Infected

[Aaronrussell13]

infected with malware.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16660

Run by Aaron at 18:10:17 on 2013-08-17

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.3998.1889 [GMT 1:00]

.

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\system32\LogonUI.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Sony\VAIO Power Management\SPMService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Sony\VAIO Care\VCService.exe

C:\Program Files\Sony\VAIO Care\VCAgent.exe

C:\Windows\System32\vds.exe

C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

C:\Users\Aaron\AppData\Local\Temp\~nsu.tmp\Au_.exe

C:\Windows\explorer.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

c:\program files (x86)\avira\antivir desktop\avgnt.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe

BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Facebook Update] "C:\Users\Aaron\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

TCP: NameServer = 192.168.15.1

TCP: Interfaces\{46AC998E-0C6F-4C37-A95B-AE5E445422CC} : DHCPNameServer = 192.168.15.1

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO 

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-8-10 16152]

R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-8-11 28600]

R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-8-11 84024]

R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-8-11 108088]

R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-8-11 100712]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]

R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-8-16 107520]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-8-10 2429544]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]

R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-8-10 128280]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-8-10 161560]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-8-10 331264]

R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-8-10 356120]

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-8-10 787736]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2013-8-10 339048]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-8-10 675432]

R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2013-8-11 14336]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]

S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-2-11 572928]

S3 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

.

=============== Created Last 30 ================

.

2013-08-17 16:54:22 -------- d-----w- C:\Users\Aaron\AppData\Roaming\Malwarebytes

2013-08-17 16:54:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-08-17 16:54:08 -------- d-----w- C:\ProgramData\Malwarebytes

2013-08-17 16:54:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-16 00:50:25 -------- d-----w- C:\Program Files (x86)\MixMeister BPM Analyzer

2013-08-16 00:49:30 -------- d-----w- C:\Program Files (x86)\MyPC Backup

2013-08-16 00:49:27 -------- d-----w- C:\Program Files (x86)\DefaultTab

2013-08-16 00:49:20 -------- d-----w- C:\Users\Aaron\AppData\Roaming\DefaultTab

2013-08-15 12:11:59 424448 ----a-w- C:\Windows\System32\KernelBase.dll

2013-08-15 12:07:24 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe

2013-08-15 12:07:21 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2013-08-15 12:07:21 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2013-08-15 12:07:14 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll

2013-08-15 12:07:14 634880 ----a-w- C:\Windows\System32\msvcrt.dll

2013-08-15 11:56:36 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2013-08-15 11:56:36 331776 ----a-w- C:\Windows\System32\oleacc.dll

2013-08-15 11:56:36 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2013-08-15 11:56:35 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2013-08-15 11:56:34 723456 ----a-w- C:\Windows\System32\EncDec.dll

2013-08-15 11:56:33 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll

2013-08-15 11:52:27 59392 ----a-w- C:\Windows\System32\browcli.dll

2013-08-15 11:52:27 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2013-08-15 11:52:27 136704 ----a-w- C:\Windows\System32\browser.dll

2013-08-15 11:52:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-08-15 11:52:10 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-08-15 11:52:10 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-08-15 11:52:10 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-08-15 11:52:03 1643520 ----a-w- C:\Windows\System32\DWrite.dll

2013-08-15 11:52:02 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll

2013-08-15 11:50:25 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-08-15 11:50:25 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-08-15 11:50:25 144384 ----a-w- C:\Windows\System32\cdd.dll

2013-08-15 11:49:22 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll

2013-08-15 11:49:22 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll

2013-08-15 11:49:21 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll

2013-08-15 11:49:12 44032 ----a-w- C:\Windows\System32\tsgqec.dll

2013-08-15 11:49:12 3717632 ----a-w- C:\Windows\System32\mstscax.dll

2013-08-15 11:49:12 158720 ----a-w- C:\Windows\System32\aaclient.dll

2013-08-15 11:42:00 77312 ----a-w- C:\Windows\System32\packager.dll

2013-08-15 11:42:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2013-08-15 11:39:42 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll

2013-08-15 11:39:42 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll

2013-08-15 11:39:41 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll

2013-08-15 11:39:41 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll

2013-08-15 11:39:41 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll

2013-08-15 11:39:40 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll

2013-08-15 11:39:33 212992 ----a-w- C:\Windows\System32\odbctrac.dll

2013-08-15 11:39:33 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll

2013-08-15 11:39:33 106496 ----a-w- C:\Windows\System32\odbccu32.dll

2013-08-15 11:39:32 163840 ----a-w- C:\Windows\System32\odbccp32.dll

2013-08-15 11:39:32 106496 ----a-w- C:\Windows\System32\odbccr32.dll

2013-08-15 11:36:37 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2013-08-15 11:36:36 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2013-08-15 11:36:26 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe

2013-08-15 11:36:25 142336 ----a-w- C:\Windows\System32\poqexec.exe

2013-08-14 18:04:08 -------- d-----w- C:\Windows\SysWow64\Wat

2013-08-14 18:04:08 -------- d-----w- C:\Windows\System32\Wat

2013-08-14 18:02:44 850944 ----a-w- C:\Windows\SysWow64\sbe.dll

2013-08-14 18:02:44 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll

2013-08-14 18:02:44 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax

2013-08-14 18:02:43 961024 ----a-w- C:\Windows\System32\CPFilters.dll

2013-08-14 18:02:43 259072 ----a-w- C:\Windows\System32\mpg2splt.ax

2013-08-14 18:02:43 1118720 ----a-w- C:\Windows\System32\sbe.dll

2013-08-14 18:01:52 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2013-08-14 18:01:51 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll

2013-08-14 18:01:50 366592 ----a-w- C:\Windows\System32\qdvd.dll

2013-08-14 18:01:50 1572864 ----a-w- C:\Windows\System32\quartz.dll

2013-08-14 18:01:15 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-08-14 18:01:08 70144 ----a-w- C:\Windows\System32\appinfo.dll

2013-08-14 18:01:08 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-08-14 18:01:08 111448 ----a-w- C:\Windows\System32\consent.exe

2013-08-14 18:00:43 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2013-08-14 18:00:42 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2013-08-14 18:00:42 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2013-08-14 18:00:16 314880 ----a-w- C:\Windows\SysWow64\webio.dll

2013-08-14 18:00:15 395776 ----a-w- C:\Windows\System32\webio.dll

2013-08-14 17:59:52 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-08-14 17:58:37 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll

2013-08-14 17:58:37 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll

2013-08-14 17:58:36 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll

2013-08-14 17:58:36 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll

2013-08-14 17:58:36 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll

2013-08-14 17:58:36 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll

2013-08-14 17:58:36 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll

2013-08-14 17:58:14 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll

2013-08-14 17:58:14 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll

2013-08-14 17:58:13 1395712 ----a-w- C:\Windows\System32\mfc42.dll

2013-08-14 17:58:13 1359872 ----a-w- C:\Windows\System32\mfc42u.dll

2013-08-14 17:57:20 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2013-08-14 17:55:41 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe

2013-08-14 17:55:40 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe

2013-08-14 17:55:40 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll

2013-08-14 17:54:23 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

2013-08-14 17:54:22 478208 ----a-w- C:\Windows\System32\dpnet.dll

2013-08-14 17:54:00 624128 ----a-w- C:\Windows\System32\qedit.dll

2013-08-14 17:54:00 509440 ----a-w- C:\Windows\SysWow64\qedit.dll

2013-08-14 17:53:37 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2013-08-14 17:53:36 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2013-08-14 17:52:43 215040 ----a-w- C:\Windows\System32\winsrv.dll

2013-08-14 17:51:29 467456 ----a-w- C:\Windows\System32\drivers\srv.sys

2013-08-14 17:51:29 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys

2013-08-14 17:51:29 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2013-08-14 17:51:02 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax

2013-08-14 17:51:02 613888 ----a-w- C:\Windows\System32\psisdecd.dll

2013-08-14 17:51:02 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2013-08-14 17:51:02 108032 ----a-w- C:\Windows\System32\psisrndr.ax

2013-08-14 17:50:39 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2013-08-14 17:49:39 498688 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-08-14 17:48:32 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2013-08-14 17:48:10 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll

2013-08-14 17:48:09 715776 ----a-w- C:\Windows\System32\kerberos.dll

2013-08-14 17:47:15 95744 ----a-w- C:\Windows\System32\synceng.dll

2013-08-14 17:47:15 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

2013-08-14 17:46:52 642944 ----a-w- C:\Windows\System32\winload.efi

2013-08-14 17:46:52 605552 ----a-w- C:\Windows\System32\winload.exe

2013-08-14 17:46:52 566208 ----a-w- C:\Windows\System32\winresume.efi

2013-08-14 17:46:52 518672 ----a-w- C:\Windows\System32\winresume.exe

2013-08-14 17:46:52 19328 ----a-w- C:\Windows\System32\kd1394.dll

2013-08-14 17:46:52 17792 ----a-w- C:\Windows\System32\kdcom.dll

2013-08-14 17:46:51 20352 ----a-w- C:\Windows\System32\kdusb.dll

2013-08-14 17:46:29 751104 ----a-w- C:\Windows\System32\win32spl.dll

2013-08-14 17:46:29 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-08-14 17:46:06 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-08-14 17:45:13 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2013-08-14 17:45:12 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2013-08-14 17:45:11 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2013-08-14 17:45:11 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2013-08-14 17:45:11 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2013-08-14 17:04:00 68608 ----a-w- C:\Windows\System32\taskhost.exe

2013-08-14 16:54:35 294912 ----a-w- C:\Windows\System32\browserchoice.exe

2013-08-14 16:47:25 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll

2013-08-14 16:47:25 46080 ----a-w- C:\Windows\System32\atmlib.dll

2013-08-14 16:47:25 367616 ----a-w- C:\Windows\System32\atmfd.dll

2013-08-14 16:47:25 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2013-08-14 16:47:25 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2013-08-14 16:47:25 100864 ----a-w- C:\Windows\System32\fontsub.dll

2013-08-14 16:46:03 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2013-08-14 16:46:03 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2013-08-14 16:46:02 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2013-08-14 16:46:01 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2013-08-14 16:46:01 5120 ----a-w- C:\Windows\System32\wmi.dll

2013-08-13 22:48:59 -------- d-----w- C:\Users\Aaron\AppData\Local\Programs

2013-08-13 22:45:17 -------- d-----w- C:\Users\Aaron\AppData\Local\ArcSoft

2013-08-13 22:45:13 -------- d--h--w- C:\ProgramData\ArcSoft

2013-08-13 22:44:11 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll

2013-08-13 22:44:11 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll

2013-08-13 22:44:11 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll

2013-08-13 22:44:11 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll

2013-08-13 22:44:10 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe

2013-08-13 22:07:06 -------- d-----w- C:\Users\Aaron\AppData\Local\Facebook

2013-08-13 14:57:46 -------- d-----w- C:\Users\Aaron\AppData\Local\MediaMonkey

2013-08-13 14:57:37 -------- d-----w- C:\Users\Aaron\AppData\Roaming\MediaMonkey

2013-08-13 14:57:34 -------- d-----w- C:\ProgramData\MediaMonkey

2013-08-13 14:57:32 -------- d-----w- C:\Program Files (x86)\MediaMonkey

2013-08-13 14:53:05 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2013-08-13 14:52:55 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-08-13 14:44:15 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2013-08-13 14:44:05 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2013-08-13 14:44:00 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2013-08-12 21:26:04 -------- d-----w- C:\Users\Aaron\AppData\Roaming\uTorrent

2013-08-12 00:07:37 -------- d-----w- C:\ProgramData\Atheros

2013-08-11 21:06:39 -------- d-----w- C:\Users\Aaron\AppData\Roaming\Atheros

2013-08-11 21:05:55 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros

2013-08-11 21:05:47 -------- d-----w- C:\Program Files (x86)\Bluetooth Suite

2013-08-11 20:48:21 -------- d-----w- C:\Users\Aaron\AppData\Local\BMExplorer

2013-08-11 18:08:44 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll

2013-08-11 18:08:43 64512 ----a-w- C:\Windows\SysWow64\devobj.dll

2013-08-11 18:08:43 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll

2013-08-11 18:08:43 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe

2013-08-11 18:08:43 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll

2013-08-11 00:18:30 -------- d-----w- C:\Program Files\iTunes

2013-08-11 00:18:30 -------- d-----w- C:\Program Files\iPod

2013-08-11 00:18:30 -------- d-----w- C:\Program Files (x86)\iTunes

2013-08-11 00:17:38 -------- d-----w- C:\Users\Aaron\AppData\Local\Apple Computer

2013-08-11 00:15:28 83672 ----a-w- C:\Windows\System32\drivers\avnetflt.sys

2013-08-11 00:11:56 -------- d-----w- C:\Users\Aaron\AppData\Roaming\Avira

2013-08-11 00:07:08 -------- d-----w- C:\ProgramData\APN

2013-08-11 00:06:26 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys

2013-08-11 00:06:25 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2013-08-11 00:06:25 -------- d-----w- C:\ProgramData\Avira

2013-08-11 00:06:25 -------- d-----w- C:\Program Files (x86)\Avira

2013-08-10 23:38:51 -------- d-----w- C:\Program Files\Common Files\Sony Shared

2013-08-10 23:38:51 -------- d-----w- C:\Program Files (x86)\Common Files\Sony Shared

2013-08-10 23:27:02 14336 ----a-w- C:\Windows\System32\drivers\SFEP.sys

2013-08-10 23:23:59 74703 ----a-w- C:\Windows\SysWow64\mfc45.dll

2013-08-10 23:23:58 69000 ----a-w- C:\Windows\System32\offreg.dll

2013-08-10 23:23:58 21176 ----a-w- C:\Windows\System32\iolorgdf64.exe

2013-08-10 23:23:58 -------- d-----w- C:\Users\Aaron\AppData\Roaming\iolo

2013-08-10 23:23:58 -------- d-----w- C:\ProgramData\iolo

2013-08-10 23:05:12 -------- d-----w- C:\ProgramData\Synaptics

2013-08-10 22:50:05 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll

2013-08-10 22:46:33 -------- d-----w- C:\Program Files\Sony

2013-08-10 22:45:23 -------- d-----w- C:\Program Files (x86)\Sony

2013-08-10 22:28:21 -------- d-----w- C:\Windows\SysWow64\sda

2013-08-10 22:27:51 9888872 ----a-w- C:\Windows\SysWow64\RtsPStorIcon.dll

2013-08-10 22:27:51 339048 ----a-w- C:\Windows\System32\drivers\RtsPStor.sys

2013-08-10 22:25:11 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll

2013-08-10 22:25:09 787736 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys

2013-08-10 22:25:09 356120 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys

2013-08-10 22:25:09 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys

2013-08-10 22:21:01 15128 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll

2013-08-10 22:20:26 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent

2013-08-10 22:20:21 60184 ----a-w- C:\Windows\System32\drivers\HECIx64.sys

2013-08-10 22:09:21 -------- d-----w- C:\Program Files\Synaptics

2013-08-10 22:09:04 -------- d-----w- C:\ProgramData\Sony Corporation

2013-08-10 22:02:59 94208 ----a-w- C:\Windows\System32\IccLibDll_x64.dll

2013-08-10 22:02:59 9216 ----a-w- C:\Windows\System32\IGFXDEVLib.dll

2013-08-10 22:02:59 5886232 ----a-w- C:\Windows\System32\GfxUI.exe

2013-08-10 22:02:59 274200 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe

2013-08-10 21:33:01 -------- d-----w- C:\Windows\SysWow64\RTCOM

2013-08-10 21:33:01 -------- d-----w- C:\Program Files\Realtek

2013-08-10 21:16:40 -------- d-----w- C:\Users\Aaron\AppData\Local\Google

2013-08-10 21:16:27 -------- d-----w- C:\Users\Aaron\AppData\Local\Deployment

2013-08-10 21:16:27 -------- d-----w- C:\Users\Aaron\AppData\Local\Apps

2013-08-10 19:49:50 -------- d-----w- C:\Windows\Panther

2013-08-10 17:50:57 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2013-08-10 17:50:52 99840 ----a-w- C:\Windows\System32\wudriver.dll

2013-08-10 17:50:49 36864 ----a-w- C:\Windows\System32\wuapp.exe

2013-08-10 17:50:49 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2013-08-10 17:47:05 2807808 ----a-w- C:\Windows\System32\drivers\athrx.sys

2013-08-10 17:47:05 -------- d-----w- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation

2013-08-10 17:45:49 -------- d-sh--w- C:\Windows\Installer

2013-08-10 17:45:26 -------- d-----w- C:\ProgramData\Qualcomm Atheros

2013-08-10 17:37:02 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll

2013-08-10 17:37:02 675432 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys

2013-08-10 17:37:02 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll

2013-08-10 17:27:54 -------- d-----w- C:\Users\Aaron\AppData\Local\Diagnostics

.

==================== Find3M  ====================

.

2013-08-14 16:59:22 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll

2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll

2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll

2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll

2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll

2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll

2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll

2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

.

============= FINISH: 18:11:49.42 ===============

 

 

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 10/08/2013 18:26:02

System Uptime: 17/08/2013 16:42:32 (2 hours ago)

.

Motherboard: Sony Corporation |  | VAIO

Processor: Intel® Core i5-3210M CPU @ 2.50GHz | N/A | 1175/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 298 GiB total, 261.725 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP5: 10/08/2013 23:45:12 - Installed ISB Utility

RP6: 10/08/2013 23:45:36 - Installed VAIO Control Center

RP7: 10/08/2013 23:46:18 - Installed VAIO Power Management

RP8: 11/08/2013 00:22:10 - Installed VAIO Care.

RP9: 11/08/2013 00:38:38 - Installed Sony Shared Library

RP10: 11/08/2013 01:13:11 - Installed iTunes

RP11: 11/08/2013 01:16:34 - Installed Apple Application Support

RP12: 11/08/2013 01:17:18 - Removed iTunes

RP13: 11/08/2013 01:18:12 - Installed iTunes

RP14: 13/08/2013 00:48:00 - Windows Update

RP15: 13/08/2013 15:42:30 - Windows Update

RP16: 13/08/2013 15:52:19 - Installed iTunes

RP17: 13/08/2013 23:44:13 - Installed WebCam Companion

RP18: 13/08/2013 23:49:01 - Installed WebCam Companion

RP19: 14/08/2013 17:43:08 - Windows Update

RP20: 15/08/2013 12:37:07 - Windows Update

RP21: 16/08/2013 02:14:32 - Windows Update

.

==== Installed Programs ======================

.

Apple Application Support

ArcSoft WebCam Companion 4

Avira Free Antivirus

DefaultTab

Facebook Video Calling 1.2.0.287

Google Chrome

Google Update Helper

Intel® Management Engine Components

Intel® OpenCL CPU Runtime

Intel® Processor Graphics

Intel® USB 3.0 eXtensible Host Controller Driver

Intel® Trusted Connect Service Client

iTunes

KUx86

Malwarebytes Anti-Malware version 1.75.0.1300

MediaMonkey 4.0

Microsoft .NET Framework 4.5

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Realtek High Definition Audio Driver

Realtek PCIE Card Reader

Security Update for Microsoft .NET Framework 4.5 (KB2737083)

Security Update for Microsoft .NET Framework 4.5 (KB2742613)

Security Update for Microsoft .NET Framework 4.5 (KB2789648)

Security Update for Microsoft .NET Framework 4.5 (KB2804582)

Security Update for Microsoft .NET Framework 4.5 (KB2833957)

Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)

SSLx64

SSLx86

Synaptics Pointing Device Driver

VAIO Care

VAIO Control Center

VCCx64

VCCx86

VPMx64

Windows Driver Package - Realtek (RTL8167) Net  (01/16/2012 7.051.0116.2012)

Windows Driver Package - Sony Corporation (SFEP) HIDClass  (11/15/2011 8.0.2.3)

WinRAR 4.20 (32-bit)

.

==== Event Viewer Messages From Past Week ========

.

16/08/2013 19:53:14, Error: Service Control Manager [7023]  - 

16/08/2013 19:52:29, Error: Service Control Manager [7034]  - The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).

16/08/2013 19:52:21, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.

16/08/2013 19:52:21, Error: Service Control Manager [7000]  - The Computer Backup (MyPC Backup) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

16/08/2013 19:49:56, Error: Service Control Manager [7031]  - The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

16/08/2013 01:49:28, Error: Service Control Manager [7030]  - The DefaultTabSearch service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2798162).

15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2676562).

15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2585542).

15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2536276).

15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2479943).

15/08/2013 13:00:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2840631).

15/08/2013 12:30:05, Error: Service Control Manager [7000]  - The Intel® Management and Security Application Local Management Service service failed to start due to the following error:  The pipe has been ended.

15/08/2013 12:29:58, Error: Service Control Manager [7000]  - The VAIO Event Service service failed to start due to the following error:  The pipe has been ended.

15/08/2013 12:29:55, Error: Service Control Manager [7031]  - The VAIO Event Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 3000 milliseconds: Restart the service.

15/08/2013 12:29:55, Error: Service Control Manager [7031]  - The Intel® Management and Security Application Local Management Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

15/08/2013 12:29:54, Error: Service Control Manager [7034]  - The VCService service terminated unexpectedly.  It has done this 1 time(s).

15/08/2013 12:29:54, Error: Service Control Manager [7034]  - The Avira Scheduler service terminated unexpectedly.  It has done this 3 time(s).

15/08/2013 12:29:54, Error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 3 time(s).

15/08/2013 12:29:50, Error: Service Control Manager [7034]  - The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).

15/08/2013 12:29:41, Error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

15/08/2013 12:29:40, Error: Service Control Manager [7031]  - The VAIO Event Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 3000 milliseconds: Restart the service.

15/08/2013 12:29:39, Error: Service Control Manager [7031]  - The Avira Scheduler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

15/08/2013 12:29:38, Error: Service Control Manager [7034]  - The Ask Update Service service terminated unexpectedly.  It has done this 1 time(s).

15/08/2013 12:29:38, Error: Service Control Manager [7031]  - The Microsoft .NET Framework NGEN v4.0.30319_X86 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

14/08/2013 20:05:43, Error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

14/08/2013 20:05:39, Error: Service Control Manager [7031]  - The Avira Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

14/08/2013 20:05:23, Error: Service Control Manager [7043]  - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.

14/08/2013 18:36:56, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356).

14/08/2013 18:19:04, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2789645).

14/08/2013 18:18:16, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2846071).

14/08/2013 18:18:04, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2830290).

14/08/2013 18:17:52, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2560656).

14/08/2013 18:16:42, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2756921).

14/08/2013 18:16:25, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2620704).

14/08/2013 18:16:14, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2533552).

14/08/2013 18:16:01, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2813347).

14/08/2013 18:15:48, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2845690).

14/08/2013 18:14:48, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2779562).

14/08/2013 18:14:23, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2479943).

14/08/2013 18:14:11, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2840631).

14/08/2013 18:13:59, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2631813).

14/08/2013 18:13:47, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2798162).

14/08/2013 18:11:12, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2536276).

14/08/2013 18:10:59, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2585542).

14/08/2013 18:09:52, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2840149).

14/08/2013 18:09:43, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2570947).

14/08/2013 18:09:16, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2676562).

14/08/2013 18:09:05, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2847927).

14/08/2013 17:56:53, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2506212).

14/08/2013 17:55:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2691442).

14/08/2013 17:55:34, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2807986).

14/08/2013 17:55:28, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2667402).

14/08/2013 17:55:22, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2655992).

14/08/2013 17:50:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2757638).

14/08/2013 17:50:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2509553).

14/08/2013 17:50:30, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2758857).

14/08/2013 17:50:21, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2845187).

14/08/2013 17:50:21, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2770660).

14/08/2013 17:50:16, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2749655).

14/08/2013 17:50:16, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2785220).

14/08/2013 17:50:12, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2790113).

14/08/2013 17:50:12, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2604115).

14/08/2013 17:49:58, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2536275).

14/08/2013 17:49:07, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2579686).

14/08/2013 17:49:02, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2685939).

14/08/2013 17:47:48, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2729452).

14/08/2013 17:47:28, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2645640).

14/08/2013 17:47:28, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2742599).

14/08/2013 17:47:12, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2743555).

14/08/2013 17:47:12, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2690533).

14/08/2013 17:47:04, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2833946).

14/08/2013 17:46:51, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2727528).

14/08/2013 17:46:51, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2706045).

14/08/2013 17:46:46, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2506014).

14/08/2013 17:46:46, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2839894).

14/08/2013 17:46:39, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2850851).

14/08/2013 17:46:39, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2804579).

14/08/2013 17:46:34, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2786081).

14/08/2013 17:46:30, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2835364).

14/08/2013 17:46:30, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2532531).

14/08/2013 17:46:02, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2705219).

14/08/2013 17:45:48, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2544893).

14/08/2013 17:45:48, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2491683).

14/08/2013 17:45:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2813430).

14/08/2013 17:45:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2654428).

14/08/2013 17:45:24, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2712808).

14/08/2013 17:45:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2564958).

14/08/2013 17:45:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2511455).

14/08/2013 17:45:09, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2813170).

14/08/2013 17:45:09, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2619339).

14/08/2013 17:45:03, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2832414).

14/08/2013 17:44:54, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2834886).

14/08/2013 17:44:49, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2835361).

14/08/2013 17:44:44, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2698365).

14/08/2013 17:44:30, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2736422).

14/08/2013 17:44:17, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2644615).

14/08/2013 17:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2584146).

13/08/2013 15:43:49, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2621440).

10/08/2013 23:05:05, Error: Service Control Manager [7023]  - The Intel® Content Protection HECI Service service terminated with the following error:  %%-2147024637

10/08/2013 11:53:38, Error: Service Control Manager [7023]  - The Windows Update service terminated with the following error:  %%-2147467243

.

==== End Of File ===========================

 

 

[Maniac]

Hello Aaronrussell13 and ! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

What kind of malware? What exactly is your problem?

[Aaronrussell13]

On resuming windows Mypcback had installed along with "Search Results" new tab in google chrome.

 

malwarebytes just returned this log

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.08.17.03

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16660

Aaron :: VAIO [administrator]

 

17/08/2013 17:55:01

MBAM-log-2013-08-17 (18-27-27).txt

 

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 317139

Time elapsed: 31 minute(s), 58 second(s)

 

Memory Processes Detected: 1

C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab) -> 1984 -> No action taken.

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 10

HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.

HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab) -> No action taken.

HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab) -> No action taken.

HKCR\DefaultTabBHO.DefaultTabBrowser.1 (PUP.Optional.DefaultTab) -> No action taken.

HKCR\DefaultTabBHO.DefaultTabBrowser (PUP.Optional.DefaultTab) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.

HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabSearch (PUP.Optional.DefaultTab) -> No action taken.

HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab) -> No action taken.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 1

C:\Program Files (x86)\DefaultTab (PUP.Optional.DefaultTab) -> No action taken.

 

Files Detected: 11

C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (PUP.Optional.DefaultTab) -> No action taken.

C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e81 (PUP.Optional.Amonetize) -> No action taken.

C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe (PUP.Optional.DefaultTab) -> No action taken.

C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe (PUP.Optional.DefaultTab) -> No action taken.

C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll (PUP.Optional.DefaultTab) -> No action taken.

C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll (PUP.Optional.DefaultTab) -> No action taken.

C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\update.exe (PUP.Optional.DefaultTab) -> No action taken.

C:\Program Files (x86)\DefaultTab\DefaultTab.crx (PUP.Optional.DefaultTab) -> No action taken.

C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe (PUP.Optional.DefaultTab) -> No action taken.

C:\Program Files (x86)\DefaultTab\uid (PUP.Optional.DefaultTab) -> No action taken.

C:\Users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab) -> No action taken.

 

(end)

 

 

should i remove these files in malwarebytes?

[Maniac]

Not right now, but will take care at the last step.

Step 1

Please uninstall this application: DefaultTab

Step 2

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Step 3

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click on Delete.
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[s1].txt as well.

Step 4

• Launch Malwarebytes' Anti-Malware
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

• Junkware Removal Tool log
• AdwCleaner log
• Malwarebytes' Anti-Malware log

[Aaronrussell13]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.4.7 (08.17.2013:1)

OS: Windows 7 Home Premium x64

Ran by Aaron on 17/08/2013 at 18:42:56.64

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

Successfully stopped: [service] defaulttabsearch 

Successfully deleted: [service] defaulttabsearch 

Successfully stopped: [service] defaulttabupdate 

Successfully deleted: [service] defaulttabupdate 

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\defaulttab

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\defaulttab

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\defaulttab

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\defaulttabbho.defaulttabbrowser

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\defaulttabbho.defaulttabbrowser.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\defaulttabbho.defaulttabbrowseractivex

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\defaulttabbho.defaulttabbrowseractivex.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\apn"

Successfully deleted: [Folder] "C:\Users\Aaron\AppData\Roaming\defaulttab"

Successfully deleted: [Folder] "C:\Program Files (x86)\defaulttab"

Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"

 

 

 

~~~ Chrome

 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 17/08/2013 at 18:47:30.55

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

# AdwCleaner v2.306 - Logfile created 08/17/2013 at 18:48:10

# Updated 19/07/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Aaron - VAIO

# Boot Mode : Normal

# Running from : C:\Users\Aaron\Downloads\AdwCleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Folder Deleted : C:\Users\Aaron\AppData\Local\Temp\APN

 

***** [Registry] *****

 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v10.0.9200.16660

 

[OK] Registry is clean.

 

-\\ Google Chrome v28.0.1500.95

 

File : C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[s1].txt - [316 octets] - [17/08/2013 18:46:59]

AdwCleaner[s2].txt - [998 octets] - [17/08/2013 18:48:10]

 

########## EOF - C:\AdwCleaner[s2].txt - [1057 octets] ##########

 

 

MBAM returned no malicious items

[Maniac]

So everything is fine there?

[AdvancedSetup]

User already being helped from his first post.

http://forums.malwarebytes.org/index.php?showtopic=131259

 

Closing this one

[AdvancedSetup]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.