Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security Protection & Websites being redirected


  • Please log in to reply
4 replies to this topic

#1 tfware

tfware

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:00 AM

Posted 31 August 2011 - 08:36 AM

I have been having a problem with my system for a little while. After googling various things I click on the link that I need and am being redirected. I have attempted to review your forums and fix this but I did something wrong. I then restored my computer to an earlier date which didn't fix this either. I have been simply copy/paste the links I want to see into the browser to avoid this. But then I was playing WOW a couple of days ago and it shut down along with Firefox. What I got in return for this was the "Security Protection" scan. I immediately had my husband come to this website to find a fix as I knew this had to be a fake. We found the suggestion for restarting the PC in "Safe Mode with Networking" and DLing Malwarebytes. I did this and afterwards that problem was fixed...or so I thought. When I got on my computer this morning it was there again. So again, I went into "Safe Mode with Networking" as I am unable to open anything otherwise and ran the Malwarebytes program again. However, I believe I am missing something or the program itself is. Below I am going to list my 2 logs from the "Full Scans" that I did for your review. I was hoping someone would be able to take a look at it and advise me what to do to remove it for good in addition to helping me with the website redirecting problem I have as that is getting very annoying.

I just want to mention I do have McAfee and I guess this is something that slipped by. 2 years ago my husband and I had Norton and we had a similar problem which is why we switched. Not sure if there is some other program I should have looked into instead of or in addition to but maybe you can help me with my problems. Thank you in advance for your time. It is greatly appreciated.


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7607

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

8/29/2011 8:32:39 PM
mbam-log-2011-08-29 (20-32-39).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 426862
Time elapsed: 46 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 5
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Security Protection (Rogue.SecurityProtection) -> Value: Security Protection -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Value: Load -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen) -> Value: Shell -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\-333578713 (Trojan.Agent) -> Value: -333578713 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Tiffany\AppData\Roaming\defender.exe (Rogue.SecurityProtection) -> Quarantined and deleted successfully.
c:\Users\Tiffany\AppData\Local\Temp\0.8194667534846866.exe (Malware.Gen) -> Quarantined and deleted successfully.
c:\Users\Tiffany\AppData\Local\Temp\D726.tmp (Malware.Gen) -> Quarantined and deleted successfully.
c:\Users\Tiffany\AppData\Local\Temp\0.39486193993797714.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\Users\Tiffany\AppData\Local\Temp\0.6048829095130538.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7607

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

8/31/2011 7:37:28 AM
mbam-log-2011-08-31 (07-37-28).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 428455
Time elapsed: 47 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Security Protection (Rogue.SecurityProtection) -> Value: Security Protection -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Tiffany\AppData\Roaming\defender.exe (Rogue.SecurityProtection) -> Quarantined and deleted successfully.
c:\Users\Tiffany\AppData\Local\Temp\0.15918008599543665.exe (Malware.Gen) -> Quarantined and deleted successfully.
c:\Users\Tiffany\AppData\Local\Temp\3F39.tmp (Malware.Gen) -> Quarantined and deleted successfully.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,562 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:00 AM

Posted 31 August 2011 - 09:07 AM

Hello and welcome,you will need a couple more steps.

I moved this to the Am I Infected forum.

Please follow our Removal Guide here [Remove Security Protection (Uninstall Guide) .
After reading how the malware is misleading you ...
You will move to the Automated Removal Instructions

After you completed that, post your scan log here,let me know how things are.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.


Also post the TDSS scan... A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 tfware

tfware
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:00 AM

Posted 31 August 2011 - 10:36 AM

Still being redirected. Not sure what this will show since I did the mbam stuff earlier this morning but hopefully what you need is here.


TDSS
2011/08/31 09:34:45.0399 1960 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/31 09:34:47.0412 1960 ================================================================================
2011/08/31 09:34:47.0412 1960 SystemInfo:
2011/08/31 09:34:47.0412 1960
2011/08/31 09:34:47.0412 1960 OS Version: 6.1.7600 ServicePack: 0.0
2011/08/31 09:34:47.0412 1960 Product type: Workstation
2011/08/31 09:34:47.0412 1960 ComputerName: TIFFANY-PC
2011/08/31 09:34:47.0412 1960 UserName: Tiffany
2011/08/31 09:34:47.0412 1960 Windows directory: C:\Windows
2011/08/31 09:34:47.0412 1960 System windows directory: C:\Windows
2011/08/31 09:34:47.0412 1960 Running under WOW64
2011/08/31 09:34:47.0412 1960 Processor architecture: Intel x64
2011/08/31 09:34:47.0412 1960 Number of processors: 2
2011/08/31 09:34:47.0412 1960 Page size: 0x1000
2011/08/31 09:34:47.0412 1960 Boot type: Safe boot with network
2011/08/31 09:34:47.0412 1960 ================================================================================
2011/08/31 09:34:48.0769 1960 Initialize success
2011/08/31 09:34:51.0936 2120 ================================================================================
2011/08/31 09:34:51.0936 2120 Scan started
2011/08/31 09:34:51.0936 2120 Mode: Manual;
2011/08/31 09:34:51.0936 2120 ================================================================================
2011/08/31 09:34:52.0887 2120 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/08/31 09:34:52.0918 2120 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/08/31 09:34:52.0950 2120 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/08/31 09:34:52.0965 2120 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/08/31 09:34:52.0996 2120 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/08/31 09:34:53.0012 2120 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/08/31 09:34:53.0074 2120 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
2011/08/31 09:34:53.0121 2120 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/08/31 09:34:53.0137 2120 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/08/31 09:34:53.0168 2120 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/08/31 09:34:53.0215 2120 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/08/31 09:34:53.0386 2120 amdkmdag (75bbd04f450ce109031a215fd4ec667a) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/08/31 09:34:53.0574 2120 amdkmdap (adb8ee976ce4a47c54d39f2581593c03) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/08/31 09:34:53.0605 2120 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/08/31 09:34:53.0620 2120 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
2011/08/31 09:34:53.0652 2120 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/08/31 09:34:53.0683 2120 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
2011/08/31 09:34:53.0730 2120 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/08/31 09:34:53.0776 2120 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/08/31 09:34:53.0808 2120 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/08/31 09:34:53.0839 2120 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/31 09:34:53.0870 2120 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/08/31 09:34:53.0917 2120 AtiHdmiService (506934df94e3197f4a1bbe8fbeab0ccd) C:\Windows\system32\drivers\AtiHdmi.sys
2011/08/31 09:34:54.0104 2120 atikmdag (75bbd04f450ce109031a215fd4ec667a) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/08/31 09:34:54.0229 2120 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/08/31 09:34:54.0260 2120 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/08/31 09:34:54.0322 2120 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/08/31 09:34:54.0369 2120 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/08/31 09:34:54.0432 2120 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/31 09:34:54.0463 2120 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/08/31 09:34:54.0478 2120 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/08/31 09:34:54.0541 2120 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/08/31 09:34:54.0556 2120 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/31 09:34:54.0588 2120 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/31 09:34:54.0619 2120 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/31 09:34:54.0650 2120 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/08/31 09:34:54.0697 2120 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/31 09:34:54.0744 2120 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/08/31 09:34:54.0790 2120 cfwids (e8ddaaf635a4ea6f24927544e97c6de8) C:\Windows\system32\drivers\cfwids.sys
2011/08/31 09:34:54.0806 2120 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/08/31 09:34:54.0853 2120 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/08/31 09:34:54.0900 2120 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/31 09:34:54.0931 2120 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/08/31 09:34:54.0978 2120 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/08/31 09:34:55.0009 2120 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/08/31 09:34:55.0040 2120 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/08/31 09:34:55.0071 2120 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/08/31 09:34:55.0134 2120 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
2011/08/31 09:34:55.0149 2120 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/08/31 09:34:55.0180 2120 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/08/31 09:34:55.0227 2120 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/08/31 09:34:55.0274 2120 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/31 09:34:55.0368 2120 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/08/31 09:34:55.0477 2120 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/08/31 09:34:55.0508 2120 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/08/31 09:34:55.0555 2120 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/08/31 09:34:55.0602 2120 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/08/31 09:34:55.0633 2120 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/08/31 09:34:55.0664 2120 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/08/31 09:34:55.0695 2120 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/08/31 09:34:55.0711 2120 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/31 09:34:55.0742 2120 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/08/31 09:34:55.0773 2120 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/08/31 09:34:55.0804 2120 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/31 09:34:55.0820 2120 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/08/31 09:34:55.0851 2120 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/08/31 09:34:55.0898 2120 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/08/31 09:34:55.0992 2120 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/08/31 09:34:56.0023 2120 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/08/31 09:34:56.0070 2120 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/31 09:34:56.0101 2120 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/08/31 09:34:56.0132 2120 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/08/31 09:34:56.0148 2120 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/08/31 09:34:56.0179 2120 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/08/31 09:34:56.0241 2120 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/08/31 09:34:56.0304 2120 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/08/31 09:34:56.0366 2120 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/08/31 09:34:56.0397 2120 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/08/31 09:34:56.0428 2120 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/31 09:34:56.0460 2120 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
2011/08/31 09:34:56.0678 2120 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/08/31 09:34:56.0803 2120 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/08/31 09:34:56.0896 2120 IntcAzAudAddService (ef75c94792187a143871fbb87611b0b7) C:\Windows\system32\drivers\RTKVHD64.sys
2011/08/31 09:34:56.0943 2120 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/08/31 09:34:56.0974 2120 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/31 09:34:57.0006 2120 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/31 09:34:57.0052 2120 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/08/31 09:34:57.0068 2120 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/08/31 09:34:57.0115 2120 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/08/31 09:34:57.0146 2120 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/08/31 09:34:57.0177 2120 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/08/31 09:34:57.0208 2120 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/31 09:34:57.0240 2120 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/31 09:34:57.0271 2120 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/31 09:34:57.0286 2120 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/08/31 09:34:57.0318 2120 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/08/31 09:34:57.0427 2120 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/31 09:34:57.0474 2120 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/08/31 09:34:57.0520 2120 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/08/31 09:34:57.0552 2120 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/08/31 09:34:57.0583 2120 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/08/31 09:34:57.0614 2120 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/08/31 09:34:57.0692 2120 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/08/31 09:34:57.0723 2120 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/08/31 09:34:57.0754 2120 mfeapfk (fb752feb1ed4e660ff51712892905c04) C:\Windows\system32\drivers\mfeapfk.sys
2011/08/31 09:34:57.0786 2120 mfeavfk (3257cf681999a47d8c552dfbbeb7844e) C:\Windows\system32\drivers\mfeavfk.sys
2011/08/31 09:34:57.0832 2120 mfefirek (00016d7ed29a95d6f7e7b6a3f591fd2d) C:\Windows\system32\drivers\mfefirek.sys
2011/08/31 09:34:57.0848 2120 mfehidk (39030c98198f02a2f3a1c3166bf56253) C:\Windows\system32\drivers\mfehidk.sys
2011/08/31 09:34:57.0879 2120 mfenlfk (217fa02439de74844b6a39aebeed24e1) C:\Windows\system32\DRIVERS\mfenlfk.sys
2011/08/31 09:34:57.0926 2120 mferkdet (8474e6ee0b5eab108cf005c6c4956e75) C:\Windows\system32\drivers\mferkdet.sys
2011/08/31 09:34:57.0957 2120 mfewfpk (d4cf36f1eba374fcc35903ae4f4e46bc) C:\Windows\system32\drivers\mfewfpk.sys
2011/08/31 09:34:58.0004 2120 MOBKFilter (3800c23d0d90c59aafcdefdc82b5c4af) C:\Windows\system32\DRIVERS\MOBK.sys
2011/08/31 09:34:58.0020 2120 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/08/31 09:34:58.0066 2120 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/31 09:34:58.0098 2120 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/31 09:34:58.0144 2120 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/31 09:34:58.0176 2120 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/08/31 09:34:58.0207 2120 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/08/31 09:34:58.0238 2120 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/31 09:34:58.0269 2120 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/08/31 09:34:58.0316 2120 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/31 09:34:58.0347 2120 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/31 09:34:58.0378 2120 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/31 09:34:58.0410 2120 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/08/31 09:34:58.0441 2120 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/08/31 09:34:58.0488 2120 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/08/31 09:34:58.0519 2120 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/08/31 09:34:58.0550 2120 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/08/31 09:34:58.0597 2120 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/31 09:34:58.0628 2120 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/31 09:34:58.0644 2120 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/08/31 09:34:58.0675 2120 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/08/31 09:34:58.0722 2120 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/31 09:34:58.0737 2120 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/08/31 09:34:58.0768 2120 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/08/31 09:34:58.0800 2120 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/08/31 09:34:58.0846 2120 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/31 09:34:58.0909 2120 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/08/31 09:34:58.0940 2120 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/31 09:34:58.0971 2120 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/31 09:34:59.0002 2120 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/31 09:34:59.0034 2120 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/31 09:34:59.0065 2120 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/08/31 09:34:59.0096 2120 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/31 09:34:59.0127 2120 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/31 09:34:59.0190 2120 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/08/31 09:34:59.0205 2120 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/08/31 09:34:59.0236 2120 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/31 09:34:59.0299 2120 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
2011/08/31 09:34:59.0361 2120 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
2011/08/31 09:34:59.0392 2120 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/08/31 09:34:59.0424 2120 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
2011/08/31 09:34:59.0455 2120 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
2011/08/31 09:34:59.0486 2120 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/08/31 09:34:59.0517 2120 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/08/31 09:34:59.0564 2120 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/08/31 09:34:59.0595 2120 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/08/31 09:34:59.0626 2120 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/08/31 09:34:59.0658 2120 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/08/31 09:34:59.0673 2120 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/08/31 09:34:59.0704 2120 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/08/31 09:34:59.0751 2120 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/08/31 09:34:59.0845 2120 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/31 09:34:59.0876 2120 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/08/31 09:34:59.0907 2120 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/31 09:35:00.0001 2120 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/08/31 09:35:00.0048 2120 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/08/31 09:35:00.0079 2120 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/31 09:35:00.0126 2120 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/31 09:35:00.0157 2120 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/31 09:35:00.0188 2120 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/31 09:35:00.0219 2120 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/31 09:35:00.0250 2120 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/31 09:35:00.0297 2120 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/31 09:35:00.0313 2120 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/08/31 09:35:00.0344 2120 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/31 09:35:00.0375 2120 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/31 09:35:00.0391 2120 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/08/31 09:35:00.0438 2120 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/08/31 09:35:00.0469 2120 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/08/31 09:35:00.0531 2120 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/31 09:35:00.0562 2120 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/08/31 09:35:00.0687 2120 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
2011/08/31 09:35:00.0718 2120 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
2011/08/31 09:35:00.0750 2120 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/08/31 09:35:00.0781 2120 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/08/31 09:35:00.0843 2120 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/08/31 09:35:00.0890 2120 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/08/31 09:35:00.0921 2120 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/08/31 09:35:00.0952 2120 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/08/31 09:35:00.0999 2120 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/08/31 09:35:01.0015 2120 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/08/31 09:35:01.0046 2120 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/08/31 09:35:01.0077 2120 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/08/31 09:35:01.0108 2120 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/08/31 09:35:01.0140 2120 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/08/31 09:35:01.0155 2120 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/08/31 09:35:01.0202 2120 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/08/31 09:35:01.0264 2120 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
2011/08/31 09:35:01.0296 2120 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/31 09:35:01.0327 2120 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/31 09:35:01.0389 2120 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/08/31 09:35:01.0420 2120 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/08/31 09:35:01.0514 2120 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
2011/08/31 09:35:01.0592 2120 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/31 09:35:01.0639 2120 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/31 09:35:01.0670 2120 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/08/31 09:35:01.0701 2120 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/08/31 09:35:01.0732 2120 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/31 09:35:01.0748 2120 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/08/31 09:35:01.0810 2120 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/31 09:35:01.0857 2120 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/31 09:35:01.0888 2120 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/08/31 09:35:01.0935 2120 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/31 09:35:01.0966 2120 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/08/31 09:35:02.0013 2120 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/31 09:35:02.0044 2120 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/08/31 09:35:02.0076 2120 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
2011/08/31 09:35:02.0122 2120 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
2011/08/31 09:35:02.0154 2120 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/31 09:35:02.0169 2120 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/08/31 09:35:02.0200 2120 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
2011/08/31 09:35:02.0232 2120 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/31 09:35:02.0247 2120 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
2011/08/31 09:35:02.0294 2120 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/08/31 09:35:02.0325 2120 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
2011/08/31 09:35:02.0341 2120 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/08/31 09:35:02.0388 2120 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/08/31 09:35:02.0419 2120 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/31 09:35:02.0450 2120 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/08/31 09:35:02.0481 2120 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/08/31 09:35:02.0512 2120 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/08/31 09:35:02.0544 2120 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/08/31 09:35:02.0590 2120 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/08/31 09:35:02.0606 2120 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/08/31 09:35:02.0653 2120 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/08/31 09:35:02.0684 2120 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/08/31 09:35:02.0731 2120 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/08/31 09:35:02.0762 2120 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/31 09:35:02.0793 2120 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/31 09:35:02.0856 2120 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/08/31 09:35:02.0871 2120 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/31 09:35:02.0949 2120 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/31 09:35:02.0980 2120 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/08/31 09:35:03.0043 2120 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/08/31 09:35:03.0090 2120 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/08/31 09:35:03.0136 2120 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/31 09:35:03.0183 2120 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/08/31 09:35:03.0214 2120 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/31 09:35:03.0261 2120 MBR (0x1B8) (ff2252ed61b5c88a11c201e54175f06f) \Device\Harddisk0\DR0
2011/08/31 09:35:03.0402 2120 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR3
2011/08/31 09:35:03.0417 2120 Boot (0x1200) (816974958fab94f314d75bb7db350fe4) \Device\Harddisk0\DR0\Partition0
2011/08/31 09:35:03.0433 2120 Boot (0x1200) (84857bb34f5c6ea72b0df6dd4f74def1) \Device\Harddisk0\DR0\Partition1
2011/08/31 09:35:03.0480 2120 Boot (0x1200) (e395071e2996b4eb9af7e3576bc643c9) \Device\Harddisk0\DR0\Partition2
2011/08/31 09:35:03.0495 2120 Boot (0x1200) (b022f36d2248bb73ef5bc1e28bb053e0) \Device\Harddisk3\DR3\Partition0
2011/08/31 09:35:03.0495 2120 ================================================================================
2011/08/31 09:35:03.0495 2120 Scan finished
2011/08/31 09:35:03.0495 2120 ================================================================================
2011/08/31 09:35:03.0511 2112 Detected object count: 0
2011/08/31 09:35:03.0511 2112 Actual detected object count: 0
2011/08/31 09:35:34.0680 1956 Deinitialize success

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7620

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

8/31/2011 10:26:46 AM
mbam-log-2011-08-31 (10-26-46).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 430083
Time elapsed: 46 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

MBAM

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,562 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:00 AM

Posted 31 August 2011 - 10:46 AM

Hello again.
Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 tfware

tfware
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:00 AM

Posted 31 August 2011 - 11:37 AM

Yes I am on a router. My husband and I both have our computers on it. It's wireless but we are both actually "wired" to it. I don't think his machine would be redirecting. He hasn't made any changes in the past couple of months to his machine. But then we aren't sure how that would work either.

Here is the "MiniToolBox" log you requested. In addition, when I ran the Gmer program nothing came up. It didn't even do the "automatice quick scan" you mentioned in the previous post. I did do a scan like you advised though and nothing was found at all. I believe I did what you stated. I closed all applications including IE and forgive me for my ignorance, but wasn't sure how to actually "disconnect from the inet (still somewhat new to Windows 7 and not sure how to access it from here like in XP) so I simply disconnected the cable from the back of my computer that runs to the router.

Additionally you asked if I use Firefox. I do. Currently I am accessing this forum via IE due to again, my ignorance regarding Windows 7 and not being able to figure out how to save things in different places with ease on Firefox now.


MiniToolBox by Farbar
Ran by Tiffany (administrator) on 31-08-2011 at 10:57:03
Windows 7 Home Premium (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tiffany-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ok.cox.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : ok.cox.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : E0-CB-4E-03-C9-60
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f51e:491e:bade:b897%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 31, 2011 10:28:38 AM
Lease Expires . . . . . . . . . . : Thursday, September 01, 2011 10:28:38 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 244377274
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-D7-B0-47-E0-CB-4E-03-C9-60
DNS Servers . . . . . . . . . . . : 68.105.28.11
68.105.29.11
68.105.28.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.ok.cox.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns1.cox.net
Address: 68.105.28.11

Name: google.com
Addresses: 74.125.73.105
74.125.73.106
74.125.73.147
74.125.73.99
74.125.73.103
74.125.73.104


Pinging google.com [74.125.73.99] with 32 bytes of data:
Reply from 74.125.73.99: bytes=32 time=27ms TTL=53
Reply from 74.125.73.99: bytes=32 time=21ms TTL=53

Ping statistics for 74.125.73.99:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 21ms, Maximum = 27ms, Average = 24ms
Server: cdns1.cox.net
Address: 68.105.28.11

Name: yahoo.com
Addresses: 69.147.125.65
72.30.2.43
98.137.149.56
209.191.122.70
67.195.160.76


Pinging yahoo.com [67.195.160.76] with 32 bytes of data:
Reply from 67.195.160.76: bytes=32 time=77ms TTL=54
Reply from 67.195.160.76: bytes=32 time=50ms TTL=54

Ping statistics for 67.195.160.76:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 77ms, Average = 63ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...e0 cb 4e 03 c9 60 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 266
192.168.1.101 255.255.255.255 On-link 192.168.1.101 266
192.168.1.255 255.255.255.255 On-link 192.168.1.101 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 266 fe80::/64 On-link
11 266 fe80::f51e:491e:bade:b897/128
On-link
1 306 ff00::/8 On-link
11 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/31/2011 10:33:31 AM) (Source: Application Error) (User: )
Description: Faulting application name: win4036e0.dat, version: 0.0.0.0, time stamp: 0x4e57bcae
Faulting module name: Flash10c.ocx, version: 10.0.32.18, time stamp: 0x4a613d79
Exception code: 0xc0000005
Fault offset: 0x00221256
Faulting process id: 0x644
Faulting application start time: 0xwin4036e0.dat0
Faulting application path: win4036e0.dat1
Faulting module path: win4036e0.dat2
Report Id: win4036e0.dat3

Error: (08/31/2011 10:30:52 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {37e234d2-5a7e-42d1-a057-019de25912c7}

Error: (08/31/2011 08:23:49 AM) (Source: Application Error) (User: )
Description: Faulting application name: win4036e0.dat, version: 0.0.0.0, time stamp: 0x4e57bcae
Faulting module name: jvm.dll, version: 19.0.0.9, time stamp: 0x4cddfd7f
Exception code: 0xc0000005
Fault offset: 0x000ca9b2
Faulting process id: 0x820
Faulting application start time: 0xwin4036e0.dat0
Faulting application path: win4036e0.dat1
Faulting module path: win4036e0.dat2
Report Id: win4036e0.dat3

Error: (08/31/2011 08:19:50 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {9a7b427c-7e7b-46f3-89dc-b5af60741bea}

Error: (08/31/2011 01:47:50 AM) (Source: Application Error) (User: )
Description: Faulting application name: java.exe, version: 6.0.230.5, time stamp: 0x4cddca02
Faulting module name: java.dll, version: 6.0.230.5, time stamp: 0x4cddfd7f
Exception code: 0xc0000005
Fault offset: 0x00004e2f
Faulting process id: 0x12cc
Faulting application start time: 0xjava.exe0
Faulting application path: java.exe1
Faulting module path: java.exe2
Report Id: java.exe3

Error: (08/30/2011 06:55:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: win4036e0.dat, version: 0.0.0.0, time stamp: 0x4e57bcae
Faulting module name: Flash10c.ocx, version: 10.0.32.18, time stamp: 0x4a613d79
Exception code: 0xc0000005
Fault offset: 0x0020a348
Faulting process id: 0x890
Faulting application start time: 0xwin4036e0.dat0
Faulting application path: win4036e0.dat1
Faulting module path: win4036e0.dat2
Report Id: win4036e0.dat3

Error: (08/30/2011 06:52:50 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {1891578b-7a59-404b-9c70-f1ca3abc0918}

Error: (08/30/2011 05:16:12 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/30/2011 05:16:12 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/30/2011 05:16:12 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (08/31/2011 10:28:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/31/2011 10:28:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/31/2011 10:28:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/31/2011 10:28:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/31/2011 10:28:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/31/2011 10:28:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/31/2011 10:28:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/31/2011 10:28:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/31/2011 10:28:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/31/2011 10:28:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (08/31/2011 10:33:31 AM) (Source: Application Error)(User: )
Description: win4036e0.dat0.0.0.04e57bcaeFlash10c.ocx10.0.32.184a613d79c00000050022125664401cc67f2a9a9f5ca\\.\globalroot\Device\HarddiskVolume2\Users\Tiffany\AppData\Local\Temp\win4036e0.datC:\Windows\SysWow64\Macromed\Flash\Flash10c.ocx947dcfb8-d3e6-11e0-b266-e0cb4e03c960

Error: (08/31/2011 10:30:52 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {37e234d2-5a7e-42d1-a057-019de25912c7}

Error: (08/31/2011 08:23:49 AM) (Source: Application Error)(User: )
Description: win4036e0.dat0.0.0.04e57bcaejvm.dll19.0.0.94cddfd7fc0000005000ca9b282001cc67e05d7095c8\\.\globalroot\Device\HarddiskVolume2\Users\Tiffany\AppData\Local\Temp\win4036e0.datC:\PROGRA~2\Java\jre6\bin\client\jvm.dll75a5783b-d3d4-11e0-bc77-e0cb4e03c960

Error: (08/31/2011 08:19:50 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {9a7b427c-7e7b-46f3-89dc-b5af60741bea}

Error: (08/31/2011 01:47:50 AM) (Source: Application Error)(User: )
Description: java.exe6.0.230.54cddca02java.dll6.0.230.54cddfd7fc000000500004e2f12cc01cc67a9e5632eceC:\Program Files (x86)\Java\jre6\bin\java.exeC:\Program Files (x86)\Java\jre6\bin\java.dll243ded84-d39d-11e0-840f-e0cb4e03c960

Error: (08/30/2011 06:55:58 PM) (Source: Application Error)(User: )
Description: win4036e0.dat0.0.0.04e57bcaeFlash10c.ocx10.0.32.184a613d79c00000050020a34889001cc676f9dc6ede8\\.\globalroot\Device\HarddiskVolume2\Users\Tiffany\AppData\Local\Temp\win4036e0.datC:\Windows\SysWow64\Macromed\Flash\Flash10c.ocx9b03cbc2-d363-11e0-840f-e0cb4e03c960

Error: (08/30/2011 06:52:50 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {1891578b-7a59-404b-9c70-f1ca3abc0918}

Error: (08/30/2011 05:16:12 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/30/2011 05:16:12 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/30/2011 05:16:12 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 10 Plugin (Version: 10.3.183.5)
Adobe Reader 9.4.5 (Version: 9.4.5)
AMD APP SDK Runtime (Version: 2.5.684.213)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.60707.2331)
Apple Application Support (Version: 1.5.0)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
Application Profiles (Version: 2.0.4232.33935)
ATI AVIVO64 Codecs (Version: 10.10.0.40918)
ATI Catalyst Install Manager (Version: 3.0.833.0)
ATI Problem Report Wizard (Version: 3.0.745.0)
Bonjour (Version: 2.0.4.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0707.2346.40825)
Catalyst Control Center Graphics Previews Common (Version: 2011.0707.2346.40825)
Catalyst Control Center InstallProxy (Version: 2011.0707.2346.40825)
ccc-utility64 (Version: 2011.0707.2346.40825)
CCC Help English (Version: 2011.0707.2345.40825)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Corel WordPerfect Office - iFilter 64 Bit (Version: 1.01.000)
Coupon Printer for Windows (Version: 5.0.0.1)
CyberLink DVD Suite Deluxe (Version: 7.0.2115)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
DTVblizzcon (Version: 2.1.1.214)
DVD Menu Pack for HP MediaSmart Video (Version: 3.1.3224)
EA Download Manager (Version: 7.0.0.59)
Google Talk Plugin (Version: 2.2.2.0)
Hardware Diagnostic Tools (Version: 6.0.5247.34)
HP Advisor (Version: 3.3.9512.3162)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Games (Version: 1.0.0.71)
HP MediaSmart Demo (Version: 1.00.0000)
HP MediaSmart DVD (Version: 3.1.3317)
HP MediaSmart Music/Photo/Video (Version: 3.1.3422)
HP MediaSmart SmartMenu (Version: 3.1.0.1)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.2.0)
HP Odometer (Version: 2.10.0000)
HP Remote Solution (Version: 1.1.11.0)
HP Setup (Version: 1.2.3560.3170)
HP Support Assistant (Version: 4.2.5.3)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.001.000.014)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
HydraVision (Version: 4.2.114.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892)
iTunes (Version: 10.2.1.1)
iWin Games (remove only)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 23 (Version: 6.0.230)
Junk Mail filter update (Version: 14.0.8089.726)
LabelPrint (Version: 2.5.2017)
LightScribe System Software (Version: 1.18.8.1)
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
McAfee Online Backup (Version: 1.16.4.0)
McAfee Total Protection (Version: 11.0.578)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Live Search Toolbar (Version: 3.0.566.0)
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Movie Theme Pack for HP MediaSmart Video (Version: 3.1.3310)
Mozilla Firefox (3.6.20) (Version: 3.6.20 (en-US))
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mysteryville 2 (remove only)
Norton Online Backup (Version: 1.2.20.0)
PictureMover (Version: 3.3.1.19)
Plants vs. Zombies: Game of the Year
PlayReady PC Runtime amd64 (Version: 1.3.0)
Power2Go (Version: 6.0.3304)
PowerDirector (Version: 7.0.3405)
QuickTime (Version: 7.69.80.9)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5938)
RealUpgrade 1.0 (Version: 1.0.0)
Recovery Manager (Version: 5.5.2216)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.0.1118)
The Sims™ 3 (Version: 1.24.3)
The Sims™ Castaway Stories
Update Installer for WildTangent Games App
Ventrilo Client (Version: 3.0.7)
Ventrilo Client for Windows x64 (Version: 3.0.5.0)
Virtual Families (remove only)
VoiceOver Kit (Version: 1.40.128.0)
WildTangent Games App (HP Games) (Version: 4.0.5.14)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
WordPerfect Lightning - IPM (Version: 1.0)
WordPerfect Lightning - Messages (Version: 1.0)
WordPerfect Lightning - MSOM (Version: 1.1)
WordPerfect Lightning (Version: 2.0)
WordPerfect Office X5 - Common (Version: 15.1)
Wordperfect Office X5 - EN (Version: 15.1)
WordPerfect Office X5 - Filters (Version: 15.1)
WordPerfect Office X5 - Graphics (Version: 15.1)
WordPerfect Office X5 - IPM (Version: 15.1)
WordPerfect Office X5 - LegalTools (Version: 15.1)
WordPerfect Office X5 - Migration Manager (Version: 15.1)
WordPerfect Office X5 - Oxford (Version: 15.1)
WordPerfect Office X5 - PerfectExperts EN (Version: 15.1)
WordPerfect Office X5 - PR (Version: 15.1)
WordPerfect Office X5 - QP (Version: 15.1)
WordPerfect Office X5 - Setup Files (Version: 15.1)
WordPerfect Office X5 - Sharepoint (Version: 15.1)
WordPerfect Office X5 - Skins (Version: 15.1)
WordPerfect Office X5 - System EN (Version: 15.0)
WordPerfect Office X5 - Templates (Version: 15.1)
WordPerfect Office X5 - WP (Version: 15.1)
WordPerfect Office X5 - WT (Version: 15.1)
WordPerfect Office X5 (Version: 15.0.0.431)
WordPerfect Office X5 (Version: 15.1)
World of Warcraft (Version: 4.2.2.14545)
World of Warcraft Public Test (Version: 0.0.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 7167.18 MB
Available physical RAM: 5560.6 MB
Total Pagefile: 14332.5 MB
Available Pagefile: 12303.66 MB
Total Virtual: 4095.88 MB
Available Virtual: 3980.33 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:920.81 GB) (Free:740.9 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.6 GB) (Free:1.55 GB) NTFS
3 Drive e: (20080404_141911) (CDROM) (Total:0.31 GB) (Free:0 GB) CDFS
6 Drive h: () (Removable) (Total:0.12 GB) (Free:0.01 GB) FAT

========================= Users: ========================================

User accounts for \\TIFFANY-PC

Administrator Guest Tiffany

========================= Minidump Files ==================================

No minidump file found

**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users