Posted 28 July 2010 - 08:19 AM
As of last night, my PC started exhibiting abnormal behavior so I started scouring the 'net which lead me to this fine site. After reading some posts that described similar symptoms (see below) and I tried some basic checks and fixes (also listed below.
Random audio files are playing when no browser (or other user initiated audio application) is open:
- Congratulations You've Won!
- a commercial for a bank
- commercials in German
- frequent mouse clicking sounds (I do not have any audio assigned to mouse actions)
as well as random pops when no browser is open:
- Someone you know in Noblesville took an IQ test"
- Message from web page - Think first! Click CANCEL on the next page to receive a new gift card option. Your free $500 gift card is yours by filling out our 5 min. internet survey.
Task Manager does not indicate that any instances of a browser are active.
- The latest version of Norton Internet Security with Live Update enabled and default security settings.
- Firefox 3.68 (only updated last night from previous version)
- Internet Explorer 8.0.6001.18702
- Java version 6 update 21 (only updated last night from update 17)
- Windows XP SP3
I ran a complete scan with Norton Internet Security which found zero threats.
Last night I installed SUPERAntiSpyware Free Edition, ran a complete scan with in Safe Mode and the only threats indicated were 11 tracking cookies which I had removed (I did retain the log file).
I also installed I Malware Bytes Anti-Malware, ran a complete scan with which showed zero infections. I also retained the log file from this scan.
I ran Hijack This and nothing in the log seemed out of the ordinary.
Finally, I'm running a scan with ESET Online Scanner but it will not be complete before I leave for work. That said, after completely scanning my C drive and part of my other drive, it found zero infected files. I'll run it again overnight if needed.
Recent Notable Activity
Norton Internet Security has notified me twice of an attempted attacks from cinbonto.com, specifically cinbonto.com/75632jz64h23/tmp/des.jar so the infection appears to be Java based.
The only programs I have installed in the past week (besides the ones mentioned above) were a game (City of Heroes) and misc. utility for the game (Hero Stats).
Thank you in advance for your help.