Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: .Alureon.A reported by ISP on boot. Computer runs fine.

27 Oct 2013   #11
Dusty45

Windows7 Pro 64bit, widows7 Pro 32bit, Linux
 
 

http://we.tl/L0yAiuoyc0
Link to frst.txt


My System SpecsSystem Spec
.
27 Oct 2013   #12
Dusty45

Windows7 Pro 64bit, widows7 Pro 32bit, Linux
 
 

frst.txt attached


Attached Files
File Type: txt FRST.txt (35.7 KB, 3 views)
My System SpecsSystem Spec
29 Oct 2013   #13
cottonball

Windows 7 Home Premium
 
 

Dusty45,

The FRST report is run on a 64-bit system [C:win7PRO 64Bit].
Have not seen Alureon there.
Was there an Addition.txt produced?

If so, please post.



Also, please boot to the 32-bit system [E:Win7PRO 32bit].

Download the 32-bit FRST, run it, and post its results.
My System SpecsSystem Spec
.

29 Oct 2013   #14
Dusty45

Windows7 Pro 64bit, widows7 Pro 32bit, Linux
 
 

Sorry deleted it.

On 32 bit drive FRST shows nothing BUT,

ADWCleaner found a trojan on that drive. ESET found four paths and deleted them all. That didn't solve the problem though. Booted back into 64 bit drive and ISP still reported a problem.

Ran Hitman Pro and it found two malware links and removed them. Log below:

Code:
HitmanPro 3.7.8.207
www.hitmanpro.com
   Computer name . . . . : CJAM3X4-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : cjAM3x4-PC\caroljim
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
   Scan date . . . . . . : 2013-10-29 15:05:04
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 35s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
   Threats . . . . . . . : 2
   Traces  . . . . . . . : 7
   Objects scanned . . . : 1,571,333
   Files scanned . . . . : 33,173
   Remnants scanned  . . : 388,434 files / 1,149,726 keys
Malware _____________________________________________________________________
   C:\Games\EasyUO Script\EasyUO\EUOX.exe
      Size . . . . . . . : 1,112,064 bytes
      Age  . . . . . . . : 318.1 days (2012-12-15 11:47:48)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : 704712023147CF72236BD23A27CC34DCCC6346FB8B5643DFB43D2D9D36844B32
    > Ikarus . . . . . . : Trojan.Win32.VB!IK
      Fuzzy  . . . . . . : 106.0
      References
         C:\Users\caroljim\Desktop\EUOX.lnk
         HKU\S-1-5-21-2066651824-2471372917-1354444347-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Games\EasyUO Script\EasyUO\EUOX.exe
   C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\D2M-Precheck[1].exe
      Size . . . . . . . : 508,928 bytes
      Age  . . . . . . . : 4.6 days (2013-10-25 01:31:48)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : C15CF5553D2B48EF501AB7D2972BAF2D5825218BBA292938E3B8556E7C5C095E
      Product  . . . . . : D2M-Precheck
      Publisher  . . . . : Appcaster
      Description  . . . : D2M-Precheck
      Version  . . . . . : 1.0.0.0
      Copyright  . . . . : Copyright  Appcaster 2013
      Source URL . . . . : hxxp://ddnw0hpcyyfnj.cloudfront.net/D2M-Precheck.exe
    > Ikarus . . . . . . : Trojan.SuspectCRC!IK
      Fuzzy  . . . . . . : 110.0
      Forensic Cluster
         -0.8s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\win98_top_min[1].jpg
         -0.7s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S45S397Z\win98_left[1].jpg
         -0.7s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\win98_bottom[1].jpg
         -0.6s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\win98_accept_button[1].jpg
         -0.6s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE0Q74DV\win98_decline_button[1].jpg
         -0.6s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S45S397Z\win98_cancel_button[1].jpg
         -0.5s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\win98_skip_button[1].jpg
         -0.5s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\welcome_generic[1].jpg
         -0.4s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE0Q74DV\header_premiuminstaller[1].jpg
         -0.3s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S45S397Z\bundled_whitesmokej[1].jpg
          0.0s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\D2M-Precheck[1].exe
          6.4s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\muted_greatarcade_eula[1].jpg
          6.5s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE0Q74DV\greatarcade_eula[1].htm
          6.6s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S45S397Z\muted_optimizerpro_eula[1].jpg
          6.8s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\optimizerpro_eula[1].htm
          6.8s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\muted_scorpionsaver_eula[1].jpg
          6.9s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE0Q74DV\scorpionsaver_eula[1].htm
          7.0s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S45S397Z\muted_defaulttab_clean[1].jpg
          7.1s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\defaulttab_terms[1].htm
          8.0s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\cloud_progress_screen[1].jpg
          8.0s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\cloud_progress_screen[1].jpg
          8.3s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE0Q74DV\amazon_finished[1].jpg

Cookies _____________________________________________________________________
   C:\Users\caroljim\AppData\Roaming\Microsoft\Windows\Cookies\GSOLGU53.txt
   C:\Users\caroljim\AppData\Roaming\Microsoft\Windows\Cookies\OFP3XX5F.txt
   C:\Users\caroljim\AppData\Roaming\Microsoft\Windows\Cookies\TIGKXCHC.txt
My System SpecsSystem Spec
29 Oct 2013   #15
Dusty45

Windows7 Pro 64bit, widows7 Pro 32bit, Linux
 
 

Ran Hitman again on win 7 64 drive and got:

Code:
HitmanPro 3.7.8.207
www.hitmanpro.com
   Computer name . . . . : CJAM3X4-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : cjAM3x4-PC\caroljim
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)
   Scan date . . . . . . : 2013-10-29 21:56:07
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 23s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 0
   Objects scanned . . . : 1,579,229
   Files scanned . . . . : 35,272
   Remnants scanned  . . : 393,984 files / 1,149,973 keys

Rebooted
No warning from ISP! As yet
My System SpecsSystem Spec
29 Oct 2013   #16
cottonball

Windows 7 Home Premium
 
 

Try it for a day or two, and see how it goes.
My System SpecsSystem Spec
Reply

 .Alureon.A reported by ISP on boot. Computer runs fine.




Thread Tools




Similar help and support threads
Thread Forum
Computer either BSOD's after start-up, or runs fine
So my computer seems to have about a 2/3 chance of BSODing in the first few minutes of running. After that, I encounter almost zero problems, aside from some weird issue with Windows Update (I haven't been able to install any updates), but that's for another thread. The BSOD seems to show one of...
BSOD Help and Support
BSOD in normal and clean boot, runs fine in safe mode
Hi, after connecting and disconnecting some external HDD using USB to my pc, BSOD keeps showing constantly after 5 minutes from booting to windows . I checked RAM, and it urned out to be in good shape, then i tried Registry cleaning, but nothing changed . It works very well and stable under...
BSOD Help and Support
New laptops wireless inexplicably slow, everyother computer runs fine.
I purchased a new laptop, and have been having numerous issues with windows 7, including the wireless internet being insanely slow. I've tried other wireless adapters to no avail, and every other computer in the house, be it wireless, or not runs perfectly, with the speed tests all running about...
Network & Sharing
Computer runs really slow in normal mode, but runs fine in safe mode
I recently re-formatted my Sony VAIO since it was starting to run super slow. Now that I re-installed Windows 7 on it through recovery disks, it worked fined for about a day but then the problem came back. The computer is slow at bootup and runs super slow while freezing so many times. I am running...
BSOD Help and Support
Hardware Runs 32-bit fine but BSODs with 64?
Hey guys, I have a Toshiba Satelite A205-S6810 laptop, and I had been having a lot of random boot crashes and BSODs at startup when I was trying to run the X64 version of Windows 7. For the fun of it, my friend told me I could try his 32-bit disc for a while to see if it worked better, and lo and...
BSOD Help and Support
installs fine, runs fine, reboots..not fine
hey guys so i finally decided to install win7 x86 - everything went well - put all the standard stuff on there etc - i rebooted many times because of installations and updates on my last reboot it just got stock in the bios screen (verifying dmi pool data..success! etc) so i rebooted, same...
Installation & Setup


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 22:42.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App