Jump to content

Infected

Aaronrussell13
 Share

Recommended Posts

Aaronrussell13

Aaronrussell13

Posted
Posted

infected by mypcbackup. unistalled program and google chrome extension

 

------------------------------------------------------------------

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16660
Run by Aaron at 18:10:17 on 2013-08-17
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.3998.1889 [GMT 1:00]
.
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Windows\System32\vds.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Users\Aaron\AppData\Local\Temp\~nsu.tmp\Au_.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
c:\program files (x86)\avira\antivir desktop\avgnt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Facebook Update] "C:\Users\Aaron\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 192.168.15.1
TCP: Interfaces\{46AC998E-0C6F-4C37-A95B-AE5E445422CC} : DHCPNameServer = 192.168.15.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO 
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-8-10 16152]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-8-11 28600]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-8-11 84024]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-8-11 108088]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-8-11 100712]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-8-16 107520]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-8-10 2429544]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-8-10 128280]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-8-10 161560]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-8-10 331264]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-8-10 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-8-10 787736]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2013-8-10 339048]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-8-10 675432]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2013-8-11 14336]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-2-11 572928]
S3 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
.
=============== Created Last 30 ================
.
2013-08-17 16:54:22 -------- d-----w- C:\Users\Aaron\AppData\Roaming\Malwarebytes
2013-08-17 16:54:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-08-17 16:54:08 -------- d-----w- C:\ProgramData\Malwarebytes
2013-08-17 16:54:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-16 00:50:25 -------- d-----w- C:\Program Files (x86)\MixMeister BPM Analyzer
2013-08-16 00:49:30 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-08-16 00:49:27 -------- d-----w- C:\Program Files (x86)\DefaultTab
2013-08-16 00:49:20 -------- d-----w- C:\Users\Aaron\AppData\Roaming\DefaultTab
2013-08-15 12:11:59 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-15 12:07:24 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2013-08-15 12:07:21 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2013-08-15 12:07:21 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2013-08-15 12:07:14 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2013-08-15 12:07:14 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2013-08-15 11:56:36 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2013-08-15 11:56:36 331776 ----a-w- C:\Windows\System32\oleacc.dll
2013-08-15 11:56:36 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2013-08-15 11:56:35 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2013-08-15 11:56:34 723456 ----a-w- C:\Windows\System32\EncDec.dll
2013-08-15 11:56:33 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2013-08-15 11:52:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2013-08-15 11:52:27 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2013-08-15 11:52:27 136704 ----a-w- C:\Windows\System32\browser.dll
2013-08-15 11:52:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-08-15 11:52:10 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-08-15 11:52:10 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-08-15 11:52:10 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-08-15 11:52:03 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-08-15 11:52:02 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-08-15 11:50:25 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-08-15 11:50:25 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-08-15 11:50:25 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-08-15 11:49:22 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-08-15 11:49:22 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-08-15 11:49:21 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-08-15 11:49:12 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2013-08-15 11:49:12 3717632 ----a-w- C:\Windows\System32\mstscax.dll
2013-08-15 11:49:12 158720 ----a-w- C:\Windows\System32\aaclient.dll
2013-08-15 11:42:00 77312 ----a-w- C:\Windows\System32\packager.dll
2013-08-15 11:42:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-08-15 11:39:42 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll
2013-08-15 11:39:42 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2013-08-15 11:39:41 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2013-08-15 11:39:41 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2013-08-15 11:39:41 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2013-08-15 11:39:40 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2013-08-15 11:39:33 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2013-08-15 11:39:33 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll
2013-08-15 11:39:33 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2013-08-15 11:39:32 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2013-08-15 11:39:32 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2013-08-15 11:36:37 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2013-08-15 11:36:36 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2013-08-15 11:36:26 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2013-08-15 11:36:25 142336 ----a-w- C:\Windows\System32\poqexec.exe
2013-08-14 18:04:08 -------- d-----w- C:\Windows\SysWow64\Wat
2013-08-14 18:04:08 -------- d-----w- C:\Windows\System32\Wat
2013-08-14 18:02:44 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
2013-08-14 18:02:44 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2013-08-14 18:02:44 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2013-08-14 18:02:43 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2013-08-14 18:02:43 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2013-08-14 18:02:43 1118720 ----a-w- C:\Windows\System32\sbe.dll
2013-08-14 18:01:52 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-08-14 18:01:51 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2013-08-14 18:01:50 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-08-14 18:01:50 1572864 ----a-w- C:\Windows\System32\quartz.dll
2013-08-14 18:01:15 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-08-14 18:01:08 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-08-14 18:01:08 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-08-14 18:01:08 111448 ----a-w- C:\Windows\System32\consent.exe
2013-08-14 18:00:43 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2013-08-14 18:00:42 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2013-08-14 18:00:42 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2013-08-14 18:00:16 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2013-08-14 18:00:15 395776 ----a-w- C:\Windows\System32\webio.dll
2013-08-14 17:59:52 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-08-14 17:58:37 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-08-14 17:58:37 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-08-14 17:58:36 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-08-14 17:58:36 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-08-14 17:58:36 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-08-14 17:58:36 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-08-14 17:58:36 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-08-14 17:58:14 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2013-08-14 17:58:14 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2013-08-14 17:58:13 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2013-08-14 17:58:13 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2013-08-14 17:57:20 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-08-14 17:55:41 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2013-08-14 17:55:40 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2013-08-14 17:55:40 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
2013-08-14 17:54:23 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2013-08-14 17:54:22 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-08-14 17:54:00 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-08-14 17:54:00 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-08-14 17:53:37 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-08-14 17:53:36 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-08-14 17:52:43 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-14 17:51:29 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2013-08-14 17:51:29 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2013-08-14 17:51:29 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2013-08-14 17:51:02 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2013-08-14 17:51:02 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2013-08-14 17:51:02 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2013-08-14 17:51:02 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2013-08-14 17:50:39 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2013-08-14 17:49:39 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-08-14 17:48:32 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-08-14 17:48:10 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2013-08-14 17:48:09 715776 ----a-w- C:\Windows\System32\kerberos.dll
2013-08-14 17:47:15 95744 ----a-w- C:\Windows\System32\synceng.dll
2013-08-14 17:47:15 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2013-08-14 17:46:52 642944 ----a-w- C:\Windows\System32\winload.efi
2013-08-14 17:46:52 605552 ----a-w- C:\Windows\System32\winload.exe
2013-08-14 17:46:52 566208 ----a-w- C:\Windows\System32\winresume.efi
2013-08-14 17:46:52 518672 ----a-w- C:\Windows\System32\winresume.exe
2013-08-14 17:46:52 19328 ----a-w- C:\Windows\System32\kd1394.dll
2013-08-14 17:46:52 17792 ----a-w- C:\Windows\System32\kdcom.dll
2013-08-14 17:46:51 20352 ----a-w- C:\Windows\System32\kdusb.dll
2013-08-14 17:46:29 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-08-14 17:46:29 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-08-14 17:46:06 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-08-14 17:45:13 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-08-14 17:45:12 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-08-14 17:45:11 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-08-14 17:45:11 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-08-14 17:45:11 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-08-14 17:04:00 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-08-14 16:54:35 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2013-08-14 16:47:25 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2013-08-14 16:47:25 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-08-14 16:47:25 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-08-14 16:47:25 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-08-14 16:47:25 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-08-14 16:47:25 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-08-14 16:46:03 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-08-14 16:46:03 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-08-14 16:46:02 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-08-14 16:46:01 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-08-14 16:46:01 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-08-13 22:48:59 -------- d-----w- C:\Users\Aaron\AppData\Local\Programs
2013-08-13 22:45:17 -------- d-----w- C:\Users\Aaron\AppData\Local\ArcSoft
2013-08-13 22:45:13 -------- d--h--w- C:\ProgramData\ArcSoft
2013-08-13 22:44:11 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-08-13 22:44:11 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-08-13 22:44:11 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-08-13 22:44:11 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-08-13 22:44:10 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-08-13 22:07:06 -------- d-----w- C:\Users\Aaron\AppData\Local\Facebook
2013-08-13 14:57:46 -------- d-----w- C:\Users\Aaron\AppData\Local\MediaMonkey
2013-08-13 14:57:37 -------- d-----w- C:\Users\Aaron\AppData\Roaming\MediaMonkey
2013-08-13 14:57:34 -------- d-----w- C:\ProgramData\MediaMonkey
2013-08-13 14:57:32 -------- d-----w- C:\Program Files (x86)\MediaMonkey
2013-08-13 14:53:05 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-08-13 14:52:55 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-13 14:44:15 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-08-13 14:44:05 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-08-13 14:44:00 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-08-12 21:26:04 -------- d-----w- C:\Users\Aaron\AppData\Roaming\uTorrent
2013-08-12 00:07:37 -------- d-----w- C:\ProgramData\Atheros
2013-08-11 21:06:39 -------- d-----w- C:\Users\Aaron\AppData\Roaming\Atheros
2013-08-11 21:05:55 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2013-08-11 21:05:47 -------- d-----w- C:\Program Files (x86)\Bluetooth Suite
2013-08-11 20:48:21 -------- d-----w- C:\Users\Aaron\AppData\Local\BMExplorer
2013-08-11 18:08:44 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2013-08-11 18:08:43 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2013-08-11 18:08:43 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2013-08-11 18:08:43 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2013-08-11 18:08:43 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2013-08-11 00:18:30 -------- d-----w- C:\Program Files\iTunes
2013-08-11 00:18:30 -------- d-----w- C:\Program Files\iPod
2013-08-11 00:18:30 -------- d-----w- C:\Program Files (x86)\iTunes
2013-08-11 00:17:38 -------- d-----w- C:\Users\Aaron\AppData\Local\Apple Computer
2013-08-11 00:15:28 83672 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
2013-08-11 00:11:56 -------- d-----w- C:\Users\Aaron\AppData\Roaming\Avira
2013-08-11 00:07:08 -------- d-----w- C:\ProgramData\APN
2013-08-11 00:06:26 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2013-08-11 00:06:25 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2013-08-11 00:06:25 -------- d-----w- C:\ProgramData\Avira
2013-08-11 00:06:25 -------- d-----w- C:\Program Files (x86)\Avira
2013-08-10 23:38:51 -------- d-----w- C:\Program Files\Common Files\Sony Shared
2013-08-10 23:38:51 -------- d-----w- C:\Program Files (x86)\Common Files\Sony Shared
2013-08-10 23:27:02 14336 ----a-w- C:\Windows\System32\drivers\SFEP.sys
2013-08-10 23:23:59 74703 ----a-w- C:\Windows\SysWow64\mfc45.dll
2013-08-10 23:23:58 69000 ----a-w- C:\Windows\System32\offreg.dll
2013-08-10 23:23:58 21176 ----a-w- C:\Windows\System32\iolorgdf64.exe
2013-08-10 23:23:58 -------- d-----w- C:\Users\Aaron\AppData\Roaming\iolo
2013-08-10 23:23:58 -------- d-----w- C:\ProgramData\iolo
2013-08-10 23:05:12 -------- d-----w- C:\ProgramData\Synaptics
2013-08-10 22:50:05 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2013-08-10 22:46:33 -------- d-----w- C:\Program Files\Sony
2013-08-10 22:45:23 -------- d-----w- C:\Program Files (x86)\Sony
2013-08-10 22:28:21 -------- d-----w- C:\Windows\SysWow64\sda
2013-08-10 22:27:51 9888872 ----a-w- C:\Windows\SysWow64\RtsPStorIcon.dll
2013-08-10 22:27:51 339048 ----a-w- C:\Windows\System32\drivers\RtsPStor.sys
2013-08-10 22:25:11 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
2013-08-10 22:25:09 787736 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2013-08-10 22:25:09 356120 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2013-08-10 22:25:09 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2013-08-10 22:21:01 15128 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2013-08-10 22:20:26 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2013-08-10 22:20:21 60184 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2013-08-10 22:09:21 -------- d-----w- C:\Program Files\Synaptics
2013-08-10 22:09:04 -------- d-----w- C:\ProgramData\Sony Corporation
2013-08-10 22:02:59 94208 ----a-w- C:\Windows\System32\IccLibDll_x64.dll
2013-08-10 22:02:59 9216 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2013-08-10 22:02:59 5886232 ----a-w- C:\Windows\System32\GfxUI.exe
2013-08-10 22:02:59 274200 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe
2013-08-10 21:33:01 -------- d-----w- C:\Windows\SysWow64\RTCOM
2013-08-10 21:33:01 -------- d-----w- C:\Program Files\Realtek
2013-08-10 21:16:40 -------- d-----w- C:\Users\Aaron\AppData\Local\Google
2013-08-10 21:16:27 -------- d-----w- C:\Users\Aaron\AppData\Local\Deployment
2013-08-10 21:16:27 -------- d-----w- C:\Users\Aaron\AppData\Local\Apps
2013-08-10 19:49:50 -------- d-----w- C:\Windows\Panther
2013-08-10 17:50:57 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-08-10 17:50:52 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-08-10 17:50:49 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-08-10 17:50:49 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-08-10 17:47:05 2807808 ----a-w- C:\Windows\System32\drivers\athrx.sys
2013-08-10 17:47:05 -------- d-----w- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
2013-08-10 17:45:49 -------- d-sh--w- C:\Windows\Installer
2013-08-10 17:45:26 -------- d-----w- C:\ProgramData\Qualcomm Atheros
2013-08-10 17:37:02 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2013-08-10 17:37:02 675432 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2013-08-10 17:37:02 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-08-10 17:27:54 -------- d-----w- C:\Users\Aaron\AppData\Local\Diagnostics
.
==================== Find3M  ====================
.
2013-08-14 16:59:22 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
.
============= FINISH: 18:11:49.42 ===============
 
 
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 10/08/2013 18:26:02
System Uptime: 17/08/2013 16:42:32 (2 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel® Core i5-3210M CPU @ 2.50GHz | N/A | 1175/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 261.725 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP5: 10/08/2013 23:45:12 - Installed ISB Utility
RP6: 10/08/2013 23:45:36 - Installed VAIO Control Center
RP7: 10/08/2013 23:46:18 - Installed VAIO Power Management
RP8: 11/08/2013 00:22:10 - Installed VAIO Care.
RP9: 11/08/2013 00:38:38 - Installed Sony Shared Library
RP10: 11/08/2013 01:13:11 - Installed iTunes
RP11: 11/08/2013 01:16:34 - Installed Apple Application Support
RP12: 11/08/2013 01:17:18 - Removed iTunes
RP13: 11/08/2013 01:18:12 - Installed iTunes
RP14: 13/08/2013 00:48:00 - Windows Update
RP15: 13/08/2013 15:42:30 - Windows Update
RP16: 13/08/2013 15:52:19 - Installed iTunes
RP17: 13/08/2013 23:44:13 - Installed WebCam Companion
RP18: 13/08/2013 23:49:01 - Installed WebCam Companion
RP19: 14/08/2013 17:43:08 - Windows Update
RP20: 15/08/2013 12:37:07 - Windows Update
RP21: 16/08/2013 02:14:32 - Windows Update
.
==== Installed Programs ======================
.
Apple Application Support
ArcSoft WebCam Companion 4
Avira Free Antivirus
DefaultTab
Facebook Video Calling 1.2.0.287
Google Chrome
Google Update Helper
Intel® Management Engine Components
Intel® OpenCL CPU Runtime
Intel® Processor Graphics
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
iTunes
KUx86
Malwarebytes Anti-Malware version 1.75.0.1300
MediaMonkey 4.0
Microsoft .NET Framework 4.5
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2804582)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)
SSLx64
SSLx86
Synaptics Pointing Device Driver
VAIO Care
VAIO Control Center
VCCx64
VCCx86
VPMx64
Windows Driver Package - Realtek (RTL8167) Net  (01/16/2012 7.051.0116.2012)
Windows Driver Package - Sony Corporation (SFEP) HIDClass  (11/15/2011 8.0.2.3)
WinRAR 4.20 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
16/08/2013 19:53:14, Error: Service Control Manager [7023]  - 
16/08/2013 19:52:29, Error: Service Control Manager [7034]  - The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
16/08/2013 19:52:21, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
16/08/2013 19:52:21, Error: Service Control Manager [7000]  - The Computer Backup (MyPC Backup) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
16/08/2013 19:49:56, Error: Service Control Manager [7031]  - The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/08/2013 01:49:28, Error: Service Control Manager [7030]  - The DefaultTabSearch service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2798162).
15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2676562).
15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2585542).
15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2536276).
15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2479943).
15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2840631).
15/08/2013 12:30:05, Error: Service Control Manager [7000]  - The Intel® Management and Security Application Local Management Service service failed to start due to the following error:  The pipe has been ended.
15/08/2013 12:29:58, Error: Service Control Manager [7000]  - The VAIO Event Service service failed to start due to the following error:  The pipe has been ended.
15/08/2013 12:29:55, Error: Service Control Manager [7031]  - The VAIO Event Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 3000 milliseconds: Restart the service.
15/08/2013 12:29:55, Error: Service Control Manager [7031]  - The Intel® Management and Security Application Local Management Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
15/08/2013 12:29:54, Error: Service Control Manager [7034]  - The VCService service terminated unexpectedly.  It has done this 1 time(s).
15/08/2013 12:29:54, Error: Service Control Manager [7034]  - The Avira Scheduler service terminated unexpectedly.  It has done this 3 time(s).
15/08/2013 12:29:54, Error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 3 time(s).
15/08/2013 12:29:50, Error: Service Control Manager [7034]  - The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).
15/08/2013 12:29:41, Error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
15/08/2013 12:29:40, Error: Service Control Manager [7031]  - The VAIO Event Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 3000 milliseconds: Restart the service.
15/08/2013 12:29:39, Error: Service Control Manager [7031]  - The Avira Scheduler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
15/08/2013 12:29:38, Error: Service Control Manager [7034]  - The Ask Update Service service terminated unexpectedly.  It has done this 1 time(s).
15/08/2013 12:29:38, Error: Service Control Manager [7031]  - The Microsoft .NET Framework NGEN v4.0.30319_X86 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
14/08/2013 20:05:43, Error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
14/08/2013 20:05:39, Error: Service Control Manager [7031]  - The Avira Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
14/08/2013 20:05:23, Error: Service Control Manager [7043]  - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
14/08/2013 18:36:56, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356).
14/08/2013 18:19:04, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2789645).
14/08/2013 18:18:16, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2846071).
14/08/2013 18:18:04, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2830290).
14/08/2013 18:17:52, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2560656).
14/08/2013 18:16:42, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2756921).
14/08/2013 18:16:25, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2620704).
14/08/2013 18:16:14, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2533552).
14/08/2013 18:16:01, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2813347).
14/08/2013 18:15:48, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2845690).
14/08/2013 18:14:48, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2779562).
14/08/2013 18:14:23, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2479943).
14/08/2013 18:14:11, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2840631).
14/08/2013 18:13:59, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2631813).
14/08/2013 18:13:47, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2798162).
14/08/2013 18:11:12, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2536276).
14/08/2013 18:10:59, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2585542).
14/08/2013 18:09:52, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2840149).
14/08/2013 18:09:43, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2570947).
14/08/2013 18:09:16, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2676562).
14/08/2013 18:09:05, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2847927).
14/08/2013 17:56:53, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2506212).
14/08/2013 17:55:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2691442).
14/08/2013 17:55:34, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2807986).
14/08/2013 17:55:28, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2667402).
14/08/2013 17:55:22, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2655992).
14/08/2013 17:50:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2757638).
14/08/2013 17:50:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2509553).
14/08/2013 17:50:30, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2758857).
14/08/2013 17:50:21, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2845187).
14/08/2013 17:50:21, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2770660).
14/08/2013 17:50:16, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2749655).
14/08/2013 17:50:16, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2785220).
14/08/2013 17:50:12, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2790113).
14/08/2013 17:50:12, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2604115).
14/08/2013 17:49:58, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2536275).
14/08/2013 17:49:07, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2579686).
14/08/2013 17:49:02, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2685939).
14/08/2013 17:47:48, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2729452).
14/08/2013 17:47:28, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2645640).
14/08/2013 17:47:28, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2742599).
14/08/2013 17:47:12, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2743555).
14/08/2013 17:47:12, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2690533).
14/08/2013 17:47:04, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2833946).
14/08/2013 17:46:51, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2727528).
14/08/2013 17:46:51, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2706045).
14/08/2013 17:46:46, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2506014).
14/08/2013 17:46:46, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2839894).
14/08/2013 17:46:39, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2850851).
14/08/2013 17:46:39, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2804579).
14/08/2013 17:46:34, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2786081).
14/08/2013 17:46:30, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2835364).
14/08/2013 17:46:30, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2532531).
14/08/2013 17:46:02, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2705219).
14/08/2013 17:45:48, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2544893).
14/08/2013 17:45:48, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2491683).
14/08/2013 17:45:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2813430).
14/08/2013 17:45:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2654428).
14/08/2013 17:45:24, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2712808).
14/08/2013 17:45:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2564958).
14/08/2013 17:45:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2511455).
14/08/2013 17:45:09, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2813170).
14/08/2013 17:45:09, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2619339).
14/08/2013 17:45:03, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2832414).
14/08/2013 17:44:54, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2834886).
14/08/2013 17:44:49, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2835361).
14/08/2013 17:44:44, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2698365).
14/08/2013 17:44:30, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2736422).
14/08/2013 17:44:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2644615).
14/08/2013 17:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2584146).
13/08/2013 15:43:49, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2621440).
10/08/2013 23:05:05, Error: Service Control Manager [7023]  - The Intel® Content Protection HECI Service service terminated with the following error:  %%-2147024637
10/08/2013 11:53:38, Error: Service Control Manager [7023]  - The Windows Update service terminated with the following error:  %%-2147467243
.
==== End Of File ===========================
 

 

Link to post
Share on other sites
  • Staff
gringo_pr

gringo_pr

Posted
  • Staff
Posted

Hello Aaronrussell13

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.