Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No sound. Need help!


  • Please log in to reply
5 replies to this topic

#1 winsquare2

winsquare2

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 19 December 2013 - 09:50 AM

Ok guys not too long ago after my dad accidentally uninstalled our avira, we totally lost our sound but in stages.It got softer until one day it just disappeared.Ive trieduninstalling and reinstalling the drivers but to no avail.Strangely enough in the Found New Hardware wizard, there was always a problem stating that 'Windows cannot load the device driver code 37'.I kept running the installstion wizard until i noticed that it kept looking for a certain file called ksolay.ax in our system32 folder.When i looked in the folder,there was of course no ksolay.ax file. So i downloaded a new one. Heres where it gets weirder.Even after placing it in thr system32 with the folder rite there n running the installation,it still got the same error n the ksolay file would be wiped out from system32.I WAS convinced theres a virus, but after running multiple malwarebytes scans and deleting few trojans. the problem was still there.So pls help me clear my viruses and let me have my sound back. And above all i want to know what is this ksolay.ax file.Thx.

BC AdBot (Login to Remove)

 


#2 winsquare2

winsquare2
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 19 December 2013 - 10:27 AM

Ok this recently came up while using malware bytes.I also cant seem to turn on protection.Is a virus or malware interfering with this?



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:02 PM

Posted 19 December 2013 - 02:50 PM

Lets try running these and see what shows.

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.

  • Do not reboot the computer, you will need to run the application again.
  • [/list]
    >>>>

    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
  • [/list]

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 winsquare2

winsquare2
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 19 December 2013 - 11:50 PM

Rkill 2.6.3 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 12/20/2013 12:47:57 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Active Proxy Server Detected
 
 * Proxy Disabled.
 * ProxyOverride value deleted.
 * ProxyServer value deleted.
 * AutoConfigURL value deleted.
 * Proxy settings were backed up to Registry file.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Backup Registry file created at:
 C:\Documents and Settings\USER\Desktop\rkill\rkill-12-20-2013-12-47-59.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Reparse Point/Junctions Found (Most likely legitimate)!
 
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * C:\WINDOWS\System32\Drivers\tcpip.sys : 361,344 : 04/14/2008 08:00 PM : 607c976b22aeb2fcf8a7486bcca1e3bf [NoSig]
 +-> C:\WINDOWS\system32\dllcache\tcpip.sys : 361,344 : 04/14/2008 08:00 PM : 93ea8d04ec73a85db02eb8805988f733 [Pos Repl]
 
Checking HOSTS File: 
 
 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
  127.0.0.1 www.007guard.com
  127.0.0.1 007guard.com
  127.0.0.1 008i.com
  127.0.0.1 www.008k.com
  127.0.0.1 008k.com
  127.0.0.1 www.00hq.com
  127.0.0.1 00hq.com
  127.0.0.1 010402.com
  127.0.0.1 www.032439.com
  127.0.0.1 032439.com
  127.0.0.1 www.0scan.com
  127.0.0.1 0scan.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1001namen.com
  127.0.0.1 www.1001namen.com
  127.0.0.1 100888290cs.com
  127.0.0.1 www.100888290cs.com
  127.0.0.1 www.100sexlinks.com
 
  20 out of 15491 HOSTS entries shown.
  Please review HOSTS file for further entries.
 
Program finished at: 12/20/2013 12:48:32 PM
Execution time: 0 hours(s), 0 minute(s), and 34 seconds(s)


#5 winsquare2

winsquare2
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 21 December 2013 - 10:41 AM

ok guys thx.apparently after i ran tdss killer it detected win32 rootkit virus or something.after i deleted it, i restrted my comp and the sound came back just fine.seriously guys wouldnt know what to do without your help.once again thx!,

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:02 PM

Posted 21 December 2013 - 08:55 PM

You're welcome!! As you found a rootkit, removed it and rebooted.. I would run the rest to see what else slipped in.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users