Posted 17 November 2011 - 06:09 PM
Working for three days on a friend's computer, and I still can't get rid of one last bug.
Dell Studio XPS 8000
Intel Core i7 2.8GHz
8 GB RAM
Windows 7 Ultimate 64-bit
He brought the computer to me for two main problems:
1) Random music and ads would play in the background when he would go to certain web sites, especially You Tube. I believe he was using IE6 at the time.
2) Browsers would redirect to alternate sites when he entered search terms in Google.
**) I've also noticed that the computer makes a funny electronic "sighing" noise as the OS shuts down and a funny voooom-pop noise when the OS loads (after the Windows four-note chime and toward the end of the boot cycle). I'm not familiar with Windows 7 enough to know if that's normal, but I suspect its not.
When he brought it to me, he did not have a current anti-virus program on the machine (his Norton subscription had expired). He also spends a lot of time on Eurpean/German web sites.
So far, I've:
* Uninstalled Internet Explorer, Firefox and Chrome using CCleaner.
* Reinstalled Chrome and changed settings to reject third-party cookies.
* Cleaned up a lot of other problems with CCleaner, including a ton of tracking cookies, orphaned dll files, etc.
* Installed a number of anti-virus programs. Yes, I know you're not supposed to run more than one at a time, but the bugs in question were not all being caught by a single program. Once the computer is clean, I will uninstall all but Microsoft Security Essentials, which has kept my own computer clean for more than a year.
* Turned System Restore off based on advice from Google search results. This makes me REALLY nervous and I'd like to turn it back on ASAP.
Results from various scans:
* Microsoft Security Essentials: no problems.
* MalwareBytes: no problems.
* Online scan from eset.com: No problems.
* TrendMicro House Call: no problems.
* SpyBot S&D: no problems.
* AdAware: no problems.
* AVG System TuneUp: no problems.
* AVG: I consistently get two errors: 1) A green checkmark (indicating that AVG has fixed the problem) in front of a file listed as "C:\Windows\explorer.exe (3236)" with a file type of "Trojan horse Generic25.BXXH" and 2) a red X (indicating that AVG has not fixed the problem) in front of a file listed as "C:\Windows\explorer.exe (3236):\memory_00d30000", with a file type of "Trojan Horse Generic25.BXXH". AVG offers a "Clean selected file" button (or something like that), but nothing happens when you click on that button. I get the same results when I run the scan in Safe Mode, too.
** NOTE: In the AVG scan results, the numbers inside the parentheses (3236) and the numbers after the word "memory" (00d30000) change with every new scan.
Where I am today:
1) I think I've killed the redirect bug, but only because I haven't tested it that much and because I've not reinstalled Internet Explorer yet. The few searches I've done at google.com while using Chrome have all been fine.
2) The strange "vooooom-pop" sound on start-up and "sighing" sound on shut down do not happen when I start in Safe Mode, but they do happen on regular start up.
3) The random music and ads are no longer playing through the speakers, but I suspect that's only because I'm not using Internet Explorer. I strongly suspect the strange start-up and shut-down sounds are related to the music and the Trojan Horse Generic25.BXXH, and I suspect that if I were to install and use IE, it would start all over again.
4) The nit-picker in me wants that "Trojan horse Generic25.BXXH" to go away and ALL scans to come back clean.
Any thoughts on how to kill that bug?
Thanks in advance.