realtek
la mia scheda audio è muta..pendavo undifetto di hardware ..ho anche reistallato il sistema
ma dopo 3 gg stessoproblema su un altro mio pc..ho usato la stessa chiavetta usb..sembra un virus.. che faccio?
qui il mio log
2007-10-25 23:16:40 {NOTICE} [PSD] ==========enter============ ThreadId:[3228] Time:[23:16:40.270]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_QueryDriveLetter=11932992 ThreadId:[3228] Time:[23:16:40.303]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_DiskCheckLockable=11956592 ThreadId:[3228] Time:[23:16:40.304]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_DiskUnMount=11943152 ThreadId:[3228] Time:[23:16:40.305]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_MediaRemove=11937840 ThreadId:[3228] Time:[23:16:40.306]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_DiskCheckIsOpen=11940032 ThreadId:[3228] Time:[23:16:40.307]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_DiskClose=11938800 ThreadId:[3228] Time:[23:16:40.307]
2007-10-25 23:16:40 {NOTICE} [PSD] ==========enter============ ThreadId:[5064] Time:[23:16:40.388]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_QueryDriveLetter=11867456 ThreadId:[5064] Time:[23:16:40.392]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_DiskCheckLockable=11891056 ThreadId:[5064] Time:[23:16:40.393]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_DiskUnMount=11877616 ThreadId:[5064] Time:[23:16:40.394]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_MediaRemove=11872304 ThreadId:[5064] Time:[23:16:40.395]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_DiskCheckIsOpen=11874496 ThreadId:[5064] Time:[23:16:40.396]
2007-10-25 23:16:40 {NOTICE} [PSD] HTPSD_DiskClose=11873264 ThreadId:[5064] Time:[23:16:40.397]
2007-10-25 23:16:40 {NOTICE} [PSD] ==========terminate ThreadId:[5064] Time:[23:16:40.398]
2007-10-25 23:16:42 {NOTICE} [CopyHKLMRegKey] Wow64DisableWowRedirection fail, error code =0 ThreadId:[4020] Time:[23:16:42.998]
2007-10-25 23:16:43 {NOTICE} [CopyHKLMRegKey] after SHCopyKeyW ThreadId:[4020] Time:[23:16:43.022]
2007-10-25 23:16:53 {NOTICE} [CopyHKLMRegKey] Wow64DisableWowRedirection fail, error code =0 ThreadId:[5988] Time:[23:16:53.320]
2007-10-25 23:16:53 {NOTICE} [CopyHKLMRegKey] after SHCopyKeyW ThreadId:[5988] Time:[23:16:53.322]
2007-10-25 23:16:53 {NOTICE} [RegCom32] ==============Enter======================= ThreadId:[5488] Time:[23:16:53.351]
2007-10-25 23:16:53 {NOTICE} [RegCom32] bReg= true ThreadId:[5488] Time:[23:16:53.352]
2007-10-25 23:16:53 {NOTICE} [RegCom] ==============Enter======================= ThreadId:[5488] Time:[23:16:53.354]
2007-10-25 23:16:53 {NOTICE} [Wow64DisableWow64FsRedirection] platform=32 ThreadId:[5488] Time:[23:16:53.355]
2007-10-25 23:16:53 {NOTICE} [Wow64DisableWow64FsRedirection] command=C:\Windows\system32\regsvr32.exe /s ThreadId:[5488] Time:[23:16:53.356]
2007-10-25 23:16:53 {NOTICE} [CreateProcess] fullcommand=C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\eDSshellExt.dll error=18 ThreadId:[5488] Time:[23:16:53.374]
2007-10-25 23:16:53 {NOTICE} [Wow64RevertWow64FsRedirection] platform=32 ThreadId:[5488] Time:[23:16:53.375]
2007-10-25 23:16:53 {NOTICE} [RegCom] ==============Enter======================= ThreadId:[5488] Time:[23:16:53.377]
2007-10-25 23:16:53 {NOTICE} [Wow64DisableWow64FsRedirection] platform=32 ThreadId:[5488] Time:[23:16:53.378]
2007-10-25 23:16:53 {NOTICE} [Wow64DisableWow64FsRedirection] command=C:\Windows\system32\regsvr32.exe /s ThreadId:[5488] Time:[23:16:53.380]
2007-10-25 23:16:53 {NOTICE} [CreateProcess] fullcommand=C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\eDStoolbar.dll error=18 ThreadId:[5488] Time:[23:16:53.397]
2007-10-25 23:16:53 {NOTICE} [Wow64RevertWow64FsRedirection] platform=32 ThreadId:[5488] Time:[23:16:53.398]
2007-10-25 23:16:53 {NOTICE} [RegCom] ==============Enter======================= ThreadId:[5488] Time:[23:16:53.400]
2007-10-25 23:16:53 {NOTICE} [Wow64DisableWow64FsRedirection] platform=32 ThreadId:[5488] Time:[23:16:53.401]
2007-10-25 23:16:53 {NOTICE} [Wow64DisableWow64FsRedirection] command=C:\Windows\system32\regsvr32.exe /s ThreadId:[5488] Time:[23:16:53.403]
2007-10-25 23:16:53 {NOTICE} [CreateProcess] fullcommand=C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\OAddin.dll error=18 ThreadId:[5488] Time:[23:16:53.423]
2007-10-25 23:16:53 {NOTICE} [Wow64RevertWow64FsRedirection] platform=32 ThreadId:[5488] Time:[23:16:53.425]
2007-10-25 23:16:53 {NOTICE} [RegCom] ==============Enter======================= ThreadId:[5488] Time:[23:16:53.427]
2007-10-25 23:16:53 {NOTICE} [Wow64DisableWow64FsRedirection] platform=32 ThreadId:[5488] Time:[23:16:53.429]
2007-10-25 23:16:53 {NOTICE} [Wow64DisableWow64FsRedirection] command=C:\Windows\system32\regsvr32.exe /s ThreadId:[5488] Time:[23:16:53.432]
2007-10-25 23:16:53 {NOTICE} [CreateProcess] fullcommand=C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\ActiveToolBand.dll error=18 ThreadId:[5488] Time:[23:16:53.449]
2007-10-25 23:16:53 {NOTICE} [Wow64RevertWow64FsRedirection] platform=32 ThreadId:[5488] Time:[23:16:53.451]
2007-10-25 23:16:53 {NOTICE} [InstallPSDDriver] ==============Enter======================= ThreadId:[2788] Time:[23:16:53.587]
2007-10-25 23:16:53 {NOTICE} [systemDir] C:\Windows\system32 ThreadId:[2788] Time:[23:16:53.594]
2007-10-25 23:16:54 {NOTICE} [ShellExecute] command32=setupapi,InstallHinfSection DefaultInstall 128 C:\Windows\system32\PSDFilter.inf iRtn2=42 ThreadId:[2788] Time:[23:16:54.564]

Ma hai provato a reinstallare semplicemente i driver?

o controllare in "services.msc" che non sia stato disabilitato il servizio denominato "audio windows" ?

si ho reinstallato i driver, la scheda, ma niente..ho norton antivirus aggiornato

anche se mi sembra improbabile che un virus possa"solo"disabilitarti l'audio...prov a postare log di hijackthis e gmer

ho provato..è su automatico -servizio locale..intanto la stessa cosa è successa su un altro pc che invece di vista ha xp.. quindi UN VIRUS..

li mi diceva impossibile avviare sndvol32.exe..ho trovato il file ..lho copiato su desktopo..avviato. ..e il suono è tornato..
vista ha sndvol.exe (non 32) ho fatto lo stesso , ma l'audio resta muto

posta anche un log di findawf

Come ti è già stato suggerito posta un log di HijackThis
Ciao

il log di highjacktis e´postato già all'inizio della "storia ".. provo a procurarmi anche l'altro !

il log di highjacktis e´postato già all'inizio della "storia ".. provo a procurarmi anche l'altro !

rifai il log perfavore e posta anche quello prodotto con FindAWF :)

preciso che ho vista business sul pc acer travelmate 6292

Daccordo ma servono entrambi i log come ti è stato precisato.
http://www.trendsecure.com/portal/en-US/_download/HiJackThis.zip
http://noahdfear.geekstogo.com/FindAWF.exe

ho riavviato da cd bundu..con linux.. il problema rimane.. l'ipotesi virus è quindi sbagliata?

Ti sono già stati chiesti almeno 2 volte i log di HJT e FindAWF:rolleyes:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23.08.57, on 29/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\Acer Bio-Protection fingerprint solution\PdtWzd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Users\tytyty\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
C:\Users\tytyty\AppData\Local\Temp\Temp1_HiJackThis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ycomp/defaults/sp/*http://it.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ycomp/defaults/su/*http://it.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio-Protection fingerprint solution\PdtWzd.exe" show
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio-Protection fingerprint solution\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio-Protection fingerprint solution\PwdBank.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: eNetHook.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio-Protection fingerprint solution\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Convalida password di Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

--
End of file - 9140 bytes

mi viene così:
Find AWF report by noahdfear ©2006
Version 1.40



bak folders found
~~~~~~~~~~~



Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~



end of report

nulla di chè

mandato in assistenza..rapidissimi hanno cambiato scheda madre. grazie a tutti