Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Audio Advertisements playing in the background on Start Up


  • This topic is locked This topic is locked
3 replies to this topic

#1 Nikeairtown

Nikeairtown

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:44 AM

Posted 10 January 2014 - 06:29 PM

Hello Bleepingcomputer community!

I have read several threads in the forum concerning this problem and tried to fix it myself, but still cannot get rid of these audio advertisements. These audio ads play as soon as i sign into my computer. one or a few of these audio ads will play at the same time. PLEASE HELP! I need my laptop for school next week, so I need to have my laptop cleaned by then.

 

 

Thanks again Bleepingcomputer community. 

 

 

 

Below is the DDS log and attatchment:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7600.17267  BrowserJavaVersion: 10.9.2
Run by Mae at 15:25:34 on 2014-01-10
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.3895.1555 [GMT -8:00]
.
AV: Norton 360 *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\windows\system32\svchost.exe -k WindowsMobile
C:\windows\system32\sppsvc.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wuauclt.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll
dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{43842542-0CE5-493E-B51A-9B4D80B47CF6} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{43842542-0CE5-493E-B51A-9B4D80B47CF6}\14A56435A4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{43842542-0CE5-493E-B51A-9B4D80B47CF6}\34F4D4D27455543545 : DHCPNameServer = 4.2.2.1 4.2.2.2
TCP: Interfaces\{43842542-0CE5-493E-B51A-9B4D80B47CF6}\4494F46323 : DHCPNameServer = 192.168.1.1 68.238.64.12
TCP: Interfaces\{43842542-0CE5-493E-B51A-9B4D80B47CF6}\7554151543 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{43842542-0CE5-493E-B51A-9B4D80B47CF6}\B483533334 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{43842542-0CE5-493E-B51A-9B4D80B47CF6}\C696E6B6379737 : DHCPNameServer = 4.2.2.2 206.13.29.12
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\windows\System32\drivers\N360x64\0404000.00C\symds64.sys [2011-10-11 433200]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\N360x64\0404000.00C\symefa64.sys [2011-10-11 221304]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20111123.001\BHDrvx64.sys [2011-11-29 1156216]
R1 ccHP;Symantec Hash Provider;C:\windows\System32\drivers\N360x64\0404000.00C\cchpx64.sys [2011-10-11 593544]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20111202.001\IDSviA64.sys [2011-12-2 488568]
R1 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\N360x64\0404000.00C\ironx64.sys [2011-10-11 150064]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\windows\System32\drivers\N360x64\0404000.00C\symtdiv.sys [2011-10-11 451704]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-1-6 881440]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-6-7 13336]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-3 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-3 701512]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsvchst.exe [2011-10-11 126400]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-6-7 2320920]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-6-8 28176]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2010-6-8 162304]
R3 HECIx64;Intel® Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2010-6-7 56344]
R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-6-7 158976]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-6-7 271872]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2014-1-3 25928]
R3 vm331avs;Digital Camera 1;C:\windows\System32\drivers\vm331avs.sys [2010-6-8 215168]
R3 wdmirror;wdmirror;C:\windows\System32\drivers\WDMirror.sys [2010-6-8 11280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-1-6 2151200]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 androidusb;ADB Interface Driver;C:\windows\System32\drivers\motoandroid.sys [2009-7-10 31744]
S3 Bridge0;Bridge0;C:\windows\System32\drivers\WDBridge.sys [2010-6-8 79376]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-10 138360]
S3 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-14 38152]
S3 JLTECH0227;Dual Mode Camera;C:\windows\System32\drivers\jl2005c.sys [2012-7-22 80880]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\windows\System32\drivers\k57nd60a.sys [2009-6-10 270848]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2010-6-8 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2010-6-8 579400]
S3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\drivers\lvrs64.sys [2010-11-10 341856]
S3 LVUVC64;Logitech Webcam 200(UVC);C:\windows\System32\drivers\lvuvc64.sys [2010-11-10 4162784]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-6-8 242720]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2010-6-8 239616]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2010-12-8 1255736]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
.
=============== Created Last 30 ================
.
2014-01-08 06:03:56 27456 ----a-w- C:\windows\System32\RegistryDefragBootTime.exe
2014-01-08 06:03:06 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D6954DC4-6DF9-41BD-A552-028E474B3557}\offreg.dll
2014-01-08 05:56:32 -------- d-----w- C:\windows\pss
2014-01-08 05:47:54 388096 ----a-r- C:\Users\Mae\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-08 05:47:54 -------- d-----w- C:\Program Files (x86)\Trend Micro
2014-01-08 04:33:26 -------- d-sh--w- C:\$RECYCLE.BIN
2014-01-08 04:19:16 98816 ----a-w- C:\windows\sed.exe
2014-01-08 04:19:16 256000 ----a-w- C:\windows\PEV.exe
2014-01-08 04:19:16 208896 ----a-w- C:\windows\MBR.exe
2014-01-08 03:54:20 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D6954DC4-6DF9-41BD-A552-028E474B3557}\mpengine.dll
2014-01-07 03:18:57 -------- d-----w- C:\ProgramData\ProductData
2014-01-07 03:18:07 -------- d-----w- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-07 03:18:05 -------- d-----w- C:\ProgramData\IObit
2014-01-07 03:17:38 -------- d-----w- C:\Program Files (x86)\IObit
2014-01-07 03:17:02 -------- d-----w- C:\Users\Mae\AppData\Roaming\IObit
2014-01-06 08:43:23 -------- d-----w- C:\Program Files\Enigma Software Group
2014-01-06 08:42:06 -------- d-----w- C:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-06 08:42:00 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-01-06 08:04:50 -------- d-----w- C:\AdwCleaner
2014-01-04 07:16:56 -------- d-----w- C:\Users\Mae\AppData\Roaming\Malwarebytes
2014-01-04 07:16:39 -------- d-----w- C:\ProgramData\Malwarebytes
2014-01-04 07:16:38 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2014-01-04 07:16:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-04 07:15:41 -------- d-----w- C:\Users\Mae\AppData\Local\Programs
2014-01-04 06:34:24 -------- d-----w- C:\windows\System32\MRT
.
==================== Find3M  ====================
.
2013-12-12 04:03:17 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 04:03:17 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-11-19 11:33:38 267936 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 15:27:42.71 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 Nikeairtown

Nikeairtown
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:44 AM

Posted 11 January 2014 - 12:50 PM

issue resolved, please close mods. thank you



#3 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:44 AM

Posted 14 January 2014 - 03:08 PM

Ok thanks for letting us know.  :)


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#4 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:44 AM

Posted 14 January 2014 - 03:09 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users