• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Kudos0

[Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Hello,

Over the last few days I have been hearing audio on my computer. I is a very annoying and intermittent problem. I have not downloaded anything, and the problem appears to have started after a java update. It is very frustrating. Any help will be appreciated.

Replies

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

I have successful found a way to mute the audio. It appears to be emanating from "host process for windows services" Any help on removing the malware will be appreciated.

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Please Read  http://community.norton.com/t5/Malware-Discussion/Malware-Discussion-Board-Guidelines/td-p/961409

This is to make sure the user has seen the Guidelines before starting.   Don't run tools

Do you have a Flash Drive??

Quads

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

I have read the instructions thread.  I also do have a flash drive. Thank you for the quick response.

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

What is your Operating System, including 32 bit or 64 bit??

Quads

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

It's windows 7 64 bit
Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

 

Read Slowly and all of it.

Please download http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/   You need to download the 64 bit version.


Transfer it on to the Flash Drive.

Enter System Recovery Options

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.


On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

 

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.(PSP)
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive.  restart the system and load Windows Please attach the log in  your reply back..

Quads

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Here is the log requested

File Attachment: 
Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Looks like you may have Harbinger Bookit,  maybe

 

Please read carefully and follow these steps.

  Go to  http://support.kaspersky.com/2663?el=88446  Click on 1. How to disinfect a compromised system to expand the question then  click on the TDSSkiller.exe green link to download and transfer the download to your desktop.

 

 

Double click on TDSSKiller.exe that is on the Desktop to run the application,

Open the Change Parameters option and select the detect TDL File system

 


 

Click OK

 

Then on Start Scan.


If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.

Look for the Filesystem detection  If the TDSS FileSystem is detected change the setting from Skip to Delete


It may ask you to reboot the computer to complete the process. Click on Reboot Now.


If no reboot is require, click on Report. A log file should appear. Please copy and paste into Notepad and attach back here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ ) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please attach the log in the post back.

Quads

 

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Here is the requested logs. I am no longer getting the radio advertisements. It appears that this might have stopped it. Then again, this was also intermittent, and stopped after a while yesterday.

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Bingo

[ 6015CBA88E2D6C17A78E26584A23C433 ] \Device\Harddisk0\DR0
21:47:46.0288 9244  Suspicious mbr (Forged): \Device\Harddisk0\DR0
21:47:46.0372 9244  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
21:47:46.0372 9244  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)

Bootsector dealt with

Looks like we can go on to step 4

 

 

step 4. (a)

Please read carefully and Slowly

You might have to export the results

 

 Please scan with ESET next 


I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on  to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the  icon on your desktop.
  • Check 
  • Click the  button.
  • Accept any security warnings from your browser.
  • Under scan settings, check  and DON'T (NO) check Remove found threats (reason for this is we don't want something deleted and then Windows won't load).
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • Attach the resulting log in your next reply


If you think a log should have been generated then go to C:\Program Files\ESET\ESET Online Scanner\log.txt to find it. 

Quads

 

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Here is the log. Sorry for the delay, the scan took over 8 hours.

File Attachment: 
Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Step 4. (b)

Download OTL http://www.bleepingcomputer.com/download/otl/

Disable Norton for say 30 minutes

Start OTL,  

Click the Scan All Users checkbox.

Change file age to 60 days

Press the 

An OTL.txt  and extras.txt will be created.

Quads

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

here is the log requested

File Attachment: 
Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

extras.txt is missing

Quads

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Ok, found it, i think this is it.

File Attachment: 
Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

You can uninstall 

"ESET Online Scanner" = ESET Online Scanner v3

I have to script for the rest

Are you using  Ask as your main Chrome homepage setting??

Quads

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Not anymore. I uninstalled chrome the other day.

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Ask is in the other browers to I just have to script a cleanup.

Quads

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Is there a problem with ask? I don't recall ever voluntarily using it. I also uninstalled internet explorer. I assumed that the radio was being used by one of these browsers.

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

IE can't be removed from Windows, you just uninstall back to the original version when Windows was installed and can hide it.

Ask is known as a PUP, it looks like you just have browser leftovers, as for uninstalling things because you think the malare is ........... so you remove all sorts.   Just shows then someone does not know what they are looking at.

Disable Norton for say 30 minutes or more

Start OTL,   under   Copy and paste the custom script attached which you open in for instance Notepad,(include the : at the start of :OTL and all the way to the end / bottom)  and run the script. (Red Run Fix Button)

The output log, should be placed in the C:\ _OTL folder after.

Quads

File Attachment: 
Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Here is the log files from the last operation

File Attachment: 
Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

How is your system running now??

Qiads

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Pretty nice actually. I am just glad the raido commercials are no longer playing. It seems to be running smoothly. Thanks

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

Disable Norton

Start OTL again but this time click the Black CleanUp button, then make sure the C:\_OTL folder is deleted.

After that you are free to go on your merry way.  You are now fixed / Solved.

 

Quads

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

done. Thanks for the help.

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

If I may, it sure is nice to see this thread as an excellent example of a user and a malware removalist working together wtih no interruptions from any one else and arriving at the ultimate conclusion - a clean system! 

Many thanks to Quads and phitthymcnasty - oh and to everyone who refrained from adding their 2 cents to this thread.

Great job Quads & phitthymcnasty! 

Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

I'll add one for the OP as well for faithfully following instructions ....

Hugh
Kudos0

Re: [Fixed] Radio audio playing in background. Norton 360 and malware bytes have not found anything.

System fixed   

Thread now locked

Quads

Replies are locked for this thread.