Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

“Exploit:Java/CVE-2013-0422.C”


  • This topic is locked This topic is locked
17 replies to this topic

#1 sonrol

sonrol

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 04 February 2013 - 09:48 PM

As instructed in the preparation guide, the logs are listed below. A short description of my problem follows:

Over the last few days when I scan the PC using Malwarebytes or Microsoft Safety Scanner, a Microsoft Security Essentials alert pops up indicating a threat has been detected and cleaned. When I look at the history in MSE, “Exploit:Java/CVE-2013-0422.C” is shown and it is indicated as a severe threat. I click on remove and it seems to have removed it until the next next time I scan using the above mentioned tools. It just keeps coming back.

Can anyone help me get rid of this thing. It does not seem to slow the computer or do anything that is noticeable but it is there. Do not know from where it came.

I had a similarly named exploit several weeks ago that "narenxp" worked on for me. I tried all of the tools that narenxp gave me at the following thread:

http://www.bleepingcomputer.com/forums/topic482091.html/page__pid__2951136#entry2951136

Those tools did not work.


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Sonny at 21:38:02 on 2013-02-04
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3574.2203 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Lavasoft Ad-Aware *Disabled*
.
============== Running Processes ================
.
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Program Files\QUICKENW\QWDLLS.EXE
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.comcast.net/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe
mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe"
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
StartupFolder: c:\docume~1\sonny\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\billmi~1.lnk - c:\program files\quickenw\BILLMIND.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quicke~1.lnk - c:\program files\quickenw\QWDLLS.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1353890278593
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1354803153265
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2005B2C4-BE22-4677-9ABD-E4E98BA03F42} : DHCPNameServer = 192.168.1.1
Notify: igfxcui - igfxdev.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\sonny\application data\mozilla\firefox\profiles\2mk6moqf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.comcast.net/
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\zoombrowser ex\program\NPCIG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-1-18 13560]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-12-14 1236968]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2012-9-20 3677000]
R2 WDDMService;WDDMService;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2011-3-9 238592]
R2 WDFME;WD File Management Engine;c:\program files\western digital\wd smartware\front parlor\wdfme\WDFME.exe [2011-3-9 1060864]
R2 WDSC;WD File Management Shadow Engine;c:\program files\western digital\wd smartware\front parlor\WDSC.exe [2011-3-9 484352]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2012-12-17 11520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-02-05 01:33:28 6991832 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9974e838-7c4a-4ceb-b316-68eb14da2e69}\mpengine.dll
2013-02-04 18:02:58 6991832 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-02-03 21:44:10 -------- d-----w- c:\documents and settings\sonny\local settings\application data\adawarebp
2013-01-23 18:37:11 -------- d-----w- c:\program files\CCleaner
2013-01-18 18:06:13 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Antivirus
2013-01-18 18:05:57 -------- d-----w- c:\documents and settings\sonny\application data\LavasoftStatistics
2013-01-18 18:03:19 -------- d-----w- c:\program files\Ad-Aware Antivirus
2013-01-18 18:02:48 -------- d-----w- c:\documents and settings\sonny\local settings\application data\Downloaded Installations
2013-01-18 18:02:42 44424 ----a-w- c:\windows\system32\sbbd.exe
2013-01-18 18:02:42 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-01-18 18:02:29 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Browsing Protection
2013-01-18 18:02:19 -------- d-----w- c:\program files\Toolbar Cleaner
2013-01-18 18:00:19 -------- d-----w- c:\documents and settings\sonny\application data\Ad-Aware Antivirus
2013-01-18 02:23:24 -------- d-----w- c:\windows\ERUNT
2013-01-18 02:23:00 -------- d-----w- C:\JRT
2013-01-17 21:22:15 -------- d-----w- c:\program files\ESET
.
==================== Find3M ====================
.
2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-18 16:01:45 859552 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-18 16:01:45 780192 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-08 22:19:13 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-08 22:19:13 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 21:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 21:38:39.40 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/25/2012 7:22:59 PM
System Uptime: 2/3/2013 4:43:06 PM (29 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5KPL-AM SE
Processor: Intel Pentium III Xeon processor | Socket 775 | 2621/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 462 GiB total, 347.015 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 931 GiB total, 751.484 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP164: 1/19/2013 9:09:35 AM - Software Distribution Service 3.0
RP165: 1/19/2013 6:47:22 PM - Software Distribution Service 3.0
RP166: 1/20/2013 10:49:24 PM - System Checkpoint
RP167: 1/21/2013 6:28:52 PM - Software Distribution Service 3.0
RP168: 1/22/2013 8:44:12 AM - Software Distribution Service 3.0
RP169: 1/22/2013 12:16:44 PM - Software Distribution Service 3.0
RP170: 1/22/2013 10:06:45 PM - Software Distribution Service 3.0
RP171: 1/23/2013 1:51:14 PM - Software Distribution Service 3.0
RP172: 1/24/2013 10:09:43 AM - Software Distribution Service 3.0
RP173: 1/24/2013 6:41:46 PM - Software Distribution Service 3.0
RP174: 1/25/2013 8:24:50 AM - Software Distribution Service 3.0
RP175: 1/25/2013 2:15:56 PM - Software Distribution Service 3.0
RP176: 1/25/2013 7:45:40 PM - Software Distribution Service 3.0
RP177: 1/26/2013 9:36:12 PM - Software Distribution Service 3.0
RP178: 1/27/2013 9:51:02 AM - Software Distribution Service 3.0
RP179: 1/27/2013 10:52:50 PM - Software Distribution Service 3.0
RP180: 1/28/2013 8:00:32 AM - Software Distribution Service 3.0
RP181: 1/28/2013 3:24:21 PM - Software Distribution Service 3.0
RP182: 1/28/2013 9:14:29 PM - Software Distribution Service 3.0
RP183: 1/29/2013 6:46:17 AM - Software Distribution Service 3.0
RP184: 1/29/2013 2:32:41 PM - Software Distribution Service 3.0
RP185: 1/29/2013 7:25:55 PM - Software Distribution Service 3.0
RP186: 1/30/2013 7:47:25 AM - Software Distribution Service 3.0
RP187: 1/30/2013 10:15:43 PM - Software Distribution Service 3.0
RP188: 1/31/2013 2:16:49 PM - Software Distribution Service 3.0
RP189: 1/31/2013 5:55:15 PM - Software Distribution Service 3.0
RP190: 2/1/2013 7:33:18 AM - Software Distribution Service 3.0
RP191: 2/1/2013 2:30:20 PM - Removed Java 7 Update 11
RP192: 2/1/2013 9:07:16 PM - Software Distribution Service 3.0
RP193: 2/2/2013 6:56:46 AM - Software Distribution Service 3.0
RP194: 2/2/2013 12:28:21 PM - Software Distribution Service 3.0
RP195: 2/2/2013 9:24:39 PM - Software Distribution Service 3.0
RP196: 2/3/2013 1:46:30 AM - Software Distribution Service 3.0
RP197: 2/3/2013 8:07:42 AM - Software Distribution Service 3.0
RP198: 2/3/2013 11:34:03 AM - Software Distribution Service 3.0
RP199: 2/3/2013 4:47:38 PM - Software Distribution Service 3.0
RP200: 2/3/2013 11:47:58 PM - Software Distribution Service 3.0
RP201: 2/4/2013 8:49:51 AM - Software Distribution Service 3.0
RP202: 2/4/2013 1:02:56 PM - Software Distribution Service 3.0
RP203: 2/4/2013 8:33:27 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
2007 Microsoft Office system
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware Antivirus
Ad-Aware Security Add-on
Add-ons
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01)
Annotations
Annotations Help
Block Diagrams
Block Diagrams Help
Borders and Backgrounds
Borders and Backgrounds Help
Building Architecture
Building Architecture Help
Building Services
Building Services Help
CAD Drawing Converter
CAD Drawing Converter Help
CAD Drawing Display
Callouts and Connectors
Callouts and Connectors Help
Canon Camera Access Library
Canon DIGITAL CAMERA Solution Disk Software Guide
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon Personal Printing Guide
Canon PowerShot SX120 IS Camera User Guide
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC 8
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner
Clip Art and Symbols
Clip Art and Symbols Help
Custom Patterns
Custom Properties Editor
Database Wizard
Developing Visio Solutions Help
EasyCleaner
Electrical Engineering
Electrical Engineering Help
Equipment Selector
Equipment Selector Furniture Database
Equipment Selector Help
ESET Online Scanner v3
Facilities Management
Facilities Management Help
Flowcharts
Flowcharts Help
Fluid Power
Fluid Power Help
Forms and Charts
Forms and Charts Help
Foundation technical
Graphics Filters
Help for Visio 2000 (HTML Help)
Help_Technical
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Intel® Graphics Media Accelerator Driver
LightScribe 1.4.44.1
Malwarebytes Anti-Malware version 1.70.0.1100
Maps
Maps Help
Mechanical Engineering
Mechanical Engineering Help
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Repository
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Security Client
Microsoft Security Essentials
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio Service Pack 3
Mozilla Firefox 18.0.1 (x86 en-US)
Mozilla Maintenance Service
Nero Suite
Network Diagrams
Network Diagrams Help
Office Layout
Office Layout Help
Organization Charts
Organization Charts Help
Page Layout Wizard
PaperPort
PokerStars.net
PowerDVD
Process Engineering
Process Engineering Help
Program Files
Program Files Help
Program Files Technical
Project Schedules
Project Schedules Help
Property Reporting Wizard
Quicken 2002 Home & Business
QuickTime
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Release Notes
Save as HTML
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2744842)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SES Driver
Shape Explorer
Shape Explorer Help
Solutions
Spelling
Spybot - Search & Destroy
SpywareBlaster 4.6
SUPERAntiSpyware
TurboTax 2012
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wmdiper
TurboTax 2012 wrapper
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973815)
VBA
Visio
Visio 2000
Visio Core Files
Visio Technical Core Files
WD SmartWare
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10
Windows Search 4.0
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
2/3/2013 4:41:57 PM, error: Service Control Manager [7034] - The WDDMService service terminated unexpectedly. It has done this 1 time(s).
2/3/2013 4:41:57 PM, error: Service Control Manager [7034] - The WD File Management Shadow Engine service terminated unexpectedly. It has done this 1 time(s).
2/3/2013 4:41:57 PM, error: Service Control Manager [7034] - The WD File Management Engine service terminated unexpectedly. It has done this 1 time(s).
2/3/2013 4:41:57 PM, error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).
2/3/2013 4:41:57 PM, error: Service Control Manager [7034] - The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).
2/3/2013 4:41:57 PM, error: Service Control Manager [7034] - The Canon Camera Access Library 8 service terminated unexpectedly. It has done this 1 time(s).
2/3/2013 4:41:57 PM, error: Service Control Manager [7034] - The Ad-Aware service terminated unexpectedly. It has done this 1 time(s).
2/3/2013 4:41:57 PM, error: Service Control Manager [7034] - The Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s).
2/3/2013 4:41:57 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
2/2/2013 9:24:34 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000098' while processing the file 'gfiark32.sys' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
1/31/2013 11:42:53 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/31/2013 11:42:45 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/31/2013 11:42:44 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
1/31/2013 11:42:14 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
1/31/2013 11:42:14 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/31/2013 11:42:14 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/31/2013 11:42:14 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
1/30/2013 7:44:39 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
1/30/2013 7:44:39 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Western Digital\WD SmartWare\Front Parlor\XP\Shadow.dll. Reference error message: The operation completed successfully. .
1/30/2013 7:44:39 AM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
.
==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 sonrol

sonrol
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 05 February 2013 - 09:38 AM

Attached is a screenshot of the most recent scan in MSE showing location of the exploit.

Attached Files



#3 The Dark Knight

The Dark Knight

    Malware Vigilante


  • Members
  • 651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:15 PM

Posted 06 February 2013 - 03:43 PM

Hello and welcome to BleepingComputer. I am The Dark Knight and will be assisting you. Please ask questions if anything is unclear. :welcome:



Please download the Kaspersky Virus Removal Tool from here to your Desktop.

Double-click the Removal Tool.
Click the cog in the upper right corner:

Posted Image

Select down to and including your main drive.
Once done please select the Automatic Scan tab and press Start Scan.

Posted Image

Allow AVP to delete all infections found.
Once it has finished select the Report tab.
Select the Detected threats report from the left and press the Save button.
Save it to your Desktop and post the contents in your next reply.

If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#4 sonrol

sonrol
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 06 February 2013 - 08:46 PM

The Kaspersky report is very large, 160 MBs, and will not paste here. How else can I get the results to you?

#5 sonrol

sonrol
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 06 February 2013 - 09:02 PM

I believe that I selected the wrong report. I will have to run it again. Sorry for any confusion.

#6 The Dark Knight

The Dark Knight

    Malware Vigilante


  • Members
  • 651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:15 PM

Posted 07 February 2013 - 12:35 AM

Hey sonrol,

The report will be large, but the only portion I need to see is the Detected section. :)

If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#7 sonrol

sonrol
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 07 February 2013 - 07:03 PM

Is this what you need?

 

2/6/2013 7:21:26 PM    Detected: HEUR:Exploit.Java.CVE-2013-0422.gen    C:\documents and settings\Sonny\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\59\6c44cc7b-7c2ddcd2

 

After the scan completed, I saved the wrong report.  Kaspersky said that I had to reboot to complete the removal of the detected malware.  I rebooted before I realized that I had saved the wrong report.  I thought that rescanning would result in the detected report being available.  The second detected no malware or
viruses.  From my best recollection, the original detected 1 infected file.  It was a Trojan connected to Java.


I have scanned with Malwarebytes and MSE and the machine appears to be clean.  Is there anything else that I can do to help you finish the repair?

 

I apologize for my missteps.



 


Edited by sonrol, 07 February 2013 - 07:52 PM.


#8 The Dark Knight

The Dark Knight

    Malware Vigilante


  • Members
  • 651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:15 PM

Posted 08 February 2013 - 12:11 AM

Good afternoon sonrol,

 

No worries.

 


Please follow the instructions below to remove Java:

  • Please go to Start>Control Panel>Add Or Remove Programs.
  •     Navigate to any versions of Java (J2SE Runtime Environment) you have installed. They will have this icon next to them:
  •      Select Remove.

Then, please restart your computer.

 

=====

 

Now, go to this site please:

 

http://www.java.com/en/download/manual.jsp

 

Download the latest XP version. Then, after you have installed this version of Java, please re-run Kaspersky's AVP Tool and let me know if it finds anything.
 


If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#9 sonrol

sonrol
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 08 February 2013 - 08:26 PM

I removed all Java references and rebooted.  Installed Java as directed and ran Kasparsky again.  No threats were detected. 

Machine appears to be clean.

 

Thank you for your assistance.  Genuinely appreciate it.

 

Regards.



#10 The Dark Knight

The Dark Knight

    Malware Vigilante


  • Members
  • 651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:15 PM

Posted 08 February 2013 - 08:50 PM

Hey sonrol,

 

Awesome!

 

Please run a free online scan with the ESET Online Scanner.
Note: You can use Internet Explorer or Mozilla Firefox for this scan.

  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start.
  • When asked, allow the ActiveX control to install.
  • Click Start.
  • Make sure that the option Remove found threats is unchecked and the option Scan unwanted applications is checked.
  • Click Scan.
    Wait for the scan to finish.
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

 


If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#11 sonrol

sonrol
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 09 February 2013 - 10:52 AM

The scan found 1 threat as follows:

 

C:\Documents and Settings\Sonny\My Documents\Downloads\registrybooster.exe    Win32/RegistryBooster application



#12 The Dark Knight

The Dark Knight

    Malware Vigilante


  • Members
  • 651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:15 PM

Posted 09 February 2013 - 05:26 PM

Hey sonrol,

 

Registry cleaners are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance.

There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Without research into what the registry entry selected for deletion is, a registry cleaner can end up being an automated method to cause problems with the registry.

For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great.

Further reading: XP Fixes Myth #1: Registry Cleaners

 

=====

 

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#13 sonrol

sonrol
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 09 February 2013 - 08:31 PM

Hey sonrol,

 

Registry cleaners are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance.

There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Without research into what the registry entry selected for deletion is, a registry cleaner can end up being an automated method to cause problems with the registry.

For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great.

Further reading: XP Fixes Myth #1: Registry Cleaners

 

=====

 

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

I do not recall ever installing a registry cleaner on my machine.  I do not know how it got there.  Is there a way to remove it?

 

Will run the Security Cleaner and post the log ASAP.



#14 sonrol

sonrol
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 09 February 2013 - 08:34 PM

 Security Check log as follows:

 

Results of screen317's Security Check version 0.99.57  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Please wait while WMIC compiles updated MOF files.d
i
s
p
l
a
y
N
a
m
e
ECHO is off.
M
i
c
r
o
s
o
f
t
ECHO is off.
S
e
c
u
r
i
t
y
ECHO is off.
E
s
e
n
t
i
a
l
s
ECHO is off.
L
a
v
a
s
o
f
t
ECHO is off.
A
d
A
w
a
r
e
ECHO is off.
 Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Ad-Aware
 MVPS Hosts File  
 SpywareBlaster 4.6    
 Spybot - Search & Destroy
 SUPERAntiSpyware     
 Malwarebytes Anti-Malware version 1.70.0.1100  
 CCleaner     
 EasyCleaner     
 Java 7 Update 13  
 Java version out of Date!
 Adobe Flash Player     11.5.502.149  
 Adobe Reader XI  
 Mozilla Firefox (18.0.2)
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Ad-Aware AAWService.exe is disabled!
 Ad-Aware AAWTray.exe is disabled!
 Ad-Aware Antivirus AdAwareService.exe   
 Ad-Aware Antivirus SBAMSvc.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 7%
````````````````````End of Log``````````````````````
 



#15 The Dark Knight

The Dark Knight

    Malware Vigilante


  • Members
  • 651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:15 PM

Posted 09 February 2013 - 08:58 PM

Howdy sonrol,

 

I do not recall ever installing a registry cleaner on my machine.  I do not know how it got there.  Is there a way to remove it?

Please go to Start>Control Panel>Add or Remove Programs and remove the following (if present):

  • RegistryBooster

Please restart your computer after this program removal.

 

=====

 

The log says your Java version is out of date but I believe that is the most current version so no worries there.

 

=====

 

I see you are running two anitivirus programs:

  • Ad-Aware

  • Microsoft Security Essentials

Running two antivirus programs can cause conflicts and actually reduce the effectiveness of your security. I strongly recommend keeping MSE and removing Ad-Aware.

 

=====

 

In your reply please let me know if there are any remaining issues. If not, I will run you through the cleanup stage and then give some prevention advice for the future. :)


If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users