Jump to content

Keres

Members
 View Profile  See their activity

  • Posts

    8

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Keres
    I got ill earlier this AM and was unable to get the log for you. I'll try to see if I can get it tomorrow but it's possible I won't have results until Monday.
  2. Keres
    I ran ComboFix but lost connection to the computer while I was AFK and cannot reconnect. I won't be able to post results until tomorrow.
  3. Keres
    I ran the Fixdamage and it seems that Windows Firewall is now functioning. Do I still need to run the ComboFix?
  4. Keres
    Agh! I'll do that in the AM, getting too tired to read things clearly. Prior technical snafus have taught me to walk away when I'm missing steps. Thanks again for speedy responses tonight!
  5. Keres
    Scan completed: "Congratulations, no cleanup is required!"
  6. Keres
    Created a restore point. Ran Malware Anti-Rootkit but got a prompt before the program did anything: Shall I hit No for now and report with any failures? Also I'm doing this via TeamViewer so I won't be able to post further updates if a reboot is required until tomorrow AM (10:15pm EST here)
  7. Keres
    Hi Mr C Thanks for a speedy response! Ran RougeKiller and found the following: -------------- RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Administrator [Admin rights] Mode : Scan -- Date : 04/03/2013 21:53:30 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3250820A ATA Device +++++ --- User --- [MBR] f46b83a7ee0ae3a9fd7b34ddc2a934a5 [bSP] 31520a15375358288b6044088b4ba550 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 238473 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_04032013_02d2153.txt >> RKreport[1]_S_04032013_02d2153.txt
  8. Keres
    This is gonna be a lengthy post, apologies in advance. Coloring my text blue for easy reading in between the logs. I removed a rootkit infection via Malware Anti-Malware 1.62.0.1300 on July 24, 2012 on my friend's computer. ----- Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.24.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Kate :: MARJORIE-PC [administrator] 7/24/2012 1:52:08 PM mbam-log-2012-07-24 (13-52-08).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 471533 Time elapsed: 1 hour(s), 22 minute(s), 14 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\Qoobox\Quarantine\C\Windows\assembly\GAC_32\Desktop.ini.vir (Trojan.0access) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Windows\System32\Services.exe.vir (Rootkit.0Access) -> Quarantined and deleted successfully. (end) ---- Post scans showed no other infections at that time. Downloaded and installed MSE, updated definitions. Window Updater was scheduled to run few days later and I had to go out of town. I've returned to my friend's PC yesterday (4/2/2013) and Windows Updater failed to run all the time to now since the infection. After lengthy research, I had to enable the Win 7 default Administrator account due to all local users were labeled as Adminstrators but not officially (Standard) since I couldn't promote them (Still can't even now). I also found out that the BITS service was not in the services list so I manually added it (followed these steps: http://answers.micro...7b-f97e9436e529) I was able to update the PC to current state via Windows Update but event viewer is indicating that it did not. I wanted to run by here just to make sure I wasn't paranoid. I've ran MSE scan, clean. Downloaded Malware again and ran it, clean. Ran MS online scanner, clean. Also to mention, Windows Firewall isn't working and the MS Firewall Diagnostic failed to fix it - (service error 5)(http://support.micro...all_diagnostic/) ------- DDS log DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16470 Run by Administrator at 20:28:22 on 2013-04-03 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2048.823 [GMT -4:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Windows\SOUNDMAN.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe c:\windows\system32\svchost.exe -k netsvcs c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\System32\msdtc.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Bar = hxxp://www.google.com/ie uSearch Page = hxxp://www.google.com uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s mSearchAssistant = hxxp://www.google.com/ie BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\Real\RealPlayer\rpbrowserrecordplugin.dll BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned> BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [bingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} Trusted Zone: dell.com DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://etr.webex.com/client/T27LC/event/ieatgpc1.cab TCP: NameServer = 192.168.2.1 TCP: Interfaces\{123C0BEA-93A3-4E12-8CB5-EAEEBC79D7C8} : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{123C0BEA-93A3-4E12-8CB5-EAEEBC79D7C8}\33330363738303134383 : DHCPNameServer = 192.168.4.1 TCP: Interfaces\{B86895F7-3BF4-4F4A-B000-952984B74D27} : DHCPNameServer = 192.168.2.1 AppInit_DLLs= C:\PROGRA~2\Google\GOOGLE~3\GoogleDesktopNetwork3.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [soundMan] SOUNDMAN.EXE x64-Run: [PC MightyMax 2011 Tray Icon] "C:\Program Files (x86)\PC MightyMax 2012\TrayIcon.exe" x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\sdpsqhue.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-3-22 168536] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 130008] R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-4-3 3560288] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856] S3 hitmanpro36;Hitman Pro 3.5 Support Driver;C:\Windows\System32\drivers\hitmanpro36.sys [2012-7-24 30496] S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr28x.sys [2009-6-10 620544] S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;C:\Windows\System32\drivers\netr7364.sys [2009-6-10 707072] S3 rt61x64;Linksys Wireless-G PCI Adapter Driver;C:\Windows\System32\drivers\WMP54Gv41x64.sys [2010-4-7 446304] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-22 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-2-24 1255736] S4 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\RALINK\Common\RalinkRegistryWriter.exe [2010-2-15 69632] . =============== Created Last 30 ================ . 2013-04-03 19:57:39 -------- d-----w- C:\Program Files (x86)\TeamViewer 2013-04-03 19:06:06 -------- d-----w- C:\Users\Administrator\AppData\Local\ElevatedDiagnostics 2013-04-03 18:32:45 9311288 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{46A5D5AB-DB6B-424B-AA9C-699B888AC235}\mpengine.dll 2013-04-03 18:32:35 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Malwarebytes 2013-04-03 18:32:27 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-04-03 18:32:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-04-03 18:31:45 -------- d-----w- C:\Users\Administrator\AppData\Local\Programs 2013-04-03 18:30:14 92184 ----a-w- C:\ProgramData\Microsoft\BingDesktop\Updater\BingDesktopRestarter.exe 2013-04-03 17:58:39 -------- d-----w- C:\Program Files (x86)\Microsoft 2013-04-03 17:55:45 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center 2013-04-03 17:43:39 -------- d-----w- C:\Users\Administrator\AppData\Local\Apps 2013-04-03 17:43:36 -------- d-----w- C:\Users\Administrator\AppData\Local\Deployment 2013-04-03 17:42:06 -------- d-----w- C:\Users\Administrator\AppData\Local\Macromedia 2013-04-03 16:55:28 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2013-04-03 16:55:28 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-04-03 16:55:28 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2013-04-03 16:55:28 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2013-04-03 16:54:28 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-04-03 16:54:28 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-04-03 14:59:49 501760 ----a-w- C:\Windows\System32\ZSHP1020.EXE 2013-04-03 14:59:48 192512 ----a-w- C:\Windows\System32\ZLhp1020.DLL 2013-04-03 14:58:07 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-03 14:57:47 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys 2013-04-03 14:57:47 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys 2013-04-03 14:57:24 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-04-03 14:57:24 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-04-03 14:57:21 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-04-03 14:56:41 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-04-03 14:56:30 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-04-03 14:56:25 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-04-03 14:56:24 750592 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-03 14:55:58 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-04-03 14:55:52 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll 2013-04-03 14:55:52 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll 2013-04-03 14:55:47 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll 2013-04-03 14:55:47 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll 2013-04-03 14:36:07 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{34641693-8CD4-4A1F-B073-A7C08270D3FA}\gapaengine.dll 2013-04-03 14:35:48 9311288 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-04-03 14:19:17 -------- d-----w- C:\Windows\TempAE386D92-DBA6-A0AC-8F3F-917D784CFFBF-Signatures 2013-04-03 14:14:17 46080 ----a-w- C:\Windows\System32\atmlib.dll 2013-04-03 14:14:17 367616 ----a-w- C:\Windows\System32\atmfd.dll 2013-04-03 14:14:17 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2013-04-03 14:14:16 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2013-04-03 14:12:44 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2013-04-03 14:12:44 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2013-04-03 14:12:41 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2013-04-03 14:12:41 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2013-04-03 14:12:40 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2013-04-03 14:12:40 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2013-04-03 14:12:39 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2013-04-03 14:02:13 46592 ----a-w- C:\Windows\System32\fpb.rs 2013-04-03 14:01:33 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2013-04-03 13:58:08 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-04-03 13:58:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-04-03 13:58:06 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-04-03 13:58:05 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-04-03 13:58:05 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-04-03 13:58:02 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-04-03 13:57:51 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe 2013-04-03 13:57:46 800768 ----a-w- C:\Windows\System32\usp10.dll 2013-04-03 13:57:46 626688 ----a-w- C:\Windows\SysWow64\usp10.dll 2013-04-03 13:50:47 956928 ----a-w- C:\Windows\System32\localspl.dll 2013-04-03 13:44:05 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-04-03 13:44:04 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-04-03 13:44:04 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-04-03 13:44:03 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-04-03 13:44:03 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2013-04-03 13:44:03 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-04-03 13:42:49 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2013-04-03 13:42:48 67072 ----a-w- C:\Windows\splwow64.exe 2013-04-03 13:34:22 -------- d-----w- C:\Users\Administrator\AppData\Local\Mozilla 2013-03-22 20:00:02 5664768 ----a-w- C:\ProgramData\Microsoft\BingDesktop\Updater\BingDesktop.msi 2013-03-07 18:52:07 -------- d-----w- C:\ProgramData\Ask . ==================== Find3M ==================== . 2013-04-02 10:34:28 282744 ------w- C:\Windows\System32\MpSigStub.exe 2013-03-13 16:31:40 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 16:31:40 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-29 22:15:06 862664 ----a-w- C:\Windows\SysWow64\msvcr110.dll 2013-01-29 22:15:06 828872 ----a-w- C:\Windows\System32\msvcr110.dll 2013-01-29 22:15:06 661448 ----a-w- C:\Windows\System32\msvcp110.dll 2013-01-29 22:15:06 534480 ----a-w- C:\Windows\SysWow64\msvcp110.dll 2013-01-29 22:15:06 354264 ----a-w- C:\Windows\System32\vccorlib110.dll 2013-01-29 22:15:06 251864 ----a-w- C:\Windows\SysWow64\vccorlib110.dll 2013-01-29 22:15:04 50800 ----a-w- C:\Windows\System32\drivers\point64.sys 2013-01-29 22:15:04 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll 2013-01-24 14:32:08 2177648 ----a-w- C:\Windows\System32\coin93.dll 2013-01-20 19:59:04 230320 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2013-01-20 19:59:04 130008 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll . ============= FINISH: 20:29:32.42 =============== ------ attach log . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2/15/2010 1:54:10 PM System Uptime: 4/3/2013 4:12:47 PM (4 hours ago) . Motherboard: ASUSTeK Computer INC. | | A8N-E Processor: AMD Athlon™ 64 X2 Dual Core Processor 4400+ | Socket 939 | 2200/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 233 GiB total, 135.964 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Linksys Wireless-G PCI Adapter Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_00551737&REV_00\4&22A608F1&0&3048 Manufacturer: Linksys, A Division of Cisco Systems, Inc. Name: Linksys Wireless-G PCI Adapter PNP Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_00551737&REV_00\4&22A608F1&0&3048 Service: rt61x64 . Class GUID: Description: Device ID: ACPI\PNPB006\3&2411E6FE&1 Manufacturer: Name: PNP Device ID: ACPI\PNPB006\3&2411E6FE&1 Service: . Class GUID: Description: Device ID: ACPI\PNPB02F\3&2411E6FE&1 Manufacturer: Name: PNP Device ID: ACPI\PNPB02F\3&2411E6FE&1 Service: . ==== System Restore Points =================== . RP421: 3/14/2013 12:28:36 PM - Scheduled Checkpoint RP422: 4/2/2013 4:36:30 PM - Scheduled Checkpoint RP423: 4/3/2013 10:04:06 AM - Windows Update RP424: 4/3/2013 10:58:41 AM - Windows Update RP425: 4/3/2013 12:51:43 PM - Windows Update RP426: 4/3/2013 1:44:51 PM - Windows Update RP427: 4/3/2013 3:08:46 PM - Installed Microsoft Fix it 50884 RP428: 4/3/2013 3:33:12 PM - Windows Update RP429: 4/3/2013 3:47:43 PM - Installed Microsoft Fix it 50884 . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.1 ATI Catalyst Install Manager Avery Wizard 4.0 Bing Desktop Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center HydraVision Full Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Dell System Detect Google Drive Google Toolbar for Internet Explorer Google Update Helper HP Product Detection Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4.5 Microsoft Application Error Reporting Microsoft Easy Assist v2 Microsoft Mouse and Keyboard Center Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Live Meeting 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 19.0.2 (x86 en-US) Mozilla Maintenance Service Ralink Wireless LAN RealPlayer Realtek AC'97 Audio Security Update for Microsoft .NET Framework 4.5 (KB2737083) Security Update for Microsoft .NET Framework 4.5 (KB2742613) Security Update for Microsoft .NET Framework 4.5 (KB2789648) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Skins TeamViewer 8 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4.5 (KB2750147) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) WebEx . ==== Event Viewer Messages From Past Week ======== . 4/3/2013 7:56:58 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied.. 4/3/2013 4:14:37 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 4/3/2013 4:13:40 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom 4/3/2013 2:17:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Update for Windows 7 for x64-based Systems (KB2709981). 4/3/2013 2:17:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Platform Update for Windows 7 x64-Edition (KB2670838). 4/3/2013 2:17:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Update for Windows 7 for x64-based Systems (KB2592687). 4/3/2013 2:14:50 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Update Rollup for ActiveX Killbits for Windows 7 for x64-based Systems (KB2736233). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Update for Windows 7 for x64-based Systems (KB2779562). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Update for Windows 7 for x64-based Systems (KB2763523). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Update for Windows 7 for x64-based Systems (KB2750841). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Update for Windows 7 for x64-based Systems (KB2739159). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Update for Windows 7 for x64-based Systems (KB2719857). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Update for Kernel-Mode Driver Framework version 1.11 for Windows 7 for x64-based Systems (KB2685811). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Security Update for Windows 7 for x64-based Systems (KB2799494). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Security Update for Windows 7 for x64-based Systems (KB2778344). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Security Update for Windows 7 for x64-based Systems (KB2769369). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Security Update for Windows 7 for x64-based Systems (KB2757638). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2789645). 4/3/2013 12:22:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2797052). 4/3/2013 11:06:16 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070652: Update for Microsoft Office 2007 suites (KB2596660). 4/3/2013 10:35:26 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.833.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80248008 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 4/3/2013 10:35:26 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.833.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80248008 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Windows Malicious Software Removal Tool x64 - March 2013 (KB890830). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update Rollup for ActiveX Killbits for Windows 7 for x64-based Systems (KB2736233). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update for Windows 7 for x64-based Systems (KB2779562). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update for Windows 7 for x64-based Systems (KB2763523). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update for Windows 7 for x64-based Systems (KB2750841). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update for Windows 7 for x64-based Systems (KB2739159). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update for Windows 7 for x64-based Systems (KB2719857). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update for Microsoft Office 2007 suites (KB2687493). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update for Microsoft Office 2007 suites (KB2596802). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update for Microsoft Office 2007 suites (KB2596660). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update for Microsoft Office 2007 suites (KB2596620). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Update for Kernel-Mode Driver Framework version 1.11 for Windows 7 for x64-based Systems (KB2685811). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Windows 7 for x64-based Systems (KB2807986). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Windows 7 for x64-based Systems (KB2799494). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Windows 7 for x64-based Systems (KB2778344). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Windows 7 for x64-based Systems (KB2769369). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Windows 7 for x64-based Systems (KB2757638). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Microsoft Office 2007 suites (KB2687499). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Microsoft Office 2007 suites (KB2687311). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2789642). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2742595). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2737019). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2789645). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2756921). 4/3/2013 10:35:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80248007: Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2797052). 4/2/2013 8:58:31 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.833.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 4/2/2013 8:58:31 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.833.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 4/2/2013 4:13:16 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.833.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 4/2/2013 4:13:16 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.833.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 4/2/2013 3:57:16 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.833.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 4/2/2013 3:57:16 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.833.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 4/1/2013 8:31:27 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.410.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 4/1/2013 8:31:27 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.410.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 3/29/2013 8:34:47 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.410.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 3/29/2013 8:34:47 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.410.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 3/28/2013 8:57:50 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.410.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 3/28/2013 8:57:50 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.410.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 3/27/2013 8:47:32 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.410.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 3/27/2013 8:47:32 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.410.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x80240022 Error description: The program can't check for definition updates. . ==== End Of File =========================== Thanks again for taking the time to review all this and I don't know if its actually win 7 issues or malingering effects of a rootkit that could be also easily fixed overall than individual components. DDS.txt attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.