Jump to content

power123

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

 Content Type 

Everything posted by power123

  1. power123
    I found the trojan Sirefef.N at file:C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys but I cannot delete the folder and mb doesn't detect it DDS DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_24 Run by Dilys Yuen at 20:09:13 on 2013-01-05 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3486.794 [GMT -8:00] . AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files\Microsoft SQL Server\MSSQL$ADMINDB\Binn\sqlservr.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE C:\Program Files\CyberLink\Shared Files\brs.exe C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Schwab\StreetSmart Edge\QuickLaunch.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Users\Dilys Yuen\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\DllHost.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\system32\sppsvc.exe c:\PROGRA~1\MI8079~1\msseces.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k iissvcs C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k PPTVServiceGroup . ============== Pseudo HJT Report =============== . uWindow Title = Internet Explorer, optimized for Bing and MSN uSearch Page = hxxp://www.google.com mDefault_Page_URL = hxxp://www.sony.com/vaiopeople uProxyOverride = local;*.local uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned> uURLSearchHooks: <No Name>: - LocalServer32 - <no file> uURLSearchHooks: {ecce0073-a837-45a2-95b9-600420505f7e} - <orphaned> BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: {06433BFE-4946-4E89-823D-CD359C81CD06} - <orphaned> BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {481EE3EC-C026-4F9A-BA22-FD07654ADFC0} - <orphaned> BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe uRun: [QuickLaunch] c:\program files\schwab\streetsmart edge\QuickLaunch.exe uRun: [Google Update] "c:\users\dilys yuen\appdata\local\google\update\GoogleUpdate.exe" /c uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 1.1.4322; .NET CLR 3.0.04506; InfoPath.2; Media Center PC 5.0; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; SLCC1; Tablet PC 2.0)" -"http://ippex.pppl.gov/interactive/energy/boilwater.html" mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [iJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXE mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [bDRegion] c:\program files\cyberlink\shared files\brs.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [uSB3MON] "c:\program files\intel\intel® usb 3.0 extensible host controller driver\application\iusb3mon.exe" mRun: [iMSS] "c:\program files\intel\intel® management engine components\imss\PIconStartup.exe" mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iAStorIcon] c:\program files\intel\intel® rapid storage technology\iastoriconlaunch.exe "c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe" 60 mRun: [MSC] "c:\program files\microsoft security client\mssecex.exe" -hide -runkey StartupFolder: c:\users\dilysy~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\dilys yuen\appdata\roaming\dropbox\bin\Dropbox.exe StartupFolder: c:\users\dilysy~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:95 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {95B3F550-91C4-4627-BCC4-521288C52977} - c:\program files\pplive\pptv\PPLive.exe . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 71.9.127.107 68.190.192.35 24.205.224.36 TCP: Interfaces\{1464FBE0-B75C-47EB-AD32-86AE427378E3} : DHCPNameServer = 71.9.127.107 68.190.192.35 68.116.46.115 TCP: Interfaces\{147ED1C3-38F7-44DE-A72D-A036B05EB6E2} : DHCPNameServer = 71.9.127.107 68.190.192.35 24.205.224.36 TCP: Interfaces\{18724F4C-74DA-40C3-8CB4-DA45DDDC1588} : DHCPNameServer = 71.9.127.107 68.190.192.35 68.116.46.115 TCP: Interfaces\{18724F4C-74DA-40C3-8CB4-DA45DDDC1588}\9635D6162747 : DHCPNameServer = 192.168.0.1 0.0.0.0 0.0.0.0 TCP: Interfaces\{5DF86E61-47A5-44AF-9FB4-68D69267E484} : DHCPNameServer = 71.9.127.107 68.190.192.35 68.116.46.115 TCP: Interfaces\{79301C7C-9AAC-40A0-A866-F1E87273BA24} : DHCPNameServer = 71.9.127.107 68.190.192.35 0.0.0.0 TCP: Interfaces\{949B6B5E-19F0-4E33-A7EF-5A9C6F9D3C2D} : DHCPNameServer = 71.9.127.107 68.190.192.35 24.205.224.36 TCP: Interfaces\{94A3244A-C973-474A-965C-6680D53FEC74} : DHCPNameServer = 66.215.64.14 24.205.1.14 0.0.0.0 TCP: Interfaces\{BBDB1B81-5368-41A6-9320-2034FCE1F534} : DHCPNameServer = 71.9.127.107 68.190.192.35 24.205.224.36 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - LocalServer32 - <no file> Handler: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - LocalServer32 - <no file> Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL Notify: igfxcui - igfxdev.dll Notify: VESWinlogon - VESWinlogon.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL Hosts: 74.208.10.249 gs.apple.com . ================= FIREFOX =================== . FF - ProfilePath - c:\users\dilys yuen\appdata\roaming\mozilla\firefox\profiles\xmpmee2y.default\ FF - prefs.js: browser.search.defaulturl - Bing FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z192&form=ZGAADF&install_date=20110907&q= FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\intel\intel® management engine components\ipt\npIntelWebAPIIPT.dll FF - plugin: c:\program files\intel\intel® management engine components\ipt\npIntelWebAPIUpdater.dll FF - plugin: c:\program files\internet explorer\pplite\plugin\1.0.1.1717\npplugin2.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll FF - plugin: c:\program files\nos\bin\np_gp.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll FF - plugin: c:\users\dilys yuen\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll . ---- FIREFOX POLICIES ---- FF - user.js: general.useragent.extra.brc - BRI/1 . ============= SERVICES / DRIVERS =============== . R0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys [2012-12-30 532536] R0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys [2012-12-30 25656] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2012-6-30 13592] R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552] R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2011-5-17 19056] R1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\drivers\CLBStor.sys [2011-2-21 15784] R1 MpKslb7419732;MpKslb7419732;c:\programdata\microsoft\microsoft antimalware\definition updates\{65e97108-3701-4490-b933-1ad11c09e2be}\MpKslb7419732.sys [2013-1-5 29904] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-11 116608] R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/02/21 20:01:00];c:\program files\cyberlink\powerdvd9\000.fcl [2010-1-19 87536] R2 CLBUDF;CyberLink InstantBurn UDF Filesystem;c:\windows\system32\drivers\CLBUDF.sys [2011-2-21 163368] R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2009-5-4 12672] R2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-9-12 20072] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2012-12-30 14904] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\intel\icls client\HeciServer.exe [2011-12-8 423136] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files\intel\intel® management engine components\dal\Jhi_service.exe [2012-6-30 161560] R2 MSSQL$ADMINDB;MSSQL$ADMINDB;c:\program files\microsoft sql server\mssql$admindb\binn\sqlservr.exe -sadmindb --> c:\program files\microsoft sql server\mssql$admindb\binn\sqlservr.exe -sADMINDB [?] R2 PPTVService;PPTVService;c:\windows\system32\svchost.exe -k PPTVServiceGroup [2009-7-13 20992] R2 WDDMService;WDDMService;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2010-10-5 237056] R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2011-12-6 280576] R3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys [2012-6-30 347928] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2012-6-30 789272] R3 MEI;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-6-30 46080] R3 RAMDiskVE;RAMDiskVE;c:\windows\system32\drivers\RamDiskVE.sys [2012-9-6 56320] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-9-15 394856] R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-5-21 31104] S2 CLKMSVC10_E92D8507;CyberLink Product - 2011/09/17 21:01:17;c:\program files\cyberlink\powerdvd9\navfilter\kmsvc.exe [2010-11-18 240112] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?] S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2010-1-5 1500160] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560] S3 CM1023264;C-Media CM102 Like Sound UDAX Interface;c:\windows\system32\drivers\CM102.sys [2007-3-16 1308160] S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\drivers\EtronHub3.sys [2011-5-25 41600] S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\drivers\EtronXHCI.sys [2011-3-7 64896] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-7-10 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840] S3 GenericMount Helper Service;GenericMount Helper Service;"c:\program files\norton ghost\shared\drivers\genericmounthelper.exe" --> c:\program files\norton ghost\shared\drivers\GenericMountHelper.exe [?] S3 GenericMount;Generic Mount Driver;c:\windows\system32\drivers\GenericMount.sys [2010-2-12 57840] S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-1-5 31560] S3 mbamswissarmy;mbamswissarmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-1-5 138864] S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2009-11-23 131072] S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2009-11-23 79104] S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 99272] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824] S3 PCAlertDriver;PCAlertDriver;c:\progra~1\msi\msiwdev\NTGLM7X.sys [2006-6-7 27648] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-5-1 15872] S3 SQLAgent$ADMINDB;SQLAgent$ADMINDB;c:\program files\microsoft sql server\mssql$admindb\binn\sqlagent.exe -i admindb --> c:\program files\microsoft sql server\mssql$admindb\binn\sqlagent.EXE -i ADMINDB [?] S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S3 SymSnapService;SymSnapService;"c:\program files\norton ghost\shared\drivers\symsnapservice.exe" --> c:\program files\norton ghost\shared\drivers\SymSnapService.exe [?] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-1 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-7 1343400] S3 WEBNTACCESS;WEBNTACCESS;c:\windows\system32\Ntaccess.sys [2008-4-14 17920] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== File Associations =============== . ShellExec: pi11.exe: Open="c:\program files\microsoft digital image 2006\pi.exe" "%1" . =============== Created Last 30 ================ . 2013-01-06 04:06:38 60872 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{65e97108-3701-4490-b933-1ad11c09e2be}\offreg.dll 2013-01-06 04:03:43 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{65e97108-3701-4490-b933-1ad11c09e2be}\MpKslb7419732.sys 2013-01-06 03:58:50 31560 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2013-01-06 03:58:50 138864 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2013-01-05 23:16:47 6812136 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{65e97108-3701-4490-b933-1ad11c09e2be}\mpengine.dll 2013-01-05 19:15:03 6812136 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-01-05 01:04:26 -------- d-----w- c:\users\dilys yuen\appdata\local\{4BCC7B1B-4558-415B-9CF7-B13430FDD2D9} 2013-01-02 01:31:27 -------- d-----w- c:\users\dilys yuen\appdata\local\Paraken Technology Co., Ltd 2013-01-02 01:31:18 -------- d-----w- c:\program files\Musemage 2012-12-30 19:04:28 -------- d-----w- c:\program files\common files\Intel Corporation 2012-12-30 19:03:05 -------- d-----w- c:\users\dilys yuen\appdata\roaming\Intel Corporation 2012-12-30 18:58:35 532536 ----a-w- c:\windows\system32\drivers\iaStorA.sys 2012-12-30 18:58:35 25656 ----a-w- c:\windows\system32\drivers\iaStorF.sys 2012-12-27 17:55:51 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2012-12-23 02:36:24 -------- d-----w- c:\users\dilys yuen\appdata\local\{50D56C07-90B5-4C00-B2E6-A2CD503CC790} 2012-12-22 00:43:58 -------- d-----w- c:\users\dilys yuen\appdata\local\{439EA8AA-8846-4D4A-8178-883BB055E063} 2012-12-21 17:57:10 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-21 17:57:10 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-19 18:06:10 -------- d-----w- c:\users\dilys yuen\appdata\local\{7A550B5E-6442-4DAA-BA70-1E01D27F77C9} 2012-12-14 00:33:01 -------- d-----w- c:\users\dilys yuen\appdata\local\{6E1FE297-3324-4121-8955-AD207271A9D2} 2012-12-12 18:08:51 -------- d-----w- c:\users\dilys yuen\appdata\local\{255F00CC-72C2-4755-BC73-09210173E4D8} 2012-12-10 18:20:13 -------- d-----w- c:\users\dilys yuen\appdata\roaming\ConverterLite 2012-12-10 18:20:13 -------- d-----w- c:\program files\ConverterLite 2012-12-09 01:41:53 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-12-09 01:41:53 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-12-09 01:41:53 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-12-09 01:41:35 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-12-09 01:41:34 73216 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-12-09 01:41:34 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-12-09 01:41:34 613888 ----a-w- c:\windows\system32\WUDFx.dll 2012-12-09 01:41:34 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-12-09 01:41:34 196608 ----a-w- c:\windows\system32\WUDFHost.exe 2012-12-09 01:41:34 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-12-09 00:03:55 8192 ----a-w- c:\windows\system32\iisrstap.dll . ==================== Find3M ==================== . 2012-12-30 02:15:39 338944 ----a-w- c:\windows\system32\drivers\AFD.SYS 2012-12-12 02:57:05 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-12-12 02:57:05 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-11-22 02:56:02 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll 2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll 2012-10-25 11:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-10-25 11:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-10-18 17:30:44 60304 ----a-w- c:\users\dilys yuen\g2mdlhlpx.exe 2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-09 17:40:31 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-10-09 17:40:31 193536 ----a-w- c:\windows\system32\dhcpcore6.dll . ============= FINISH: 20:09:27.15 =============== attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume2 Install Date: 10/15/2009 8:03:51 PM System Uptime: 1/5/2013 8:03:35 PM (0 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | B75M-D3H Processor: Intel® Core i5-3570K CPU @ 3.40GHz | Intel® Core i5-3570K CPU @ 3.40GHz | 3801/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 231 GiB total, 144.586 GiB free. D: is CDROM () E: is FIXED (FAT32) - 1 GiB total, 0.975 GiB free. F: is Removable G: is Removable H: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) @BIOS µTorrent 32 Bit HP CIO Components Installer 7-Zip 4.65 AC3Filter 1.63b Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Photoshop CS5 Adobe Reader X (10.1.4) Adobe Shockwave Player 11.5 Advertising Center Air Video Server 2.4.3 Apple Application Support Apple Mobile Device Support Apple Software Update Bass Audio Decoder (remove only) Bing Bar Bing Maps 3D Bing Rewards Client Installer Bonjour Call of Duty: Modern Warfare 2 Call of Duty: Modern Warfare 2 - Multiplayer Canon IJ Network Scan Utility Canon IJ Network Tool Canon MP Navigator EX 1.0 Canon MX700 series CCleaner CD Audio Reader Filter (remove only) Cisco Connect ConverterLite 1.6.2 CPUID CPU-Z 1.62 CPUID HWMonitor 1.16 CyberLink BD Advisor 2.0 CyberLink Blu-ray Disc Suite CyberLink InstantBurn CyberLink LabelPrint CyberLink MediaShow CyberLink Power2Go CyberLink PowerBackup CyberLink PowerDVD 9 CyberLink PowerProducer D3DX10 DCoder Image Source (remove only) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition DirectVobSub (remove only) DolbyFiles Dropbox DScaler 5 Mpeg Decoders Etron USB3.0 Host Controller FFMPEG Core Files (remove only) Google Chrome GoToMeeting 5.1.0.880 HandBrake 0.9.6 HP USB Disk Storage Format Tool iCloud ImagXpress Intel® Management Engine Components Intel® OpenCL CPU Runtime Intel® PRO Network Adapters and Drivers Intel® Processor Graphics Intel® Rapid Storage Technology Intel® USB 3.0 eXtensible Host Controller Driver Intel® Trusted Connect Service Client iTunes Java Auto Updater Java 6 Update 24 Junk Mail filter update LocationFree Player Logitech SetPoint 5.20 MapleStory Menu Templates - Starter Kit Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Digital Image Library 9 - Blocker Microsoft Digital Image Suite 2006 Microsoft Digital Image Suite 2006 Editor Microsoft Digital Image Suite 2006 Library Microsoft Image Composite Editor Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2007 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Excel MUI (English) 2010 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Live Add-in 1.5 Microsoft Office Live Meeting 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2007 Microsoft Office Word MUI (English) 2010 Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 MobileMe Control Panel Movie Templates - Starter Kit Mozilla Firefox 14.0.1 (x86 en-US) Mozilla Maintenance Service MSDE for AdminDB MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Musemage Nero 9 Essentials Nero BurnRights Nero BurnRights Help Nero ControlCenter Nero CoverDesigner Nero CoverDesigner Help Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero ShowTime Nero StartSmart Nero StartSmart Help Nero Vision Nero Vision Help NeroExpress neroxml NVIDIA 3D Vision Driver 266.58 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.10.0514 ON_OFF Charge B11.1102.1 OpenMG Limited Patch 4.7-07-13-24-01 OpenMG Secure Module 4.7.00 PDF Settings CS5 PenpowerJR PPLite 1.0.0.106 PPTV V3.1.8.0039 QuickBooks Product Listing Service QuickTime RAMDisk RealMedia (remove only) Realtek Ethernet Controller Driver redist Remote Mouse version 1.09 Rhapsody Player Engine Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition SHOUTcast Source (remove only) Simple Start Entice Skype Toolbars Skype™ 5.10 Spelling Dictionaries Support For Adobe Reader 9 Steam StreetSmart Edge StreetSmart Pro SUPERAntiSpyware SupportSoft Assisted Service System Requirements Lab Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Viewpoint Media Player WD SmartWare Drive Manager Windows 7 USB/DVD Download Tool Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin Windows XP Mode WinRAR archiver WinX Bluray DVD iPad Ripper 4.5.0 Xvid 1.2.2 final uninstall . ==== Event Viewer Messages From Past Week ======== . 12/29/2012 6:18:07 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80004005 Error description: Unspecified error Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer. 12/29/2012 5:31:45 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2718.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service. 12/29/2012 5:31:18 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2718.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service. 12/29/2012 5:31:04 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2718.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service. 12/29/2012 5:28:11 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 12/29/2012 5:28:11 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 12/29/2012 5:22:10 PM, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed. 12/29/2012 5:22:10 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection service depends on the Microsoft Network Inspection System service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion. 12/29/2012 5:22:10 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer. 12/29/2012 5:21:42 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 12/29/2012 11:00:47 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2718.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service. 12/29/2012 10:50:07 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer. 12/29/2012 10:48:44 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2718.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service. 12/29/2012 10:39:09 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer. 1/5/2013 8:47:24 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 8:06:42 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 8:06:42 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 8:04:42 PM, Error: Microsoft-Windows-WMPNSS-Service [14353] - A media delivery engine with ID '0' was not initialized due to error '0x800700b7' when adding the URL 'http://+:10243/WMPNSSv4/2834687602/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible. 1/5/2013 8:04:42 PM, Error: Microsoft-Windows-WMPNSS-Service [14349] - A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x800700b7'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible. 1/5/2013 8:04:09 PM, Error: Service Control Manager [7034] - The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s). 1/5/2013 8:03:37 PM, Error: volmgr [46] - Crash dump initialization failed! 1/5/2013 6:21:34 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: C:\Windows\explorer.exe Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 5:53:23 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Users\Dilys Yuen\AppData\Roaming\Dropbox\bin\Dropbox.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 5:48:59 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 5:48:59 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 4:34:07 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 4:34:07 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 3:52:28 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 3:52:28 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 2:59:37 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3230.0, AS: 1.141.3230.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 12:02:33 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3230.0, AS: 1.141.3230.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/5/2013 12:02:33 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3230.0, AS: 1.141.3230.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/4/2013 9:25:08 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3065.0, AS: 1.141.3065.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/4/2013 2:01:30 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/4/2013 12:14:25 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/4/2013 11:49:25 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/4/2013 11:49:25 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/4/2013 11:10:26 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/4/2013 11:10:26 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/4/2013 10:27:20 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/3/2013 7:58:08 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3065.0, AS: 1.141.3065.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/3/2013 2:03:28 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3065.0, AS: 1.141.3065.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 1/3/2013 1:00:26 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3065.0, AS: 1.141.3065.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0 . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.