power123
-
Posts
1 -
Joined
-
Last visited
This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
trojan Sirefef.N
in Resolved Malware Removal Logs
Posted
I found the trojan Sirefef.N at
file:C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys
but I cannot delete the folder and mb doesn't detect it
DDS
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_24
Run by Dilys Yuen at 20:09:13 on 2013-01-05
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3486.794 [GMT -8:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Microsoft SQL Server\MSSQL$ADMINDB\Binn\sqlservr.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\CyberLink\Shared Files\brs.exe
C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Schwab\StreetSmart Edge\QuickLaunch.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Users\Dilys Yuen\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\DllHost.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
c:\PROGRA~1\MI8079~1\msseces.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k PPTVServiceGroup
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.sony.com/vaiopeople
uProxyOverride = local;*.local
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: {ecce0073-a837-45a2-95b9-600420505f7e} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: {06433BFE-4946-4E89-823D-CD359C81CD06} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {481EE3EC-C026-4F9A-BA22-FD07654ADFC0} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [QuickLaunch] c:\program files\schwab\streetsmart edge\QuickLaunch.exe
uRun: [Google Update] "c:\users\dilys yuen\appdata\local\google\update\GoogleUpdate.exe" /c
uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 1.1.4322; .NET CLR 3.0.04506; InfoPath.2; Media Center PC 5.0; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; SLCC1; Tablet PC 2.0)" -"http://ippex.pppl.gov/interactive/energy/boilwater.html"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [iJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXE
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [bDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [uSB3MON] "c:\program files\intel\intel® usb 3.0 extensible host controller driver\application\iusb3mon.exe"
mRun: [iMSS] "c:\program files\intel\intel® management engine components\imss\PIconStartup.exe"
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iAStorIcon] c:\program files\intel\intel® rapid storage technology\iastoriconlaunch.exe "c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe" 60
mRun: [MSC] "c:\program files\microsoft security client\mssecex.exe" -hide -runkey
StartupFolder: c:\users\dilysy~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\dilys yuen\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\dilysy~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:95
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {95B3F550-91C4-4627-BCC4-521288C52977} - c:\program files\pplive\pptv\PPLive.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 71.9.127.107 68.190.192.35 24.205.224.36
TCP: Interfaces\{1464FBE0-B75C-47EB-AD32-86AE427378E3} : DHCPNameServer = 71.9.127.107 68.190.192.35 68.116.46.115
TCP: Interfaces\{147ED1C3-38F7-44DE-A72D-A036B05EB6E2} : DHCPNameServer = 71.9.127.107 68.190.192.35 24.205.224.36
TCP: Interfaces\{18724F4C-74DA-40C3-8CB4-DA45DDDC1588} : DHCPNameServer = 71.9.127.107 68.190.192.35 68.116.46.115
TCP: Interfaces\{18724F4C-74DA-40C3-8CB4-DA45DDDC1588}\9635D6162747 : DHCPNameServer = 192.168.0.1 0.0.0.0 0.0.0.0
TCP: Interfaces\{5DF86E61-47A5-44AF-9FB4-68D69267E484} : DHCPNameServer = 71.9.127.107 68.190.192.35 68.116.46.115
TCP: Interfaces\{79301C7C-9AAC-40A0-A866-F1E87273BA24} : DHCPNameServer = 71.9.127.107 68.190.192.35 0.0.0.0
TCP: Interfaces\{949B6B5E-19F0-4E33-A7EF-5A9C6F9D3C2D} : DHCPNameServer = 71.9.127.107 68.190.192.35 24.205.224.36
TCP: Interfaces\{94A3244A-C973-474A-965C-6680D53FEC74} : DHCPNameServer = 66.215.64.14 24.205.1.14 0.0.0.0
TCP: Interfaces\{BBDB1B81-5368-41A6-9320-2034FCE1F534} : DHCPNameServer = 71.9.127.107 68.190.192.35 24.205.224.36
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - LocalServer32 - <no file>
Handler: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - LocalServer32 - <no file>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 74.208.10.249 gs.apple.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dilys yuen\appdata\roaming\mozilla\firefox\profiles\xmpmee2y.default\
FF - prefs.js: browser.search.defaulturl - Bing
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z192&form=ZGAADF&install_date=20110907&q=
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\intel\intel® management engine components\ipt\npIntelWebAPIIPT.dll
FF - plugin: c:\program files\intel\intel® management engine components\ipt\npIntelWebAPIUpdater.dll
FF - plugin: c:\program files\internet explorer\pplite\plugin\1.0.1.1717\npplugin2.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\users\dilys yuen\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc - BRI/1
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys [2012-12-30 532536]
R0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys [2012-12-30 25656]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2012-6-30 13592]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2011-5-17 19056]
R1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\drivers\CLBStor.sys [2011-2-21 15784]
R1 MpKslb7419732;MpKslb7419732;c:\programdata\microsoft\microsoft antimalware\definition updates\{65e97108-3701-4490-b933-1ad11c09e2be}\MpKslb7419732.sys [2013-1-5 29904]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-11 116608]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/02/21 20:01:00];c:\program files\cyberlink\powerdvd9\000.fcl [2010-1-19 87536]
R2 CLBUDF;CyberLink InstantBurn UDF Filesystem;c:\windows\system32\drivers\CLBUDF.sys [2011-2-21 163368]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2009-5-4 12672]
R2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-9-12 20072]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2012-12-30 14904]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\intel\icls client\HeciServer.exe [2011-12-8 423136]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files\intel\intel® management engine components\dal\Jhi_service.exe [2012-6-30 161560]
R2 MSSQL$ADMINDB;MSSQL$ADMINDB;c:\program files\microsoft sql server\mssql$admindb\binn\sqlservr.exe -sadmindb --> c:\program files\microsoft sql server\mssql$admindb\binn\sqlservr.exe -sADMINDB [?]
R2 PPTVService;PPTVService;c:\windows\system32\svchost.exe -k PPTVServiceGroup [2009-7-13 20992]
R2 WDDMService;WDDMService;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2010-10-5 237056]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2011-12-6 280576]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys [2012-6-30 347928]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2012-6-30 789272]
R3 MEI;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-6-30 46080]
R3 RAMDiskVE;RAMDiskVE;c:\windows\system32\drivers\RamDiskVE.sys [2012-9-6 56320]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-9-15 394856]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-5-21 31104]
S2 CLKMSVC10_E92D8507;CyberLink Product - 2011/09/17 21:01:17;c:\program files\cyberlink\powerdvd9\navfilter\kmsvc.exe [2010-11-18 240112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2010-1-5 1500160]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S3 CM1023264;C-Media CM102 Like Sound UDAX Interface;c:\windows\system32\drivers\CM102.sys [2007-3-16 1308160]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\drivers\EtronHub3.sys [2011-5-25 41600]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\drivers\EtronXHCI.sys [2011-3-7 64896]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-7-10 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 GenericMount Helper Service;GenericMount Helper Service;"c:\program files\norton ghost\shared\drivers\genericmounthelper.exe" --> c:\program files\norton ghost\shared\drivers\GenericMountHelper.exe [?]
S3 GenericMount;Generic Mount Driver;c:\windows\system32\drivers\GenericMount.sys [2010-2-12 57840]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-1-5 31560]
S3 mbamswissarmy;mbamswissarmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-1-5 138864]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2009-11-23 131072]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2009-11-23 79104]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 99272]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]
S3 PCAlertDriver;PCAlertDriver;c:\progra~1\msi\msiwdev\NTGLM7X.sys [2006-6-7 27648]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-5-1 15872]
S3 SQLAgent$ADMINDB;SQLAgent$ADMINDB;c:\program files\microsoft sql server\mssql$admindb\binn\sqlagent.exe -i admindb --> c:\program files\microsoft sql server\mssql$admindb\binn\sqlagent.EXE -i ADMINDB [?]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 SymSnapService;SymSnapService;"c:\program files\norton ghost\shared\drivers\symsnapservice.exe" --> c:\program files\norton ghost\shared\drivers\SymSnapService.exe [?]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-1 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-7 1343400]
S3 WEBNTACCESS;WEBNTACCESS;c:\windows\system32\Ntaccess.sys [2008-4-14 17920]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== File Associations ===============
.
ShellExec: pi11.exe: Open="c:\program files\microsoft digital image 2006\pi.exe" "%1"
.
=============== Created Last 30 ================
.
2013-01-06 04:06:38 60872 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{65e97108-3701-4490-b933-1ad11c09e2be}\offreg.dll
2013-01-06 04:03:43 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{65e97108-3701-4490-b933-1ad11c09e2be}\MpKslb7419732.sys
2013-01-06 03:58:50 31560 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-01-06 03:58:50 138864 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-01-05 23:16:47 6812136 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{65e97108-3701-4490-b933-1ad11c09e2be}\mpengine.dll
2013-01-05 19:15:03 6812136 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-01-05 01:04:26 -------- d-----w- c:\users\dilys yuen\appdata\local\{4BCC7B1B-4558-415B-9CF7-B13430FDD2D9}
2013-01-02 01:31:27 -------- d-----w- c:\users\dilys yuen\appdata\local\Paraken Technology Co., Ltd
2013-01-02 01:31:18 -------- d-----w- c:\program files\Musemage
2012-12-30 19:04:28 -------- d-----w- c:\program files\common files\Intel Corporation
2012-12-30 19:03:05 -------- d-----w- c:\users\dilys yuen\appdata\roaming\Intel Corporation
2012-12-30 18:58:35 532536 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2012-12-30 18:58:35 25656 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2012-12-27 17:55:51 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-23 02:36:24 -------- d-----w- c:\users\dilys yuen\appdata\local\{50D56C07-90B5-4C00-B2E6-A2CD503CC790}
2012-12-22 00:43:58 -------- d-----w- c:\users\dilys yuen\appdata\local\{439EA8AA-8846-4D4A-8178-883BB055E063}
2012-12-21 17:57:10 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 17:57:10 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-19 18:06:10 -------- d-----w- c:\users\dilys yuen\appdata\local\{7A550B5E-6442-4DAA-BA70-1E01D27F77C9}
2012-12-14 00:33:01 -------- d-----w- c:\users\dilys yuen\appdata\local\{6E1FE297-3324-4121-8955-AD207271A9D2}
2012-12-12 18:08:51 -------- d-----w- c:\users\dilys yuen\appdata\local\{255F00CC-72C2-4755-BC73-09210173E4D8}
2012-12-10 18:20:13 -------- d-----w- c:\users\dilys yuen\appdata\roaming\ConverterLite
2012-12-10 18:20:13 -------- d-----w- c:\program files\ConverterLite
2012-12-09 01:41:53 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-09 01:41:53 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-09 01:41:53 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-09 01:41:35 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-09 01:41:34 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-09 01:41:34 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-09 01:41:34 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-09 01:41:34 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-09 01:41:34 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-09 01:41:34 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-09 00:03:55 8192 ----a-w- c:\windows\system32\iisrstap.dll
.
==================== Find3M ====================
.
2012-12-30 02:15:39 338944 ----a-w- c:\windows\system32\drivers\AFD.SYS
2012-12-12 02:57:05 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-12 02:57:05 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-22 02:56:02 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-10-25 11:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 11:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-18 17:30:44 60304 ----a-w- c:\users\dilys yuen\g2mdlhlpx.exe
2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 17:40:31 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
.
============= FINISH: 20:09:27.15 ===============
attach
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 10/15/2009 8:03:51 PM
System Uptime: 1/5/2013 8:03:35 PM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | B75M-D3H
Processor: Intel® Core i5-3570K CPU @ 3.40GHz | Intel® Core i5-3570K CPU @ 3.40GHz | 3801/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 231 GiB total, 144.586 GiB free.
D: is CDROM ()
E: is FIXED (FAT32) - 1 GiB total, 0.975 GiB free.
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
@BIOS
µTorrent
32 Bit HP CIO Components Installer
7-Zip 4.65
AC3Filter 1.63b
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Photoshop CS5
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.5
Advertising Center
Air Video Server 2.4.3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bass Audio Decoder (remove only)
Bing Bar
Bing Maps 3D
Bing Rewards Client Installer
Bonjour
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 1.0
Canon MX700 series
CCleaner
CD Audio Reader Filter (remove only)
Cisco Connect
ConverterLite 1.6.2
CPUID CPU-Z 1.62
CPUID HWMonitor 1.16
CyberLink BD Advisor 2.0
CyberLink Blu-ray Disc Suite
CyberLink InstantBurn
CyberLink LabelPrint
CyberLink MediaShow
CyberLink Power2Go
CyberLink PowerBackup
CyberLink PowerDVD 9
CyberLink PowerProducer
D3DX10
DCoder Image Source (remove only)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectVobSub (remove only)
DolbyFiles
Dropbox
DScaler 5 Mpeg Decoders
Etron USB3.0 Host Controller
FFMPEG Core Files (remove only)
Google Chrome
GoToMeeting 5.1.0.880
HandBrake 0.9.6
HP USB Disk Storage Format Tool
iCloud
ImagXpress
Intel® Management Engine Components
Intel® OpenCL CPU Runtime
Intel® PRO Network Adapters and Drivers
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
iTunes
Java Auto Updater
Java 6 Update 24
Junk Mail filter update
LocationFree Player
Logitech SetPoint 5.20
MapleStory
Menu Templates - Starter Kit
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Suite 2006
Microsoft Digital Image Suite 2006 Editor
Microsoft Digital Image Suite 2006 Library
Microsoft Image Composite Editor
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Live Meeting 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MobileMe Control Panel
Movie Templates - Starter Kit
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSDE for AdminDB
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Musemage
Nero 9 Essentials
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero Vision Help
NeroExpress
neroxml
NVIDIA 3D Vision Driver 266.58
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
ON_OFF Charge B11.1102.1
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00
PDF Settings CS5
PenpowerJR
PPLite 1.0.0.106
PPTV V3.1.8.0039
QuickBooks Product Listing Service
QuickTime
RAMDisk
RealMedia (remove only)
Realtek Ethernet Controller Driver
redist
Remote Mouse version 1.09
Rhapsody Player Engine
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
SHOUTcast Source (remove only)
Simple Start Entice
Skype Toolbars
Skype™ 5.10
Spelling Dictionaries Support For Adobe Reader 9
Steam
StreetSmart Edge
StreetSmart Pro
SUPERAntiSpyware
SupportSoft Assisted Service
System Requirements Lab
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Viewpoint Media Player
WD SmartWare Drive Manager
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Windows XP Mode
WinRAR archiver
WinX Bluray DVD iPad Ripper 4.5.0
Xvid 1.2.2 final uninstall
.
==== Event Viewer Messages From Past Week ========
.
12/29/2012 6:18:07 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80004005 Error description: Unspecified error Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
12/29/2012 5:31:45 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2718.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
12/29/2012 5:31:18 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2718.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
12/29/2012 5:31:04 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2718.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
12/29/2012 5:28:11 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
12/29/2012 5:28:11 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
12/29/2012 5:22:10 PM, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.
12/29/2012 5:22:10 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection service depends on the Microsoft Network Inspection System service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.
12/29/2012 5:22:10 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
12/29/2012 5:21:42 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
12/29/2012 11:00:47 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2718.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
12/29/2012 10:50:07 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
12/29/2012 10:48:44 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2718.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
12/29/2012 10:39:09 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
1/5/2013 8:47:24 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 8:06:42 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 8:06:42 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 8:04:42 PM, Error: Microsoft-Windows-WMPNSS-Service [14353] - A media delivery engine with ID '0' was not initialized due to error '0x800700b7' when adding the URL 'http://+:10243/WMPNSSv4/2834687602/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
1/5/2013 8:04:42 PM, Error: Microsoft-Windows-WMPNSS-Service [14349] - A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x800700b7'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
1/5/2013 8:04:09 PM, Error: Service Control Manager [7034] - The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s).
1/5/2013 8:03:37 PM, Error: volmgr [46] - Crash dump initialization failed!
1/5/2013 6:21:34 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: C:\Windows\explorer.exe Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 5:53:23 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Users\Dilys Yuen\AppData\Roaming\Dropbox\bin\Dropbox.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 5:48:59 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 5:48:59 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 4:34:07 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 4:34:07 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 3:52:28 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 3:52:28 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3235.0, AS: 1.141.3235.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 2:59:37 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3230.0, AS: 1.141.3230.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 12:02:33 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3230.0, AS: 1.141.3230.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/5/2013 12:02:33 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3230.0, AS: 1.141.3230.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/4/2013 9:25:08 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3065.0, AS: 1.141.3065.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/4/2013 2:01:30 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/4/2013 12:14:25 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/4/2013 11:49:25 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/4/2013 11:49:25 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: THOMASYUEN\Dilys Yuen Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/4/2013 11:10:26 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE Action: Remove Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/4/2013 11:10:26 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: THOMASYUEN\Dilys Yuen Process Name: C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/4/2013 10:27:20 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3155.0, AS: 1.141.3155.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/3/2013 7:58:08 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3065.0, AS: 1.141.3065.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/3/2013 2:03:28 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3065.0, AS: 1.141.3065.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
1/3/2013 1:00:26 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:WinNT/Sirefef.N&threatid=2147657114 Name: Trojan:WinNT/Sirefef.N ID: 2147657114 Severity: Severe Category: Trojan Path: file:_C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.141.3065.0, AS: 1.141.3065.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9002.0, NIS: 2.1.8904.0
.
==== End Of File ===========================