64.dll
2009-10-18 02:01:05 0 d-----w- c:\program files\Intel
2009-10-17 00:41:02 0 dc----w- c:\programdata\2DBoy
2009-10-16 19:52:40 677632 ----a-w- c:\windows\system32\perfh00A.dat
2009-10-16 19:52:40 41390 ----a-w- c:\windows\system32\perfd00A.dat
2009-10-16 19:52:40 341432 ----a-w- c:\windows\system32\perfi00A.dat
2009-10-16 19:52:40 129668 ----a-w- c:\windows\system32\perfc00A.dat
2009-10-16 19:52:39 63174 ----a-w- c:\windows\system32\perfc00D.dat
2009-10-16 19:52:39 345704 ----a-w- c:\windows\system32\perfh00D.dat
2009-10-16 19:52:39 32166 ----a-w- c:\windows\system32\perfd00D.dat
2009-10-16 19:52:39 229316 ----a-w- c:\windows\system32\perfi00D.dat
2009-10-16 19:50:47 0 d-----w- c:\windows\syswow64\es
2009-10-16 19:50:47 0 d-----w- c:\windows\syswow64\0C0A
2009-10-16 19:50:35 0 d-----w- c:\windows\system32\es
2009-10-16 19:50:35 0 d-----w- c:\windows\system32\0C0A
2009-10-16 19:50:34 0 d-----w- c:\windows\system32\drivers\es-ES
2009-10-16 19:50:28 0 d-----w- c:\windows\system32\wbem\es-ES
2009-10-16 19:50:15 0 d-----w- c:\windows\es-ES
2009-10-16 19:49:51 0 d-----w- c:\windows\syswow64\he
2009-10-16 19:49:44 0 d-----w- c:\windows\system32\he
2009-10-16 19:49:44 0 d-----w- c:\windows\system32\drivers\he-IL
2009-10-16 19:49:43 0 d-----w- c:\windows\system32\wbem\he-IL
2009-10-16 19:49:36 0 d-----w- c:\windows\he-IL
2009-10-16 19:32:37 311808 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-16 19:32:37 257024 ----a-w- c:\windows\syswow64\msv1_0.dll
2009-10-16 19:28:51 82292 ----a-w- c:\windows\system32\perfc008.dat
2009-10-16 19:28:51 534780 ----a-w- c:\windows\system32\perfh008.dat
2009-10-16 19:28:51 45182 ----a-w- c:\windows\system32\perfd008.dat
2009-10-16 19:28:51 369984 ----a-w- c:\windows\system32\perfi008.dat
2009-10-16 19:28:33 0 d-----w- c:\windows\el-GR
2009-10-16 19:28:17 0 d-----w- c:\windows\syswow64\el
2009-10-16 19:28:03 0 d-----w- c:\windows\system32\el
2009-10-16 19:28:03 0 d-----w- c:\windows\system32\drivers\el-GR
2009-10-16 19:27:59 0 d-----w- c:\windows\system32\wbem\el-GR
2009-10-16 18:49:51 46592 ----a-w- c:\windows\system32\msasn1.dll
2009-10-16 18:49:51 34816 ----a-w- c:\windows\syswow64\msasn1.dll
2009-10-16 06:01:25 8192 ------w- C:\BOOTSECT.BAK
2009-10-16 06:01:24 383562 ------w- C:\bootmgr
2009-10-16 05:29:55 0 d-----w- c:\users\josh\appdata\roaming\uTorrent
2009-10-16 05:29:54 0 d-----w- c:\users\josh\appdata\roaming\TomTom
2009-10-16 05:29:52 0 d-----w- c:\users\josh\appdata\roaming\InfraRecorder
2009-10-16 05:29:52 0 d-----w- c:\users\josh\appdata\roaming\GlarySoft
2009-10-16 05:29:10 0 d--h--w- c:\program files (x86)\Temp
2009-10-16 05:29:10 0 d-----w- c:\program files (x86)\Windows Collaboration
2009-10-16 05:29:10 0 d-----w- c:\program files (x86)\TomTom International B.V
2009-10-16 05:29:10 0 d-----w- c:\program files (x86)\TomTom DesktopSuite
2009-10-16 05:29:10 0 d-----w- c:\program files (x86)\SystemRequirementsLab
2009-10-16 05:29:09 0 d-----w- c:\program files (x86)\Realtek
2009-10-16 05:28:57 0 d-----w- c:\program files (x86)\MSXML 4.0
2009-10-16 05:28:56 0 d-----w- c:\program files (x86)\MSECache
2009-10-16 05:28:53 0 d-----w- c:\program files (x86)\Microsoft ActiveSync
2009-10-16 05:28:52 0 d-----w- c:\program files (x86)\Linksys
2009-10-16 05:28:50 0 d-----w- c:\program files (x86)\iPhone Configuration Utility
2009-10-16 05:28:37 0 d-----w- c:\program files (x86)\HP
2009-10-16 05:28:18 0 d-----w- c:\program files (x86)\Bonjour
2009-10-16 05:28:18 0 d-----w- c:\program files (x86)\AVG
2009-10-16 05:28:17 0 d-----w- c:\program files (x86)\ATI Technologies
2009-10-16 05:28:16 0 d-----w- c:\program files (x86)\AOD
2009-10-16 05:28:00 0 d-----w- c:\program files (x86)\Windows Portable Devices
2009-10-16 05:28:00 0 d-----w- c:\program files (x86)\Windows Photo Viewer
2009-10-16 05:28:00 0 d-----w- c:\program files (x86)\Windows NT
2009-10-16 05:27:57 0 d-----w- c:\program files (x86)\common files\Macrovision Shared
2009-10-16 05:27:56 0 d-----w- c:\program files (x86)\common files\HP
2009-10-16 05:27:55 0 d-----w- c:\program files (x86)\common files\Hewlett-Packard
2009-10-16 05:26:08 0 d-----w- c:\program files (x86)\common files\SpeechEngines
2009-10-16 05:25:48 0 d-----w- c:\program files\WinRAR
2009-10-16 05:25:48 0 d-----w- c:\program files\Windows Photo Gallery
2009-10-16 05:25:48 0 d-----w- c:\program files\Windows Collaboration
2009-10-16 05:25:48 0 d-----w- c:\program files\Windows Calendar
2009-10-16 05:25:47 0 d-----w- c:\program files\iTunes
2009-10-16 05:25:46 0 d-----w- c:\program files\iPod
2009-10-16 05:25:44 0 d-----w- c:\program files\Bonjour
2009-10-16 05:25:44 0 d-----w- c:\program files\AviSynth 2.5
2009-10-16 05:25:44 0 d-----w- c:\program files\ATI Technologies
2009-10-16 05:25:43 0 d-----w- c:\program files\ATI
2009-10-16 05:25:42 0 d-----w- c:\program files\Realtek
2009-10-16 05:25:39 0 d-----w- c:\program files\Windows Sidebar
2009-10-16 05:25:39 0 d-----w- c:\program files\Windows Portable Devices
2009-10-16 05:25:37 0 d-----w- c:\program files\Windows Photo Viewer
2009-10-16 05:25:37 0 d-----w- c:\program files\Windows NT
2009-10-16 05:25:36 0 d-----w- c:\program files\Windows Media Player
2009-10-16 05:25:35 0 d-----w- c:\program files\Windows Mail
2009-10-16 05:25:34 0 d-----w- c:\program files\Windows Defender
2009-10-16 05:25:34 0 d-----w- c:\program files\Uninstall Information
2009-10-16 05:25:31 0 d-----w- c:\program files\Reference Assemblies
2009-10-16 05:25:31 0 d-----w- c:\program files\MSBuild
2009-10-16 05:25:26 0 d-----w- c:\program files\Microsoft Games
2009-10-16 05:25:26 0 d-----w- c:\program files\Internet Explorer
2009-10-16 05:25:21 0 d-----w- c:\program files\DVD Maker
2009-10-16 05:25:21 0 d-----w- c:\program files\common files\Macrovision Shared
2009-10-16 05:25:18 0 d-----w- c:\program files\common files\Logishrd
2009-10-16 05:25:18 0 d-----w- c:\program files\common files\ATI Technologies
2009-10-16 05:25:18 0 d-----w- c:\program files\common files\Apple
2009-10-16 05:24:48 0 d-----w- c:\program files\common files\Adobe
2009-10-16 05:24:47 0 d-----w- c:\program files\common files\System
2009-10-16 05:24:47 0 d-----w- c:\program files\common files\SpeechEngines
2009-10-16 05:24:47 0 d-----w- c:\program files\common files\Services
2009-10-16 05:24:44 0 d-----w- c:\programdata\Viewpoint
2009-10-16 05:24:44 0 d-----w- c:\programdata\TomTom
2009-10-16 05:24:44 0 d-----w- c:\programdata\Spybot - Search & Destroy
2009-10-16 05:24:44 0 d-----w- c:\programdata\NOS
2009-10-16 05:24:44 0 d-----w- c:\programdata\Media Center Programs
2009-10-16 05:24:44 0 d-----w- c:\programdata\{35733029-9859-49C7-8475-1E78E2AAE413}
2009-10-16 05:24:44 0 d-----w- c:\programdata\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
2009-10-16 05:24:44 0 d-----w- c:\program files\common files\Microsoft Shared
2009-10-16 05:24:44 0 d-----w- c:\program files\Common Files
2009-10-16 05:24:19 0 d-----w- c:\programdata\Logitech
2009-10-16 05:24:19 0 d-----w- c:\programdata\LogiShrd
2009-10-16 05:24:17 0 d-----w- c:\programdata\HP
2009-10-16 05:24:17 0 d-----w- c:\programdata\FLEXnet
2009-10-16 05:24:17 0 d-----w- c:\programdata\CyberLink
2009-10-16 05:23:59 0 d-----w- c:\programdata\avg8
2009-10-16 05:23:43 0 d-----w- c:\programdata\Apple Computer
2009-10-16 05:23:39 0 d-----w- c:\programdata\Apple
2009-10-16 05:23:39 0 d-----w- c:\programdata\Adobe
2009-10-16 05:23:24 0 d-----w- c:\programdata\Microsoft

==================== Find3M ====================

2009-10-16 19:36:28 41390 ----a-w- c:\windows\inf\perflib\0c0a\perfd.dat
2009-10-16 19:36:28 41390 ----a-w- c:\windows\inf\perflib\0c0a\perfc.dat
2009-10-16 19:36:28 341432 ----a-w- c:\windows\inf\perflib\0c0a\perfi.dat
2009-10-16 19:36:28 341432 ----a-w- c:\windows\inf\perflib\0c0a\perfh.dat
2009-10-16 19:32:29 32166 ----a-w- c:\windows\inf\perflib\040d\perfd.dat
2009-10-16 19:32:29 32166 ----a-w- c:\windows\inf\perflib\040d\perfc.dat
2009-10-16 19:32:29 229316 ----a-w- c:\windows\inf\perflib\040d\perfi.dat
2009-10-16 19:32:29 229316 ----a-w- c:\windows\inf\perflib\040d\perfh.dat
2009-10-16 19:27:44 45182 ----a-w- c:\windows\inf\perflib\0408\perfd.dat
2009-10-16 19:27:44 45182 ----a-w- c:\windows\inf\perflib\0408\perfc.dat
2009-10-16 19:27:44 369984 ----a-w- c:\windows\inf\perflib\0408\perfi.dat
2009-10-16 19:27:44 369984 ----a-w- c:\windows\inf\perflib\0408\perfh.dat
2009-10-16 00:00:35 23356 ------w- c:\windows\system32\emptyregdb.dat
2009-10-15 23:42:23 0 ------w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-10-15 23:42:23 0 ------w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-10-15 23:40:31 0 ------w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-10-13 22:33:20 411368 ------w- c:\windows\syswow64\deploytk.dll
2009-10-13 22:33:20 149280 ------w- c:\windows\syswow64\javaws.exe
2009-10-13 22:33:20 145184 ------w- c:\windows\syswow64\javaw.exe
2009-10-13 22:33:20 145184 ------w- c:\windows\syswow64\java.exe
2009-10-02 04:32:07 982600 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-10-01 17:29:14 238960 ------w- c:\windows\system32\MpSigStub.exe
2009-09-24 17:56:28 224768 ----a-w- c:\windows\system32\Ncs2Setp.dll
2009-09-24 17:41:02 910456 ----a-w- c:\windows\system32\ncs2dmix.dll
2009-09-24 17:41:00 849016 ----a-w- c:\windows\system32\accesor.dll
2009-09-24 17:21:44 202360 ----a-w- c:\windows\system32\ncs2instutility.dll
2009-09-24 17:03:50 2157176 ----a-w- c:\windows\system32\ncscolib.dll
2009-09-21 21:20:26 32224 ----a-w- c:\windows\system32\drivers\iqvw64e.sys
2009-09-05 00:03:25 0 ------w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01007.Wdf
2009-09-03 07:36:39 1975296 ----a-w- c:\windows\system32\CertEnroll.dll
2009-09-03 07:04:15 1320960 ----a-w- c:\windows\syswow64\CertEnroll.dll
2009-09-03 02:02:24 525792 ------w- c:\windows\DIFxAPI.dll
2009-08-31 16:01:34 12464 ------w- c:\windows\system32\avgrssta.dll
2009-08-31 16:01:33 33416 ------w- c:\windows\system32\drivers\avgmfx64.sys
2009-08-31 16:01:32 427016 ------w- c:\windows\system32\drivers\avgldx64.sys
2009-08-29 07:45:05 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-29 06:59:32 11406336 ----a-w- c:\windows\syswow64\wmp.dll
2009-08-29 06:54:52 12625408 ----a-w- c:\windows\syswow64\wmploc.DLL
2009-08-26 22:04:30 53248 ----a-w- c:\windows\syswow64\CSVer.dll
2009-08-20 22:09:06 1193832 ------w- c:\windows\syswow64\FM20.DLL
2009-08-18 09:37:02 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-08-18 09:36:54 420352 ----a-w- c:\windows\system32\atieclxx.exe
2009-08-18 09:36:20 203264 ----a-w- c:\windows\system32\atiesrxx.exe
2009-08-18 09:35:12 120320 ----a-w- c:\windows\system32\atitmm64.dll
2009-08-18 09:34:52 421376 ----a-w- c:\windows\system32\atipdl64.dll
2009-08-18 09:34:46 356352 ----a-w- c:\windows\syswow64\atipdlxx.dll
2009-08-18 09:34:32 274432 ----a-w- c:\windows\syswow64\Oemdspif.dll
2009-08-18 09:34:24 12288 ----a-w- c:\windows\system32\atimuixx.dll
2009-08-18 09:34:20 59392 ----a-w- c:\windows\system32\atiedu64.dll
2009-08-18 09:34:16 43520 ----a-w- c:\windows\syswow64\ati2edxx.dll
2009-08-18 09:33:44 15062016 ----a-w- c:\windows\system32\atio6axx.dll
2009-08-18 09:31:32 2469888 ----a-w- c:\windows\syswow64\atidxx32.dll
2009-08-18 09:26:18 2921984 ----a-w- c:\windows\system32\atidxx64.dll
2009-08-18 09:20:38 3105280 ----a-w- c:\windows\syswow64\atiumdag.dll
2009-08-18 09:15:58 4059648 ----a-w- c:\windows\system32\atiumd64.dll
2009-08-18 09:11:52 11650560 ----a-w- c:\windows\syswow64\atioglxx.dll
2009-08-18 09:10:52 2622976 ----a-w- c:\windows\system32\atiumd6a.dll
2009-08-18 09:05:32 2868736 ----a-w- c:\windows\syswow64\atiumdva.dll
2009-08-18 08:52:50 52224 ----a-w- c:\windows\system32\atimpc64.dll
2009-08-18 08:52:50 52224 ----a-w- c:\windows\system32\amdpcom64.dll
2009-08-18 08:52:44 51712 ----a-w- c:\windows\syswow64\atimpc32.dll
2009-08-18 08:52:44 51712 ----a-w- c:\windows\syswow64\amdpcom32.dll
2009-08-18 08:52:18 251904 ----a-w- c:\windows\system32\atiadlxx.dll
2009-08-18 08:52:10 184320 ----a-w- c:\windows\syswow64\atiadlxy.dll
2009-08-18 08:49:46 48640 ----a-w- c:\windows\system32\aticalrt64.dll
2009-08-18 08:49:44 53248 ----a-w- c:\windows\syswow64\aticalrt.dll
2009-08-18 08:49:34 41984 ----a-w- c:\windows\system32\aticalcl64.dll
2009-08-18 08:49:32 53248 ----a-w- c:\windows\syswow64\aticalcl.dll
2009-08-18 08:49:22 4289536 ----a-w- c:\windows\system32\aticaldd64.dll
2009-08-18 08:48:28 3264512 ----a-w- c:\windows\syswow64\aticaldd.dll
2009-08-13 15:05:43 148837 ------w- c:\windows\hpoins19.dat
2009-08-09 12:14:48 116863 ------w- c:\windows\hpqins00.dat
2009-08-04 16:35:28 345800 ----a-w- c:\windows\system32\PROUnstl.exe
2009-08-03 06:17:37 2868224 ----a-w- c:\windows\explorer.exe
2009-08-03 05:35:50 2613248 ----a-w- c:\windows\syswow64\explorer.exe
2009-07-30 20:51:42 148480 ----a-w- c:\windows\system32\t2embed.dll
2009-07-30 20:51:38 100864 ----a-w- c:\windows\system32\fontsub.dll
2009-07-30 16:29:03 108544 ----a-w- c:\windows\syswow64\t2embed.dll
2009-07-30 16:27:50 71168 ----a-w- c:\windows\syswow64\fontsub.dll
2009-07-30 05:07:23 366080 ----a-w- c:\windows\system32\atmfd.dll
2009-07-30 04:44:11 293888 ----a-w- c:\windows\syswow64\atmfd.dll
2009-07-14 05:37:38 31548 ------w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 05:37:38 31548 ------w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 05:37:38 291294 ------w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 05:37:38 291294 ------w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:54:24 174 ------w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 ------w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ------w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ------w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ------w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ------w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 14:53:53.37 ===============

I also ran HijackThis! and found nothing that I couldn't identify. Anyone care to help me out? I'm particularly perplexed by this thing...

[joeten]

Hi and welcome to TSF have you tried a fresh copy of your sound drivers

[Jpec07]

I have indeed, and to no effect. After loading 7, it suggested that I see if there were any driver updates available, and after downloading the updated driver, the problem was, unfortunately, not solved. But that only pertains to the stuttering audio, and not to the random sounds that are occurring as I function elsewhere on the computer.

[Jpec07]

Not to bump, but I've discovered the source of the problem and thought I'd share for anyone else who happens to come across this kind of "problem" in the future.

The Problem
In my story above, I recently upgraded to AIM 7 from AIM 5.9. One of the added "features" of this new version of AIM is the ability for the window to play login and logout sounds that are in accordance with your buddies' themes. These sounds can vary in range from a bark to a meow to purring to a knocking sound to a "HEY!" sound (that one actually made me jump). And if you're upgrading from an old version of AIM, it defaults to having the themed noises be on without giving you any kind of notice.

It was also no coincidence that the first meow spent my system into a tailspin that resulted in a forced shutdown. The DX58SO motherboard that I have has a very flaky integrated audio card. Even with the driver update, it tends to have difficulty, and is interfered with by the integrated gigabit network adapter. This is what causes the stuttering. So it's no wonder that, when a high-fidelity audio file is sent over the network to be played immediately with a network event, the card would freak out (already being overworked by the iTunes Lossless format I'm forcing through it). This much warrants a call to Intel, as I'm pretty sure it means I have bad hardware, but that doesn't get rid of the random sounds.

The Solution
If you've upgraded to AIM 7 and find yourself in the same boat as me, the solution is simple: in the top bar of the buddy list window you'll see the "Menu" button. Click it and scroll down to "Settings" (or just hit F7). Once the settings window pops up, click the "Sounds" tab on the left column (two beneath the "Buddy List" tab that is selected by default). From there, you'll see that the option for "Play the Expressions Buddy Sound of any user" is almost always selected. If you want no sound when receiving IMs, when buddies sign in or out, or anything like that, simply move them all up to the "Do not play any sound" option. But I'm a traditionalist for things like this: I set them all to play the same old soundbytes that I'm used to with the "Play this sound" option (which defaults to the traditional AIM sounds). No more random sounds, and for me, it's actually making my music stutter less.

No virus, just a pesky "feature" that no one told me about.

[tetonbob]

Thanks for letting us know the issue and solution. In looking at the logs, I don't see any evidence of malware afoot.

Surf Safely, and Think Prevention!

Since this issue is resolved, this topic will be archived.