Wave Volume and Audio Pop-Up Problem

Discussion in 'Malware Help (A Specialist Will Reply)' started by shortii72194, May 17, 2013.

  1. shortii72194

    shortii72194 Private E-2

    My HP Mini is running on Windows XP. About 2 days ago the wave setting started turning itself down within seconds of me turning it on. Also, when I turn it up I randomly hear these audio pop-ups even when IE is not open. Any help with this issue is greatly appreciated. Thanks in advance!
     
    shortii72194, May 17, 2013
    #1
  2. shortii72194

    shortii72194 Private E-2

    Here are the logs I just got from the Read Me First thread (still experiencing the sound issue); Also the RogueKiller did not properly scan which is why I didn't post up the log for that one, when I clicked to scan it stayed the with 3 bars for a full half hour as if it froze mid-scan:
     

    Attached Files:

    shortii72194, May 17, 2013
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

    Uninstall the below software:
    Viewpoint Media Player

    Please download OTM by Old Timer and save it to your Desktop.
    • Run it by double clicking on it (Note: if using Vista, Win7, or Win8, don't double click, use right click and select Run As Administrator).
    • Copy the lines from the below codebox to the clipboard by highlighting ALL of them and pressing CTRL + C
      (or, after highlighting, right-click and choose Copy): Do not include the word Code: which is just a title line of
      the code box
    Code:
    :Processes
explorer.exe

:Services
Bandoo Coordinator
IEPro
KService
 
:Files
C:\Documents and Settings\Rita_Arredondo\Local Settings\Temp\sxvpqdu
C:\WINDOWS\temp\*.*
C:\Documents and Settings\Rita_Arredondo\Local Settings\Temp\*.*

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=-
[HKEY_USERS\S-1-5-21-2481714027-3157922894-2272261839-1007\Software\Microsoft\Windows\CurrentVersion\run]
"MSMSGS"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44b0-A826-84C829536E93}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF]
[-HKEY_USERS\S-1-5-21-2481714027-3157922894-2272261839-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]
[-HKEY_USERS\S-1-5-21-2481714027-3157922894-2272261839-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{9D425283-D487-4337-BAB6-AB8354A81457}"=-
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KernelFaultCheck]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F16D7E9F-C862-4CC8-9183-0009D1B7F120}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F16D7E9F-C862-4CC8-9183-0009D1B7F120}]
:Commands
[purity]
[EmptyTemp]
[start explorer]
[Reboot]
    • Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar
      ) and choose Paste.
    • Now click the large http://forums.majorgeeks.com/chaslang/images/MoveIt!.png button.
    • If OTM asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
    • Close OTM.
    Now navigate to the C:\_OTM\MovedFiles folder ( assuming your Windows drive is C). This is where your log will be
    saved in the form of Date and Time mmddyyyy_hhmmss.log. Just look for the most recent .log file. Attach
    this log file to your next message.

    Now please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
    • The tool will open and start scanning your system.
    • Note: That JRT may reset your home page to a google default so you will need to restore your home page setting if this happens.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Attach JRT.txt to your next message.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:
    • the C:\_OTM\MovedFiles log
    • the JRT.TXTlog
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, May 19, 2013
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds