Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

something turned off my avast free and my windows firewall


  • This topic is locked This topic is locked
24 replies to this topic

#1 Alyab123

Alyab123

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 AM

Posted 06 May 2014 - 01:16 AM

Apologies for the long post.

 

I am still using windows XP pro, unfortunately. (I tried to create an bootable Ubuntu trial disk at a friend's pc, in order to use the web that way, but unfortunately, my dvd player couldn't fully read the dvd-rom.) Meanwhile, I logged on in this unprotected state, to download a strong firewall like zonealarm.

Obviously, something happened because the next time I booted up to my computer, malwarebytes wouldn't start, Avast free was disabled and "locked" and my firewall (windows) was turned off. I disconnected my LAN, and tried to figure out what to do. I tried rebooting into safe mode, but that did not help.

 

At some point, I attempted a system restore, which turned out to successfully restore access to my virus protection. I was quite leery about going back online, however.

 

I ran Avast, and super antispyware, but they found nothing. I set a password for avast free. The next time I turned off and restarted my pc, Avast was again turned off, despite my previous system restore.

 

I enabled the web connection in order to install zonealarm. However it prevented me from accessing most websites, and I kept getting popups asking to access the web. I have k9 webfilter installed also. It seemed to me that there was some kind of conflict between zonealarm, firefox, and k9filter, although all were listed as trusted in the zonealarm settings. Finally, in frustration, I uninstalled zonealarm and despite the risk I came here to look for help.

 

I spent some time registering and reading the rules, then disabled the pc again. I did the system restore again, which re-activated Avast free. I downloaded a new installation of malwarebytes, but in order to run it, I needed to restart my pc, which I was afraid to do.

 

At some point, I did log off and log back on, and the virus software was still running. I would enable the web connection for short instances, in order to update or re-install some of my protection software, and then disable it again. I searched hopelessly for ideas about why zonealarm and firefox were not working, and whether k9 was the culprit. I could not find any explanation, other than a message about checking my proxy settings. I don't know what my proxy settings are supposed to be, so that advice did not help.

 

I repeatedly ran the 3 anti-malware programs (avast free, super antispyware and malwarebytes). All they found were a few pups. Eventually, avast antivirus came back with a list of files such as this one:

C:\System Volume Information\_restore{99F1AA40-3620-43B6-A011-AA2B9C4CE24F}\RP1162\snapshot\MFEX-4.DAT [L] Rootkit: hidden file (0)

File will be repaired during the next system start...

and a list like this:

C:\System Volume Information\_restore{99F1AA40-3620-43B6-A011-AA2B9C4CE24F}\RP1165\A0272365.exe|>images\bgbutton.png [E] Archive is password protected. (42056)

 

But no infections found. Regardless, on the next bootup, avast ran the program before windows started.

 

I went to a relative's computer again to try to get more ideas of how to tell if my system is infected. The only information I gleaned was that zonealarm has to be installed while connected to the internet! So I came back home, and I enabled the connection in order to install zonealarm. Now firefox works fine. But I have no idea how to set up zonealarm so that my ip address is correct and my computer is connected. For some reason I'm not getting alerts about web access, and a whole bunch of things are already ticked off as trusted, as if it is remembering settings from a previous installation. This despite the fact that I ran the uninstallation tool that I found on your site when I previously uninstalled zonealarm. The log viewer shows many allowed web communications, some of which I believe are part of windows, but I don't know if they should have access.

So I have no idea if I'm being properly protected.

 

One other reason I think I still have some sort of infection, is when I start the computer, the harddrive now turns for an excessive amount of time, and upon opening, windows is automatically opening up one of the random folders that are on my desktop. I don't know where the setting for this action is, but it is obviously odd behavior.

 

As a last resort, I ran emisoft Emergency Kit off a flashdrive, and it found 7 registry objects that it removed. I have that log. One of them was this:

Value: HKEY_USERS\S-1-5-21-1454471165-1844237615-839522115-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR     detected: Setting.DisableTaskMgr (A)

 

However, my taskmanager has been working fine the entire time!

 

Any help in figuring out if my system is now clean would be greatly appreciated.

After that, I will have to start another thread on how to properly set up the Firewall.


Edited by Alyab123, 06 May 2014 - 01:26 AM.


BC AdBot (Login to Remove)

 


m

#2 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,589 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:01 AM

Posted 06 May 2014 - 02:59 AM

G'day Alyab123, and :welcome:  to BC !

Lets do a little ferreting around and see what we can find...Please run the following tools IN The Order Listed

Copy and Paste any logs produced into your reply.

Read these instruction before you start, so you get the gist of what we are doing.

If you are not sure....ask !

 

Please download RKill by Grinler from the link below and save it to your desktop.

    RKill
    Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
    Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
    If nothing happens or if the tool does not run, please let me know in your next reply.
    A log pops up at the end of the run. This log file is located at C:\rkill.log.
    Please post the log in your next reply.

 

Now.....DO NOT Reboot here......just go ahead and run the next tool......

 

Download TDSSKiller and save it to your desktop.
Extract (unzip) its contents to your desktop.
Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file in your reply..
If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

Then....UPDATE MBAM (MalwareBytes), and run a threat scan..(I am assuming here that your are running version 2.......if you are running the older version, run a Quick scan)

If malwarebytes wants to update to the newer version, allow it to do so.

Post the log in your reply as well..

 

 

 


Condobloke

Outback Australian  

 

fed up with Windows antics...??

 

LINUX IS THE ANSWER

 

I USE LINUX MINT 18.3  EXCLUSIVELY.

 Failure is not an option. It comes bundled with your Microsoft product.

 

Success is not Final, Failure is not Fatal,

 

It is the Courage to Continue that Counts.

W.C. 4th June 1940

 

 

 


#3 Alyab123

Alyab123
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 AM

Posted 06 May 2014 - 09:38 PM

I disabled avast free as you suggested in order to run these utilities. When I tried to turn it back on, it said one shield is disabled, although no shields show as disabled in the program. Now Avast won't even open at all. Something is obviously messing with Avast.

 

And I don't think Zonealarm is doing anything either. I am running these scans with internet enabled, because I think I have to. If I don't have to, please let me know, and I will turn it off and run them again.

 

I also had to shut off zonealarm, because it wasn't letting me on to the web again.

 

I don't know if you meant to attach the logs, or post them here. I am posting them.

 

rkill.txt:

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/06/2014 10:06:08 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1 localhost

Program finished at: 05/06/2014 10:06:44 PM
Execution time: 0 hours(s), 0 minute(s), and 35 seconds(s)

 

 

TDSSKiller: I re-enabled Zonealarm before running this.

 

22:07:25.0796 0x0e24  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
22:07:29.0890 0x0e24  ============================================================
22:07:29.0890 0x0e24  Current date / time: 2014/05/06 22:07:29.0890
22:07:29.0890 0x0e24  SystemInfo:
22:07:29.0890 0x0e24  
22:07:29.0890 0x0e24  OS Version: 5.1.2600 ServicePack: 3.0
22:07:29.0890 0x0e24  Product type: Workstation
22:07:29.0890 0x0e24  ComputerName: BAILA
22:07:29.0890 0x0e24  UserName: Baila Admin
22:07:29.0890 0x0e24  Windows directory: C:\WINDOWS
22:07:29.0890 0x0e24  System windows directory: C:\WINDOWS
22:07:29.0890 0x0e24  Processor architecture: Intel x86
22:07:29.0890 0x0e24  Number of processors: 2
22:07:29.0890 0x0e24  Page size: 0x1000
22:07:29.0890 0x0e24  Boot type: Normal boot
22:07:29.0890 0x0e24  ============================================================
22:07:33.0343 0x0e24  KLMD registered as C:\WINDOWS\system32\drivers\69070467.sys
22:07:33.0390 0x0e24  System UUID: {EFCD85E3-0999-7EAD-2F8E-5F49A268977A}
22:07:33.0875 0x0e24  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:07:33.0875 0x0e24  ============================================================
22:07:33.0875 0x0e24  \Device\Harddisk0\DR0:
22:07:33.0875 0x0e24  MBR partitions:
22:07:33.0875 0x0e24  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1A4F3A
22:07:33.0875 0x0e24  ============================================================
22:07:33.0906 0x0e24  C: <-> \Device\Harddisk0\DR0\Partition1
22:07:33.0906 0x0e24  ============================================================
22:07:33.0921 0x0e24  Initialize success
22:07:33.0921 0x0e24  ============================================================
22:07:36.0390 0x0fb4  ============================================================
22:07:36.0390 0x0fb4  Scan started
22:07:36.0390 0x0fb4  Mode: Manual;
22:07:36.0390 0x0fb4  ============================================================
22:07:36.0390 0x0fb4  KSN ping started
22:07:38.0890 0x0fb4  KSN ping finished: true
22:07:39.0828 0x0fb4  ================ Scan system memory ========================
22:07:39.0828 0x0fb4  System memory - ok
22:07:39.0828 0x0fb4  ================ Scan services =============================
22:07:40.0000 0x0fb4  [ 51F207D5A9E7B2E76BEE59C05CCC23C4, BE78957DD197777D899FAFBBE71E2FDB5DB9AC6AC4F1595A562FD362429BED6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:07:40.0015 0x0fb4  !SASCORE - ok
22:07:40.0296 0x0fb4  [ C07D5197410AAB28D0D93F943F59656D, 482164BA2B57C7026A7DF3213E0AC59B752A898D9B880BC0629F9CADD05D2894 ] 6to4            C:\WINDOWS\System32\6to4svc.dll
22:07:40.0296 0x0fb4  6to4 - ok
22:07:40.0312 0x0fb4  Abiosdsk - ok
22:07:40.0312 0x0fb4  abp480n5 - ok
22:07:40.0390 0x0fb4  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:07:40.0406 0x0fb4  ACPI - ok
22:07:40.0468 0x0fb4  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
22:07:40.0468 0x0fb4  ACPIEC - ok
22:07:40.0609 0x0fb4  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:07:40.0609 0x0fb4  AdobeFlashPlayerUpdateSvc - ok
22:07:40.0625 0x0fb4  adpu160m - ok
22:07:40.0640 0x0fb4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
22:07:40.0640 0x0fb4  aec - ok
22:07:40.0718 0x0fb4  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
22:07:40.0718 0x0fb4  AFD - ok
22:07:40.0718 0x0fb4  Aha154x - ok
22:07:40.0734 0x0fb4  aic78u2 - ok
22:07:40.0750 0x0fb4  aic78xx - ok
22:07:40.0796 0x0fb4  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
22:07:40.0812 0x0fb4  Alerter - ok
22:07:40.0828 0x0fb4  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
22:07:40.0828 0x0fb4  ALG - ok
22:07:40.0828 0x0fb4  AliIde - ok
22:07:40.0843 0x0fb4  amsint - ok
22:07:40.0906 0x0fb4  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
22:07:40.0906 0x0fb4  AppMgmt - ok
22:07:40.0921 0x0fb4  asc - ok
22:07:40.0921 0x0fb4  asc3350p - ok
22:07:40.0937 0x0fb4  asc3550 - ok
22:07:41.0125 0x0fb4  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:07:41.0125 0x0fb4  aspnet_state - ok
22:07:41.0203 0x0fb4  [ 4D6C6E0505A8E5A0656DCB223497D37C, 7F9457AF4B6E4FC6C4F77BD39DB5EB5520C44D22974B9781EA0F984D6830637C ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
22:07:41.0203 0x0fb4  aswHwid - ok
22:07:41.0234 0x0fb4  [ 1A2CC93BBD77C2D95A7567938D7D7239, DD082ACA011DA63CC1A69BAD8C42B9DA3A9975194D87B5584A39C91ED92341E3 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
22:07:41.0234 0x0fb4  aswMonFlt - ok
22:07:41.0281 0x0fb4  [ 46B3ABE51856A9F5B2ABBA0221F4C360, EAAE03D497BA03EAE5EC0D29ADD7FBCED7E744B45071A9CA706D3B78F24D2868 ] AswRdr          C:\WINDOWS\system32\drivers\aswRdr.sys
22:07:41.0296 0x0fb4  AswRdr - ok
22:07:41.0343 0x0fb4  [ 24B3BDA01DB3A704E33A5266C7B52DAF, FB2555504570E8FD6AA251BE9D05EDC2B73596EF830384130556EC64E518FE65 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
22:07:41.0343 0x0fb4  aswRvrt - ok
22:07:41.0421 0x0fb4  [ A148A36F871BFDBF80654D28D6B59FAE, BA7B127D2B64EF969D0C040589CB740E068DF7CE8B964B3CABB7511BCD389DC5 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
22:07:41.0437 0x0fb4  aswSnx - ok
22:07:41.0531 0x0fb4  [ EBD3B15E2E01EE94BA5262FAFC691A8E, F58A08B5467FCF527DC97E000496284584DFF890AAC3E19BC650FF160DD2EA79 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
22:07:41.0546 0x0fb4  aswSP - ok
22:07:41.0578 0x0fb4  [ AF01CD260A9EF60B09029C9F5EF99040, C74A94598DC8DBD3AB13E43A60ED12698A121332446867FC3B75745626E0B7CB ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
22:07:41.0578 0x0fb4  aswTdi - ok
22:07:41.0640 0x0fb4  [ B2D7EE52633CA8831DDAFCA81C2D46C3, 017C6C376520380F29AF465F1464C3652D421C4B873B7AC2647498F356032361 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
22:07:41.0640 0x0fb4  aswVmm - ok
22:07:41.0718 0x0fb4  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:07:41.0718 0x0fb4  AsyncMac - ok
22:07:41.0796 0x0fb4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
22:07:41.0796 0x0fb4  atapi - ok
22:07:41.0796 0x0fb4  Atdisk - ok
22:07:41.0875 0x0fb4  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:07:41.0875 0x0fb4  Atmarpc - ok
22:07:41.0984 0x0fb4  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
22:07:41.0984 0x0fb4  AudioSrv - ok
22:07:42.0093 0x0fb4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
22:07:42.0093 0x0fb4  audstub - ok
22:07:42.0218 0x0fb4  [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:07:42.0234 0x0fb4  avast! Antivirus - ok
22:07:42.0296 0x0fb4  [ DF7869A08645E7AED128DE5E4D75C867, BD4818F4DDDC87CA0C9D467B51B8A31D06E477103086E30121CA908B11D84F15 ] bckd            C:\WINDOWS\system32\drivers\bckd.sys
22:07:42.0312 0x0fb4  bckd - ok
22:07:42.0453 0x0fb4  [ 540E76EE1472F7C85E3069A58244C9F3, B2281B876BCF2324CA818C3566E8DF217109C035618CFC60E56184DBF59C4B44 ] bckwfs          C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
22:07:42.0500 0x0fb4  bckwfs - ok
22:07:42.0546 0x0fb4  [ CD4646067CC7DCBA1907FA0ACF7E3966, 705DF801ACB8719213E95D6214E6C30F7A217663305DBB718F7ECD40F0084340 ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
22:07:42.0562 0x0fb4  bcm4sbxp - ok
22:07:42.0609 0x0fb4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:07:42.0609 0x0fb4  Beep - ok
22:07:42.0703 0x0fb4  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
22:07:42.0718 0x0fb4  BITS - ok
22:07:42.0781 0x0fb4  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
22:07:42.0781 0x0fb4  Browser - ok
22:07:42.0843 0x0fb4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
22:07:42.0859 0x0fb4  cbidf2k - ok
22:07:42.0921 0x0fb4  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:07:42.0921 0x0fb4  CCDECODE - ok
22:07:42.0937 0x0fb4  cd20xrnt - ok
22:07:43.0000 0x0fb4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
22:07:43.0000 0x0fb4  Cdaudio - ok
22:07:43.0031 0x0fb4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
22:07:43.0031 0x0fb4  Cdfs - ok
22:07:43.0078 0x0fb4  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:07:43.0078 0x0fb4  Cdrom - ok
22:07:43.0078 0x0fb4  Changer - ok
22:07:43.0140 0x0fb4  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
22:07:43.0156 0x0fb4  CiSvc - ok
22:07:43.0156 0x0fb4  cleanhlp - ok
22:07:43.0218 0x0fb4  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
22:07:43.0218 0x0fb4  ClipSrv - ok
22:07:43.0296 0x0fb4  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:07:43.0296 0x0fb4  clr_optimization_v2.0.50727_32 - ok
22:07:43.0390 0x0fb4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:07:43.0390 0x0fb4  clr_optimization_v4.0.30319_32 - ok
22:07:43.0406 0x0fb4  CmdIde - ok
22:07:43.0406 0x0fb4  COMSysApp - ok
22:07:43.0437 0x0fb4  Cpqarray - ok
22:07:43.0453 0x0fb4  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
22:07:43.0453 0x0fb4  CryptSvc - ok
22:07:43.0468 0x0fb4  dac2w2k - ok
22:07:43.0468 0x0fb4  dac960nt - ok
22:07:43.0562 0x0fb4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
22:07:43.0578 0x0fb4  DcomLaunch - ok
22:07:43.0640 0x0fb4  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
22:07:43.0640 0x0fb4  Dhcp - ok
22:07:43.0703 0x0fb4  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
22:07:43.0703 0x0fb4  Disk - ok
22:07:43.0828 0x0fb4  [ A53723176D0002FEB486EFF8E17812F2, DE528F84C750082D43113FA2BEEE4A873CB68BEE742B45034C434E6910716606 ] DLABMFSM        C:\WINDOWS\system32\DLA\DLABMFSM.SYS
22:07:43.0828 0x0fb4  DLABMFSM - ok
22:07:43.0843 0x0fb4  [ D4587063ACEA776699251E177D719586, 902D46EF1AF2BFB389CE6853C640CDBF084AD3B78C34BCE93B695A03357F9537 ] DLABOIOM        C:\WINDOWS\system32\DLA\DLABOIOM.SYS
22:07:43.0843 0x0fb4  DLABOIOM - ok
22:07:43.0859 0x0fb4  [ 5230CDB7E715F3A3B4A882E254CDD35D, 0D6A88DE30A75FAD5FF535468DF56A33E4695C619BFDD7E142AC4516A7878E52 ] DLACDBHM        C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
22:07:43.0859 0x0fb4  DLACDBHM - ok
22:07:43.0875 0x0fb4  [ C950C2E7B9ED1A4FC4A2AC7EC044F1D6, B41A3F5FE203B188E99628AC93C2BC4E7B4188BA99D5177E10EE75503453A4B5 ] DLADResM        C:\WINDOWS\system32\DLA\DLADResM.SYS
22:07:43.0875 0x0fb4  DLADResM - ok
22:07:43.0890 0x0fb4  [ 24400137E387A24410C52A591F3CFB4D, 2E9CD1D9E217238E9A38C49B64A91DE2DEEA10867BCBDFA561C3834DB3FB1F51 ] DLAIFS_M        C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
22:07:43.0890 0x0fb4  DLAIFS_M - ok
22:07:43.0906 0x0fb4  [ 29A303FECEB28641ECEBDAE89EB71C63, 42ABC45AC54F2F6F52D16BC8C84C86CDB0D68D371C4EDF3DA59E4426575F9374 ] DLAOPIOM        C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
22:07:43.0921 0x0fb4  DLAOPIOM - ok
22:07:43.0937 0x0fb4  [ C93E33A22A1AE0C5508F3FB1F6D0A50C, D37B5A80A7A5DF28790178C1F173CAF223BB4CE5BEC6D02E221D4E611978C98D ] DLAPoolM        C:\WINDOWS\system32\DLA\DLAPoolM.SYS
22:07:43.0937 0x0fb4  DLAPoolM - ok
22:07:43.0937 0x0fb4  [ 77FE51F0F8D86804CB81F6EF6BFB86DD, 030F70D5703A95964087C3E9EB1E9BAC1ECE8224FFF3E131A5C1D20215C9BB43 ] DLARTL_M        C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
22:07:43.0937 0x0fb4  DLARTL_M - ok
22:07:43.0968 0x0fb4  [ B953498C35A31E5AC98F49ADBCF3E627, C7F009DA79F64EF8CF1CBF0B3856020C052145C45BF88822E6BF254EE41C5905 ] DLAUDFAM        C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
22:07:43.0968 0x0fb4  DLAUDFAM - ok
22:07:43.0984 0x0fb4  [ 4897704C093C1F59CE58FC65E1E1EF1E, 421DA304A935623DEB3EF331AD907E8629D5DEBF038E2FDE3D4ED4D5E6BEFD50 ] DLAUDF_M        C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
22:07:43.0984 0x0fb4  DLAUDF_M - ok
22:07:43.0984 0x0fb4  dmadmin - ok
22:07:44.0046 0x0fb4  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
22:07:44.0078 0x0fb4  dmboot - ok
22:07:44.0109 0x0fb4  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
22:07:44.0125 0x0fb4  dmio - ok
22:07:44.0156 0x0fb4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
22:07:44.0156 0x0fb4  dmload - ok
22:07:44.0203 0x0fb4  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
22:07:44.0203 0x0fb4  dmserver - ok
22:07:44.0265 0x0fb4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
22:07:44.0281 0x0fb4  DMusic - ok
22:07:44.0328 0x0fb4  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
22:07:44.0343 0x0fb4  Dnscache - ok
22:07:44.0406 0x0fb4  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:07:44.0406 0x0fb4  Dot3svc - ok
22:07:44.0421 0x0fb4  dpti2o - ok
22:07:44.0453 0x0fb4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
22:07:44.0453 0x0fb4  drmkaud - ok
22:07:44.0468 0x0fb4  [ C00440385CF9F3D142917C63F989E244, 5DD3684D3C6DE4E9C82778C4097E9017E1DB0617DDD1D04831263B1E390B2D08 ] DRVMCDB         C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
22:07:44.0468 0x0fb4  DRVMCDB - ok
22:07:44.0484 0x0fb4  [ FFC371525AA55D1BAE18715EBCB8797C, 4894F67772CEB0143B5DAFE10B42D90727E36A58B02F6221E83CE4CFD26E32B6 ] DRVNDDM         C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
22:07:44.0484 0x0fb4  DRVNDDM - ok
22:07:44.0515 0x0fb4  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
22:07:44.0515 0x0fb4  EapHost - ok
22:07:44.0531 0x0fb4  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
22:07:44.0531 0x0fb4  ERSvc - ok
22:07:44.0578 0x0fb4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
22:07:44.0593 0x0fb4  Eventlog - ok
22:07:44.0671 0x0fb4  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\System32\es.dll
22:07:44.0671 0x0fb4  EventSystem - ok
22:07:44.0750 0x0fb4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
22:07:44.0750 0x0fb4  Fastfat - ok
22:07:44.0812 0x0fb4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:07:44.0828 0x0fb4  FastUserSwitchingCompatibility - ok
22:07:44.0843 0x0fb4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
22:07:44.0843 0x0fb4  Fdc - ok
22:07:44.0859 0x0fb4  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
22:07:44.0859 0x0fb4  Fips - ok
22:07:44.0875 0x0fb4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
22:07:44.0875 0x0fb4  Flpydisk - ok
22:07:44.0953 0x0fb4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
22:07:44.0953 0x0fb4  FltMgr - ok
22:07:45.0062 0x0fb4  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:07:45.0062 0x0fb4  FontCache3.0.0.0 - ok
22:07:45.0078 0x0fb4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:07:45.0093 0x0fb4  Fs_Rec - ok
22:07:45.0093 0x0fb4  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:07:45.0109 0x0fb4  Ftdisk - ok
22:07:45.0109 0x0fb4  getPlusHelper - ok
22:07:45.0171 0x0fb4  [ 01B2BE86C39752A0FFB30ED1FB4A141C, 4FD6ED3288A9594558D06D015DDC1471F9A204CEF22BE293A242EEEF16326E3A ] gfiark          C:\WINDOWS\system32\drivers\gfiark.sys
22:07:45.0171 0x0fb4  gfiark - ok
22:07:45.0203 0x0fb4  [ 483924F92E55A5F9423201EC635E2CED, FEDAC3616709F081A0FA48E2BF521CBCC35E11E523EBADDEACA7308AD14338B3 ] gfibto          C:\WINDOWS\system32\drivers\gfibto.sys
22:07:45.0203 0x0fb4  gfibto - ok
22:07:45.0265 0x0fb4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:07:45.0265 0x0fb4  Gpc - ok
22:07:45.0390 0x0fb4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:07:45.0390 0x0fb4  gupdate - ok
22:07:45.0406 0x0fb4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:07:45.0406 0x0fb4  gupdatem - ok
22:07:45.0468 0x0fb4  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:07:45.0468 0x0fb4  HDAudBus - ok
22:07:45.0593 0x0fb4  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:07:45.0593 0x0fb4  helpsvc - ok
22:07:45.0656 0x0fb4  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
22:07:45.0671 0x0fb4  HidServ - ok
22:07:45.0718 0x0fb4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:07:45.0718 0x0fb4  hidusb - ok
22:07:45.0781 0x0fb4  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
22:07:45.0781 0x0fb4  hkmsvc - ok
22:07:45.0796 0x0fb4  hpn - ok
22:07:45.0843 0x0fb4  [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:07:45.0843 0x0fb4  HPZid412 - ok
22:07:45.0859 0x0fb4  [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:07:45.0859 0x0fb4  HPZipr12 - ok
22:07:45.0890 0x0fb4  [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:07:45.0906 0x0fb4  HPZius12 - ok
22:07:45.0968 0x0fb4  [ 77E4FF0B73BC0AEAAF39BF0C8104231F, A5D35FCD9E52003D990EB97DF1634DE9B516647C8DAAD3152550CD875DBBDA82 ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
22:07:45.0968 0x0fb4  HSFHWBS2 - ok
22:07:46.0015 0x0fb4  [ 60E1604729A15EF4A3B05F298427B3B1, 139DE473F645A300DD436B4AA8359A23FCE3BB9688B6B597E89F8ADBC36A71B9 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
22:07:46.0046 0x0fb4  HSF_DP - ok
22:07:46.0125 0x0fb4  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
22:07:46.0140 0x0fb4  HTTP - ok
22:07:46.0203 0x0fb4  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
22:07:46.0218 0x0fb4  HTTPFilter - ok
22:07:46.0218 0x0fb4  i2omgmt - ok
22:07:46.0234 0x0fb4  i2omp - ok
22:07:46.0234 0x0fb4  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
22:07:46.0250 0x0fb4  i8042prt - ok
22:07:46.0359 0x0fb4  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:07:46.0359 0x0fb4  IDriverT - ok
22:07:46.0468 0x0fb4  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:07:46.0484 0x0fb4  idsvc - ok
22:07:46.0546 0x0fb4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
22:07:46.0562 0x0fb4  Imapi - ok
22:07:46.0625 0x0fb4  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
22:07:46.0625 0x0fb4  ImapiService - ok
22:07:46.0640 0x0fb4  ini910u - ok
22:07:46.0656 0x0fb4  IntelIde - ok
22:07:46.0718 0x0fb4  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
22:07:46.0718 0x0fb4  ip6fw - ok
22:07:46.0781 0x0fb4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:07:46.0781 0x0fb4  IpFilterDriver - ok
22:07:46.0796 0x0fb4  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:07:46.0796 0x0fb4  IpInIp - ok
22:07:46.0859 0x0fb4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:07:46.0875 0x0fb4  IpNat - ok
22:07:46.0937 0x0fb4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:07:46.0937 0x0fb4  IPSec - ok
22:07:46.0968 0x0fb4  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
22:07:46.0968 0x0fb4  IRENUM - ok
22:07:47.0031 0x0fb4  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:07:47.0031 0x0fb4  isapnp - ok
22:07:47.0093 0x0fb4  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:07:47.0093 0x0fb4  Kbdclass - ok
22:07:47.0171 0x0fb4  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:07:47.0171 0x0fb4  kbdhid - ok
22:07:47.0234 0x0fb4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
22:07:47.0250 0x0fb4  kmixer - ok
22:07:47.0281 0x0fb4  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
22:07:47.0281 0x0fb4  KSecDD - ok
22:07:47.0328 0x0fb4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
22:07:47.0343 0x0fb4  lanmanserver - ok
22:07:47.0406 0x0fb4  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:07:47.0421 0x0fb4  lanmanworkstation - ok
22:07:47.0437 0x0fb4  lbrtfdc - ok
22:07:47.0500 0x0fb4  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
22:07:47.0500 0x0fb4  LmHosts - ok
22:07:47.0546 0x0fb4  [ D9245511FF704AC29A4EFD1B168E1C02, BC097A49825192EE5B96072709D905E4B5A6516878AED51A163C77ADBA7E9E7D ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
22:07:47.0562 0x0fb4  mbamchameleon - ok
22:07:47.0593 0x0fb4  [ EEAEA6514BA7C9D273B5E87C4E1AAB30, 3B724C6A8867B1B7A45D832150E0CFAC1004D3B972A2A7BFDD2ADDDB2488BB1E ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:07:47.0593 0x0fb4  mdmxsdk - ok
22:07:47.0656 0x0fb4  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
22:07:47.0671 0x0fb4  Messenger - ok
22:07:47.0703 0x0fb4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
22:07:47.0703 0x0fb4  mnmdd - ok
22:07:47.0750 0x0fb4  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
22:07:47.0750 0x0fb4  mnmsrvc - ok
22:07:47.0812 0x0fb4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
22:07:47.0812 0x0fb4  Modem - ok
22:07:47.0875 0x0fb4  [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
22:07:47.0890 0x0fb4  MODEMCSA - ok
22:07:47.0921 0x0fb4  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:07:47.0921 0x0fb4  Mouclass - ok
22:07:47.0953 0x0fb4  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:07:47.0968 0x0fb4  mouhid - ok
22:07:48.0031 0x0fb4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
22:07:48.0046 0x0fb4  MountMgr - ok
22:07:48.0171 0x0fb4  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:07:48.0171 0x0fb4  MozillaMaintenance - ok
22:07:48.0187 0x0fb4  mraid35x - ok
22:07:48.0250 0x0fb4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:07:48.0250 0x0fb4  MRxDAV - ok
22:07:48.0421 0x0fb4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:07:48.0437 0x0fb4  MRxSmb - ok
22:07:48.0484 0x0fb4  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
22:07:48.0500 0x0fb4  MSDTC - ok
22:07:48.0515 0x0fb4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
22:07:48.0515 0x0fb4  Msfs - ok
22:07:48.0515 0x0fb4  MSIServer - ok
22:07:48.0546 0x0fb4  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:07:48.0546 0x0fb4  MSKSSRV - ok
22:07:48.0562 0x0fb4  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:07:48.0578 0x0fb4  MSPCLOCK - ok
22:07:48.0578 0x0fb4  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
22:07:48.0578 0x0fb4  MSPQM - ok
22:07:48.0609 0x0fb4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:07:48.0609 0x0fb4  mssmbios - ok
22:07:48.0656 0x0fb4  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
22:07:48.0656 0x0fb4  MSTEE - ok
22:07:48.0718 0x0fb4  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
22:07:48.0718 0x0fb4  Mup - ok
22:07:48.0781 0x0fb4  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:07:48.0796 0x0fb4  NABTSFEC - ok
22:07:48.0875 0x0fb4  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
22:07:48.0890 0x0fb4  napagent - ok
22:07:48.0906 0x0fb4  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
22:07:48.0921 0x0fb4  NDIS - ok
22:07:48.0984 0x0fb4  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:07:48.0984 0x0fb4  NdisIP - ok
22:07:49.0046 0x0fb4  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:07:49.0046 0x0fb4  NdisTapi - ok
22:07:49.0062 0x0fb4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:07:49.0062 0x0fb4  Ndisuio - ok
22:07:49.0093 0x0fb4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:07:49.0093 0x0fb4  NdisWan - ok
22:07:49.0156 0x0fb4  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
22:07:49.0156 0x0fb4  NDProxy - ok
22:07:49.0234 0x0fb4  [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
22:07:49.0234 0x0fb4  Net Driver HPZ12 - ok
22:07:49.0250 0x0fb4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
22:07:49.0250 0x0fb4  NetBIOS - ok
22:07:49.0312 0x0fb4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
22:07:49.0312 0x0fb4  NetBT - ok
22:07:49.0375 0x0fb4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
22:07:49.0390 0x0fb4  NetDDE - ok
22:07:49.0390 0x0fb4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
22:07:49.0406 0x0fb4  NetDDEdsdm - ok
22:07:49.0468 0x0fb4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
22:07:49.0468 0x0fb4  Netlogon - ok
22:07:49.0546 0x0fb4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
22:07:49.0562 0x0fb4  Netman - ok
22:07:49.0640 0x0fb4  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:07:49.0656 0x0fb4  NetTcpPortSharing - ok
22:07:49.0734 0x0fb4  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
22:07:49.0734 0x0fb4  Nla - ok
22:07:49.0750 0x0fb4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
22:07:49.0750 0x0fb4  Npfs - ok
22:07:49.0843 0x0fb4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
22:07:49.0859 0x0fb4  Ntfs - ok
22:07:49.0875 0x0fb4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
22:07:49.0875 0x0fb4  NtLmSsp - ok
22:07:49.0968 0x0fb4  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
22:07:49.0984 0x0fb4  NtmsSvc - ok
22:07:50.0000 0x0fb4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
22:07:50.0000 0x0fb4  Null - ok
22:07:50.0687 0x0fb4  [ 7C56F3FD65B2BDB315CA3605A5392D7B, 1C33B2723BBD958FE06D71B6AC5C54DF1F46491C292749FE0DB8577BF056A765 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:07:51.0015 0x0fb4  nv - ok
22:07:51.0093 0x0fb4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:07:51.0093 0x0fb4  NwlnkFlt - ok
22:07:51.0140 0x0fb4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:07:51.0140 0x0fb4  NwlnkFwd - ok
22:07:51.0250 0x0fb4  [ 14191C739F2AF6F9EFEB58697535498F, 8421395FD0B1BAE0DADDEBBC984977CE2B76B8E8E15A2AC732D3607753E60213 ] PAC7302         C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
22:07:51.0265 0x0fb4  PAC7302 - ok
22:07:51.0296 0x0fb4  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
22:07:51.0312 0x0fb4  Parport - ok
22:07:51.0375 0x0fb4  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
22:07:51.0375 0x0fb4  PartMgr - ok
22:07:51.0406 0x0fb4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
22:07:51.0406 0x0fb4  ParVdm - ok
22:07:51.0421 0x0fb4  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
22:07:51.0421 0x0fb4  PCI - ok
22:07:51.0421 0x0fb4  PCIDump - ok
22:07:51.0468 0x0fb4  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
22:07:51.0484 0x0fb4  PCIIde - ok
22:07:51.0515 0x0fb4  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
22:07:51.0531 0x0fb4  Pcmcia - ok
22:07:51.0531 0x0fb4  PDCOMP - ok
22:07:51.0546 0x0fb4  PDFRAME - ok
22:07:51.0546 0x0fb4  PDRELI - ok
22:07:51.0562 0x0fb4  PDRFRAME - ok
22:07:51.0562 0x0fb4  perc2 - ok
22:07:51.0578 0x0fb4  perc2hib - ok
22:07:51.0640 0x0fb4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
22:07:51.0640 0x0fb4  PlugPlay - ok
22:07:51.0656 0x0fb4  [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
22:07:51.0656 0x0fb4  Pml Driver HPZ12 - ok
22:07:51.0734 0x0fb4  [ 896D916DE06F5502D301E8C4DC442AE8, 7B5C5FA075BA680B990A0A78A690CF2DE04EF7EB1457781E38D0EE4A95CEFDCA ] Point32         C:\WINDOWS\system32\DRIVERS\point32.sys
22:07:51.0734 0x0fb4  Point32 - ok
22:07:51.0734 0x0fb4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
22:07:51.0750 0x0fb4  PolicyAgent - ok
22:07:51.0812 0x0fb4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:07:51.0812 0x0fb4  PptpMiniport - ok
22:07:51.0828 0x0fb4  [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
22:07:51.0828 0x0fb4  Processor - ok
22:07:51.0843 0x0fb4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:07:51.0843 0x0fb4  ProtectedStorage - ok
22:07:51.0890 0x0fb4  [ 68B57D7C11277EA89F78255480376B4D, 5530B58126BF33E6BCDED99C73C41B90BA148587BDA3866FD4DAD12035B302B5 ] PSI             C:\WINDOWS\system32\DRIVERS\psi_mf_x86.sys
22:07:51.0906 0x0fb4  PSI - ok
22:07:51.0937 0x0fb4  [ 0E41FE3921A5B530CC49012BC6F6F4B6, FC4935C50BB584F04BA4AFF197A6F96B940A76CF007AB139A90FE7BA2372D83C ] PSMounterEx     C:\WINDOWS\system32\drivers\psmounterex.sys
22:07:51.0937 0x0fb4  PSMounterEx - ok
22:07:51.0953 0x0fb4  [ 45D961FAF405848DCEEBC3F459DC90B3, A886CF1814B711F8BE6743049C1440229583E2F4616DB24BC4CD1C3B90BAEDBA ] pssnap          C:\WINDOWS\system32\DRIVERS\pssnap.sys
22:07:51.0953 0x0fb4  pssnap - ok
22:07:52.0000 0x0fb4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:07:52.0000 0x0fb4  Ptilink - ok
22:07:52.0015 0x0fb4  [ FEFFCFDC528764A04C8ED63D5FA6E711, BECC9174DA5860FCF011957CB6A12DE5074A770DC14076C0C94E63AD42ECF19E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:07:52.0015 0x0fb4  PxHelp20 - ok
22:07:52.0015 0x0fb4  ql1080 - ok
22:07:52.0031 0x0fb4  Ql10wnt - ok
22:07:52.0031 0x0fb4  ql12160 - ok
22:07:52.0046 0x0fb4  ql1240 - ok
22:07:52.0062 0x0fb4  ql1280 - ok
22:07:52.0062 0x0fb4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:07:52.0062 0x0fb4  RasAcd - ok
22:07:52.0109 0x0fb4  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
22:07:52.0109 0x0fb4  RasAuto - ok
22:07:52.0156 0x0fb4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:07:52.0156 0x0fb4  Rasl2tp - ok
22:07:52.0234 0x0fb4  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
22:07:52.0250 0x0fb4  RasMan - ok
22:07:52.0265 0x0fb4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:07:52.0265 0x0fb4  RasPppoe - ok
22:07:52.0265 0x0fb4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
22:07:52.0281 0x0fb4  Raspti - ok
22:07:52.0343 0x0fb4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:07:52.0343 0x0fb4  Rdbss - ok
22:07:52.0359 0x0fb4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:07:52.0359 0x0fb4  RDPCDD - ok
22:07:52.0375 0x0fb4  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:07:52.0390 0x0fb4  rdpdr - ok
22:07:52.0453 0x0fb4  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
22:07:52.0468 0x0fb4  RDPWD - ok
22:07:52.0531 0x0fb4  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
22:07:52.0531 0x0fb4  RDSessMgr - ok
22:07:52.0546 0x0fb4  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
22:07:52.0562 0x0fb4  redbook - ok
22:07:52.0703 0x0fb4  [ 0CFDC52516D4B7AA41083BE498D64731, A847B220FC029330275654A616E80037D73A809C7CF2CED3D18EF4F28C3C6F93 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
22:07:52.0718 0x0fb4  ReflectService.exe - ok
22:07:52.0781 0x0fb4  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
22:07:52.0781 0x0fb4  RemoteAccess - ok
22:07:52.0812 0x0fb4  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
22:07:52.0828 0x0fb4  RemoteRegistry - ok
22:07:53.0062 0x0fb4  [ EBCDE8B48FADC6479D96A56D0A432160, 2F73D8656A929321D8B651FCFF55DFF5F90489CE9BEB7BB7DC3C7444D9A3C0FD ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
22:07:53.0093 0x0fb4  RoxMediaDB9 - ok
22:07:53.0109 0x0fb4  [ AB2B1DE1C8F31EFCE2384B14B3DC4260, 5E67354010A19726810C172775C39C9A9AD3AAE1EB09CF2C552473D75ABD01BD ] RoxWatch9       C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
22:07:53.0125 0x0fb4  RoxWatch9 - ok
22:07:53.0171 0x0fb4  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\System32\locator.exe
22:07:53.0187 0x0fb4  RpcLocator - ok
22:07:53.0265 0x0fb4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
22:07:53.0281 0x0fb4  RpcSs - ok
22:07:53.0343 0x0fb4  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\System32\rsvp.exe
22:07:53.0359 0x0fb4  RSVP - ok
22:07:53.0375 0x0fb4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
22:07:53.0375 0x0fb4  SamSs - ok
22:07:53.0437 0x0fb4  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:07:53.0437 0x0fb4  SASDIFSV - ok
22:07:53.0453 0x0fb4  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:07:53.0453 0x0fb4  SASKUTIL - ok
22:07:53.0468 0x0fb4  SBRE - ok
22:07:53.0484 0x0fb4  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
22:07:53.0500 0x0fb4  SCardSvr - ok
22:07:53.0562 0x0fb4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
22:07:53.0578 0x0fb4  Schedule - ok
22:07:53.0656 0x0fb4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:07:53.0656 0x0fb4  Secdrv - ok
22:07:53.0718 0x0fb4  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
22:07:53.0734 0x0fb4  seclogon - ok
22:07:53.0921 0x0fb4  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
22:07:53.0953 0x0fb4  Secunia PSI Agent - ok
22:07:54.0062 0x0fb4  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
22:07:54.0078 0x0fb4  Secunia Update Agent - ok
22:07:54.0125 0x0fb4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
22:07:54.0125 0x0fb4  SENS - ok
22:07:54.0187 0x0fb4  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
22:07:54.0203 0x0fb4  Serial - ok
22:07:54.0234 0x0fb4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
22:07:54.0234 0x0fb4  Sfloppy - ok
22:07:54.0312 0x0fb4  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
22:07:54.0328 0x0fb4  SharedAccess - ok
22:07:54.0343 0x0fb4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:07:54.0359 0x0fb4  ShellHWDetection - ok
22:07:54.0359 0x0fb4  Simbad - ok
22:07:54.0421 0x0fb4  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:07:54.0437 0x0fb4  SLIP - ok
22:07:54.0484 0x0fb4  [ 60C377BE6B3CC83F6A8584934B181D2E, 58F94CAD0149F634BE2F630A39561073F9399A904E3E3143C0D0BEC348A0C3B2 ] SNMP            C:\WINDOWS\System32\snmp.exe
22:07:54.0484 0x0fb4  SNMP - ok
22:07:54.0515 0x0fb4  [ 80A050795A107A76C2B1CD4CFBE010E6, DA5BFB0E8E990BE998F1ED5991CA3318A99E0F252669CE9FAE2EF67C535140B8 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
22:07:54.0531 0x0fb4  SNMPTRAP - ok
22:07:54.0531 0x0fb4  Sparrow - ok
22:07:54.0593 0x0fb4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
22:07:54.0593 0x0fb4  splitter - ok
22:07:54.0656 0x0fb4  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
22:07:54.0671 0x0fb4  Spooler - ok
22:07:54.0687 0x0fb4  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
22:07:54.0703 0x0fb4  sr - ok
22:07:54.0718 0x0fb4  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
22:07:54.0734 0x0fb4  srservice - ok
22:07:54.0812 0x0fb4  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
22:07:54.0828 0x0fb4  Srv - ok
22:07:54.0843 0x0fb4  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
22:07:54.0859 0x0fb4  SSDPSRV - ok
22:07:54.0968 0x0fb4  [ 8990440E4B2A7CA5A56A1833B03741FD, 55FE82DAE2D15D02AB12777045E2A3FE71560E53ECF1B1C03C25A603D5D90EBB ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
22:07:55.0000 0x0fb4  STHDA - ok
22:07:55.0093 0x0fb4  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
22:07:55.0109 0x0fb4  stisvc - ok
22:07:55.0171 0x0fb4  [ 51778FD315C9882F1CBD932743E62A72, 5127292970ABC2966723CC5535DD547C77AAC132AAA849BCBD90D0F00EDD08C0 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
22:07:55.0171 0x0fb4  stllssvr - ok
22:07:55.0203 0x0fb4  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:07:55.0203 0x0fb4  streamip - ok
22:07:55.0265 0x0fb4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
22:07:55.0265 0x0fb4  swenum - ok
22:07:55.0281 0x0fb4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
22:07:55.0296 0x0fb4  swmidi - ok
22:07:55.0296 0x0fb4  SwPrv - ok
22:07:55.0312 0x0fb4  symc810 - ok
22:07:55.0328 0x0fb4  symc8xx - ok
22:07:55.0328 0x0fb4  sym_hi - ok
22:07:55.0343 0x0fb4  sym_u3 - ok
22:07:55.0406 0x0fb4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
22:07:55.0406 0x0fb4  sysaudio - ok
22:07:55.0421 0x0fb4  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
22:07:55.0437 0x0fb4  SysmonLog - ok
22:07:55.0453 0x0fb4  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
22:07:55.0468 0x0fb4  TapiSrv - ok
22:07:55.0546 0x0fb4  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:07:55.0562 0x0fb4  Tcpip - ok
22:07:55.0640 0x0fb4  [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7, D084EFE07AC200672A1CE7BB8AE736612B3E353271188D26E29EC973E26E1F5F ] Tcpip6          C:\WINDOWS\system32\DRIVERS\tcpip6.sys
22:07:55.0656 0x0fb4  Tcpip6 - ok
22:07:55.0718 0x0fb4  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
22:07:55.0718 0x0fb4  TDPIPE - ok
22:07:55.0734 0x0fb4  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
22:07:55.0734 0x0fb4  TDTCP - ok
22:07:55.0765 0x0fb4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
22:07:55.0765 0x0fb4  TermDD - ok
22:07:55.0828 0x0fb4  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
22:07:55.0843 0x0fb4  TermService - ok
22:07:55.0875 0x0fb4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
22:07:55.0875 0x0fb4  Themes - ok
22:07:55.0937 0x0fb4  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\System32\tlntsvr.exe
22:07:55.0953 0x0fb4  TlntSvr - ok
22:07:55.0953 0x0fb4  TosIde - ok
22:07:56.0031 0x0fb4  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
22:07:56.0046 0x0fb4  TrkWks - ok
22:07:56.0109 0x0fb4  [ 8F861EDA21C05857EB8197300A92501C, 374FF9464F273610A051B9220C8D20F01FD4DD029095A7BE37244E20C5C8B5BB ] tunmp           C:\WINDOWS\system32\DRIVERS\tunmp.sys
22:07:56.0109 0x0fb4  tunmp - ok
22:07:56.0156 0x0fb4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
22:07:56.0171 0x0fb4  Udfs - ok
22:07:56.0171 0x0fb4  ultra - ok
22:07:56.0234 0x0fb4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
22:07:56.0250 0x0fb4  Update - ok
22:07:56.0312 0x0fb4  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
22:07:56.0312 0x0fb4  upnphost - ok
22:07:56.0343 0x0fb4  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
22:07:56.0343 0x0fb4  UPS - ok
22:07:56.0406 0x0fb4  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
22:07:56.0406 0x0fb4  usbaudio - ok
22:07:56.0484 0x0fb4  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:07:56.0484 0x0fb4  usbccgp - ok
22:07:56.0500 0x0fb4  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:07:56.0500 0x0fb4  usbehci - ok
22:07:56.0578 0x0fb4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:07:56.0578 0x0fb4  usbhub - ok
22:07:56.0656 0x0fb4  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:07:56.0656 0x0fb4  usbohci - ok
22:07:56.0671 0x0fb4  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:07:56.0671 0x0fb4  usbprint - ok
22:07:56.0734 0x0fb4  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:07:56.0734 0x0fb4  usbscan - ok
22:07:56.0796 0x0fb4  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:07:56.0796 0x0fb4  USBSTOR - ok
22:07:56.0859 0x0fb4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
22:07:56.0859 0x0fb4  VgaSave - ok
22:07:56.0875 0x0fb4  ViaIde - ok
22:07:56.0875 0x0fb4  vmci - ok
22:07:56.0890 0x0fb4  VMnetAdapter - ok
22:07:56.0906 0x0fb4  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
22:07:56.0906 0x0fb4  VolSnap - ok
22:07:57.0031 0x0fb4  [ DE7F39BAF812EC0A3798AE3D11E3B325, 7ACE090FAA1F2166502484D1E18249EF18ADCC7D911D05BEF39B19B5EA5C8539 ] Vsdatant        C:\WINDOWS\system32\vsdatant.sys
22:07:57.0046 0x0fb4  Vsdatant - ok
22:07:57.0421 0x0fb4  [ 6EC82ABF455C24FAA09117402F44D88B, A4B94DDCB7212933C0896C97FFDEFBD78B1E2AAA33FD6F507128223C11F1FEE0 ] vsmon           C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
22:07:57.0515 0x0fb4  vsmon - ok
22:07:57.0593 0x0fb4  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
22:07:57.0609 0x0fb4  VSS - ok
22:07:57.0640 0x0fb4  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
22:07:57.0656 0x0fb4  W32Time - ok
22:07:57.0671 0x0fb4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:07:57.0671 0x0fb4  Wanarp - ok
22:07:57.0750 0x0fb4  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
22:07:57.0765 0x0fb4  Wdf01000 - ok
22:07:57.0781 0x0fb4  WDICA - ok
22:07:57.0796 0x0fb4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
22:07:57.0796 0x0fb4  wdmaud - ok
22:07:57.0875 0x0fb4  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
22:07:57.0875 0x0fb4  WebClient - ok
22:07:57.0937 0x0fb4  [ 05FB36A51E04A6C6B3A5F125FA692E6B, 2EC85CEA38C19CB8FF369565074A6A261804AAE016337AB193943162AE270D2D ] WIMMount        C:\Program Files\Macrium\Reflect\wimmount.sys
22:07:57.0937 0x0fb4  WIMMount - ok
22:07:57.0984 0x0fb4  [ F59ED5A43B988A18EF582BB07B2327A7, E870821C9C4E31D3B05049FBA5D81358F9C30E6A67F600D4EA3A5736CA344028 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:07:58.0015 0x0fb4  winachsf - ok
22:07:58.0140 0x0fb4  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
22:07:58.0156 0x0fb4  winmgmt - ok
22:07:58.0218 0x0fb4  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
22:07:58.0218 0x0fb4  WmdmPmSN - ok
22:07:58.0312 0x0fb4  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
22:07:58.0328 0x0fb4  Wmi - ok
22:07:58.0359 0x0fb4  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
22:07:58.0375 0x0fb4  WmiApSrv - ok
22:07:58.0500 0x0fb4  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
22:07:58.0531 0x0fb4  WMPNetworkSvc - ok
22:07:58.0687 0x0fb4  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:07:58.0703 0x0fb4  WPFFontCache_v0400 - ok
22:07:58.0765 0x0fb4  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:07:58.0765 0x0fb4  WS2IFSL - ok
22:07:58.0828 0x0fb4  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
22:07:58.0843 0x0fb4  wscsvc - ok
22:07:58.0906 0x0fb4  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:07:58.0906 0x0fb4  WSTCODEC - ok
22:07:58.0968 0x0fb4  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
22:07:58.0984 0x0fb4  wuauserv - ok
22:07:59.0046 0x0fb4  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:07:59.0062 0x0fb4  WudfPf - ok
22:07:59.0078 0x0fb4  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:07:59.0078 0x0fb4  WudfRd - ok
22:07:59.0125 0x0fb4  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
22:07:59.0140 0x0fb4  WudfSvc - ok
22:07:59.0218 0x0fb4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
22:07:59.0234 0x0fb4  WZCSVC - ok
22:07:59.0265 0x0fb4  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
22:07:59.0281 0x0fb4  xmlprov - ok
22:07:59.0343 0x0fb4  [ 44C7B5504CC17733BF7E824307C7E1C7, E00854C6961CC30A5F1DE5E14A37A705B2BA1D86411370C639C5E5309AB3DB24 ] ZAPrivacyService C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
22:07:59.0343 0x0fb4  ZAPrivacyService - ok
22:07:59.0359 0x0fb4  ================ Scan global ===============================
22:07:59.0421 0x0fb4  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
22:07:59.0500 0x0fb4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
22:07:59.0531 0x0fb4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
22:07:59.0562 0x0fb4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
22:07:59.0578 0x0fb4  [ Global ] - ok
22:07:59.0578 0x0fb4  ================ Scan MBR ==================================
22:07:59.0609 0x0fb4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
22:07:59.0812 0x0fb4  \Device\Harddisk0\DR0 - ok
22:07:59.0812 0x0fb4  ================ Scan VBR ==================================
22:07:59.0812 0x0fb4  [ 734D10CEAB63357B7C6D5E88F9A97AD3 ] \Device\Harddisk0\DR0\Partition1
22:07:59.0843 0x0fb4  \Device\Harddisk0\DR0\Partition1 - ok
22:07:59.0843 0x0fb4  Waiting for KSN requests completion. In queue: 225
22:08:00.0843 0x0fb4  Waiting for KSN requests completion. In queue: 225
22:08:01.0843 0x0fb4  Waiting for KSN requests completion. In queue: 225
22:08:02.0843 0x0fb4  Waiting for KSN requests completion. In queue: 225
22:08:03.0875 0x0fb4  AV detected via SS1: avast! Antivirus, 5.0.150996962, disabled, updated
22:08:03.0875 0x0fb4  FW detected via SS1: ZoneAlarm Free Firewall Firewall, 13.1.211.0, enabled
22:08:06.0390 0x0fb4  ============================================================
22:08:06.0390 0x0fb4  Scan finished
22:08:06.0390 0x0fb4  ============================================================
22:08:06.0406 0x0a38  Detected object count: 0
22:08:06.0406 0x0a38  Actual detected object count: 0

 

Malwarebytes anti-malware:

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/6/2014
Scan Time: 10:33:50 PM
Logfile: malwarebytes for bleeping computer.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.07.01
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Baila Admin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 355195
Time Elapsed: 25 min, 5 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



 



#4 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,589 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:01 AM

Posted 06 May 2014 - 11:51 PM

And I don't think Zonealarm is doing anything either....Uninstall it. Reactivate Windows Firewall.

 

I think you need to uninstall and reinstall Avast.

  1. Download avastclear.exe on your desktop
  2. Start Windows in Safe Mode
  3. Open (execute) the uninstall utility
  4. If you installed avast! in a different folder than the default, browse for it. (Note: Be careful! The content of any folder you choose will be deleted!)
  5. Click REMOVE
  6. Restart your computer

Reinstall Avast.

 

 

 

 

Download AdwCleaner  by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
• Vista / Windows 7 / 8 users right-click and select Run As Administrator
• Click on the Scan button. (only once[/I])
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• When it's done you'll see: Pending: Uncheck any elements you don't want removed.
• Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• Look over the log especially under Files/Folders for any program you want to save.
• If there's a program you want to save, just uncheck it from AdwCleaner.
• If you're not sure, post the log for review.
• If you're ready to clean it all up.....click the Clean button.(only once)

Note you will be asked to click OK and confirm with OK to reboot.
• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
• Copy and paste the contents of that logfile in your next reply.

• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
• Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
• To restore an item that has been deleted (if necessary):
• Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

 

Please download  Junkware Removal Tool to your desktop.

    Shut down your protection software now to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    Post the contents of JRT.txt into your next message.


Condobloke

Outback Australian  

 

fed up with Windows antics...??

 

LINUX IS THE ANSWER

 

I USE LINUX MINT 18.3  EXCLUSIVELY.

 Failure is not an option. It comes bundled with your Microsoft product.

 

Success is not Final, Failure is not Fatal,

 

It is the Courage to Continue that Counts.

W.C. 4th June 1940

 

 

 


#5 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 11,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:03:01 AM

Posted 07 May 2014 - 12:18 AM

 

. (I tried to create an bootable Ubuntu trial disk at a friend's pc, in order to use the web that way, but unfortunately, my dvd player couldn't fully read the dvd-rom.)

After you are finished here, If you need help with linux please start a new thread in the linux section.

http://www.bleepingcomputer.com/forums/f/11/linux-unix/



#6 Alyab123

Alyab123
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 AM

Posted 07 May 2014 - 02:14 AM

uh, condobloke - thank you so much for your help. Only thing is, I already uninstalled zonealarm and I am actually in the middle of re-installing it!... I figured if it's not working right, maybe it needs reinstallation.  first, I searched my computer for every bit of file with a ZA designation, the word zone, and checkpoint, and got rid of anything I found.

 

I have to shut down the PC to finish zonealarm reinstallation. After that, only time will tell if I can connect to the web or not. If not, I guess I will in fact uninstall it again. I'll have to fall back on Windows firewall, which is not going to help me much considering that it's part of my xp, and will not get any security updates.

 

Do you still think I should uninstall and reinstall AVAST?

 

Something rogue in my pc is disabling it again and again. And there's still that matter of the folder that opens by itself when I log in! I don't know what is making that happen. I haven't found any genuine virus or other malware so far with malwarebytes, AVAST (ran on boot up), Super Anti Spyware, or Emisoft Emergency Kit scanner. I will follow your previous instructions, after I log off and on again, and see what happens with zonealarm. I installed it with its "own" settings, instead of trying to customize it. I am clueless about whether to make the first ip address it detects as public or trust.

 

There may be a conflict, because I use K9 filter, and I think any site I go to is routed through that. The last installation didn't have a problem, but that might be because Zonealarm wasn't doing anything anyway.



#7 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,589 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:01 AM

Posted 07 May 2014 - 02:25 AM

Use this to ensure a clean uninstall..

 

http://www.bleepingcomputer.com/download/zonealarm-uninstall-tool/dl/58/

 

I will post again after my evening meal

....and Yes.....i do think you should uninstall and reinstall avast.....us the uninstaller tool I supplied a link for.


Edited by Condobloke, 07 May 2014 - 02:47 AM.

Condobloke

Outback Australian  

 

fed up with Windows antics...??

 

LINUX IS THE ANSWER

 

I USE LINUX MINT 18.3  EXCLUSIVELY.

 Failure is not an option. It comes bundled with your Microsoft product.

 

Success is not Final, Failure is not Fatal,

 

It is the Courage to Continue that Counts.

W.C. 4th June 1940

 

 

 


#8 Alyab123

Alyab123
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 AM

Posted 07 May 2014 - 02:25 AM

... one more thing, I had downloaded clam av onto a flashdrive too, and that is running too! so I don't want to restart the pc until that is finished. I wish I knew if the pc needs to be connected to the web while clam av runs. It is definitely finding stuff that the others didn't find.

It just said it found C: Dell\drivers\$133281\IDE\WinXP\sataraid\nvraid.sys:Win.Trojan.Agent-145770 Found.

Plus there are a bunch of files that it says it cant open: permission is denied.

 

I want to wait for that to finish running, and then I will proceed. It's going to take a while. After I post this I will probably disable my internet connection, while the program scans. Do you want me to post the log? or do you just want me to go ahead with adwcleaner and JRT? Incidentally I ran adwcleaner when all of this started, back on Thursday...



#9 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,589 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:01 AM

Posted 07 May 2014 - 02:49 AM

I think you have more issues than we are seeing here, and would you recommend you post in the Malware Removal Area...

 

Please Fully read and follow the instructions in the Preparation Guide For Requesting Help starting at Step #6.

    Note :If you are unable to complete any step, still post the topic and leave a full description of your problems.

    

    When you have done that, start a new topic and post the required logs to
  Virus, Trojan, Spyware, and Malware Removal Logs forum forum, NOT Here, for assistance by the Malware Response Team Experts.

    

    Please Use Copy / Paste for your responses, and Do Not Attach them unless your helper requests this.

    

    If HelpBot responds to your topic, please follow his Step #1 so the team will be notified.

    

    After doing this, please reply back in this thread with a link to the new topic so we can close this one.


Condobloke

Outback Australian  

 

fed up with Windows antics...??

 

LINUX IS THE ANSWER

 

I USE LINUX MINT 18.3  EXCLUSIVELY.

 Failure is not an option. It comes bundled with your Microsoft product.

 

Success is not Final, Failure is not Fatal,

 

It is the Courage to Continue that Counts.

W.C. 4th June 1940

 

 

 


#10 Alyab123

Alyab123
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 AM

Posted 07 May 2014 - 02:55 AM

I did use that zone-alarm uninstall tool already during my last uninstall of ZoneAlarm. I found it on bleeping computer when I was searching for a recommendation of an alternative personal firewall. It still left remnants of .ini files, and logs on my pc, which I "hand" deleted, so that the previous settings were not being saved anywhere. Of course if it blocks my web access I will definitely uninstall it. But if it does not block access, if you still think I should uninstall it, then I will.

 

Again, do you still think I should uninstall & reinstall AVAST, or should I wait and see what ClamAV finds?

 

A windows box just opened saying that "some unexpected errors have happened to software you recently used. You were not asked to send these reports at the time they occured". And there's a list of 26 errors that occured from 2:54:41 AM through 3:24:54 AM. They are all "application errors for ZAPrivacy Service" which was during the ZoneAlarm installation I was just doing.



#11 Alyab123

Alyab123
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 AM

Posted 07 May 2014 - 02:58 AM

OK, our posts just crossed. I will move into that forum, and follow your instructions. Thank you so much for all your time and help. I really appreciate it!

the problem seemed to keep changing - I didn't mean to waste your time.



#12 Alyab123

Alyab123
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 AM

Posted 07 May 2014 - 03:11 AM

 

 

. (I tried to create an bootable Ubuntu trial disk at a friend's pc, in order to use the web that way, but unfortunately, my dvd player couldn't fully read the dvd-rom.)

After you are finished here, If you need help with linux please start a new thread in the linux section.

http://www.bleepingcomputer.com/forums/f/11/linux-unix/

 

Thank you for that suggestion. I appreciate your taking the time to respond!



#13 Alyab123

Alyab123
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 AM

Posted 08 May 2014 - 01:05 AM

Maybe you can answer this:

The instructions say to make a backup of my system first.

I do not currently have a backup.

If I make a backup image, it will include the virus!

What good would that be??



#14 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,589 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:01 AM

Posted 08 May 2014 - 02:21 AM

THIS  makes good sense.

 

Regards,


Condobloke

Outback Australian  

 

fed up with Windows antics...??

 

LINUX IS THE ANSWER

 

I USE LINUX MINT 18.3  EXCLUSIVELY.

 Failure is not an option. It comes bundled with your Microsoft product.

 

Success is not Final, Failure is not Fatal,

 

It is the Courage to Continue that Counts.

W.C. 4th June 1940

 

 

 


#15 Alyab123

Alyab123
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 AM

Posted 08 May 2014 - 03:31 AM

thanks for that link. I was going to use macrium reflect, which i believe will create a complete disk image in case of emergency. I don't think I can pick and choose what to restore. I don't think I would know anyway. So what are my options? I have about  30 gb used and a 32 gb stick.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users