Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.



Windows 7: .Alureon.A reported by ISP on boot. Computer runs fine.

27 Oct 2013   #11

Windows7 Pro 64bit, widows7 Pro 32bit, Linux
 
 

http://we.tl/L0yAiuoyc0
Link to frst.txt

My System SpecsSystem Spec
.

27 Oct 2013   #12

Windows7 Pro 64bit, widows7 Pro 32bit, Linux
 
 

frst.txt attached


Attached Files
File Type: txt FRST.txt (35.7 KB, 3 views)
My System SpecsSystem Spec
29 Oct 2013   #13

Windows 7 Home Premium
 
 

Dusty45,

The FRST report is run on a 64-bit system [C:win7PRO 64Bit].
Have not seen Alureon there.
Was there an Addition.txt produced?

If so, please post.



Also, please boot to the 32-bit system [E:Win7PRO 32bit].

Download the 32-bit FRST, run it, and post its results.
My System SpecsSystem Spec
.


29 Oct 2013   #14

Windows7 Pro 64bit, widows7 Pro 32bit, Linux
 
 

Sorry deleted it.

On 32 bit drive FRST shows nothing BUT,

ADWCleaner found a trojan on that drive. ESET found four paths and deleted them all. That didn't solve the problem though. Booted back into 64 bit drive and ISP still reported a problem.

Ran Hitman Pro and it found two malware links and removed them. Log below:

Code:
HitmanPro 3.7.8.207
www.hitmanpro.com
   Computer name . . . . : CJAM3X4-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : cjAM3x4-PC\caroljim
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
   Scan date . . . . . . : 2013-10-29 15:05:04
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 35s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
   Threats . . . . . . . : 2
   Traces  . . . . . . . : 7
   Objects scanned . . . : 1,571,333
   Files scanned . . . . : 33,173
   Remnants scanned  . . : 388,434 files / 1,149,726 keys
Malware _____________________________________________________________________
   C:\Games\EasyUO Script\EasyUO\EUOX.exe
      Size . . . . . . . : 1,112,064 bytes
      Age  . . . . . . . : 318.1 days (2012-12-15 11:47:48)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : 704712023147CF72236BD23A27CC34DCCC6346FB8B5643DFB43D2D9D36844B32
    > Ikarus . . . . . . : Trojan.Win32.VB!IK
      Fuzzy  . . . . . . : 106.0
      References
         C:\Users\caroljim\Desktop\EUOX.lnk
         HKU\S-1-5-21-2066651824-2471372917-1354444347-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Games\EasyUO Script\EasyUO\EUOX.exe
   C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\D2M-Precheck[1].exe
      Size . . . . . . . : 508,928 bytes
      Age  . . . . . . . : 4.6 days (2013-10-25 01:31:48)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : C15CF5553D2B48EF501AB7D2972BAF2D5825218BBA292938E3B8556E7C5C095E
      Product  . . . . . : D2M-Precheck
      Publisher  . . . . : Appcaster
      Description  . . . : D2M-Precheck
      Version  . . . . . : 1.0.0.0
      Copyright  . . . . : Copyright  Appcaster 2013
      Source URL . . . . : hxxp://ddnw0hpcyyfnj.cloudfront.net/D2M-Precheck.exe
    > Ikarus . . . . . . : Trojan.SuspectCRC!IK
      Fuzzy  . . . . . . : 110.0
      Forensic Cluster
         -0.8s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\win98_top_min[1].jpg
         -0.7s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S45S397Z\win98_left[1].jpg
         -0.7s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\win98_bottom[1].jpg
         -0.6s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\win98_accept_button[1].jpg
         -0.6s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE0Q74DV\win98_decline_button[1].jpg
         -0.6s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S45S397Z\win98_cancel_button[1].jpg
         -0.5s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\win98_skip_button[1].jpg
         -0.5s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\welcome_generic[1].jpg
         -0.4s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE0Q74DV\header_premiuminstaller[1].jpg
         -0.3s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S45S397Z\bundled_whitesmokej[1].jpg
          0.0s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\D2M-Precheck[1].exe
          6.4s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\muted_greatarcade_eula[1].jpg
          6.5s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE0Q74DV\greatarcade_eula[1].htm
          6.6s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S45S397Z\muted_optimizerpro_eula[1].jpg
          6.8s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\optimizerpro_eula[1].htm
          6.8s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\muted_scorpionsaver_eula[1].jpg
          6.9s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE0Q74DV\scorpionsaver_eula[1].htm
          7.0s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S45S397Z\muted_defaulttab_clean[1].jpg
          7.1s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\106MFXVI\defaulttab_terms[1].htm
          8.0s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\cloud_progress_screen[1].jpg
          8.0s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6YUTHQ2\cloud_progress_screen[1].jpg
          8.3s C:\Users\caroljim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE0Q74DV\amazon_finished[1].jpg

Cookies _____________________________________________________________________
   C:\Users\caroljim\AppData\Roaming\Microsoft\Windows\Cookies\GSOLGU53.txt
   C:\Users\caroljim\AppData\Roaming\Microsoft\Windows\Cookies\OFP3XX5F.txt
   C:\Users\caroljim\AppData\Roaming\Microsoft\Windows\Cookies\TIGKXCHC.txt
My System SpecsSystem Spec
29 Oct 2013   #15

Windows7 Pro 64bit, widows7 Pro 32bit, Linux
 
 

Ran Hitman again on win 7 64 drive and got:

Code:
HitmanPro 3.7.8.207
www.hitmanpro.com
   Computer name . . . . : CJAM3X4-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : cjAM3x4-PC\caroljim
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)
   Scan date . . . . . . : 2013-10-29 21:56:07
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 23s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 0
   Objects scanned . . . : 1,579,229
   Files scanned . . . . : 35,272
   Remnants scanned  . . : 393,984 files / 1,149,973 keys

Rebooted
No warning from ISP! As yet
My System SpecsSystem Spec
29 Oct 2013   #16

Windows 7 Home Premium
 
 

Try it for a day or two, and see how it goes.
My System SpecsSystem Spec
Reply

 .Alureon.A reported by ISP on boot. Computer runs fine.





Thread Tools



Similar help and support threads for2: .Alureon.A reported by ISP on boot. Computer runs fine.
Thread Forum
Computer either BSOD's after start-up, or runs fine BSOD Help and Support
BSOD in normal and clean boot, runs fine in safe mode BSOD Help and Support
New laptops wireless inexplicably slow, everyother computer runs fine. Network & Sharing
Computer runs really slow in normal mode, but runs fine in safe mode BSOD Help and Support
installs fine, runs fine, reboots..not fine Installation & Setup

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 02:53 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33