Windows Security Center won't turn on (and isn't listed)

Page 2 of 3 FirstFirst 123 LastLast

  1. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #11

    Go to this link
    https://skydrive.live.com/?cid=93673...8FCEB92F%21115
    find the 'good wscsvc.zip' fiple and download it
    extract the .reg file to your desktop
    right-click on the file, and select Merge.
    accept the warnings, and reboot after you get the success message -
    now test the Security Center.
      My Computer


  2. Posts : 16
    Windows 7
    Thread Starter
       #12

    Ok I installed/merged the reg. file.

    Now it says under security: "Spyware and unwanted software protection (Important)"

    Windows Defender and McAfee Anti-Virus and Anti-Spyware both report that they are turned off.

    There is a button to view antispyware options but when I click on it it takes me to a few options. The first one says to turn on windows defender and update definitions. When I click on that it takes me to the Windows/system32 folder. When I click on update Mcafee nothing happens.
      My Computer


  3. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #13

    You should always use McAfee's own options to turn it on and off. Chances are that it's been broken by your vairus infections and will require uninstall/reinstall (if even that works - if the virus is still active, it may prevent it).

    If it's not behaving properly, then it would tend to indicate that there are more problems than just the Security Center - and you may well be looking at a reformat/reinstall as your best/safest option.
      My Computer


  4. Posts : 16
    Windows 7
    Thread Starter
       #14

    McAfee was just reinstalled and appears to be working properly, aside from the windows security screen saying it's not. How do I know if it is or not?
      My Computer


  5. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
       #15

    fan1bsb97,
    First and foremost:
    Run WDO. WDO will automatically run a quick scan. You will need to select full/compleete scan after the quick scan finishes.
    McAfee,malwarebytes are both programs that require you to start up your Win 7 and thus do NOT remove all malware.

    First, run WDO.
    Immediately, thereafter UNINSTALL MuckAfee (McAfee).
    Install MSE, Microsoft Security Essentials (link in my signature). This is the one and the only anti-malware you need.

    After these steps, be sure to upload the LOG files mentioned in the folllowing write-up and to let us know the status.

    Distinct possibility is that you will need to wipe the disk clean and perform a fresh install if the above procedures do not solve your problem. Oh yes, if you are, then cease and desist from using torrent software.
    HOW TO USE WINDOWS DEFENDER OFFLINE ON A USB STICK
    Windows Defender Offline
    · is a free standalone, bootable malware and virus remover from Microsoft.
    · performs an offline scan of an infected PC to remove viruses, rootkits and other advanced malware.

    Download Windows Defender Offline (about 764 kB)

    You will have the choice of downloading the 32bit version (x86) or the 64 bit version (x64).
    The link will help you determine whether you are running a 32 bit version or 64 bit version of Windows

    NOTE!! You can download and prepare a 32 bit version using a 64 bit version of Windows
    NOTE!! You can download and prepare a 64 bit version using a 32bit version of Windows.

    You run the 32 bit version on a 32 bit version of Windows.
    You run the 64 bit version on a 64 bit version of Windows.

    The 32 bit download file name is: mssstool32.exe
    The 64 bit download file name is: mssstool64.exe

    For the curious, this program was originally name Microsoft Standalone System Sweeper.


    INSTALLATION:
    You will need an Internet Connection.
    Insert 512 mB (Microsoft’s 256 mB is no longer accurate) or larger USB stick into a usb port.
    Run the downloaded program--mssstool64.exe or mssstool32.exe
    NEXT button
    Choose the option On a USB flash drive that is not password protected
    NEXT button
    NEXT button
    .
    The install program will format the usb stick using the NTFS format.
    The install program will download about 210 mB.
    The install program will name the USB stick WDO_Media32 or WDO_Media64
    The WDO_Media32 usb stick will have used space of 255 mB (268,140,544 bytes)
    The WDO_Media64 usb stick will have used space of 282 mB (296,165,376 bytes)
    You can expect the number of mB to increase as more malware appears.

    UPDATE Windows Defender Offline USB stick:
    · reinsert the usb stick
    · run the installation program, mssstool64.exe or mssstool32.exe, again.
    · the update will download about 66 mB (mssstool32.exe) and 68 mB (mssstool64.exe).

    Since the malware database is sometimes updated several times in a day, always update before running.

    PERFORM AN OFFLINE SCAN
    Bootup your computer from the USB stick
    Windows Defender Offline will automatically perform a quick scan.
    After the quick scan finishes, Choose Full Scan
    Select all of your drives

    The initial, full scan can easily take several hours, but
    Remember, your computer is being very thoroughly checked for all types of malware.


    RESULTS OF THE SCAN
    The results will be in 4 log files on your computer's disk in:
    \Windows\Microsoft Antimalware\Support
    Upload the four log files please.
      My Computer


  6. Posts : 16
    Windows 7
    Thread Starter
       #16

    Thanks I'm starting this progress- quick question - how do I boot up from the usb stick?
      My Computer


  7. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
       #17

    You consult the documentation for your computer which will tell you how to boot to USB.

    Incidentally, you can help us to help you by fully and completely filling in your system specs:

    Update your SevenForums System Specs
    User CP (located on the top menu bar) |
    Your Profile | Edit System Spec
    (left-hand column)

    To gather info, use Speccy (my favorite) or SIW or System Info

    ADD the word laptop or desktop or netbook to the
    “system manufacturer” block, for example,
    Toshiba Satellite L305D notebook.

    Provide full windows version info, for example:
    MS Windows 7 Ultimate SP1 64-bit

    Use the “Other Info” block for Optical Reader,
    Mouse, touchpad, wifi adapter, speakers, monitor, etc

    Scroll down and click on SAVE CHANGES.
    ======================================================
      My Computer


  8. Posts : 16
    Windows 7
    Thread Starter
       #18

    Thanks for all your help. I will fill that out soon.

    It went right into the quick scan. How do I start the full scan? Can I choose it after this one is over? It looks like it's almost done, but it seems to have froze (the time isn't elapsing anymore and the items scaned has stopped)...it says that the prelimiary scan results show tha tmalicious or potentially unwanted software miight exixt on your system. What should I do? Oh wait it started again lol. But how do I do the full scan?

    Edit: The quick scan detected the trojan win64/sirefef.Y. I just removed it.

    I guess I'll try to restart normally now? *nervous*

    Oh I'm sorry I didn't see that I need to do the full scan next. I will do that now.
      My Computer


  9. Posts : 16
    Windows 7
    Thread Starter
       #19

    Here's the results. I don't know how to disable smilies.

    **********Cache stats************
    No. Of buckets -> 12800
    Each Bucket has max capacity of -> 1 entries
    number of Entries is 0
    Number of invalid entries is 0
    Number of Inserts issued is 0
    Number of replaces issued is 0
    Number of Insert failures is 0
    Number of lookups is 0
    Number of misses is 0
    Number of false fast lookups is 0
    Number of invalidations is 0
    Number of maintenance invalidations is 0
    Current File Size is 311296
    Journal ID = 0
    Trusted image state = 0 USN = 0
    2012-06-16T05:05:23.996Z Version: Product 4.0.1538.0 Service 4.0.1538.0 Engine 0.0.0.0 AS 0.0.0.0 AV 0.0.0.0
    2012-06-16T05:05:39.409Z Version: Product 4.0.1538.0 Service 4.0.1538.0 Engine 1.1.8403.0 AS 1.127.2110.0 AV 1.127.2110.0
    2012-06-16T05:20:20.842Z DETECTION Trojan:Win64/Sirefef.Y file:\Windows\system32\services.exe->731
    --------------------------------------------------------------------------------
    2012-06-16T05:05:23.903Z Trace session started - MpWppTracing-06152012-210523-00000003-ffffffff.bin
    2012-06-16T05:05:23.903Z Service is asked to be reenabled.
    2012-06-16T05:05:23.918Z Task(-EnableService) launched**********Cache stats************
    No. Of buckets -> 12800
    Each Bucket has max capacity of -> 1 entries
    number of Entries is 0
    Number of invalid entries is 0
    Number of Inserts issued is 0
    Number of replaces issued is 0
    Number of Insert failures is 0
    Number of lookups is 0
    Number of misses is 0
    Number of false fast lookups is 0
    Number of invalidations is 0
    Number of maintenance invalidations is 0
    Current File Size is 311296
    Journal ID = 0
    Trusted image state = 0 USN = 0

    2012-06-16T05:05:23.965Z Loading engine...
    2012-06-16T05:05:23.965Z loaded!
    2012-06-16T05:05:23.981Z NisUpdate from SignatureDropLocation returns S_OK
    2012-06-16T05:05:23.981Z NisUpdate from SignatureDefaultLocation returns S_OK
    2012-06-16T05:05:23.981Z Cache Disabled: 0
    2012-06-16T05:05:23.981Z Verifying license file...
    2012-06-16T05:05:23.996Z verified!
    2012-06-16T05:05:23.996Z Product supports installmode: 0
    Product Version: 4.0.1538.0
    Service Version: 4.0.1538.0
    Engine Version: 0.0.0.0
    AS Signature Version: 0.0.0.0
    AV Signature Version: 0.0.0.0
    ************************************************************
    2012-06-16T05:05:33.746Z Verifying engine and signature files (source: 0) ...
    2012-06-16T05:05:34.043Z verified!
    2012-06-16T05:05:39.316Z Initializing SQM in engine...
    2012-06-16T05:05:39.316Z SQM initialized in the engine successfully
    Signature updated on ‎06‎-‎15‎-‎2012 21:05:39
    Product Version: 4.0.1538.0
    Service Version: 4.0.1538.0
    Engine Version: 1.1.8403.0
    AS Signature Version: 1.127.2110.0
    AV Signature Version: 1.127.2110.0
    ************************************************************
    2012-06-16T05:19:51.888Z Task(SpyNetService -RestrictPrivileges -AccessKey B41301BE-9C78-0CC8-8904-5FCCD6E7B8D2) launched
    2012-06-16T05:20:20.842Z DETECTIONEVENT Trojan:Win64/Sirefef.Y containerfile:\Windows\system32\services.exe;file:\Windows\system32\services.exe->731;
    2012-06-16T05:20:20.842Z DETECTION_ADD Trojan:Win64/Sirefef.Y containerfile:\Windows\system32\services.exe
    2012-06-16T05:20:20.842Z DETECTION_ADD Trojan:Win64/Sirefef.Y file:\Windows\system32\services.exe->731
    Begin Quick Scan
    Scan ID:{799EB158-AE43-4701-B791-4361C86C2655}
    Scan Source:2
    Start Time:‎06‎-‎15‎-‎2012 21:05:39
    End Time:‎06‎-‎15‎-‎2012 21:20:20
    Result Count:1
    Threat Name:Trojan:Win64/Sirefef.Y
    ID:2147655285
    Severity:5
    Number of Resources:2
    Resource Schema:file
    Resource Path:\Windows\system32\services.exe->731
    Extended Info:40388481833002
    Resource Schema:containerfile
    Resource Path:\Windows\system32\services.exe
    Extended Info:0
    End Scan
    ************************************************************

    Begin Resource Scan
    Scan ID:{117B0B44-AFF6-4BB3-B870-4EE1EB45AA9B}
    Scan Source:6
    Start Time:‎06‎-‎15‎-‎2012 21:23:07
    End Time:‎06‎-‎15‎-‎2012 21:23:15
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Windows\system32\services.exe
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Windows\system32\services.exe->731
    Result Count:1
    Threat Name:Trojan:Win64/Sirefef.Y
    ID:2147655285
    Severity:5
    Number of Resources:2
    Resource Schema:file
    Resource Path:\Windows\system32\services.exe->731
    Extended Info:40388481833002
    Resource Schema:containerfile
    Resource Path:\Windows\system32\services.exe
    Extended Info:0
    End Scan
    ************************************************************

    Beginning threat actions
    Start time:‎06‎-‎15‎-‎2012 21:23:16
    Threat Name:Trojan:Win64/Sirefef.Y
    Threat ID:2147655285
    Action:remove
    File to act on SHA1:F9509DA95286D5BC9DC8E393868D3A2B80A03F93
    !ERROR
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Windows\system32\services.exe->731
    Threat ID:2147655285
    Resource refcount:1
    Result:1260
    !ERROR
    Finished threat ID:2147655285
    Threat result:1260
    Threat status flags:1
    Finished threat actions
    End time:‎06‎-‎15‎-‎2012 21:23:16
    Result:0
    2012-06-16T05:23:16.873Z Task(SpyNetService -RestrictPrivileges -AccessKey 6D539E56-3755-E8E4-575E-5AB8EAB1BB84) launched
    --------------------------------------------------------------------------------
    2012-06-16T05:31:54.948Z Trace session started - MpWppTracing-06152012-213154-00000003-ffffffff.bin
    2012-06-16T05:31:54.948Z Service is asked to be reenabled.
    2012-06-16T05:31:54.948Z Task(-EnableService) launched**********Cache stats************
    No. Of buckets -> 12800
    Each Bucket has max capacity of -> 1 entries
    number of Entries is 0
    Number of invalid entries is 0
    Number of Inserts issued is 0
    Number of replaces issued is 0
    Number of Insert failures is 0
    Number of lookups is 0
    Number of misses is 0
    Number of false fast lookups is 0
    Number of invalidations is 0
    Number of maintenance invalidations is 0
    Current File Size is 311296
    Journal ID = 0
    Trusted image state = 0 USN = 0

    2012-06-16T05:31:54.979Z Loading engine...
    2012-06-16T05:31:54.979Z loaded!
    2012-06-16T05:31:54.979Z NisUpdate from SignatureDropLocation returns S_OK
    2012-06-16T05:31:54.979Z NisUpdate from SignatureDefaultLocation returns S_OK
    2012-06-16T05:31:54.979Z Cache Disabled: 0
    2012-06-16T05:31:54.979Z Verifying license file...
    2012-06-16T05:31:54.995Z verified!
    2012-06-16T05:31:54.995Z Product supports installmode: 0
    Product Version: 4.0.1538.0
    Service Version: 4.0.1538.0
    Engine Version: 0.0.0.0
    AS Signature Version: 0.0.0.0
    AV Signature Version: 0.0.0.0
    ************************************************************
    2012-06-16T05:32:05.041Z Verifying engine and signature files (source: 0) ...
    2012-06-16T05:32:05.353Z verified!
    2012-06-16T05:32:10.782Z Initializing SQM in engine...
    2012-06-16T05:32:10.782Z SQM initialized in the engine successfully
    Signature updated on ‎06‎-‎15‎-‎2012 21:32:10
    Product Version: 4.0.1538.0
    Service Version: 4.0.1538.0
    Engine Version: 1.1.8403.0
    AS Signature Version: 1.127.2110.0
    AV Signature Version: 1.127.2110.0
    ************************************************************
    2012-06-16T08:17:40.043Z Task(SpyNetService -RestrictPrivileges -AccessKey 46F38A1C-1ABE-43D3-7CAC-8455A966EAA1) launched
    2012-06-16T08:18:08.857Z DETECTIONEVENT Trojan:Win64/Sirefef.Y containerfile:\Windows\system32\services.exe;containerfile:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000;file:\Windows\system32\services.exe->731;file:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000->731;
    2012-06-16T08:18:08.872Z DETECTION_ADD Trojan:Win64/Sirefef.Y containerfile:\Windows\system32\services.exe
    2012-06-16T08:18:08.872Z DETECTION_ADD Trojan:Win64/Sirefef.Y containerfile:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000
    2012-06-16T08:18:08.872Z DETECTION_ADD Trojan:Win64/Sirefef.Y file:\Windows\system32\services.exe->731
    2012-06-16T08:18:08.872Z DETECTION_ADD Trojan:Win64/Sirefef.Y file:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000->731
    2012-06-16T08:18:08.872Z DETECTIONEVENT Exploit:Java/CVE-2011-3544.gen!A containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809;containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba;containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9;containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809->dhycnvdbqlpbdahs.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba->dhycnvdbqlpbdahs.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9->dhycnvdbqlpbdahs.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d->dhycnvdbqlpbdahs.class;
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2011-3544.gen!A containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2011-3544.gen!A containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2011-3544.gen!A containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2011-3544.gen!A containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2011-3544.gen!A file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809->dhycnvdbqlpbdahs.class
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2011-3544.gen!A file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba->dhycnvdbqlpbdahs.class
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2011-3544.gen!A file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9->dhycnvdbqlpbdahs.class
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2011-3544.gen!A file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d->dhycnvdbqlpbdahs.class
    2012-06-16T08:18:08.872Z DETECTIONEVENT Exploit:Java/CVE-2011-3544.E containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550->Final.class;
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2011-3544.E containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2011-3544.E file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550->Final.class
    2012-06-16T08:18:08.872Z DETECTIONEVENT Exploit:Java/CVE-2010-0840.NS containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c;containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889;containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c->xmltree/opkat.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889->xmltree/opkat.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db->xmltree/opkat.class;
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2010-0840.NS containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2010-0840.NS containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2010-0840.NS containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2010-0840.NS file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c->xmltree/opkat.class
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2010-0840.NS file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889->xmltree/opkat.class
    2012-06-16T08:18:08.872Z DETECTION_ADD Exploit:Java/CVE-2010-0840.NS file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db->xmltree/opkat.class
    2012-06-16T08:18:08.872Z DETECTIONEVENT TrojanDownloader:Java/OpenConnection.OU containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248;containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386;containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Glocker.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Zo666.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$1.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/Zo666.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$1.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/Zo666.class;
    2012-06-16T08:18:08.872Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OU containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248
    2012-06-16T08:18:08.872Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OU containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386
    2012-06-16T08:18:08.872Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OU containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7
    2012-06-16T08:18:08.872Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OU file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Glocker.class
    2012-06-16T08:18:08.872Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OU file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Zo666.class
    2012-06-16T08:18:08.872Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OU file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$1.class
    2012-06-16T08:18:08.872Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OU file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/Zo666.class
    2012-06-16T08:18:08.872Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OU file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$1.class
    2012-06-16T08:18:08.872Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OU file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/Zo666.class
    2012-06-16T08:18:08.903Z DETECTIONEVENT Exploit:Java/CVE-2011-3544.L containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e;containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4;containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e->ropan.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4->ropan.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762->ropan.class;
    2012-06-16T08:18:08.903Z DETECTION_ADD Exploit:Java/CVE-2011-3544.L containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e
    2012-06-16T08:18:08.903Z DETECTION_ADD Exploit:Java/CVE-2011-3544.L containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4
    2012-06-16T08:18:08.903Z DETECTION_ADD Exploit:Java/CVE-2011-3544.L containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762
    2012-06-16T08:18:08.903Z DETECTION_ADD Exploit:Java/CVE-2011-3544.L file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e->ropan.class
    2012-06-16T08:18:08.903Z DETECTION_ADD Exploit:Java/CVE-2011-3544.L file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4->ropan.class
    2012-06-16T08:18:08.903Z DETECTION_ADD Exploit:Java/CVE-2011-3544.L file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762->ropan.class
    2012-06-16T08:18:08.903Z DETECTIONEVENT Exploit:Java/CVE-2010-0840.NZ containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/kdtqmpqkhefsqggnmjpjcalhg.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/ufcqnd.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/wmajpugu.class;
    2012-06-16T08:18:08.903Z DETECTION_ADD Exploit:Java/CVE-2010-0840.NZ containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb
    2012-06-16T08:18:08.903Z DETECTION_ADD Exploit:Java/CVE-2010-0840.NZ file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/kdtqmpqkhefsqggnmjpjcalhg.class
    2012-06-16T08:18:08.903Z DETECTION_ADD Exploit:Java/CVE-2010-0840.NZ file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/ufcqnd.class
    2012-06-16T08:18:08.903Z DETECTION_ADD Exploit:Java/CVE-2010-0840.NZ file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/wmajpugu.class
    2012-06-16T08:18:08.903Z DETECTIONEVENT TrojanDownloader:Java/OpenConnection.OS containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386;containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$zordo.class;file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$zordo.class;
    2012-06-16T08:18:08.903Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OS containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386
    2012-06-16T08:18:08.903Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OS containerfile:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7
    2012-06-16T08:18:08.903Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OS file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$zordo.class
    2012-06-16T08:18:08.903Z DETECTION_ADD TrojanDownloader:Java/OpenConnection.OS file:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$zordo.class
    Begin Full Scan
    Scan ID:{5C9ACFA3-FD64-4259-9DFE-3CEF2EAEFCAF}
    Scan Source:2
    Start Time:‎06‎-‎15‎-‎2012 21:32:17
    End Time:‎06‎-‎16‎-‎2012 00:18:08
    Result Count:10
    Threat Name:Trojan:Win64/Sirefef.Y
    ID:2147655285
    Severity:5
    Number of Resources:4
    Resource Schema:file
    Resource Path:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000->731
    Extended Info:40388481833002
    Resource Schema:file
    Resource Path:\Windows\system32\services.exe->731
    Extended Info:40388481833002
    Resource Schema:containerfile
    Resource Path:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Windows\system32\services.exe
    Extended Info:0
    Threat Name:Exploit:Java/CVE-2011-3544.gen!A
    ID:2147654402
    Severity:5
    Number of Resources:8
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d->dhycnvdbqlpbdahs.class
    Extended Info:398847067998336
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9->dhycnvdbqlpbdahs.class
    Extended Info:398847067998336
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba->dhycnvdbqlpbdahs.class
    Extended Info:398847067998336
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809->dhycnvdbqlpbdahs.class
    Extended Info:398847067998336
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809
    Extended Info:0
    Threat Name:Exploit:Java/CVE-2011-3544.E
    ID:2147652149
    Severity:5
    Number of Resources:2
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550->Final.class
    Extended Info:18144559980572
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550
    Extended Info:0
    Unknown File
    Identifier:8434420172026019838
    Number of Resources:1
    Resource Schema:queryfilertsig
    Resource Path:\Users\Joanna\Documents\Random\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeHelpViewerAll\AdobeHelpViewerAll1.cab
    Extended Info:5864262463416
    Unknown File
    Identifier:2032954425894502398
    Number of Resources:1
    Resource Schema:queryfilertsig
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550
    Extended Info:5864554302986
    Threat Name:Exploit:Java/CVE-2010-0840.NS
    ID:2147652622
    Severity:5
    Number of Resources:6
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db->xmltree/opkat.class
    Extended Info:18142952055238
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889->xmltree/opkat.class
    Extended Info:18142952055238
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c->xmltree/opkat.class
    Extended Info:18142952055238
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c
    Extended Info:0
    Threat Name:TrojanDownloader:Java/OpenConnection.OU
    ID:2147649594
    Severity:5
    Number of Resources:9
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/Zo666.class
    Extended Info:18145772123681
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$1.class
    Extended Info:18144109131890
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/Zo666.class
    Extended Info:18145772123681
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$1.class
    Extended Info:18144109131890
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Zo666.class
    Extended Info:18145772123681
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Glocker.class
    Extended Info:18143587116110
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248
    Extended Info:0
    Threat Name:Exploit:Java/CVE-2011-3544.L
    ID:2147652623
    Severity:5
    Number of Resources:6
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762->ropan.class
    Extended Info:18144749453986
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4->ropan.class
    Extended Info:18144749453986
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e->ropan.class
    Extended Info:18144749453986
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e
    Extended Info:0
    Threat Name:Exploit:Java/CVE-2010-0840.NZ
    ID:2147653114
    Severity:5
    Number of Resources:4
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/wmajpugu.class
    Extended Info:18144863684845
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/ufcqnd.class
    Extended Info:18145099024128
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/kdtqmpqkhefsqggnmjpjcalhg.class
    Extended Info:18142143267630
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb
    Extended Info:0
    Threat Name:TrojanDownloader:Java/OpenConnection.OS
    ID:2147649428
    Severity:5
    Number of Resources:4
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$zordo.class
    Extended Info:18145884567196
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$zordo.class
    Extended Info:18145884567196
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386
    Extended Info:0
    End Scan
    ************************************************************

    Begin Resource Scan
    Scan ID:{700460E1-70F5-410B-9774-B51A85A1FC8E}
    Scan Source:7
    Start Time:‎06‎-‎16‎-‎2012 00:18:08
    End Time:‎06‎-‎16‎-‎2012 00:19:07
    Explicit resource to scan
    Resource Schema:queryfilertsig
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550
    Explicit resource to scan
    Resource Schema:queryfilertsig
    Resource Path:\Users\Joanna\Documents\Random\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeHelpViewerAll\AdobeHelpViewerAll1.cab
    Result Count:3
    Threat Name:Exploit:Java/CVE-2011-3544.E
    ID:2147652149
    Severity:5
    Number of Resources:2
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550->Final.class
    Extended Info:18144559980572
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550
    Extended Info:0
    Unknown File
    Identifier:8434420172026019838
    Number of Resources:1
    Resource Schema:queryfilertsig
    Resource Path:\Users\Joanna\Documents\Random\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeHelpViewerAll\AdobeHelpViewerAll1.cab
    Extended Info:5864262463416
    Unknown File
    Identifier:2032954425894502398
    Number of Resources:1
    Resource Schema:queryfilertsig
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550
    Extended Info:5864554302986
    End Scan
    ************************************************************

    2012-06-16T15:22:02.439Z Task(SpyNetService -RestrictPrivileges -AccessKey 6099EAB7-010C-A77D-43DF-2EF0AF5E9FE0) launched
    Begin Resource Scan
    Scan ID:{693F90B7-DD3B-4E0F-894E-D798F1664412}
    Scan Source:6
    Start Time:‎06‎-‎16‎-‎2012 07:21:50
    End Time:‎06‎-‎16‎-‎2012 07:22:31
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Windows\system32\services.exe
    Explicit resource to scan
    Resource Schema:containerfile
    Resource Path:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809->dhycnvdbqlpbdahs.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550->Final.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c->xmltree/opkat.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba->dhycnvdbqlpbdahs.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e->ropan.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Glocker.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Zo666.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/kdtqmpqkhefsqggnmjpjcalhg.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/ufcqnd.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/wmajpugu.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9->dhycnvdbqlpbdahs.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4->ropan.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$1.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$zordo.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/Zo666.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d->dhycnvdbqlpbdahs.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$1.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$zordo.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/Zo666.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889->xmltree/opkat.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db->xmltree/opkat.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762->ropan.class
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Windows\system32\services.exe->731
    Explicit resource to scan
    Resource Schema:file
    Resource Path:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000->731
    Result Count:9
    Threat Name:Exploit:Java/CVE-2011-3544.gen!A
    ID:2147654402
    Severity:5
    Number of Resources:8
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d->dhycnvdbqlpbdahs.class
    Extended Info:398847067998336
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9->dhycnvdbqlpbdahs.class
    Extended Info:398847067998336
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba->dhycnvdbqlpbdahs.class
    Extended Info:398847067998336
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809->dhycnvdbqlpbdahs.class
    Extended Info:398847067998336
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809
    Extended Info:0
    Threat Name:Exploit:Java/CVE-2011-3544.E
    ID:2147652149
    Severity:5
    Number of Resources:2
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550->Final.class
    Extended Info:18144559980572
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550
    Extended Info:0
    Unknown File
    Identifier:2032954425894502398
    Number of Resources:1
    Resource Schema:queryfilertsig
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550
    Extended Info:5864554302986
    Threat Name:Exploit:Java/CVE-2010-0840.NS
    ID:2147652622
    Severity:5
    Number of Resources:6
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db->xmltree/opkat.class
    Extended Info:18142952055238
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889->xmltree/opkat.class
    Extended Info:18142952055238
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c->xmltree/opkat.class
    Extended Info:18142952055238
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c
    Extended Info:0
    Threat Name:Exploit:Java/CVE-2011-3544.L
    ID:2147652623
    Severity:5
    Number of Resources:6
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762->ropan.class
    Extended Info:18144749453986
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4->ropan.class
    Extended Info:18144749453986
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e->ropan.class
    Extended Info:18144749453986
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e
    Extended Info:0
    Threat Name:TrojanDownloader:Java/OpenConnection.OU
    ID:2147649594
    Severity:5
    Number of Resources:9
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/Zo666.class
    Extended Info:18145772123681
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$1.class
    Extended Info:18144109131890
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/Zo666.class
    Extended Info:18145772123681
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$1.class
    Extended Info:18144109131890
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Zo666.class
    Extended Info:18145772123681
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Glocker.class
    Extended Info:18143587116110
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248
    Extended Info:0
    Threat Name:Exploit:Java/CVE-2010-0840.NZ
    ID:2147653114
    Severity:5
    Number of Resources:4
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/wmajpugu.class
    Extended Info:18144863684845
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/ufcqnd.class
    Extended Info:18145099024128
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/kdtqmpqkhefsqggnmjpjcalhg.class
    Extended Info:18142143267630
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb
    Extended Info:0
    Threat Name:TrojanDownloader:Java/OpenConnection.OS
    ID:2147649428
    Severity:5
    Number of Resources:4
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$zordo.class
    Extended Info:18145884567196
    Resource Schema:file
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$zordo.class
    Extended Info:18145884567196
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386
    Extended Info:0
    Threat Name:Trojan:Win64/Sirefef.Y
    ID:2147655285
    Severity:5
    Number of Resources:4
    Resource Schema:file
    Resource Path:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000->731
    Extended Info:40388481833002
    Resource Schema:file
    Resource Path:\Windows\system32\services.exe->731
    Extended Info:40388481833002
    Resource Schema:containerfile
    Resource Path:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000
    Extended Info:0
    Resource Schema:containerfile
    Resource Path:\Windows\system32\services.exe
    Extended Info:0
    End Scan
    ************************************************************

    Beginning threat actions
    Start time:‎06‎-‎16‎-‎2012 07:22:36
    Threat Name:Exploit:Java/CVE-2011-3544.gen!A
    Threat ID:2147654402
    Action:remove
    Threat Name:Exploit:Java/CVE-2011-3544.E
    Threat ID:2147652149
    Action:remove
    Threat Name:Unknown
    Threat ID:2032954425894502398
    Action:unknown
    Threat Name:Exploit:Java/CVE-2010-0840.NS
    Threat ID:2147652622
    Action:remove
    Threat Name:Exploit:Java/CVE-2011-3544.L
    Threat ID:2147652623
    Action:remove
    Threat Name:TrojanDownloader:Java/OpenConnection.OU
    Threat ID:2147649594
    Action:remove
    Threat Name:Exploit:Java/CVE-2010-0840.NZ
    Threat ID:2147653114
    Action:remove
    Threat Name:TrojanDownloader:Java/OpenConnection.OS
    Threat ID:2147649428
    Action:remove
    Threat Name:Trojan:Win64/Sirefef.Y
    Threat ID:2147655285
    Action:remove
    File to act on SHA1:F9509DA95286D5BC9DC8E393868D3A2B80A03F93
    File cleaned/removed successfully
    File Name:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000->731
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd49b92031c702.0000->731
    Threat ID:2147655285
    Resource refcount:1
    Result:0
    File to act on SHA1:F9509DA95286D5BC9DC8E393868D3A2B80A03F93
    !ERROR
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Windows\system32\services.exe->731
    Threat ID:2147655285
    Resource refcount:1
    Result:1260
    File to act on SHA1:1E156D55A7840CFFBD157DB248544323A62ABDCC
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762->ropan.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6b3b7a86-42784762->ropan.class
    Threat ID:2147652623
    Resource refcount:1
    Result:0
    File to act on SHA1:57C06ABCCFD997B016B5526BC91ACB12B5BD8952
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db->xmltree/opkat.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-1ecdf8db->xmltree/opkat.class
    Threat ID:2147652622
    Resource refcount:1
    Result:0
    File to act on SHA1:57C06ABCCFD997B016B5526BC91ACB12B5BD8952
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889->xmltree/opkat.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-63915889->xmltree/opkat.class
    Threat ID:2147652622
    Resource refcount:1
    Result:0
    File to act on SHA1:09FE9BADC5CCF2E21A61A60C5E1B2AD4ADFC9E80
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/Zo666.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/Zo666.class
    Threat ID:2147649594
    Resource refcount:1
    Result:0
    File to act on SHA1:314DD209521DF8D3F8220F3379AE0C6484CA915C
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$zordo.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$zordo.class
    Threat ID:2147649428
    Resource refcount:1
    Result:0
    File to act on SHA1:BBABD90DE83C4639710B20410128866F1D423AF9
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$1.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5f596b05-7ac375a7->datas/wall$1.class
    Threat ID:2147649594
    Resource refcount:1
    Result:0
    File to act on SHA17C6F61E67A3F4DFF905789F9B48B40D1B81207D
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d->dhycnvdbqlpbdahs.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\15038ef4-5b35e16d->dhycnvdbqlpbdahs.class
    Threat ID:2147654402
    Resource refcount:1
    Result:0
    File to act on SHA1:2E173E7B52C95406AFAF5804BA74AAC59468E4C5
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/Zo666.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/Zo666.class
    Threat ID:2147649594
    Resource refcount:1
    Result:0
    File to act on SHA1:5D4AA3D5B30D011B86F7EE168EEF3A6F0EC4B190
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$zordo.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$zordo.class
    Threat ID:2147649428
    Resource refcount:1
    Result:0
    File to act on SHA1:83D4F763B8E6A32CD643F65A7B66DE81E8244876
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$1.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\665a2cf2-75299386->datas/wall$1.class
    Threat ID:2147649594
    Resource refcount:1
    Result:0
    File to act on SHA1:1E156D55A7840CFFBD157DB248544323A62ABDCC
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4->ropan.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-2ea7a1a4->ropan.class
    Threat ID:2147652623
    Resource refcount:1
    Result:0
    File to act on SHA17C6F61E67A3F4DFF905789F9B48B40D1B81207D
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9->dhycnvdbqlpbdahs.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1e57fa2f-79483df9->dhycnvdbqlpbdahs.class
    Threat ID:2147654402
    Resource refcount:1
    Result:0
    File to act on SHA1:5D1100F12C08098CD7706A63868D9911B79F56A4
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/wmajpugu.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/wmajpugu.class
    Threat ID:2147653114
    Resource refcount:1
    Result:0
    File to act on SHA1:991DE0DA8D6FF59FC1B1ED7E55682BFD6EB91BC1
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/ufcqnd.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/ufcqnd.class
    Threat ID:2147653114
    Resource refcount:1
    Result:0
    File to act on SHA1:3756A406E1447F91CD32E75831D8C2F8E7936EA3
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/kdtqmpqkhefsqggnmjpjcalhg.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4c2baf2e-7389bacb->enlpmsdg/kdtqmpqkhefsqggnmjpjcalhg.class
    Threat ID:2147653114
    Resource refcount:1
    Result:0
    File to act on SHA1:BAC9E81EBF4EFD6BB66C8C3424A3FF93D2A1DA7B
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Zo666.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Zo666.class
    Threat ID:2147649594
    Resource refcount:1
    Result:0
    File to act on SHA1:1378B55C3DD4B63D2EB6B77C70FA0D51C8032324
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Glocker.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\d5e5f9c-6bb31248->datas/Glocker.class
    Threat ID:2147649594
    Resource refcount:1
    Result:0
    File to act on SHA1:1E156D55A7840CFFBD157DB248544323A62ABDCC
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e->ropan.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5d77638e->ropan.class
    Threat ID:2147652623
    Resource refcount:1
    Result:0
    File to act on SHA17C6F61E67A3F4DFF905789F9B48B40D1B81207D
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba->dhycnvdbqlpbdahs.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6f8bd594-52f9bcba->dhycnvdbqlpbdahs.class
    Threat ID:2147654402
    Resource refcount:1
    Result:0
    File to act on SHA1:57C06ABCCFD997B016B5526BC91ACB12B5BD8952
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c->xmltree/opkat.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\a6b54d1-2591ee3c->xmltree/opkat.class
    Threat ID:2147652622
    Resource refcount:1
    Result:0
    File to act on SHA1:BD391319787A0CB31E9DB4B8E9E89A77532EB1AF
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550->Final.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\473a8751-24156550->Final.class
    Threat ID:2147652149
    Resource refcount:1
    Result:0
    File to act on SHA17C6F61E67A3F4DFF905789F9B48B40D1B81207D
    File cleaned/removed successfully
    File Name:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809->dhycnvdbqlpbdahs.class
    Resource action complete:Removal
    Schema:file
    Path:\\?\D:\Users\Joanna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-390ab809->dhycnvdbqlpbdahs.class
    Threat ID:2147654402
    Resource refcount:1
    Result:0
    !ERROR
    Finished threat ID:2147655285
    Threat result:1260
    Threat status flags:1
    Finished threat ID:2147649428
    Threat result:0
    Threat status flags:0
    Finished threat ID:2147653114
    Threat result:0
    Threat status flags:0
    Finished threat ID:2147649594
    Threat result:0
    Threat status flags:0
    Finished threat ID:2147652623
    Threat result:0
    Threat status flags:0
    Finished threat ID:2147652622
    Threat result:0
    Threat status flags:0
    Finished threat ID:2032954425894502398
    Threat result:0
    Threat status flags:0
    Finished threat ID:2147652149
    Threat result:0
    Threat status flags:0
    Finished threat ID:2147654402
    Threat result:0
    Threat status flags:0
    Finished threat actions
    End time:‎06‎-‎16‎-‎2012 07:22:40
    Result:0
    ERRORS_ONLY=0
    MAX_SIZE=5120
    APPEND=1
    MAX_LINE_SIZE=256
    -------------------------------------------------
    START 2012/06/15 21:05:23:684 TID:916 PID:792

    INFO 2012/06/15 21:05:23:684 TID:916 PID:792
    Binary architecture is amd64

    INFO 2012/06/15 21:05:23:716 TID:916 PID:792
    UtilIsFileExists(D:\Windows\SysWOW64\ntdll.dll) returned 0x00000000

    INFO 2012/06/15 21:05:23:716 TID:916 PID:792
    CheckProcessorArchitecture returned 0x00000000

    INFO 2012/06/15 21:05:23:716 TID:916 PID:792
    Setting target OS key: "D:\Windows"

    INFO 2012/06/15 21:05:23:716 TID:916 PID:792
    SetRecoveryEnvironmentKey returned 0x00000000

    INFO 2012/06/15 21:05:23:716 TID:916 PID:792
    Searching for signatures. Default signature path: ""

    INFO 2012/06/15 21:05:23:716 TID:916 PID:792
    Searching for signatures at root of drives...

    WARNING 2012/06/15 21:05:23:716 TID:916 PID:792
    Missing definitions file in 'C:\mpam-fex64.exe'

    WARNING 2012/06/15 21:05:23:716 TID:916 PID:792
    Missing definitions file in 'D:\mpam-fex64.exe'

    WARNING 2012/06/15 21:05:23:716 TID:916 PID:792
    Missing definitions file in 'E:\mpam-fex64.exe'

    WARNING 2012/06/15 21:05:23:731 TID:916 PID:792
    Missing definitions file in 'F:\mpam-fex64.exe'

    INFO 2012/06/15 21:05:23:731 TID:916 PID:792
    Found definitions file in 'G:\mpam-fex64.exe'

    INFO 2012/06/15 21:05:23:731 TID:916 PID:792
    Using signature path: "G:\mpam-fex64.exe"

    INFO 2012/06/15 21:05:23:731 TID:916 PID:792
    SearchForSignatures returned 0x00000000

    INFO 2012/06/15 21:05:23:731 TID:916 PID:792
    Initializing offline environment and service...

    INFO 2012/06/15 21:05:39:409 TID:916 PID:792
    Launching user interface...

    INFO 2012/06/15 21:05:39:425 TID:916 PID:792
    Launched UI, waiting...

    INFO 2012/06/15 21:25:20:721 TID:916 PID:792
    Wait finished (UI signaled)

    INFO 2012/06/15 21:25:20:721 TID:916 PID:792
    RunCallisto returned 0x00000000

    INFO 2012/06/15 21:25:22:734 TID:916 PID:792
    Offline scan completed with 0x00000000

    FINISH 2012/06/15 21:25:22:734 TID:796 PID:792


    START 2012/06/15 21:31:54:620 TID:916 PID:792

    INFO 2012/06/15 21:31:54:620 TID:916 PID:792
    Binary architecture is amd64

    INFO 2012/06/15 21:31:54:667 TID:916 PID:792
    UtilIsFileExists(D:\Windows\SysWOW64\ntdll.dll) returned 0x00000000

    INFO 2012/06/15 21:31:54:667 TID:916 PID:792
    CheckProcessorArchitecture returned 0x00000000

    INFO 2012/06/15 21:31:54:667 TID:916 PID:792
    Setting target OS key: "D:\Windows"

    INFO 2012/06/15 21:31:54:667 TID:916 PID:792
    SetRecoveryEnvironmentKey returned 0x00000000

    INFO 2012/06/15 21:31:54:667 TID:916 PID:792
    Searching for signatures. Default signature path: ""

    INFO 2012/06/15 21:31:54:667 TID:916 PID:792
    Searching for signatures at root of drives...

    WARNING 2012/06/15 21:31:54:667 TID:916 PID:792
    Missing definitions file in 'C:\mpam-fex64.exe'

    WARNING 2012/06/15 21:31:54:667 TID:916 PID:792
    Missing definitions file in 'D:\mpam-fex64.exe'

    WARNING 2012/06/15 21:31:54:667 TID:916 PID:792
    Missing definitions file in 'E:\mpam-fex64.exe'

    WARNING 2012/06/15 21:31:54:683 TID:916 PID:792
    Missing definitions file in 'F:\mpam-fex64.exe'

    INFO 2012/06/15 21:31:54:698 TID:916 PID:792
    Found definitions file in 'G:\mpam-fex64.exe'

    INFO 2012/06/15 21:31:54:698 TID:916 PID:792
    Using signature path: "G:\mpam-fex64.exe"

    INFO 2012/06/15 21:31:54:698 TID:916 PID:792
    SearchForSignatures returned 0x00000000

    INFO 2012/06/15 21:31:54:698 TID:916 PID:792
    Initializing offline environment and service...

    INFO 2012/06/15 21:32:10:907 TID:916 PID:792
    Launching user interface...

    INFO 2012/06/15 21:32:10:922 TID:916 PID:792
    Launched UI, waiting...
      My Computer


  10. Posts : 16
    Windows 7
    Thread Starter
       #20

    I installed Windows Security Essentials and ran a quick scan. It was working fine (other than the fact that I couldn't put the Windows firewall on) but then it found that same trojan. Suddenly there was a script error or something and this pops up:

    Windows has encountered a critical problem and will restart automatically in one minute. Please save your work now.

    Also, MSE pops up in the bottom corner and says security essentials detected a potential threat and suspended it. Clean PC now.

    Now it just keeps restarting itself with that message after the computer turns on. Please help!!! I can't reinstall windows unless all my files are backed up!
      My Computer


 
Page 2 of 3 FirstFirst 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 22:55.
Find Us