Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

User Tag List

Can't remove ROOTKIT virus on Win7

This is a discussion on Can't remove ROOTKIT virus on Win7 within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. Hello, remove them with that programm. I have Normally i use mac OS Snow Leopard, but I have also Win7.


 
 
Thread Tools Search this Thread
Old 06-23-2013, 05:18 AM   #1
Registered Member
 
Join Date: Jun 2013
Posts: 5
OS: Win 7, Snow Leopard



Hello, remove them with that programm. I have

Normally i use mac OS Snow Leopard, but I have also Win7. My mac started to be unusually slow and now I can't type or click. I ran Avast and he found infected files only on Win7. I tried to remove them, but i couldn't and I also couldn't move them to the chest file and than i ran the same antivirus on Win7 and when I tried to delete them, it said "access denied". It is a virus ROOTKIT. Than i ran also ComboFix but i don't know how to remove it.
I uploaded the informations that i have from ComboFix. Can someone help me? :) Thanx!
Attached Files
File Type: txt ComboFix.txt (11.7 KB, 84 views)
Mimy_88 is offline  
Sponsored Links
Advertisement
 
Old 06-24-2013, 04:40 AM   #2
Security Team
Analyst
 
Join Date: Feb 2011
Location: USA
Posts: 2,322
OS: Vista and Ubuntu



Hi and Welcome!!

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
  • Please be sure to subscribe to the topic if you have not already done so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.


Having said that.... Let's get going!!
----------

Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.
  • Disable any antivirus programs during the scan (If you have difficulty properly disabling your protective programs, refer to this link here )
  • Double click dds to run the tool.
  • When done, two DDS.txt's will open.
  • Save both reports to your desktop.
---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt

Attach.txt
----------

AdwCleaner

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
----------

Also...could you just copy/paste the contents of the ComboFix log that you attached earlier so I can get a look at that as well? I am having trouble downloading it for some reason.
jeffce is offline  
Old 06-24-2013, 11:36 AM   #3
Registered Member
 
Join Date: Jun 2013
Posts: 5
OS: Win 7, Snow Leopard



Hello!

thanx for replying! :) I did everything you said and now i have 2logs from dds and one from adwCleaner. Should I all of the as well copy/paste, or attach?
Mimy_88 is offline  
Sponsored Links
Advertisement
 
Old 06-24-2013, 11:37 AM   #4
Registered Member
 
Join Date: Jun 2013
Posts: 5
OS: Win 7, Snow Leopard



COMBOFIX LOG:

ComboFix 13-06-21.01 - petar 23.06.2013 13:24:16.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1251.381.1033.18.2016.880 [GMT 2:00]
Running from: c:\users\petar\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-05-23 to 2013-06-23 )))))))))))))))))))))))))))))))
.
.
2013-06-23 11:37 . 2013-06-23 11:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-23 08:10 . 2013-06-23 08:10 -------- d-----w- c:\windows\system32\Wat
2013-06-22 22:46 . 2013-06-22 22:46 -------- d-----w- C:\found.000
2013-06-22 22:25 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-06-22 22:25 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-06-22 22:25 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-06-22 22:25 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-06-22 22:24 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2013-06-22 22:24 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2013-06-22 22:24 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-06-22 22:24 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-06-22 22:24 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-06-22 22:05 . 2013-05-09 08:59 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-06-22 22:05 . 2013-05-09 08:59 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-22 22:05 . 2013-05-09 08:59 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-06-22 22:05 . 2013-05-09 08:59 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-06-22 22:04 . 2013-05-09 08:59 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-22 22:04 . 2013-06-22 22:03 740840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{030840C5-70E4-4F82-8B4D-B361E49560DA}\gapaengine.dll
2013-06-22 22:04 . 2013-05-09 08:59 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-22 22:04 . 2013-05-09 08:59 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-22 22:04 . 2013-05-09 08:59 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-22 22:04 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-06-22 22:04 . 2013-06-11 19:18 7068072 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{39773F36-5637-4F36-A7AA-DD10DD15F089}\mpengine.dll
2013-06-22 22:02 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-06-22 22:02 . 2013-04-30 08:51 35088 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-06-22 22:01 . 2013-06-22 22:01 -------- d-----w- c:\program files\AVAST Software
2013-06-22 22:00 . 2013-06-22 22:01 -------- d-----w- c:\programdata\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-02 15:28 . 2009-12-15 12:07 238872 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-15 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apple_KbdMgr"="c:\program files\Boot Camp\Bootcamp.exe" [2009-07-22 431408]
"MMTray"="MMTray.exe" [2001-11-09 53248]
"DVD or CD Sharing"="c:\program files\DVD or CD Sharing\ODSAgent.exe" [2009-07-22 460088]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-22 442433]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NoIE4StubProcessing"="c:\windows\system32\reg.exe DELETE HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" [X]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 16:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-04-02 15:11 342312 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-04-16 12:36 24264488 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-12-15 12:13 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
R1 MpKsl95b08a0a;MpKsl95b08a0a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{914D1613-9134-41EF-921B-7DA04ACE54FB}\MpKsl95b08a0a.sys [x]
R2 EsetNod32Fix;Nod32 AV;%WINDIR%\regedit.exe [x]
R3 BthKicker;Apple Bluetooth Device Driver;c:\windows\system32\DRIVERS\BthKicker.sys [2009-07-22 7424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-08-19 100736]
R3 iSightUpdate;iSight Update Driver;c:\windows\system32\DRIVERS\iSightUP.sys [2009-07-22 17664]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-06-23 1343400]
S0 AppleHFS;AppleHFS; [x]
S0 AppleMNT;AppleMNT; [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AppleOSSMgr;Apple OS Switch Manager;c:\windows\system32\AppleOSSMgr.exe [2009-07-22 136496]
S2 AppleTimeSrv;Apple Time Service;c:\windows\system32\AppleTimeSrv.exe [2009-07-22 99632]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
S2 KeyAgent;KeyAgent;c:\windows\system32\drivers\KeyAgent.sys [2009-07-22 5760]
S2 MacHALDriver;Mac HAL;c:\windows\system32\drivers\MacHALDriver.sys [2009-07-22 8576]
S3 aapltctp;Apple Trackpad Enabler;c:\windows\system32\DRIVERS\aapltctp.sys [2009-07-22 4224]
S3 aapltp;Apple Trackpad;c:\windows\system32\DRIVERS\aapltp.sys [2009-07-22 33280]
S3 applebt;Apple Built-in Bluetooth;c:\windows\system32\DRIVERS\applebt.sys [2009-07-22 9088]
S3 IRRemoteFlt;IR Receiver Filter Driver;c:\windows\system32\DRIVERS\IRFilter.sys [2009-07-22 16512]
S3 KeyMagic;USB Keyboard HID Filter;c:\windows\system32\DRIVERS\KeyMagic.sys [2009-07-22 23552]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-22 22:07 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-09 00:21]
.
2013-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-09 00:21]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.10.0.1 10.10.0.1
DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} - hxxps://online.bancaintesabeograd.com/RetailDLL/SGCMSCCD.DLL
DPF: {A7C346A3-B076-46B3-97F0-D00F6B479451} - hxxps://online.bancaintesabeograd.com/RetailDLL/FSINT.dll
FF - ProfilePath - c:\users\petar\AppData\Roaming\Mozilla\Firefox\Profiles\vaswf2ay.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 3.5 Beta 4\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: avast! Online Security: [email protected] - c:\program files\AVAST Software\Avast\WebRep\FF
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EsetNod32Fix]
"ImagePath"=hex:25,00,57,00,49,00,4e,00,44,00,49,00,52,00,25,00,5c,00,72,00,65,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EsetNod32Fix]
"ImagePath"=hex:25,00,57,00,49,00,4e,00,44,00,49,00,52,00,25,00,5c,00,72,00,65,\
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-23 13:43:44
ComboFix-quarantined-files.txt 2013-06-23 11:43
.
Pre-Run: 69.037.072.384 bytes free
Post-Run: 69.216.808.960 bytes free
.
- - End Of File - - E87A363597F64BFD2B79E604F316B455
A36C5E4F47E84449FF07ED3517B43A31
Mimy_88 is offline  
Old 06-24-2013, 02:48 PM   #5
Security Team
Analyst
 
Join Date: Feb 2011
Location: USA
Posts: 2,322
OS: Vista and Ubuntu



You can copy and paste all of those too. :)
jeffce is offline  
Old 06-25-2013, 12:27 AM   #6
Registered Member
 
Join Date: Jun 2013
Posts: 5
OS: Win 7, Snow Leopard



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume3
Install Date: 13.12.2009 23:17:06
System Uptime: 24.6.2013 19:58:02 (1 hours ago)
.
Motherboard: Apple Computer, Inc. | | Mac-F4208CC8
Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz | U2E1 | 989/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 86 GiB total, 65,88 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============

Description: MpKsl95b08a0a
Service: MpKsl95b08a0a
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: avast! SecureLine TAP Adapter
Manufacturer: TAP-Windows Provider V9
Name: avast! SecureLine TAP Adapter
Service: tap0901
.
==== System Restore Points ===================
.
RP35: 24.6.2013 11:11:49 - Windows 7 Service Pack 1
.
==== Installed Programs ======================
.
4U AVI MPEG Converter (version 5.6.9)
AC-3 ACM Codec
ACDSee 8
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1
Adobe Shockwave Player 11
AIMP2
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
Bonjour
Boot Camp Services
CCleaner
DVD or CD Sharing
Eset-NOD32: Fix Dasumo v3.1 hasta el 2029
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HD Tune Pro 5.50
IDT Audio
Intel(R) Graphics Media Accelerator Driver
iTunes
K-Lite Mega Codec Pack 4.8.0
Malwarebytes' Anti-Malware
McAfee Security Scan
Microsoft Antimalware
Microsoft Office XP Professional with FrontPage
Microsoft Security Client
Microsoft Security Essentials
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Morgan M-JPEG codec V3
Mozilla Firefox (3.5.15)
MPEG Video Wizard
MSVC80_x86_v2
mts mobilni internet
NOD32 FiX v2.1
Nokia Connectivity Cable Driver
Nokia PC Suite
NVIDIA Drivers
PC Connectivity Solution
PowerDVD
QuickTime
Realtek High Definition Audio Driver
Skype™ 5.10
TeamViewer 8
VideoLAN VLC media player 0.8.6c
Windows Driver Package - Apple Inc. (applebt) Bluetooth (01/19/2009 2.1.2.1)
Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net (01/11/2008 3.4.3.18)
Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1)
Windows Driver Package - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0)
Windows Driver Package - Apple Inc. Apple Display (01/23/2009 3.0.0.0)
Windows Driver Package - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0)
Windows Driver Package - Apple Inc. Apple Keyboard (03/05/2009 3.0.0.0)
Windows Driver Package - Apple Inc. Apple Multitouch (03/25/2009 2.1.2.112)
Windows Driver Package - Apple Inc. Apple Multitouch Mouse (03/25/2009 2.1.2.112)
Windows Driver Package - Apple Inc. Apple ODD (01/17/2008 2.0.2.2)
Windows Driver Package - Apple Inc. Apple Trackpad (03/05/2009 3.0.0.0)
Windows Driver Package - Apple Inc. Apple Trackpad Enabler (02/19/2009 3.0.0.0)
Windows Driver Package - Apple Inc. System (08/22/2008 2.1.1.1)
Windows Driver Package - Atheros Communications Inc. (athr) Net (09/18/2008 7.6.1.122)
Windows Driver Package - Atheros Communications Inc. Net (09/18/2008 7.6.1.122)
Windows Driver Package - Broadcom (BCM43XX) Net (10/22/2008 5.10.38.26)
Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA (04/29/2009 6.6001.1.8)
Windows Driver Package - Intel (e1express) Net (02/06/2008 9.12.17.0)
Windows Driver Package - Intel (E1G60) Net (01/08/2008 8.3.9.0)
Windows Driver Package - Intel (e1kexpress) Net (07/22/2008 10.3.45.0)
Windows Driver Package - Intel (e1qexpress) Net (08/05/2008 10.3.49.0)
Windows Driver Package - Intel (e1yexpress) Net (07/16/2008 9.52.10.0)
Windows Driver Package - Intel Net (02/06/2008 9.12.18.0)
Windows Driver Package - Intel Net (06/13/2008 9.52.9.0)
Windows Driver Package - Intel Net (07/22/2008 10.3.45.0)
Windows Driver Package - Intel Net (08/05/2008 10.3.49.0)
Windows Driver Package - Intel Net (11/07/2007 8.10.1.0)
Windows Driver Package - Intel System (07/20/2007 1.2.76.0)
Windows Driver Package - Marvell (yukonwlh) Net (03/23/2007 10.12.7.3)
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
Windows Driver Package - Nokia Modem (10/05/2009 4.2)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
WinRAR archiver
WinZip
µTorrent
.
==== Event Viewer Messages From Past Week ========
.
24.6.2013 8:12:16, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24.6.2013 8:11:06, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000008e (0xc0000005, 0x82c92e45, 0x971376c0, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 062413-19780-01.
24.6.2013 20:11:45, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.153.416.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Microsoft Home Page | Devices and Services Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9607.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
24.6.2013 20:00:13, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24.6.2013 19:59:55, Error: Service Control Manager [7000] - The Nod32 AV service failed to start due to the following error: The system cannot find the file specified.
24.6.2013 19:59:07, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the avast! Antivirus service to connect.
24.6.2013 19:59:07, Error: Service Control Manager [7000] - The avast! Antivirus service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
24.6.2013 19:53:35, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 (KB2691442).
24.6.2013 19:53:35, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Update for Windows 7 (KB2748349).
24.6.2013 19:53:35, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2712808).
24.6.2013 19:53:35, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2658846).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 (KB2621440).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2757638).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2727528).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2690533).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2676562).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2667402).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2654428).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2653956).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2631813).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2619339).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2585542).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2584146).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 x86 (KB2736418).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 x86 (KB2656410).
24.6.2013 19:43:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2817183).
24.6.2013 19:43:39, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2719985).
24.6.2013 19:43:39, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2685939).
24.6.2013 19:43:39, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2660649).
24.6.2013 19:43:39, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2655992).
24.6.2013 19:43:39, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2564958).
24.6.2013 19:43:38, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows 7 Service Pack 1 (KB976932).
24.6.2013 19:43:38, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Update for Windows 7 (KB2718704).
24.6.2013 19:43:38, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2753842).
24.6.2013 19:43:38, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows 7 (KB2579686).
24.6.2013 19:43:38, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Cumulative Security Update for ActiveX Killbits for Windows 7 (KB2618451).
24.6.2013 19:43:34, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.153.416.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Microsoft Home Page | Devices and Services Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9607.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
24.6.2013 19:31:16, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
24.6.2013 19:31:16, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24.6.2013 19:22:30, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
24.6.2013 19:22:30, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24.6.2013 12:51:26, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswRvrt aswSnx aswSP aswTdi aswVmm CSC DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl
24.6.2013 12:51:25, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
24.6.2013 12:51:25, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
24.6.2013 12:51:25, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
24.6.2013 12:51:25, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
24.6.2013 12:51:25, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
24.6.2013 12:51:25, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
24.6.2013 12:51:25, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
24.6.2013 12:51:25, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
24.6.2013 12:51:25, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
24.6.2013 12:51:25, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
24.6.2013 12:51:25, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
24.6.2013 12:48:39, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24.6.2013 12:38:09, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.153.416.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Microsoft Home Page | Devices and Services Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9607.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
24.6.2013 12:27:22, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24.6.2013 12:25:37, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The pipe has been ended.
24.6.2013 12:23:46, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24.6.2013 11:37:20, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2840149).
24.6.2013 11:37:01, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2807986).
24.6.2013 11:35:56, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2644615).
24.6.2013 11:35:42, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2808735).
24.6.2013 11:35:26, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 (KB2749655).
24.6.2013 11:35:11, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2758857).
24.6.2013 11:34:01, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2770660).
24.6.2013 11:33:48, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 x86 (KB2729451).
24.6.2013 11:33:12, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2769369).
24.6.2013 1116, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2620704).
24.6.2013 11:05:59, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2813170).
24.6.2013 11:04:58, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 (KB2661254).
24.6.2013 10:57:10, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2813347).
24.6.2013 10:57:10, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2790655).
24.6.2013 10:57:10, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2698365).
24.6.2013 10:57:10, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 (KB2659262).
24.6.2013 10:57:10, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 x86 (KB2656355).
24.6.2013 10:57:09, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 (KB2785220).
24.6.2013 10:57:09, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 (KB2743555).
24.6.2013 10:57:09, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 (KB2705219).
24.6.2013 10:57:09, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 x86 (KB2789644).
24.6.2013 10:57:09, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 x86 (KB2742598).
24.6.2013 10:57:09, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Microsoft Browser Choice Screen Update for EEA Users of Windows 7 (KB976002).
24.6.2013 10:45:13, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.153.416.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: Microsoft Home Page | Devices and Services Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9607.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
24.6.2013 10:45:13, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.153.416.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: Microsoft Home Page | Devices and Services Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9607.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
24.6.2013 10:45:13, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.153.416.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: Microsoft Home Page | Devices and Services Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9607.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
24.6.2013 10:16:24, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
23.6.2013 8:03:47, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
23.6.2013 7:37:54, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
23.6.2013 22:35:15, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
23.6.2013 17:49:29, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0816: Security Update for Windows 7 (KB2621440).
23.6.2013 17:48:21, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
23.6.2013 16:21:25, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
23.6.2013 13:38:03, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
23.6.2013 13:01:27, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
23.6.2013 11:38:30, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
23.6.2013 10:12:32, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 x86 (KB2604114).
23.6.2013 0:49:29, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
23.6.2013 0:04:36, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
22.6.2013 23:53:36, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
22.6.2013 23:49:58, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
22.6.2013 22:57:47, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
.
==== End Of File ===========================
Mimy_88 is offline  
Old 06-25-2013, 12:29 AM   #7
Registered Member
 
Join Date: Jun 2013
Posts: 5
OS: Win 7, Snow Leopard



DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7600.16839
Run by petar at 20:20:28 on 2013-06-24
Microsoft Windows 7 Ultimate 6.1.7600.0.1251.31.1033.1.2016.1032 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\idt\apple_v50\wdm\STacSV.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\AppleOSSMgr.exe
C:\Windows\system32\AppleTimeSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\System32\MMTray.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [Apple_KbdMgr] c:\program files\boot camp\Bootcamp.exe
mRun: [MMTray] MMTray.exe
mRun: [DVD or CD Sharing] "c:\program files\dvd or cd sharing\ODSAgent.exe"
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRunOnce: [SPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"https://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\1.0.150\SSScheduler.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} - hxxps://online.bancaintesabeograd.com/RetailDLL/SGCMSCCD.DLL
DPF: {A7C346A3-B076-46B3-97F0-D00F6B479451} - hxxps://online.bancaintesabeograd.com/RetailDLL/FSINT.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{36B6E11D-6C7E-40B5-A6D9-00911B4F4BAF} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{36B6E11D-6C7E-40B5-A6D9-00911B4F4BAF}\A6564735075656460294144402230282053545E492 : DHCPNameServer = 192.168.1.1
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\petar\appdata\roaming\mozilla\firefox\profiles\vaswf2ay.default\
FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox 3.5 beta 4\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: avast! Online Security: [email protected] - c:\program files\avast software\avast\webrep\FF
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-6-23 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-6-23 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-6-23 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-6-23 368944]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R2 AppleOSSMgr;Apple OS Switch Manager;c:\windows\system32\AppleOSSMgr.exe [2009-7-22 136496]
R2 AppleTimeSrv;Apple Time Service;c:\windows\system32\AppleTimeSrv.exe [2009-7-22 99632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-6-23 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-6-23 66336]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-6-23 4150112]
R3 aapltctp;Apple Trackpad Enabler;c:\windows\system32\drivers\aapltctp.sys [2009-12-15 4224]
R3 aapltp;Apple Trackpad;c:\windows\system32\drivers\aapltp.sys [2009-12-15 33280]
R3 applebt;Apple Built-in Bluetooth;c:\windows\system32\drivers\applebt.sys [2009-12-15 9088]
R3 IRRemoteFlt;IR Receiver Filter Driver;c:\windows\system32\drivers\IRFilter.sys [2009-12-15 16512]
R3 KeyMagic;USB Keyboard HID Filter;c:\windows\system32\drivers\KeyMagic.sys [2009-12-15 23552]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-14 311296]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-6-23 46808]
S2 EsetNod32Fix;Nod32 AV;%WINDIR%\regedit.exe /s %Windir%\Fix.reg --> %WINDIR%\regedit.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BthKicker;Apple Bluetooth Device Driver;c:\windows\system32\drivers\BthKicker.sys [2009-12-15 7424]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2011-3-7 100736]
S3 iSightUpdate;iSight Update Driver;c:\windows\system32\drivers\iSightUP.sys [2009-12-15 17664]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2013-6-23 1343400]
.
=============== Created Last 30 ================
.
2013-06-24 17:56:51 -------- d-----w- C:\TDSSKiller_Quarantine
2013-06-24 09:12:24 -------- d-----w- c:\windows\system32\SPReview
2013-06-24 09:08:20 -------- d-----w- c:\windows\system32\EventProviders
2013-06-24 08:22:07 -------- d-----r- c:\program files\Skype
2013-06-23 20:22:58 -------- d-----w- c:\program files\CCleaner
2013-06-23 17:05:50 -------- d-----w- c:\users\petar\appdata\local\CRE
2013-06-23 17:01:47 -------- d-----w- c:\users\petar\appdata\roaming\uTorrent
2013-06-23 16:30:01 -------- d-----w- c:\program files\TeamViewer
2013-06-23 11:41:24 -------- d-sh--w- C:\$RECYCLE.BIN
2013-06-23 11:21:02 208896 ----a-w- c:\windows\MBR.exe
2013-06-23 11:21:01 98816 ----a-w- c:\windows\sed.exe
2013-06-23 11:21:01 256000 ----a-w- c:\windows\PEV.exe
2013-06-23 08:12:15 2048 ----a-w- c:\windows\system32\tzres.dll
2013-06-23 08:10:20 -------- d-----w- c:\windows\system32\Wat
2013-06-22 22:46:21 -------- d-----w- C:\found.000
2013-06-22 22:25:19 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-06-22 22:24:50 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-06-22 22:24:28 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-06-22 22:24:26 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-06-22 22:05:04 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-06-22 22:04:58 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-22 22:04:46 740840 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{030840c5-70e4-4f82-8b4d-b361e49560da}\gapaengine.dll
2013-06-22 22:04:44 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-22 22:04:39 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-22 22:04:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-22 22:04:00 7068072 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{39773f36-5637-4f36-a7aa-dd10dd15f089}\mpengine.dll
2013-06-22 22:02:13 41664 ----a-w- c:\windows\avastSS.scr
2013-06-22 22:02:05 35088 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-06-22 22:01:46 -------- d-----w- c:\program files\AVAST Software
2013-06-22 22:00:08 -------- d-----w- c:\programdata\AVAST Software
.
==================== Find3M ====================
.
2013-06-24 10:54:21 152064 ----a-w- c:\windows\system32\msclmd.dll
2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 20:21:46,06 ===============
Mimy_88 is offline  
Old 06-25-2013, 04:47 AM   #8
Security Team
Analyst
 
Join Date: Feb 2011
Location: USA
Posts: 2,322
OS: Vista and Ubuntu



Hi,

Good job!

Download CKScanner by askey127 from Here & save it to your Desktop.
  • Right-click and Run as Administrator CKScanner.exe then click Search For Files
  • When the cursor hourglass disappears, click Save List To File
  • A message box will verify the file saved
  • Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply


Go ahead and run a new scan with ComboFix so that we can get some updated information. :)
jeffce is offline  
Old 06-27-2013, 04:44 AM   #9
Security Team
Analyst
 
Join Date: Feb 2011
Location: USA
Posts: 2,322
OS: Vista and Ubuntu



Still with me?
jeffce is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
PLEASE HELP Stubborn Malware
Hey, early this week these messages from a fake program called Security Guard 2012 started popping up, it wanted me to pay for it and it made fake blue screens and reboot screens..it also redirected sites sometimes, didn't let me use certain programs, wouldn't let McAfee Real-Time scanning stay on...
Mike_Jack's_Gal Inactive Malware Help Topics 16 10-28-2011 04:17 PM
I need help with rootkit virus
A few days ago I try to g00gle search and i was redirected to wrong site. After doing some research, i found out I had a virus problem. After running a few antivirus scan, i was able to remove a few, But the computer was still having issues. I ran combo fix and it picked up a rootkit virus, the...
t0pethepr0 Inactive Malware Help Topics 0 10-21-2011 07:46 PM
Unknown threat...
Yesterday i've searched for a cooking recipe on a russian website and when i clicked on a link that Google showed me as a search result i found out that my antivirus (Avira) found something like JAVA/Exdoer.BV then antivirus sent it to quarantine and deleted. When i closed and reenter Firefox i...
Alonzo Resolved HJT Threads 24 06-18-2011 12:22 PM
RtkBtMnt.exe VIRUS Cannot remove Help Please
Hi, I seem to have become infected with a RtkBtMnt.exe virus. This file always loads on boot up as it located here:- C:\Users\Tony\AppData\Local\Temp\RtkBtMnt.exe I am running Windows Vista 32 bit operating system. I have run Malwarebytes in safe mode but this does not pick up anything....
aliens64 Inactive Malware Help Topics 0 01-24-2011 06:32 AM
An Introduction to Rootkits, Tutorial by Swandog46
Posted with permisssion of Swandog46 An Introduction to Rootkits What are they, and how does one detect and remove them? The purpose of this thread is to give you a basic introduction to rootkits --- what are they, why are they so dangerous, how do they behave, how does one detect and...
tetonbob The Annex 0 08-02-2006 09:58 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 10:02 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts