Posted 14 December 2008 - 11:18 AM
I just had a hijacked browser, which I think I got rid of by scanning with Malwarebytes' Anti-Malware. Initially I had 3 symptoms: 1) received a delivery failure response from an email I did not send to an address I didn't recognize, 2) hijacked browser - search results redirected, and 3) the volume icon in the taskbar would go away. I could re-enable it through control panel -> sounds & audio devices, but next time I restarted the machine it would be gone again. (I don't know for sure that these 3 symptoms came from the same infection, but they probably did).
Now - the 1st 2 symptoms appear to be gone, but the 3rd one persists. Everything I've researched online about problems like this say to re-install sndvol32.exe from your OS install disk. Did that, no change. Any one else encounter anything like this?
FWIW - here are the pertinent lines from the MWAB log after cleaning the infection:
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysaudio.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
Any insights appreciated...