TechSpot

[Closed] Another Sirefef Help Post!

By Mizuru007
Jul 19, 2012
  1. Hello!
    Today, my computer got infected by sirefef.
    I have a sneaking feeling it was attached to this Gamestop app that I downloaded today, but the source doesn't really matter.

    I've tried the instructions detailed here: http://malwaretips.com/Thread-How-to-completely-remove-ZeroAccess-Sirefef-rootkit-Removal-Guide but Windows Security Essentials is still saying there's traces of sirefef in my computer. Not as much as there was before, but it's still there.

    Help please? This computer is relatively new and I don't want anything bad happening to it already.

    I'm running Windows 7 x64-bit.
    I don't have the installation disk to Windows; the computer came with it pre-installed and they didn't give me a Windows 7 disk.
     
  2. Mizuru007

    Mizuru007 TS Rookie Topic Starter

    Going through the 5-Step program posting logs now...

    Malwarebytes Anti-Malware 1.62.0.1300
    www.malwarebytes.org

    Database version: v2012.07.18.09

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 8.0.7601.17514
    Autumn :: HERPDERP [administrator]

    7/18/2012 11:49:35 PM
    mbam-log-2012-07-18 (23-49-35).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 193185
    Time elapsed: 4 minute(s), 3 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
    ============================

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-07-19 00:19:05
    Windows 6.1.7601 Service Pack 1
    Running: 0dziqt3b.exe


    ---- Registry - GMER 1.0.15 ----

    Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Autumn\Downloads\Zoo Tycoon 2\Zoo Tycoon 2 \xff6e Ultimate Collection with save+Extras\Zoo Tycoon 2\Setup.Exe 1

    ---- EOF - GMER 1.0.15 ----
    ===============================

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31
    Run by Autumn at 0:20:23 on 2012-07-19
    Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.5887.3881 [GMT -7:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\WTouch\WTouchService.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\WTouch\WTouchUser.exe
    C:\Windows\SysWOW64\svchost.exe -k Akamai
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Users\Autumn\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    C:\Users\Autumn\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
    C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\Pen_Tablet.exe
    C:\Windows\system32\WTablet\Pen_TabletUser.exe
    C:\Windows\system32\Pen_Tablet.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2653012
    uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
    uURLSearchHooks: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll
    mURLSearchHooks: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll
    mWinlogon: Userinit=userinit.exe,
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll
    TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    uRun: [Akamai NetSession Interface] "C:\Users\Autumn\AppData\Local\Akamai\netsession_win.exe"
    uRun: [Google Update] "C:\Users\Autumn\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
    mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} - hxxp://nxcache.nexon.net/mabinogi/renderer/mabiweb.2010.5.03.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{02148D7D-70EC-4CD1-B27A-8CCFA0E0C5C8} : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{1E90FD71-5A89-45EF-8FBE-CA648E0F834A} : DhcpNameServer = 192.168.1.254
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll
    BHO-X64: Veoh Web Player - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll
    TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun-x64: [(Default)]
    mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
    mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
    mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Autumn\AppData\Roaming\Mozilla\Firefox\Profiles\sb6lblbl.default\
    FF - prefs.js: browser.startup.homepage - hxxp://google.com
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFSB3&ctid=CT2653012&SearchSource=2&q=
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
    FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
    FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
    FF - plugin: C:\Users\Autumn\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
    FF - plugin: C:\Users\Autumn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Users\Autumn\AppData\Roaming\Mozilla\Firefox\Profiles\sb6lblbl.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\plugins\np-mswmp.dll
    FF - plugin: C:\Users\Autumn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: C:\Users\Autumn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(general.useragent.extra.brc,
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 amd_sata;amd_sata;C:\Windows\system32\drivers\amd_sata.sys --> C:\Windows\system32\drivers\amd_sata.sys [?]
    R0 amd_xata;amd_xata;C:\Windows\system32\drivers\amd_xata.sys --> C:\Windows\system32\drivers\amd_xata.sys [?]
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-7-4 361984]
    R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 Giraffic;Veoh Giraffic Video Accelerator;C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service --> C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service [?]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
    R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
    R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-7-7 1127448]
    R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 TabletServicePen;TabletServicePen;C:\Windows\system32\Pen_Tablet.exe --> C:\Windows\system32\Pen_Tablet.exe [?]
    R2 UCManSvc;UCManSvc;C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [2010-3-12 241808]
    R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2011-8-22 127784]
    R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\drivers\usbfilter.sys --> C:\Windows\system32\drivers\usbfilter.sys [?]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    R3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 250056]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 113120]
    S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
    S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 sj;sj;C:\AeriaGames\EdenEternal\sjcs64.sys [2010-11-19 47224]
    S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 uqk;uqk;C:\koramgame\STOnline\avital\wyqku64.sys [2012-5-31 50608]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 wmamp3DriverV32;wmamp3DriverV32;C:\Windows\system32\drivers\wmamp3DriverV32.sys --> C:\Windows\system32\drivers\wmamp3DriverV32.sys [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-07-19 05:49:57 -------- d-----w- C:\Reg_Backup
    2012-07-19 05:48:07 -------- d-----w- C:\Tweaking.com_Windows_Repair_Logs
    2012-07-19 05:47:58 -------- d-----w- C:\Program Files (x86)\Tweaking.com
    2012-07-19 00:51:33 -------- d-----w- C:\Program Files (x86)\ESET
    2012-07-18 22:52:16 12872 ----a-w- C:\Windows\System32\bootdelete.exe
    2012-07-18 22:44:46 -------- d-----w- C:\ProgramData\HitmanPro
    2012-07-18 22:34:39 -------- d-----w- C:\Windows\pss
    2012-07-18 21:58:47 328704 ----a-w- C:\Windows\System32\services.exe.FB182CBECF68BFEB
    2012-07-18 21:51:35 328704 ----a-w- C:\Windows\System32\services.exe.06A1658BEFEF3656
    2012-07-18 21:42:11 328704 ----a-w- C:\Windows\System32\services.exe.216CDD419DD664AD
    2012-07-18 21:36:06 328704 ----a-w- C:\Windows\System32\services.exe.EF20670ECCAA86D2
    2012-07-18 21:32:46 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EC8971EE-7278-4C4E-B811-B844F3D159D9}\offreg.dll
    2012-07-18 21:31:37 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{85729400-E7B6-40B4-83EF-8E6FD7F01C1B}\gapaengine.dll
    2012-07-18 21:31:11 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EC8971EE-7278-4C4E-B811-B844F3D159D9}\mpengine.dll
    2012-07-18 21:28:22 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
    2012-07-18 21:28:15 -------- d-----w- C:\Program Files\Microsoft Security Client
    2012-07-18 21:23:39 -------- d-----w- C:\Users\Autumn\AppData\Roaming\Tific
    2012-07-18 21:23:34 -------- d-----w- C:\Users\Autumn\AppData\Local\Symantec
    2012-07-18 14:53:11 -------- d-sh--w- C:\Windows\System32\%APPDATA%
    2012-07-18 11:29:59 -------- d-----w- C:\Users\Autumn\AppData\Roaming\RIFT
    2012-07-18 11:21:03 -------- d-----w- C:\Program Files (x86)\Common Files\Stardock
    2012-07-18 11:21:01 -------- d-----w- C:\Program Files (x86)\Trion Worlds
    2012-07-18 06:48:22 -------- d-----w- C:\ProgramData\Gibraltar
    2012-07-18 06:42:14 -------- d-----w- C:\Users\Autumn\AppData\Roaming\Stardock
    2012-07-18 06:41:54 -------- d-----w- C:\Program Files (x86)\GameStop App
    2012-07-18 06:41:36 -------- d-----w- C:\Users\Autumn\AppData\Local\PackageAware
    2012-07-12 11:04:52 -------- d-----w- C:\Program Files (x86)\AMD APP
    2012-07-12 10:05:43 3148800 ----a-w- C:\Windows\System32\win32k.sys
    2012-07-06 02:07:26 -------- d-----w- C:\Users\Autumn\AppData\Roaming\NitroplusCHiRAL
    2012-07-06 02:04:10 -------- d-----w- C:\Windows\ucharge
    2012-07-06 02:04:10 -------- d-----w- C:\ProgramData\paltiosoft
    2012-07-06 02:04:10 -------- d-----w- C:\Program Files (x86)\SoftDenchi
    2012-07-06 01:59:10 -------- d-----w- C:\Program Files (x86)\NitroplusCHiRAL
    2012-07-04 06:59:32 11922944 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
    2012-07-04 06:52:04 26016256 ----a-w- C:\Windows\System32\atio6axx.dll
    2012-07-04 06:35:46 19586048 ----a-w- C:\Windows\SysWow64\atioglxx.dll
    2012-07-04 06:27:18 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
    2012-07-04 06:27:08 918528 ----a-w- C:\Windows\SysWow64\aticfx32.dll
    2012-07-04 06:21:40 514048 ----a-w- C:\Windows\System32\atieclxx.exe
    2012-07-04 06:20:54 238080 ----a-w- C:\Windows\System32\atiesrxx.exe
    2012-07-04 06:19:30 120320 ----a-w- C:\Windows\System32\atitmm64.dll
    2012-07-04 06:19:16 21504 ----a-w- C:\Windows\System32\atimuixx.dll
    2012-07-04 06:19:12 59392 ----a-w- C:\Windows\System32\atiedu64.dll
    2012-07-04 06:19:06 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
    2012-07-04 06:18:18 6811648 ----a-w- C:\Windows\SysWow64\atidxx32.dll
    2012-07-04 05:36:34 1053696 ----a-w- C:\Windows\System32\atiumd6v.dll
    2012-07-04 05:36:24 69632 ----a-w- C:\Windows\System32\coinst_8.97.100.3.dll
    2012-07-04 05:36:14 1960960 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
    2012-07-04 05:35:14 6245888 ----a-w- C:\Windows\SysWow64\atiumdag.dll
    2012-07-04 05:28:52 4749312 ----a-w- C:\Windows\SysWow64\atiumdva.dll
    2012-07-04 05:11:42 56320 ----a-w- C:\Windows\System32\atimpc64.dll
    2012-07-04 05:11:42 56320 ----a-w- C:\Windows\System32\amdpcom64.dll
    2012-07-04 05:11:38 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll
    2012-07-04 05:11:38 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
    2012-07-04 05:11:30 364544 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
    2012-07-04 05:11:18 17920 ----a-w- C:\Windows\System32\atig6pxx.dll
    2012-07-04 05:11:16 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
    2012-07-04 05:11:16 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
    2012-07-04 05:11:12 41984 ----a-w- C:\Windows\System32\atig6txx.dll
    2012-07-04 05:11:04 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
    2012-07-04 05:10:56 359936 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
    2012-07-04 05:09:10 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
    2012-07-04 05:04:30 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
    2012-07-04 05:04:28 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
    2012-07-04 05:04:22 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
    2012-07-04 05:04:18 44544 ----a-w- C:\Windows\SysWow64\aticalcl.dll
    2012-07-04 05:04:08 15827456 ----a-w- C:\Windows\System32\aticaldd64.dll
    2012-07-04 04:59:40 13402112 ----a-w- C:\Windows\SysWow64\aticaldd.dll
    2012-06-25 14:36:32 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2012-06-25 14:36:18 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2012-06-25 14:36:03 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2012-06-25 14:36:03 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2012-06-24 18:13:43 -------- d-----w- C:\Users\Autumn\AppData\Roaming\WTablet
    2012-06-24 18:13:41 -------- d-----w- C:\Users\Autumn\AppData\Roaming\WTouch
    .
    ==================== Find3M ====================
    .
    2012-07-11 19:28:36 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-07-11 19:28:36 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-07-04 06:25:14 1081856 ----a-w- C:\Windows\System32\aticfx64.dll
    2012-07-04 06:21:46 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
    2012-07-04 05:57:18 7510528 ----a-w- C:\Windows\System32\atidxx64.dll
    2012-07-04 05:35:42 4261376 ----a-w- C:\Windows\System32\atiumd6a.dll
    2012-07-04 05:24:02 7477760 ----a-w- C:\Windows\System32\atiumd64.dll
    2012-07-04 05:11:40 535552 ----a-w- C:\Windows\System32\atiadlxx.dll
    2012-07-04 05:10:04 55296 ----a-w- C:\Windows\System32\atiuxp64.dll
    2012-07-04 05:09:56 42496 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
    2012-07-04 05:09:50 45056 ----a-w- C:\Windows\System32\atiu9p64.dll
    2012-07-04 05:09:42 32768 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
    2012-07-03 20:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-06-11 20:50:46 187392 ----a-w- C:\Windows\System32\clinfo.exe
    2012-06-11 20:50:30 75264 ----a-w- C:\Windows\System32\OpenVideo64.dll
    2012-06-11 20:50:24 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
    2012-06-11 20:50:18 63488 ----a-w- C:\Windows\System32\OVDecode64.dll
    2012-06-11 20:50:14 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
    2012-06-11 20:50:06 16457728 ----a-w- C:\Windows\System32\amdocl64.dll
    2012-06-11 20:49:22 13008896 ----a-w- C:\Windows\SysWow64\amdocl.dll
    2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
    2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
    2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
    2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
    2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
    2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
    2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
    2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2012-05-22 21:26:10 224088 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
    2012-05-22 21:26:10 130904 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
    2012-05-19 00:21:11 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
    2012-05-15 04:01:31 1188864 ----a-w- C:\Windows\System32\wininet.dll
    2012-05-15 03:03:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
    2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
    2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
    2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
    2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
    2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    .
    ============= FINISH: 0:21:03.97 ===============
     
  3. Mizuru007

    Mizuru007 TS Rookie Topic Starter

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 8/19/2011 6:32:25 AM
    System Uptime: 7/18/2012 10:52:21 PM (2 hours ago)
    .
    Motherboard: FOXCONN | | 2AB1
    Processor: AMD Athlon(tm) II X4 645 Processor | CPU 1 | 3100/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 920 GiB total, 469.65 GiB free.
    D: is FIXED (NTFS) - 11 GiB total, 1.371 GiB free.
    E: is CDROM (UDF)
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    J: is CDROM ()
    K: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0009
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0009
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0010
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0010
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0011
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0011
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0012
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0012
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0013
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0013
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0014
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0014
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0015
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0015
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0016
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0016
    Service: wacomvhid
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: WAN Miniport (IKEv2)
    Device ID: ROOT\MS_AGILEVPNMINIPORT\0000
    Manufacturer: Microsoft
    Name: WAN Miniport (IKEv2)
    PNP Device ID: ROOT\MS_AGILEVPNMINIPORT\0000
    Service: RasAgileVpn
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0017
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0017
    Service: wacomvhid
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: WAN Miniport (L2TP)
    Device ID: ROOT\MS_L2TPMINIPORT\0000
    Manufacturer: Microsoft
    Name: WAN Miniport (L2TP)
    PNP Device ID: ROOT\MS_L2TPMINIPORT\0000
    Service: Rasl2tp
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft Teredo Tunneling Adapter
    Device ID: ROOT\*TEREDO\0000
    Manufacturer: Microsoft
    Name: Teredo Tunneling Pseudo-Interface
    PNP Device ID: ROOT\*TEREDO\0000
    Service: tunnel
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: WAN Miniport (Network Monitor)
    Device ID: ROOT\MS_NDISWANBH\0000
    Manufacturer: Microsoft
    Name: WAN Miniport (Network Monitor)
    PNP Device ID: ROOT\MS_NDISWANBH\0000
    Service: NdisWan
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0018
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0018
    Service: wacomvhid
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: WAN Miniport (IP)
    Device ID: ROOT\MS_NDISWANIP\0000
    Manufacturer: Microsoft
    Name: WAN Miniport (IP)
    PNP Device ID: ROOT\MS_NDISWANIP\0000
    Service: NdisWan
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: WAN Miniport (IPv6)
    Device ID: ROOT\MS_NDISWANIPV6\0000
    Manufacturer: Microsoft
    Name: WAN Miniport (IPv6)
    PNP Device ID: ROOT\MS_NDISWANIPV6\0000
    Service: NdisWan
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: WAN Miniport (PPPOE)
    Device ID: ROOT\MS_PPPOEMINIPORT\0000
    Manufacturer: Microsoft
    Name: WAN Miniport (PPPOE)
    PNP Device ID: ROOT\MS_PPPOEMINIPORT\0000
    Service: RasPppoe
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0000
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0000
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0001
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0001
    Service: wacomvhid
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: WAN Miniport (PPTP)
    Device ID: ROOT\MS_PPTPMINIPORT\0000
    Manufacturer: Microsoft
    Name: WAN Miniport (PPTP)
    PNP Device ID: ROOT\MS_PPTPMINIPORT\0000
    Service: PptpMiniport
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0002
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0002
    Service: wacomvhid
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: WAN Miniport (SSTP)
    Device ID: ROOT\MS_SSTPMINIPORT\0000
    Manufacturer: Microsoft
    Name: WAN Miniport (SSTP)
    PNP Device ID: ROOT\MS_SSTPMINIPORT\0000
    Service: RasSstp
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0003
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0003
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0004
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0004
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0005
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0005
    Service: wacomvhid
    .
    Class GUID:
    Description: ZTekWare Original CD Emulator
    Device ID: ROOT\SCSIADAPTER\0000
    Manufacturer:
    Name: ZTekWare Original CD Emulator
    PNP Device ID: ROOT\SCSIADAPTER\0000
    Service:
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0006
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0006
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0007
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0007
    Service: wacomvhid
    .
    Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Description: Wacom Virtual Hid Driver
    Device ID: ROOT\HIDCLASS\0008
    Manufacturer: Wacom
    Name: Wacom Virtual Hid Driver
    PNP Device ID: ROOT\HIDCLASS\0008
    Service: wacomvhid
    .
    ==== System Restore Points ===================
    .
    RP258: 7/15/2012 4:03:45 AM - Windows Update
    RP259: 7/15/2012 5:51:48 AM - Device Driver Package Install: Advanced Micro Devices, Inc. Display adapters
    RP260: 7/15/2012 6:08:44 AM - ILLUSION ワケあり! を削除しました
    RP261: 7/15/2012 6:09:32 AM - ILLUSION ラブガール~魅惑の個人レッスン~ を削除しました
    RP262: 7/15/2012 6:11:55 AM - Tech48 を削除しました
    RP263: 7/15/2012 8:36:48 PM - Windows Backup
    RP264: 7/18/2012 4:21:08 AM - Installed DirectX
    RP265: 7/18/2012 10:49:37 PM - Tweaking.com - Windows Repair
    .
    ==== Installed Programs ======================
    .
    7-Zip 9.20
    Adobe AIR
    Adobe Community Help
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Photoshop CS5.1
    Agatha Christie - Peril at End House
    Aika Online: Epic II
    AIM 7
    Akamai NetSession Interface
    Akamai NetSession Interface Service
    AMD VISION Engine Control Center
    Apple Application Support
    Apple Software Update
    Application Profiles
    Artificial Girl 3
    Audacity 1.3.13 (Unicode)
    Audition
    AuditionSEA
    Auslogics Disk Defrag
    Baldur's Gate II
    Bamboo
    Bandisoft MPEG-1 Decoder
    Bejeweled 2 Deluxe
    Bejeweled 3
    Black & White Creature Isle
    Black & WhiteR 2
    Black and White
    Blackhawk Striker 2
    Blasterball 3
    Blio
    Bounce Symphony
    Build-a-lot 2
    Cake Mania
    Catalyst Control Center - Branding
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Cheat Engine 6.1
    Chuzzle Deluxe
    CopyTrans Suite Remove Only
    D3DX10
    DAEMON Tools Lite
    Diner Dash 2 Restaurant Rescue
    DivX Setup
    Dora's World Adventure
    Download Updater (AOL LLC)
    DRAMAtical Murder
    EdenEternal
    ESET Online Scanner v3
    Fable - The Lost Chapters
    Facade
    Farm Frenzy
    FATE - The Traitor Soul
    Free WMA to MP3 Converter 1.16
    GIMP 2.6.11
    Google Talk Plugin
    Hewlett-Packard ACLM.NET v1.1.2.0
    HF pAppLoc version 0.8
    HP Customer Experience Enhancements
    HP Games
    HP LinkUp
    HP MovieStore
    HP Odometer
    HP Product Detection
    HP Setup
    HP Setup Manager
    HP Support Assistant
    HP Support Information
    HP Update
    Hulu Desktop
    IBM ViaVoice Command and Control Runtime 5.3
    IBM ViaVoice Command and Control Runtime 5.3 - UK English
    IBM ViaVoice Outloud Runtime - US English
    ILLUSION 俺が主人公
    ImgBurn
    Jade Empire
    Java Auto Updater
    Java(TM) 6 Update 31
    JumpStart 3rd Grade
    Junk Mail filter update
    Katawa Shoujo
    Kobo
    LabelPrint
    LAME v3.98.3 for Audacity
    LibUSB-Win32-0.1.10.1
    LightScribe System Software
    Livestream Procaster
    Mabinogi
    Mah Jong Medley
    Malwarebytes Anti-Malware version 1.62.0.1300
    Mesh Runtime
    Microsoft Office 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Starter 2010 - English
    Microsoft PowerPoint Viewer
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft WSE 3.0 Runtime
    Microsoft_VC80_ATL_x86
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC90_ATL_x86
    Microsoft_VC90_CRT_x86
    Microsoft_VC90_MFC_x86
    Microsoft_VC90_MFCLOC_x86
    Mozilla Firefox 13.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Mystery P.I. - Stolen in San Francisco
    Namco All-Stars PAC-MAN
    Neverwinter Nights 2
    Nexon Game Manager
    Norton Online Backup
    Oregon Trail 5
    Origin
    Original CD Emulator Personal Edition
    OyE?°a1.0
    Pando Media Booster
    PDF Complete Special Edition
    PDF Settings CS5
    Penguins!
    piaip AppLocale
    Plants vs. Zombies - Game of the Year
    PlayReady PC Runtime x86
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    Power2Go
    PressReader
    QuickTime
    Raptr
    Realtek High Definition Audio Driver
    RebirthRO
    Recovery Manager
    Remote Graphics Receiver
    RIFT
    RoxioNow Player
    SdRt4200
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    SimCity 4 Rush Hour
    Skype Click to Call
    Skype? 5.10
    Slingo Supreme
    Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM)
    Star WarsR: Knights of the Old Republic (TM)
    Steam
    STOnline
    The Sims 2 Family Fun Stuff
    The Sims 2 Glamour Life Stuff
    The Sims 2 Open For Business
    The Sims 2 Pets
    The Sims 2 University
    The Sims Complete Collection
    The Sims Medieval
    The Sims Medieval Pirates and Nobles
    The Sims? 2 Apartment Life
    The Sims? 2 Bon Voyage
    The Sims? 2 Double Deluxe
    The Sims? 2 FreeTime
    The Sims? 2 H&MR Fashion Stuff
    The Sims? 2 Kitchen & Bath Interior Design Stuff
    The Sims? 2 Seasons
    The Sims? 2 Teen Style Stuff
    The Sims? 3
    The Sims? 3 Ambitions
    The Sims? 3 Generations
    The Sims? 3 Late Night
    The Sims? 3 Pets
    The Sims? 3 Showtime
    The Sims? 3 World Adventures
    TSLRCM 1.6
    Tweaking.com - Windows Repair (All in One)
    Unity Web Player
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update Installer for WildTangent Games App
    VC80CRTRedist - 8.0.50727.6195
    Veoh Giraffic Video Accelerator
    Veoh Web Player
    Veoh Web Player Toolbar
    Vindictus
    Virtual Villagers 4 - The Tree of Life
    Wakfu
    WebTablet FB Plugin
    WebTablet IE Plugin
    WebTablet Netscape Plugin
    Wheel of Fortune 2
    WildTangent Games App (HP Games)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Zinio Reader 4
    Zoo Tycoon 2 - Extinct Animals
    Zoombinis Logical Journey(TM)
    Zuma Deluxe
    μTorrent
    カスタムメイド3D
    カスタムレイドV
    神咒神威神楽
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/18/2012 3:37:55 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
    7/18/2012 3:37:55 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
    7/18/2012 3:37:21 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
    7/18/2012 3:37:15 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
    7/18/2012 3:36:57 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
    7/18/2012 2:58:47 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win64/Sirefef.Y&threatid=2147655285 Name: Trojan:Win64/Sirefef.Y ID: 2147655285 Severity: Severe Category: Trojan Path: containerfile:_C:\Windows\system32\services.exe;file:_C:\Windows\system32\services.exe->731;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: HerpDerp\Autumn Process Name: C:\Windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.131.161.0, AS: 1.131.161.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8601.0, NIS: 2.0.8001.0
    7/18/2012 2:51:35 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win64/Sirefef.Y&threatid=2147655285 Name: Trojan:Win64/Sirefef.Y ID: 2147655285 Severity: Severe Category: Trojan Path: containerfile:_C:\Windows\system32\services.exe;file:_C:\Windows\system32\services.exe->731;process:_pid:632 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\Windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.131.161.0, AS: 1.131.161.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8601.0, NIS: 2.0.8001.0
    7/18/2012 2:42:11 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win64/Sirefef.Y&threatid=2147655285 Name: Trojan:Win64/Sirefef.Y ID: 2147655285 Severity: Severe Category: Trojan Path: containerfile:_C:\Windows\System32\services.exe;file:_C:\Windows\System32\services.exe->731;process:_pid:632 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\Windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.131.161.0, AS: 1.131.161.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8601.0, NIS: 2.0.8001.0
    7/18/2012 2:36:06 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win64/Sirefef.Y&threatid=2147655285 Name: Trojan:Win64/Sirefef.Y ID: 2147655285 Severity: Severe Category: Trojan Path: containerfile:_C:\Windows\System32\services.exe;file:_C:\Windows\System32\services.exe->731;process:_pid:628 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\Windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.131.161.0, AS: 1.131.161.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8601.0, NIS: 2.0.8001.0
    7/18/2012 2:32:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.161.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
    7/18/2012 2:32:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.161.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
    7/18/2012 2:32:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.161.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
    7/18/2012 2:32:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.161.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
    7/18/2012 2:32:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.161.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
    7/18/2012 2:29:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    7/18/2012 2:28:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    7/18/2012 11:55:15 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    7/18/2012 10:53:59 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    7/18/2012 10:53:16 PM, Error: Service Control Manager [7003] - The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.
    7/18/2012 10:53:16 PM, Error: Service Control Manager [7003] - The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.
    7/18/2012 10:53:16 PM, Error: Service Control Manager [7001] - The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    7/18/2012 10:53:07 PM, Error: Service Control Manager [7000] - The Aspi32 service failed to start due to the following error: This driver has been blocked from loading
    7/18/2012 10:53:07 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\aspi32.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    7/15/2012 5:52:49 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AMD External Events Utility service to connect.
    7/15/2012 5:52:49 AM, Error: Service Control Manager [7000] - The AMD External Events Utility service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    7/14/2012 3:32:17 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x00000000000000b0, 0x0000000000000002, 0x0000000000000000, 0xfffff8800a3390bc). A dump was saved in: C:\Windows\Minidump\071412-37643-01.dmp. Report Id: 071412-37643-01.
    7/12/2012 3:29:05 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
    7/12/2012 3:29:05 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    7/12/2012 3:25:38 AM, Error: Service Control Manager [7000] - The AODDriver4.1 service failed to start due to the following error: The system cannot find the file specified.
    7/12/2012 2:32:51 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{02148D7D-70EC-4CD1-B27A-8CCFA0E0C5C8} because another computer on the network has the same name. The server could not start.
    .
    ==== End Of File ===========================
     
  4. Mizuru007

    Mizuru007 TS Rookie Topic Starter

    I would like to alter a previous statement after reading around on different forums.

    This virus most likely came from that "Adobe update" thing that's been going around.
    I'm stating this on the off-chance that it somehow makes the problem easier to fix.
     
  5. Mizuru007

    Mizuru007 TS Rookie Topic Starter

  6. Broni

    Broni Malware Annihilator Posts: 47,015   +255

    Thanks for letting us know :)
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.