Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Computer


  • Please log in to reply
24 replies to this topic

#1 goal

goal

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 08 November 2012 - 07:15 PM

I am running in windows 7 ultimate
My computer has been running slower than usual (nothing fails to load, it's just slower) so i decided to run an ESET online scan. While the scan picked up nothing, near the end, Microsoft forefront client security popped up and picked up 2 malicious programs that exploit my computer (they were Exploit:Java/CVE-2012-1723.BFE, Java/CVE-2012-1723.AHL from file C:\Users\anrit\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\276f0b3b-2dad8c5c->unclip\bubs.class and file C:\Users\anrit\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\2d6baedf-468a1b82->reiveOoze/me.class) as advised by Microsoft forefront client security, i selected smart clean. Status reported successful, but i am unsure if it is clean. What should i do? Afterwards, what can i do to speed up my computer?

sidenote:the files and programs listed had to be manually typed due to no copy/pasta ability within client security or details webpage, could be misplelled

BC AdBot (Login to Remove)

 


#2 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 08 November 2012 - 07:58 PM

i have just ran Microsoft forefront Client Security; it picked up 6 malicious items, also file Exploit:Java/CVE-2012-1723.BFE, Java/CVE-2012-1723.AHL from file C:\Users\anrit\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\276f0b3b-2dad8c5c->unclip\bubs.class and file C:\Users\anrit\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\2d6baedf-468a1b82->reiveOoze/me.class have come back (leading me to think it's regenerating and spreading from a source). Malwarebytes did not detect anything.

#3 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:17 AM

Posted 08 November 2012 - 08:37 PM

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.


Run a scan with Eset.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.




Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Download Norman Malware Cleaner Run it Go to options then put a tick next to Enable rootkit cleaning. Hit the Full Scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.


REBoot after Norman.

Edited by InadequateInfirmity, 08 November 2012 - 08:39 PM.


#4 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 09 November 2012 - 03:49 PM

sidenote: before reading the new post, i had deleted file 31 and 59 of C:\Users\anrit\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 (also the previous statement of those files coming back were false, sorry :crazy:)
anyway here are the scans

note: i had dowlaoded shopathome before this
Superantispyware
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/09/2012 at 03:21 PM

Application Version : 5.6.1014

Core Rules Database Version : 9565
Trace Rules Database Version: 7377

Scan type : Quick Scan
Total Scan Time : 00:06:08

Operating System Information
Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 617
Memory threats detected : 0
Registry items scanned : 60804
Registry threats detected : 1
File items scanned : 10534
File threats detected : 0

Adware.ShopAtHomeSelect
(x86) HKU\S-1-5-21-3572275565-2679945913-2636382964-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

malewarebytes did not detect anything

eset did not detect anything

will post other logs soon

#5 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 09 November 2012 - 03:52 PM

minitoolbox log

MiniToolBox by Farbar Version: 10-11-2012 01
Ran by anrit (administrator) on 09-11-2012 at 15:37:39
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Ultimate-N 6300 AGN = Wireless Network Connection (Connected)
JMicron PCI Express Gigabit Ethernet Adapter = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : BAEFAE114-SSRBR
Primary Dns Suffix . . . . . . . : anr.msu.edu
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : anr.msu.edu
gateway.2wire.net

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-24-D7-25-84-81
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-24-D7-25-84-81
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Intel® Centrino® Ultimate-N 6300 AGN
Physical Address. . . . . . . . . : 00-24-D7-25-84-80
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ec5b:c27b:d2a3:53c9%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.79(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, November 09, 2012 3:04:25 PM
Lease Expires . . . . . . . . . . : Saturday, November 10, 2012 3:06:18 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 301999319
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-8C-22-A8-00-90-F5-B8-66-45
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : JMicron PCI Express Gigabit Ethernet Adapter
Physical Address. . . . . . . . . : 00-90-F5-B8-66-45
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2408:3d8c:3f57:feb0(Preferred)
Link-local IPv6 Address . . . . . : fe80::2408:3d8c:3f57:feb0%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 2001:4860:400a:800::1009
74.125.225.100
74.125.225.101
74.125.225.102
74.125.225.103
74.125.225.104
74.125.225.105
74.125.225.110
74.125.225.96
74.125.225.97
74.125.225.98
74.125.225.99


Pinging google.com [74.125.225.65] with 32 bytes of data:
Reply from 74.125.225.65: bytes=32 time=38ms TTL=52
Reply from 74.125.225.65: bytes=32 time=32ms TTL=52

Ping statistics for 74.125.225.65:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 38ms, Average = 35ms
Server: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=132ms TTL=49
Reply from 72.30.38.140: bytes=32 time=107ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 107ms, Maximum = 132ms, Average = 119ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 24 d7 25 84 81 ......Microsoft Virtual WiFi Miniport Adapter #2
13...00 24 d7 25 84 81 ......Microsoft Virtual WiFi Miniport Adapter
12...00 24 d7 25 84 80 ......Intel® Centrino® Ultimate-N 6300 AGN
11...00 90 f5 b8 66 45 ......JMicron PCI Express Gigabit Ethernet Adapter
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.79 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.79 281
192.168.1.79 255.255.255.255 On-link 192.168.1.79 281
192.168.1.255 255.255.255.255 On-link 192.168.1.79 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.79 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.79 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 58 ::/0 On-link
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:4137:9e76:2408:3d8c:3f57:feb0/128
On-link
12 281 fe80::/64 On-link
17 306 fe80::/64 On-link
17 306 fe80::2408:3d8c:3f57:feb0/128
On-link
12 281 fe80::ec5b:c27b:d2a3:53c9/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/09/2012 03:05:54 PM) (Source: Microsoft Operations Manager) (User: NT AUTHORITY)
Description: The agent could not connect to the MOM Server ASQIATS10002. The error reported is 'A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.'. Verify the management group name is correct, the MOM Server
is running, that it is listening on port 1270, and that any firewalls between this agent and the MOM
server are configured to pass TCP and UDP traffic on port 1270.

Error: (11/09/2012 03:04:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2012 05:31:02 PM) (Source: Microsoft Operations Manager) (User: NT AUTHORITY)
Description: The agent could not connect to the MOM Server ASQIATS10002. The error reported is 'A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.'. Verify the management group name is correct, the MOM Server
is running, that it is listening on port 1270, and that any firewalls between this agent and the MOM
server are configured to pass TCP and UDP traffic on port 1270.

Error: (11/08/2012 05:30:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2012 05:26:27 PM) (Source: Microsoft Operations Manager) (User: NT AUTHORITY)
Description: The agent could not resolve the IP of the MOM Server ASQIATS10002. The error reported is 'The requested name is valid, but no data of the requested type was found.'.

Error: (11/08/2012 05:26:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2012 04:25:00 PM) (Source: Microsoft Operations Manager) (User: NT AUTHORITY)
Description: The agent could not connect to the MOM Server ASQIATS10002. The error reported is 'A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.'. Verify the management group name is correct, the MOM Server
is running, that it is listening on port 1270, and that any firewalls between this agent and the MOM
server are configured to pass TCP and UDP traffic on port 1270.

Error: (11/07/2012 04:21:57 PM) (Source: Microsoft Operations Manager) (User: NT AUTHORITY)
Description: The agent could not resolve the IP of the MOM Server ASQIATS10002. The error reported is 'The requested name is valid, but no data of the requested type was found.'.

Error: (11/07/2012 04:21:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/06/2012 02:58:42 PM) (Source: Microsoft Operations Manager) (User: NT AUTHORITY)
Description: The agent could not connect to the MOM Server ASQIATS10002. The error reported is 'A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.'. Verify the management group name is correct, the MOM Server
is running, that it is listening on port 1270, and that any firewalls between this agent and the MOM
server are configured to pass TCP and UDP traffic on port 1270.


System errors:
=============
Error: (11/09/2012 03:04:18 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (11/09/2012 03:04:17 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ANR due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (11/08/2012 09:33:27 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ANR due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (11/08/2012 05:30:03 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (11/08/2012 05:29:59 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ANR due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (11/08/2012 05:26:10 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (11/08/2012 05:26:07 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ANR due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (11/07/2012 08:24:55 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ANR due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (11/07/2012 06:10:58 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (11/07/2012 04:21:41 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).


Microsoft Office Sessions:
=========================
Error: (11/09/2012 03:05:54 PM) (Source: Microsoft Operations Manager)(User: NT AUTHORITY)
Description: ASQIATS10002A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.1270

Error: (11/09/2012 03:04:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2012 05:31:02 PM) (Source: Microsoft Operations Manager)(User: NT AUTHORITY)
Description: ASQIATS10002A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.1270

Error: (11/08/2012 05:30:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2012 05:26:27 PM) (Source: Microsoft Operations Manager)(User: NT AUTHORITY)
Description: ASQIATS10002The requested name is valid, but no data of the requested type was found.

Error: (11/08/2012 05:26:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2012 04:25:00 PM) (Source: Microsoft Operations Manager)(User: NT AUTHORITY)
Description: ASQIATS10002A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.1270

Error: (11/07/2012 04:21:57 PM) (Source: Microsoft Operations Manager)(User: NT AUTHORITY)
Description: ASQIATS10002The requested name is valid, but no data of the requested type was found.

Error: (11/07/2012 04:21:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/06/2012 02:58:42 PM) (Source: Microsoft Operations Manager)(User: NT AUTHORITY)
Description: ASQIATS10002A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.1270


=========================== Installed Programs ============================

Adobe Acrobat X Pro (Version: 10.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Bing Bar (Version: 7.1.361.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
BisonCam (Version: 9.2.1.71.19)
Corel Graphics - Windows Shell Extension (Version: 15.2.0.686)
Corel Graphics - Windows Shell Extension (Version: 15.2.686)
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686)
Corel WordPerfect Office - iFilter 64 Bit (Version: 1.01.000)
CorelDRAW Graphics Suite X5 - BR (Version: 15.3)
CorelDRAW Graphics Suite X5 - Capture (Version: 15.3)
CorelDRAW Graphics Suite X5 - Common (Version: 15.3)
CorelDRAW Graphics Suite X5 - Connect (Version: 15.3)
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.3)
CorelDRAW Graphics Suite X5 - Draw (Version: 15.3)
CorelDRAW Graphics Suite X5 - EN (Version: 15.3)
CorelDRAW Graphics Suite X5 - ES (Version: 15.3)
CorelDRAW Graphics Suite X5 - Extra Content
CorelDRAW Graphics Suite X5 - Extra Content (Version: 15.0)
CorelDRAW Graphics Suite X5 - Filters (Version: 15.3)
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.3)
CorelDRAW Graphics Suite X5 - FR (Version: 15.3)
CorelDRAW Graphics Suite X5 - IPM (Version: 15.3)
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.3)
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.3)
CorelDRAW Graphics Suite X5 - Redist (Version: 15.3)
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.3)
CorelDRAW Graphics Suite X5 - VBA (Version: 15.3)
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.3)
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.3)
CorelDRAW Graphics Suite X5 - WT (Version: 15.3)
CorelDRAW Graphics Suite X5 (Version: 15.3)
CorelDRAW® Graphics Suite X5 (Version: 15.2.0.686)
CyberLink Media Suite (Version: 8.0.2401)
CyberLink Power2Go (Version: 7.0.0.1126)
CyberLink PowerDVD 10 (Version: 10.0.2312.52)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ESET Online Scanner v3
Futuremark SystemInfo (Version: 3.21.2.1)
Google Chrome (Version: 23.0.1271.64)
Google Update Helper (Version: 1.3.21.123)
Hotkey 3.3020 (Version: 3.3020)
HP Officejet Pro 8500 A910 Basic Device Software (Version: 22.50.231.0)
HP Officejet Pro 8500 A910 Help (Version: 140.0.2.2)
HP Officejet Pro 8500 A910 Product Improvement Study (Version: 22.50.231.0)
HP Update (Version: 5.002.006.003)
I.R.I.S. OCR (Version: 12.3.4.0)
Intel Extreme Tuning 2.0.143.6 (Version: 2.0.143.6)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® PROSet/Wireless WiFi Software (Version: 14.0.2000)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
Intel® SMBus
ITE Infrared Transceiver (Version: 1.00.0000)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JMicron Ethernet Adapter NDIS Driver (Version: 6.0.21.9)
JMicron Flash Media Controller Driver (Version: 1.0.48.1)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MapleStory
Marketsplash Shortcuts (Version: 1.0.1.7)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Forefront Client Security Antimalware Service (Version: 1.5.1993.0)
Microsoft Forefront Client Security State Assessment Service (Version: 1.0.1703.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Operations Manager 2005 Agent (Version: 5.0.2911.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nexon Game Manager
NVIDIA 3D Vision Driver 268.05 (Version: 268.05)
NVIDIA Control Panel 268.05 (Version: 268.05)
NVIDIA Graphics Driver 268.05 (Version: 268.05)
NVIDIA HD Audio Driver 1.2.22.1 (Version: 1.2.22.1)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6805)
Pando Media Booster (Version: 2.6.0.8)
Paradox
Paradox (Version: 11.4)
Protector Suite 2009 (Version: 5.9.3.6379)
PunkBuster Services (Version: 0.990)
Realtek High Definition Audio Driver (Version: 6.0.1.6132)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0)
SUPERAntiSpyware (Version: 5.6.1014)
Synaptics Pointing Device Driver (Version: 15.0.8.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
WordPerfect Lightning - IPM (Version: 1.0)
WordPerfect Lightning - Messages (Version: 1.0)
WordPerfect Lightning - MSOM (Version: 1.1)
WordPerfect Lightning (Version: 2.0)
WordPerfect Office X5 - Common (Version: 15.0)
Wordperfect Office X5 - EN (Version: 15.0)
WordPerfect Office X5 - Filters (Version: 15.0)
WordPerfect Office X5 - Graphics (Version: 15.0)
WordPerfect Office X5 - IPM (Version: 15.0)
WordPerfect Office X5 - LegalTools (Version: 15.0)
WordPerfect Office X5 - Migration Manager (Version: 15.0)
WordPerfect Office X5 - Oxford (Version: 15.0)
WordPerfect Office X5 - PerfectExperts EN (Version: 15.0)
WordPerfect Office X5 - PR (Version: 15.0)
WordPerfect Office X5 - QP (Version: 15.0)
WordPerfect Office X5 - Setup Files (Version: 15.0)
WordPerfect Office X5 - Sharepoint (Version: 15.0)
WordPerfect Office X5 - Skins (Version: 15.0)
WordPerfect Office X5 - System EN (Version: 15.0)
WordPerfect Office X5 - Templates (Version: 15.0)
WordPerfect Office X5 - WP (Version: 15.0)
WordPerfect Office X5 - WT (Version: 15.0)
WordPerfect Office X5 (Version: 15.0)
WordPerfect Office X5 (Version: 15.0.0.357)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 12279.23 MB
Available physical RAM: 9610.16 MB
Total Pagefile: 24556.65 MB
Available Pagefile: 21816.12 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.5 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:465.56 GB) (Free:405.5 GB) NTFS

========================= Users: ========================================

User accounts for \\BAEFAE114-SSRBR

anradmin anrit Guest


**** End of log ****

#6 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 09 November 2012 - 03:55 PM

# AdwCleaner v2.007 - Logfile created 11/09/2012 at 15:40:43
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : anrit - BAEFAE114-SSRBR
# Boot Mode : Normal
# Running from : C:\Users\anrit\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\65793YTI\2-adwcleaner[1].exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\anrit\AppData\Roaming\Mozilla\Firefox\Profiles\mwfhrak7.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\anrit\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1509 octets] - [09/11/2012 15:40:43]

########## EOF - C:\AdwCleaner[R1].txt - [1569 octets] ##########

#7 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 09 November 2012 - 05:28 PM

Norman Malware cleaner did not find anything

#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:17 AM

Posted 10 November 2012 - 11:08 AM

Please run the hosts fix it below.
http://support.microsoft.com/kb/972034
Post a new minitoolbox log with only list hosts checked.

Run the fix it below this will remove tunnel adapters from your machine.
http://go.microsoft.com/?linkid=9728872

Re-run adware cleaner hit the delete button. Post the new log.


Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Download Rkill run it post the log.
http://www.bleepingcomputer.com/download/rkill/

Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe

#9 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 11 November 2012 - 07:45 PM

sidenote: running those fixits made my computer noticiably slower <_<
minitoolbox
MiniToolBox by Farbar Version: 10-11-2012 02
Ran by anrit (administrator) on 11-11-2012 at 19:29:23
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

# ::1 localhost


**** End of log ****

#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:17 AM

Posted 11 November 2012 - 07:48 PM

Re-run adware cleaner hit the delete button. Post the new log.


Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Download Rkill run it post the log.
http://www.bleepingcomputer.com/download/rkill/

Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe

#11 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 11 November 2012 - 07:52 PM

this is the deleted action

# AdwCleaner v2.007 - Logfile created 11/11/2012 at 19:33:13
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : anrit - BAEFAE114-SSRBR
# Boot Mode : Normal
# Running from : C:\Users\anrit\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IYV3WJFU\2-adwcleaner[1].exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\anrit\AppData\Roaming\Mozilla\Firefox\Profiles\mwfhrak7.default\prefs.js

C:\Users\anrit\AppData\Roaming\Mozilla\Firefox\Profiles\mwfhrak7.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\anrit\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1638 octets] - [09/11/2012 15:40:43]
AdwCleaner[R2].txt - [1698 octets] - [11/11/2012 19:30:16]
AdwCleaner[R3].txt - [1758 octets] - [11/11/2012 19:31:07]
AdwCleaner[S4].txt - [1799 octets] - [11/11/2012 19:33:13]

#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:17 AM

Posted 11 November 2012 - 07:56 PM

:thumbup2:
Continue with the other scans.

#13 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 11 November 2012 - 07:56 PM

TDSS Killer did not pick up anything with TDLFS file system, did pick up 2 medium risk with verify file signature though

#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:17 AM

Posted 11 November 2012 - 07:57 PM

Can you please post the log.

#15 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 11 November 2012 - 07:58 PM

the rougekiller found, deleted, and replaced 2 files




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users