Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox Chrome Opera Safari Google CDN


  • Please log in to reply
26 replies to this topic

#16 karlbleepingcomputer

karlbleepingcomputer
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 AM

Posted 25 June 2012 - 04:45 PM

And back again 4 hours later with another MBAM log file :blink: which I know is the wrong one but at the moment MBAM Gui I'm able to move around the screen with the mouse but can't click any options within the interface. Task Mgr tells me its running Processes tell me it's running. One of the cpu cores is banging at around 90% whilst the other 3 cores are ranging between 20 - 60%. Apps running IE & MBAM. Ok having waited 30 mins all other actions within the MBAM Gui are not clickable if I go to close the app it tells me its scanning but no pop up notepad with the MBAM log nor does it exist in any of the other suggest locations.

Will give 30 more mins and at which point assume it's stuck in a loop reboot & rerun the scan overnight



This is the Protection Log files below:

2012/06/25 08:09:18 +0100 OFFICE MESSAGE Starting protection
2012/06/25 08:09:29 +0100 OFFICE MESSAGE Executing scheduled update: Daily
2012/06/25 08:09:34 +0100 OFFICE MESSAGE Protection started successfully
2012/06/25 08:09:37 +0100 OFFICE MESSAGE Starting IP protection
2012/06/25 08:09:45 +0100 OFFICE MESSAGE Scheduled update executed successfully: database updated from version v2012.06.24.01 to version v2012.06.25.05
2012/06/25 08:11:07 +0100 OFFICE karl MESSAGE IP Protection started successfully
2012/06/25 08:11:08 +0100 OFFICE karl MESSAGE Starting database refresh
2012/06/25 08:11:08 +0100 OFFICE karl MESSAGE Stopping IP protection
2012/06/25 08:11:08 +0100 OFFICE karl MESSAGE IP Protection stopped
2012/06/25 08:11:12 +0100 OFFICE karl MESSAGE Database refreshed successfully
2012/06/25 08:11:12 +0100 OFFICE karl MESSAGE Starting IP protection
2012/06/25 08:11:26 +0100 OFFICE karl MESSAGE IP Protection started successfully
2012/06/25 13:07:13 +0100 OFFICE MESSAGE Starting protection
2012/06/25 13:07:29 +0100 OFFICE MESSAGE Protection started successfully
2012/06/25 13:07:32 +0100 OFFICE MESSAGE Starting IP protection
2012/06/25 13:08:47 +0100 OFFICE karl MESSAGE IP Protection started successfully
2012/06/25 18:03:58 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\7DE.tmp.exe Trojan.Agent QUARANTINE
2012/06/25 18:03:58 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\7DE.tmp.exe Trojan.Agent DENY
2012/06/25 18:03:58 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/25 18:39:39 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\80A.tmp.exe Trojan.Agent QUARANTINE
2012/06/25 19:38:20 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\80F.tmp.exe Trojan.Agent QUARANTINE
2012/06/25 19:39:54 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\810.tmp.exe Trojan.Agent QUARANTINE
2012/06/25 20:16:18 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\81C.tmp.exe Trojan.Agent QUARANTINE
2012/06/25 20:53:47 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\83F.tmp.exe Trojan.Agent QUARANTINE
2012/06/25 21:33:51 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\846.tmp.exe Trojan.Agent QUARANTINE
2012/06/25 21:56:14 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\84B.tmp.exe Trojan.Agent QUARANTINE
2012/06/25 21:56:15 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2

BC AdBot (Login to Remove)

 


#17 karlbleepingcomputer

karlbleepingcomputer
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 AM

Posted 26 June 2012 - 02:53 AM

Good morning - ok looks like it just needed to be alone in the dark to work. (sorry it was a comment my wife made)

So heres the log.

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.25.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
karl :: OFFICE [administrator]

Protection: Enabled

25/06/2012 23:06:12
mbam-log-2012-06-26 (08-38-29).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 652410
Time elapsed: 3 hour(s), 57 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
c:\documents and settings\karl\application data\opera\opera\styles\user\rsh.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\karl\Local Settings\Temp\CB.tmp.exe (Trojan.Agent) -> No action taken.

(end)

Did you need an image of the quarantine logs ?

Edited by karlbleepingcomputer, 26 June 2012 - 03:59 AM.


#18 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:12 AM

Posted 26 June 2012 - 07:38 AM

Hi

Did you need an image of the quarantine logs ?

Not needed for the moment thank you.

Next:

Please run a Full scan with MBAM again make sure you select

Remove Selected.


on all threats found.

Post the log that appears in your next reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#19 karlbleepingcomputer

karlbleepingcomputer
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 AM

Posted 26 June 2012 - 07:52 AM

Ok scan activated back in couple of hours as the threats found are on drive c could I just scan it to speed the process up?

#20 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:12 AM

Posted 26 June 2012 - 08:04 AM

It's best to do another full scan as there is a small possibility of more malware since the earlier scan.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#21 karlbleepingcomputer

karlbleepingcomputer
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 AM

Posted 26 June 2012 - 10:27 AM

Scan results (it's a boy joking) MBAM log

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.26.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
karl :: OFFICE [administrator]

Protection: Enabled

26/06/2012 13:49:13
mbam-log-2012-06-26 (13-49-13).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 448032
Time elapsed: 2 hour(s), 31 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
c:\documents and settings\karl\application data\opera\opera\styles\user\rsh.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\karl\Local Settings\Temp\CB.tmp.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

#22 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:12 AM

Posted 26 June 2012 - 11:38 AM

Ok thats better.

Are you still experiencing the below?

I still have the issue with Chrome Safari Opera not opening when clicking on the either a shortcut or directly from the exe. Neither does the process appear in the task manager. When using firefox to access a website that calls the jquery cdn or any google product page ie gmail (not maps) the screen is filled with ascii characters.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#23 karlbleepingcomputer

karlbleepingcomputer
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 AM

Posted 26 June 2012 - 11:43 AM

yes still an issue with safari - opera - chrome not opening. Firefox as soon as you use the login button for any google service screen fills with gibberish text. Sorry for the quick response I work on the net all day. And as I could find no suitable answer to this problem, decide it was time to really find out before I may have to rebuild.

Edited by karlbleepingcomputer, 26 June 2012 - 11:46 AM.


#24 karlbleepingcomputer

karlbleepingcomputer
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 AM

Posted 27 June 2012 - 03:09 AM

Ok for my own sanity I ran another scan overnight log below: Interesting is the fact in has flagged skype as trojan - the one not normal action with skype yesterday was to track back a im from 3 months ago. Oh and yes the same problem no opera chrome safari - firefox gibberish - but intstalled seamonkey as a test browser and it has no problems with google cdn & mail etc.

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.26.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
karl :: OFFICE [administrator]

Protection: Enabled

27/06/2012 00:37:01
mbam-log-2012-06-27 (00-37-01).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 661479
Time elapsed: 4 hour(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
c:\documents and settings\karl\application data\skype\guildford2112\chatsync\e9\expand.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\karl\Local Settings\Temp\216.tmp.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

Thus the plot thickens or is there a way out.

#25 karlbleepingcomputer

karlbleepingcomputer
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 AM

Posted 27 June 2012 - 04:48 PM

And just for ref here is the MBAM protection log

2012/06/27 03:27:23 +0100 OFFICE karl MESSAGE Executing scheduled update: Daily
2012/06/27 03:27:32 +0100 OFFICE karl MESSAGE Scheduled update executed successfully: database updated from version v2012.06.26.01 to version v2012.06.27.01
2012/06/27 03:27:32 +0100 OFFICE karl MESSAGE Starting database refresh
2012/06/27 03:27:32 +0100 OFFICE karl MESSAGE Stopping IP protection
2012/06/27 03:27:32 +0100 OFFICE karl MESSAGE IP Protection stopped
2012/06/27 03:27:37 +0100 OFFICE karl MESSAGE Database refreshed successfully
2012/06/27 03:27:37 +0100 OFFICE karl MESSAGE Starting IP protection
2012/06/27 03:27:52 +0100 OFFICE karl MESSAGE IP Protection started successfully
2012/06/27 08:04:05 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\216.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 08:04:05 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 08:38:22 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\217.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 08:38:22 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\217.tmp.exe Trojan.Agent DENY
2012/06/27 08:38:22 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 08:46:05 +0100 OFFICE MESSAGE Starting protection
2012/06/27 08:46:20 +0100 OFFICE MESSAGE Protection started successfully
2012/06/27 08:46:24 +0100 OFFICE MESSAGE Starting IP protection
2012/06/27 08:47:35 +0100 OFFICE karl MESSAGE IP Protection started successfully
2012/06/27 08:51:55 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\EA.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 08:51:55 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 09:14:18 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\F6.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 09:14:18 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\F6.tmp.exe Trojan.Agent DENY
2012/06/27 09:14:18 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 09:36:36 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\108.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 09:36:36 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\108.tmp.exe Trojan.Agent DENY
2012/06/27 09:36:36 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 09:57:52 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\109.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 09:57:52 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\109.tmp.exe Trojan.Agent DENY
2012/06/27 09:57:52 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 10:37:31 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\119.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 10:37:31 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\119.tmp.exe Trojan.Agent DENY
2012/06/27 10:37:31 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 11:05:41 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\11E.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 11:05:41 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\11E.tmp.exe Trojan.Agent DENY
2012/06/27 11:05:41 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 11:40:06 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\11F.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 11:40:06 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 12:03:27 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\120.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 12:03:27 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\120.tmp.exe Trojan.Agent DENY
2012/06/27 12:03:27 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 12:22:40 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\131.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 12:22:40 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\131.tmp.exe Trojan.Agent DENY
2012/06/27 12:22:40 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 13:00:26 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\133.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 13:00:26 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\133.tmp.exe Trojan.Agent DENY
2012/06/27 13:00:26 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 13:23:29 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\14D.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 13:23:29 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\14D.tmp.exe Trojan.Agent DENY
2012/06/27 13:23:29 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 13:42:56 +0100 OFFICE karl IP-BLOCK 109.95.112.46 (Type: outgoing)
2012/06/27 13:42:59 +0100 OFFICE karl IP-BLOCK 109.95.112.46 (Type: outgoing)
2012/06/27 13:43:05 +0100 OFFICE karl IP-BLOCK 109.95.112.46 (Type: outgoing)
2012/06/27 13:44:58 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\15A.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 13:44:58 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\15A.tmp.exe Trojan.Agent DENY
2012/06/27 13:44:58 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 14:27:08 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\189.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 14:27:08 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\189.tmp.exe Trojan.Agent DENY
2012/06/27 14:27:08 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 15:09:34 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\195.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 15:09:35 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\195.tmp.exe Trojan.Agent DENY
2012/06/27 15:09:35 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 15:25:20 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\19F.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 15:25:20 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\19F.tmp.exe Trojan.Agent DENY
2012/06/27 15:25:20 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 15:48:02 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\1A1.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 15:48:03 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\1A1.tmp.exe Trojan.Agent DENY
2012/06/27 15:48:03 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 16:11:06 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\1BF.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 16:11:06 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\1BF.tmp.exe Trojan.Agent DENY
2012/06/27 16:11:06 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 16:51:25 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\284.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 17:22:57 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\285.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 17:22:57 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 17:52:12 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\2F1.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 17:52:12 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\2F1.tmp.exe Trojan.Agent DENY
2012/06/27 17:52:12 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 18:10:42 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\2F3.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 18:10:42 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\2F3.tmp.exe Trojan.Agent DENY
2012/06/27 18:10:42 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 18:31:32 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\2F4.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 18:31:32 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\2F4.tmp.exe Trojan.Agent DENY
2012/06/27 18:31:32 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 18:53:19 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\2F5.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 18:53:19 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\2F5.tmp.exe Trojan.Agent DENY
2012/06/27 18:53:19 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 19:16:14 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\319.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 19:16:14 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 19:37:54 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\326.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 19:37:54 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\326.tmp.exe Trojan.Agent DENY
2012/06/27 19:37:54 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 20:17:36 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\331.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 20:39:55 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\332.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 20:39:55 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\332.tmp.exe Trojan.Agent DENY
2012/06/27 20:39:55 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 21:21:21 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\333.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 21:21:21 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\333.tmp.exe Trojan.Agent DENY
2012/06/27 21:21:21 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 22:00:21 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\334.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 22:00:21 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\334.tmp.exe Trojan.Agent DENY
2012/06/27 22:00:21 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2
2012/06/27 22:35:01 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\33A.tmp.exe Trojan.Agent QUARANTINE
2012/06/27 22:35:01 +0100 OFFICE karl DETECTION C:\Documents and Settings\karl\Local Settings\Temp\33A.tmp.exe Trojan.Agent DENY
2012/06/27 22:35:01 +0100 OFFICE karl ERROR Quarantine failed: SDKQuarantine failed with error code 2

#26 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:12 AM

Posted 30 June 2012 - 07:07 PM

Hi,

Sorry for not getting back to you sooner.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#27 karlbleepingcomputer

karlbleepingcomputer
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 AM

Posted 03 July 2012 - 05:19 AM

Ok will follow the guides and post as requested. Thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users