Ad Sounds in Background of Internet Explorer and Site Being Hacked

Not sure how this happened, but when I run Internet Explorer (version 9), it runs extremely slowly. I also get random ad noises that appear out of nowhere, and I can't see their source. Lastly, when I Google certain terms, such as "background ad noise", and I click on a link, Google goes to a different site than what I click on. I've been working off the http://forums.majorgeeks.com/showthread.php?t=35407 thread and followed the instructions for Windows 7 users. I've included my logs below for all of the programs except TDSSKiller, which I couldn't get to run. Any help would be greatly appreciated. Thank you!

 

Welcome to MajorGeeks, rogerpdactor

http://3.bp.blogspot.com/-tH5H1icUyOc/T1XP6r4puoI/AAAAAAAAAQE/jLwmqQECjCg/s1600/hitmanpro.gif Rescan with HitmanPro and allow it to perform the default action it wants to. HitmanPro will need to reboot the computer. Once you are back in Windows, rescan with HitmanPro and retry TDSSKiller as well.
Remember to attach the latest HitmanPro log and TDSSKiller log (if successful this time).

 

Thanks very much for your help. I followed your instructions. TDSS Killer worked this time. Logs are attached.

 

http://img850.imageshack.us/img850/4746/programsandfeatureswin7.gif From Programs and Features (via Control Panel), please uninstall the below:

• Java(TM) 6 Update 20

http://img825.imageshack.us/img825/2648/hjt.gif Run C:\MGtools\analyse.exe by double-clicking it (Vista/7 right-click and select Run as Administrator)
Shut down your protection software now (antivirus, antispyware...etc) to avoid possible conflicts.
Choose "Do a system scan only" and select the following lines but do not click fix until you exit all explorer windows and all browser sessions including the one you are reading in right now:

• O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

After clicking Fix, exit out of Trend Micro HiJackThis - v2.0.4

__

Use Windows Explorer to find and delete the following files:

• C:\ProgramData\-1WBxuUrsW3cDBX
• C:\ProgramData\-1WBxuUrsW3cDBXr
• C:\ProgramData\1WBxuUrsW3cDBX

__

http://img195.imageshack.us/img195/9049/javaz.gif Now install the current version of Sun Java from: here

__

http://img17.imageshack.us/img17/3214/baticonvista7.gif Now run C:\MGtools\GetLogs.bat by right-mouse clicking it and then selecting Run as Administrator
This updates all of the logs inside MGlogs.zip.
When it is finished, attach C:\MGlogs.zip to your next message. (How to attach)

__

Let me know what problems are still occurring after you have completed the above steps.

 

Thanks very much. I loaded a two pages that were very slow: the frontpages youtube and google. They seem fine now. No adds are playing that I have heard. Log is attached.

 

Your latest logs are clean as well

If you are not having any other malware related problems, it is time to do our final steps:

• Any programs we had you download and/or install can be removed at this time.
• If we had you download and run ComboFix, here is how to uninstall it:
  • Press and hold the Windows key http://i1106.photobucket.com/albums/h363/debojyotidas/Windows_Logo_key.gif and then press the letter R on your keyboard.
  • This opens the Run dialog box.
  • Copy and paste the below text inside the text-field:
    • "%userprofile%\desktop\ComboFix" /uninstall
  • Now press ENTER
  • ComboFix will extract its files one last time and you should receive a notification that ComboFix has been uninstalled shortly after.
• You can re-enable your Disk Emulation software at this time via DeFogger.
• If we had you create or download a registry patch or "fix" script, these can be deleted at this time.
• Go into the C:\MGtools folder and run the MGclean.bat file to remove additional traces of our tools.
• Now we will toggle System Restore to remove any infected system restore points.
  • Read this: How to Disable And Enable System Restore
• Lastly, here is a guide to protect you from future infections: How to Protect yourself from malware!
• Be safe

 

You guys are awesome. Thanks so much for all of your help.

 

My pleasure.
Be safe.