Solved

Virus plays random sounds on Win 7

Posted on 2010-11-07
9
1,175 Views
Last Modified: 2013-11-22
Hi,

Apparently I've contracted a virus or trojan or something similar that will play random sounds at random intervals.  I saw some stuff in google, but it's all old.

What program might find & eliminate this?

Is it a service at start up?  Did it overwrite a system file? What is the best way to track this down?

How EXACTLY does this thing start up?

Is there anybody who actually knows for sure?

Thanks!

I'm running Windows 7, and have AVG and MalwareBytes installed already.
0
Comment
Question by:ugeb
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 7

Expert Comment

by:kpmartin
ID: 34080805
Here's a shot in the dark...  Last week I would occasionally hear a dog bark or bird chirp; maybe a few other sounds.  They were so low I didn't realize for a bit that it was the PC till it got redundant!  I did a thorough check of the PC and found nothing unusual.  So I removed an alarm clock/timer gadget since that was the only thing I knew was active and played a sound, often without being set to alarm.  The sounds went away.  I forgot about it till now and reinstalled the clock to see if it re-occurs.  Be interesting to see if that's applicable to your case.  I'll update if I find anything...
0
 
LVL 11

Author Comment

by:ugeb
ID: 34080847
No, this is definitely some sort of malware.
0
 
LVL 23

Expert Comment

by:Danny Child
ID: 34080861
AutoRuns will list your startup programs:
http://technet.microsoft.com/en-gb/sysinternals/bb963902.aspx

and so can SilentRunners
http://www.silentrunners.org/thescript.html

I'd suspect a joke program, rather than virus, which is generally good news...  easier to kill!

Both programs will give lots of output.  Be careful with deleting or disabling what you're not sure about!
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 11

Author Comment

by:ugeb
ID: 34080933
Thanks for the links.  The problem is that there are so many programs/services/etc. that launch, I don't know what is legitimate or not.  I also don't know if some program is masquerading as a valid windows file.

How do I use this info?
0
 
LVL 33

Accepted Solution

by:
Todd Gerbert earned 500 total points
ID: 34081039
MalwareBytes' Anti-Malware has been very good for me, http://www.malwarebytes.org.  Run a scan with your anti-virus, and also with MalwareBytes.  If you don't have an anti-virus you can get one for free, I like AVG's free anti-virus http://free.avg.com and Microsoft makes a decent free one http://www.microsoft.com/security_essentials.
Since you're on Win7 you can right-click on the speaker icon near your systems clock, and choose "Open Volume Mixer", it should show every application that's using the sound system - that might give you an idea of what the program's name is.

Untitled.png
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 34081046
Just noticed you mentioned you already have AVG and MalwareBytes... but just make sure they're up to date.
0
 
LVL 11

Author Comment

by:ugeb
ID: 34081234
Yes, I was looking for precisely this; something that would show me what was using the audio system.

Turns out something in Firefox called "Plugin Congainer for Firefox" is responsible, and when the sound played I was quickly able to mute it from the volume mixer as you illustrated.  The container is legitimate, and is needed for all audio plugins in Firefox, e.g. Adobe Flash Player.  But something, an addon or something in the container itself got infected.

I don't know whether I can just reinstall Firefox, or if I have to uninstall, delete, and reinstall all my addons too.

Thanks!
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 34081410
I would start by going to the "Tools" menu in FireFox and clicking "Add-ons", then disable Plugins and Extensions one at a time until you find the culprit.
0
 
LVL 7

Expert Comment

by:kpmartin
ID: 34081563
Funny, I had similar results but mine showed "Windows Desktop Gadgets", hence my earlier diagnosis...  I was having some error in the past with "Plugin Container for Firefox" though.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

OfficeMate Freezes on login or does not load after login credentials are input.
You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question