Help Random Audio

Chemg · Sep 8, 2012

I'm trying to help someone fix their computer. It will play random audio (ads, music, shows) It seemed to only do it when internet explorer was open and did not happen if it wasn't running or if using google chrome. Now it seems to do it if google chrome is running. I haven't noticed it when there are no browsers open but that's not to say it isn't. I ran through malware faq and had no trouble running anything. Thanks in advance.

Kestrel13! · Sep 8, 2012

Re run Hitmanpro and let it delete the below.

C:\$Recycle.Bin\S-1-5-21-648465264-2353862102-1553992446-1001\$b43214c9cebca17a5d3643d68fd2c75a\n
Click to expand...

http://img805.imageshack.us/img805/9659/rktigzy.gif Fix items using RogueKiller.

Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the Registry tab and locate this 1 detection: (if present)

[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-648465264-2353862102-1553992446-1001\$b43214c9cebca17a5d3643d68fd2c75a\n.) -> FOUND

and the same with the File/Folders tab now.

[ZeroAccess][FILE] n : C:\$recycle.bin\S-1-5-21-648465264-2353862102-1553992446-1001\$b43214c9cebca17a5d3643d68fd2c75a\n --> FOUND

[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-21-648465264-2353862102-1553992446-1001\$b43214c9cebca17a5d3643d68fd2c75a\@ --> FOUND

[ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-21-648465264-2353862102-1553992446-1001\$b43214c9cebca17a5d3643d68fd2c75a\U --> FOUND

[ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-21-648465264-2353862102-1553992446-1001\$b43214c9cebca17a5d3643d68fd2c75a\L --> FOUND

Place a checkmark each of these items, leave the others unchecked.
Now press the Delete button.
When it is finished, there will be a log on your desktop called: RKreport[2].txt
Attach RKreport[2].txt to your next message. (How to attach)

Reboot the machine.

rerun Hitmanpro again and attach the new log.

rerun RogueKiller and attach the log.

After that we need to fix a broken BITS service!

Chemg · Sep 8, 2012

I ran hitman with no problems and deleted the file you said.
I then ran roguekiller I clicked on the ones you said to delete then after I ran it my computer started to acted up the screen flashed a few times then it restarted. I then manually restarted and ran hitman and roguekiller here are those logs.

What are bit services?
Also I would love to learn more on how you do this do you know of any good resources for reading to better understand malware removal?
Thanks again.

Kestrel13! · Sep 9, 2012

Click start > type in services.msc and press ENTER scroll down to the Background Intelligent Transfer Service and let me know its status and start up type please. (That is what BITS is)

Chemg · Sep 9, 2012

BITS
Status - Started
Start up type - Automatic (delayed start)

Kestrel13! · Sep 9, 2012

BITS service is fine then

Also I would love to learn more on how you do this do you know of any good resources for reading to better understand malware removal?
Click to expand...

Certainly.

Becoming A Malware Forum Helper

Is evrything running nicely now with your system?

Chemg · Sep 9, 2012

Everything seems to be in working order thank you so much.
Also thanks for the info.
I can't say thanks enough for everything.

Kestrel13! · Sep 10, 2012

No problem, safe surfing!

Log in or Sign up

Help Random Audio

Chemg Private E-2

Attached Files:

HitmanPro_20120907_2359.log

RKreport[1].txt

TDSSKiller.2.8.8.0_07.09.2012_23.34.05_log.txt

mbam-log-2012-09-07 (23-13-12).txt

MGlogs.zip

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

Chemg Private E-2

Attached Files:

HitmanPro_20120908_1707(2).log

RKreport[2].txt

RKreport[3].txt

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

Chemg Private E-2

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

Chemg Private E-2

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member