Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Randon Radio stations playing on computer - please help !


  • Please log in to reply
1 reply to this topic

#1 Kirankamreddy

Kirankamreddy

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 09 August 2013 - 02:55 PM

Random radio stations are playing on my computer ( some times at once and some times all at once . I tried scanning my computer with Super antivirus, norton scan and Malaware but nothing comes up in the logs. When the radio starts to play, my screen seems to blink and then performance drastically reduces.Its very annoying to anything on the computer with such radio playing.
 
I get a message from the Malware occassionally that it is trying to block svschost.exec through some port but it doesnt have any effect on the radio playing. I dont know if this is the cause but I clicked on an anonymous voice mail audio in my Google call inbox couple of days ago and the computer started to behave erratically since then. 
 
I am attaching the Malware Scan logs.. let me know if you can find something.
 
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.08.08.02
 
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
GUEST_KIRAN :: -PC [administrator]
 
Protection: Enabled
 
8/7/2013 9:30:14 PM
mbam-log-2013-08-07 (21-30-14).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 255674
Time elapsed: 41 minute(s), 30 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 5
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
 
Files Detected: 10
C:\Users\Dhruvil\AppData\Local\Temp\OptChrome.exe (PUP.Optional.OptChrome.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
 
(end)
 
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.08.09.02
 
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
GUEST_KIRAN :: -PC [administrator]
 
Protection: Enabled
 
8/8/2013 10:49:15 PM
mbam-log-2013-08-08 (22-49-15).txt
 
Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 668158
Time elapsed: 7 hour(s), 46 minute(s), 4 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 2
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BUP06KVW\updater-startnow-200-2.5-g[1].exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NRH5Z556\updater-startnow-200-2.5-g[1].exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
 
(end)

Attached Files


Edited by hamluis, 09 August 2013 - 05:32 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 6,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:07:54 AM

Posted 09 August 2013 - 05:01 PM

A quick google says that Tarma is software for writing installers for Windows software, so unless you are a software developer you don't need it. You seem to have got rid of it, but just in case it is still hiding on your system, here are instructions for uninstalling it :

 

http://blog.teesupport.com/how-to-uninstall-tarma-installer-tarma-installer-removal-tips/

 

I suspect the cause of your trouble is this anonymous audio link you clicked on- I don't suppose I need to tell you now not to click on any link or attachment if you don't know for certain who sent it to you, do I ?

 

Your simplest cure is to restore your computer to a restore point from before this trouble started, it's reasonably easy and straightforward :

 

Click in this order 'Start / Control panel / Recovery'. This opens the recovery window. Now click on 'Open System Restore'. This brings up a box called 'System Restore' and you are faced with two choices : 'Recommended restore' or 'Choose a different . . ' .  If the recommended restore dates from before this trouble started go ahead and use it. If it doesn't, select 'Choose etc.' and pick the last one in the list you will be given that does date from before the start of your troubles. Then click on 'Restore' (or something like that) and let the system do it. This may take as much as 15 minutes. Wait till it is finished and it will either re-start your computer or tell you to re-start it. Re-start and you will probably have got rid of the problem.

 

If you still have these radio stations playing away, post back on BC but in the 'Am I infected' section with your MBAM log and say you did a restore, but don't bother attaching the log files unless you are asked to. It may take a day or two, but someone will get back to you.

 

Chris Cosgrove






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users