c:\Windows\svchost.exe (Trojan.Agent)

[siu]

• DDS.txt
  
• Attach.txt
  

the files are below, thank you for helping out

[siu]

.

DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_26

Run by Kaleb at 19:24:23 on 2012-01-30

Microsoft Windows 7 Home Premium 6.1.7600.0.932.81.1033.18.6125.4408 [GMT -8:00]

.

AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: STOPzilla Anti-Spyware *Enabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}

SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Explorer.EXE

C:\Windows\system32\ctfmon.exe

-netsvcs

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

uInternet Settings,ProxyOverride = 127.0.0.1:9421

mWinlogon: Userinit=c:\windows\syswow64\userinit.exe,

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay

uRun: [AdobeBridge]

uRun: [Akamai NetSession Interface] "C:\Users\Kaleb\AppData\Local\Akamai\netsession_win.exe"

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

mRun: [sHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{1B5E2928-3CE9-4218-B31A-B947B4325E55} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{6D5DBCC2-59C7-4DBE-B5C0-326033B78CF9} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{6D5DBCC2-59C7-4DBE-B5C0-326033B78CF9}\146716471627 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{6D5DBCC2-59C7-4DBE-B5C0-326033B78CF9}\1496272344164716 : DhcpNameServer = 192.168.100.1

TCP: Interfaces\{6D5DBCC2-59C7-4DBE-B5C0-326033B78CF9}\6596F6C65647374557265637D27657563747 : DhcpNameServer = 192.168.7.254

TCP: Interfaces\{6D5DBCC2-59C7-4DBE-B5C0-326033B78CF9}\95F67696E4564777F627B6 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{6D5DBCC2-59C7-4DBE-B5C0-326033B78CF9}\D494B45454C46413 : DhcpNameServer = 192.168.2.1

BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO-X64: HP Print Enhancer - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll

BHO-X64: Symantec NCO BHO - No File

BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL

BHO-X64: Symantec Intrusion Prevention - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

BHO-X64: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

BHO-X64: HP Smart BHO Class - No File

TB-X64: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun-x64: [(Default)]

mRun-x64: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"

mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

mRun-x64: [sHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Kaleb\AppData\Roaming\Mozilla\Firefox\Profiles\vey3cn9p.default\

FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll

FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.93\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]

R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]

R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]

R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\drivers\nusb3hub.sys --> C:\Windows\system32\drivers\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\nusb3xhc.sys --> C:\Windows\system32\drivers\nusb3xhc.sys [?]

R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120121.002\BHDrvx64.sys [2012-1-21 1157240]

S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120128.002\IDSviA64.sys [2012-1-30 488568]

S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

S1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [?]

S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS [?]

S2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]

S2 DMAgent;IntelR PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-10 136176]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-29 13336]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-30 652872]

S2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-11-9 130008]

S2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2011-8-13 49152]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-6-1 367456]

S2 regi;regi;\??\C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?]

S2 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-20 108400]

S2 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280]

S2 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-20 67952]

S2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

S2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-5-21 134928]

S2 UCManSvc;UCManSvc;C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [2010-3-12 241808]

S2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-8-10 575856]

S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-6-17 851824]

S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-6-9 537456]

S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-6-9 384880]

S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-8-10 836608]

S2 WiMAXAppSrv;IntelR PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872]

S3 bpenum;bpenum;C:\Windows\system32\DRIVERS\bpenum.sys --> C:\Windows\system32\DRIVERS\bpenum.sys [?]

S3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\system32\DRIVERS\bpmp.sys --> C:\Windows\system32\DRIVERS\bpmp.sys [?]

S3 bpusb;bpusb;C:\Windows\system32\Drivers\bpusb.sys --> C:\Windows\system32\Drivers\bpusb.sys [?]

S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-1-9 138360]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-10 136176]

S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]

S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-6-6 304496]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-6-9 101232]

S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-8-10 1250160]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-8-10 252416]

.

=============== Created Last 30 ================

.

2012-01-31 02:48:46 20480 ----a-w- C:\Windows\svchost.exe

2012-01-30 08:05:24 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-01-30 08:04:20 -------- d-----w- C:\ProgramData\SUPERSetup

2012-01-29 19:05:12 -------- d-----w- C:\Users\Kaleb\AppData\Roaming\Malwarebytes

2012-01-29 19:05:07 -------- d-----w- C:\ProgramData\Malwarebytes

2012-01-29 19:05:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-01-29 18:57:17 -------- d-----w- C:\Users\Kaleb\AppData\Roaming\SUPERAntiSpyware.com

2012-01-29 18:57:01 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

2012-01-29 18:57:01 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2012-01-29 18:44:49 -------- d--h--w- C:\ProgramData\Common Files

2012-01-29 18:44:26 -------- d-----w- C:\ProgramData\MFAData

2012-01-29 05:26:36 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\80DD.tmp

2012-01-29 05:26:36 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\80DC.tmp

2012-01-14 02:47:50 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll

2012-01-14 02:47:50 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll

2012-01-14 02:47:50 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll

2012-01-14 02:47:50 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll

2012-01-02 09:20:26 -------- d-sh--w- C:\found.000

.

==================== Find3M ====================

.

2011-11-24 05:00:47 3141632 ----a-w- C:\Windows\System32\win32k.sys

2011-11-20 08:00:10 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-19 15:07:41 77312 ----a-w- C:\Windows\System32\packager.dll

2011-11-19 14:06:13 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2011-11-17 07:17:03 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2011-11-17 07:17:02 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2011-11-17 07:15:08 460296 ----a-w- C:\Windows\System32\drivers\cng.sys

2011-11-17 07:14:10 1739160 ----a-w- C:\Windows\System32\ntdll.dll

2011-11-17 07:12:02 395776 ----a-w- C:\Windows\System32\webio.dll

2011-11-17 07:11:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll

2011-11-17 07:11:33 136192 ----a-w- C:\Windows\System32\sspicli.dll

2011-11-17 07:11:02 28160 ----a-w- C:\Windows\System32\secur32.dll

2011-11-17 07:10:58 340992 ----a-w- C:\Windows\System32\schannel.dll

2011-11-17 07:08:18 1446912 ----a-w- C:\Windows\System32\lsasrv.dll

2011-11-17 07:05:16 31232 ----a-w- C:\Windows\System32\lsass.exe

2011-11-17 05:41:38 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll

2011-11-17 05:39:28 314368 ----a-w- C:\Windows\SysWow64\webio.dll

2011-11-17 05:39:21 224768 ----a-w- C:\Windows\SysWow64\schannel.dll

2011-11-17 05:39:21 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2011-11-17 05:35:13 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2011-11-10 02:08:59 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2011-11-05 08:47:42 546256 ----a-r- C:\Windows\SysWow64\SZComp5.dll

2011-11-05 08:47:42 480720 ----a-r- C:\Windows\SysWow64\SZBase5.dll

2011-11-05 08:47:42 22992 ----a-r- C:\Windows\SysWow64\SZIO5.dll

2011-11-05 08:47:42 132560 ----a-r- C:\Windows\SysWow64\IS3HTUI5.dll

2011-11-05 08:47:40 99792 ----a-r- C:\Windows\SysWow64\IS3Svc5.dll

2011-11-05 08:47:40 738768 ----a-r- C:\Windows\SysWow64\IS3Base5.dll

2011-11-05 08:47:40 67024 ----a-r- C:\Windows\SysWow64\IS3Hks5.dll

2011-11-05 08:47:40 456144 ----a-r- C:\Windows\SysWow64\IS3DBA5.dll

2011-11-05 08:47:40 390608 ----a-r- C:\Windows\SysWow64\IS3UI5.dll

2011-11-05 08:47:40 28624 ----a-r- C:\Windows\SysWow64\IS3XDat5.dll

2011-11-05 08:47:40 230864 ----a-r- C:\Windows\SysWow64\IS3Win325.dll

2011-11-05 08:47:40 103888 ----a-r- C:\Windows\SysWow64\IS3Inet5.dll

2011-11-05 05:26:29 1197568 ----a-w- C:\Windows\System32\wininet.dll

2011-11-05 05:23:10 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2011-11-05 05:17:42 2048 ----a-w- C:\Windows\System32\tzres.dll

2011-11-05 04:35:50 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-11-05 04:34:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2011-11-05 04:30:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2011-11-05 04:07:32 482816 ----a-w- C:\Windows\System32\html.iec

2011-11-05 03:28:41 386048 ----a-w- C:\Windows\SysWow64\html.iec

2011-11-05 03:25:44 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-11-05 02:55:38 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2006-05-03 19:06:54 163328 --sh--r- C:\Windows\SysWOW64\flvDX.dll

2007-02-21 20:47:16 31232 --sh--r- C:\Windows\SysWOW64\msfDX.dll

2008-03-16 22:30:52 216064 --sh--r- C:\Windows\SysWOW64\nbDX.dll

.

============= FINISH: 19:24:48.97 ===============

[siu]

When I try to delete svchost.exe (Trojan.Agent)with malwarebytes, whenever my computer restarts this trojan comes back causing my computer to have blue screen. Right now I can only be on safe mode with-out having having this trojan blue screen my computer. I was wondering when should I recieve a reply?

[siu]

Is anyone free to help me?

[LDTate]

Logs will be closed if you haven't replied within 3 days Please don't attach the scans / logs from these scans, use "copy/paste".

Sorry about the delay in responding We look for post with 0 replies, so when you replied to your own topic, we assumed you were being helped.

Next:

Download TDSSKiller from here and save it to your Desktop.

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
   
   
2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
   
   
3. Click the Start Scan button.
   
   
4. If a suspicious object is detected, the default action will be Skip, click on Continue.
   
   
5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
   
6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
   
   

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

[siu]

06:16:49.0115 1252 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49

06:16:49.0583 1252 ============================================================

06:16:49.0583 1252 Current date / time: 2012/02/04 06:16:49.0583

06:16:49.0583 1252 SystemInfo:

06:16:49.0583 1252

06:16:49.0583 1252 OS Version: 6.1.7600 ServicePack: 0.0

06:16:49.0583 1252 Product type: Workstation

06:16:49.0583 1252 ComputerName: KALEB-VAIO

06:16:49.0583 1252 UserName: Kaleb

06:16:49.0583 1252 Windows directory: C:\Windows

06:16:49.0583 1252 System windows directory: C:\Windows

06:16:49.0583 1252 Running under WOW64

06:16:49.0583 1252 Processor architecture: Intel x64

06:16:49.0583 1252 Number of processors: 8

06:16:49.0583 1252 Page size: 0x1000

06:16:49.0583 1252 Boot type: Safe boot with network

06:16:49.0583 1252 ============================================================

06:16:50.0145 1252 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

06:16:50.0160 1252 \Device\Harddisk0\DR0:

06:16:50.0160 1252 MBR used

06:16:50.0160 1252 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1416000, BlocksNum 0x32000

06:16:50.0160 1252 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1448000, BlocksNum 0x4940FAB0

06:16:50.0192 1252 Initialize success

06:16:50.0192 1252 ============================================================

06:17:23.0888 1296 ============================================================

06:17:23.0888 1296 Scan started

06:17:23.0888 1296 Mode: Manual; SigCheck; TDLFS;

06:17:23.0888 1296 ============================================================

06:17:24.0933 1296 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys

06:17:25.0042 1296 1394ohci - ok

06:17:25.0151 1296 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys

06:17:25.0167 1296 ACPI - ok

06:17:25.0214 1296 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys

06:17:25.0323 1296 AcpiPmi - ok

06:17:25.0463 1296 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

06:17:25.0479 1296 adp94xx - ok

06:17:25.0526 1296 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

06:17:25.0541 1296 adpahci - ok

06:17:25.0573 1296 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

06:17:25.0588 1296 adpu320 - ok

06:17:25.0635 1296 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

06:17:25.0697 1296 AFD - ok

06:17:25.0729 1296 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

06:17:25.0744 1296 agp440 - ok

06:17:25.0822 1296 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

06:17:25.0838 1296 aliide - ok

06:17:25.0900 1296 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

06:17:25.0900 1296 amdide - ok

06:17:25.0931 1296 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

06:17:25.0963 1296 AmdK8 - ok

06:17:26.0009 1296 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

06:17:26.0056 1296 AmdPPM - ok

06:17:26.0119 1296 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\drivers\amdsata.sys

06:17:26.0134 1296 amdsata - ok

06:17:26.0181 1296 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

06:17:26.0197 1296 amdsbs - ok

06:17:26.0212 1296 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\drivers\amdxata.sys

06:17:26.0228 1296 amdxata - ok

06:17:26.0275 1296 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys

06:17:26.0306 1296 ApfiltrService - ok

06:17:26.0337 1296 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

06:17:26.0462 1296 AppID - ok

06:17:26.0555 1296 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

06:17:26.0555 1296 arc - ok

06:17:26.0587 1296 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

06:17:26.0602 1296 arcsas - ok

06:17:26.0649 1296 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

06:17:26.0758 1296 AsyncMac - ok

06:17:26.0852 1296 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

06:17:26.0867 1296 atapi - ok

06:17:26.0930 1296 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys

06:17:27.0023 1296 athr - ok

06:17:27.0179 1296 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

06:17:27.0257 1296 b06bdrv - ok

06:17:27.0273 1296 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

06:17:27.0320 1296 b57nd60a - ok

06:17:27.0382 1296 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

06:17:27.0429 1296 Beep - ok

06:17:27.0647 1296 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120121.002\BHDrvx64.sys

06:17:27.0679 1296 BHDrvx64 - ok

06:17:27.0772 1296 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys

06:17:27.0803 1296 blbdrive - ok

06:17:27.0850 1296 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

06:17:27.0897 1296 bowser - ok

06:17:27.0928 1296 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\Windows\system32\DRIVERS\bpenum.sys

06:17:27.0975 1296 bpenum - ok

06:17:28.0006 1296 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\Windows\system32\DRIVERS\bpmp.sys

06:17:28.0037 1296 bpmp - ok

06:17:28.0053 1296 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\Windows\system32\Drivers\bpusb.sys

06:17:28.0084 1296 bpusb - ok

06:17:28.0115 1296 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

06:17:28.0147 1296 BrFiltLo - ok

06:17:28.0162 1296 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

06:17:28.0178 1296 BrFiltUp - ok

06:17:28.0209 1296 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

06:17:28.0256 1296 Brserid - ok

06:17:28.0287 1296 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

06:17:28.0318 1296 BrSerWdm - ok

06:17:28.0349 1296 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

06:17:28.0396 1296 BrUsbMdm - ok

06:17:28.0443 1296 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

06:17:28.0474 1296 BrUsbSer - ok

06:17:28.0552 1296 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

06:17:28.0583 1296 BthEnum - ok

06:17:28.0615 1296 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

06:17:28.0630 1296 BTHMODEM - ok

06:17:28.0677 1296 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

06:17:28.0708 1296 BthPan - ok

06:17:28.0755 1296 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys

06:17:28.0786 1296 BTHPORT - ok

06:17:28.0817 1296 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys

06:17:28.0849 1296 BTHUSB - ok

06:17:28.0880 1296 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys

06:17:28.0895 1296 btwampfl - ok

06:17:28.0927 1296 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys

06:17:28.0927 1296 btwaudio - ok

06:17:28.0973 1296 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\DRIVERS\btwavdt.sys

06:17:28.0973 1296 btwavdt - ok

06:17:28.0989 1296 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

06:17:29.0005 1296 btwl2cap - ok

06:17:29.0036 1296 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys

06:17:29.0036 1296 btwrchid - ok

06:17:29.0051 1296 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

06:17:29.0114 1296 cdfs - ok

06:17:29.0145 1296 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

06:17:29.0161 1296 cdrom - ok

06:17:29.0207 1296 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

06:17:29.0239 1296 circlass - ok

06:17:29.0270 1296 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

06:17:29.0285 1296 CLFS - ok

06:17:29.0317 1296 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

06:17:29.0332 1296 CmBatt - ok

06:17:29.0379 1296 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

06:17:29.0379 1296 cmdide - ok

06:17:29.0441 1296 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

06:17:29.0488 1296 CNG - ok

06:17:29.0519 1296 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

06:17:29.0535 1296 Compbatt - ok

06:17:29.0551 1296 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys

06:17:29.0582 1296 CompositeBus - ok

06:17:29.0613 1296 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

06:17:29.0629 1296 crcdisk - ok

06:17:29.0691 1296 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

06:17:29.0738 1296 DfsC - ok

06:17:29.0769 1296 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

06:17:29.0831 1296 discache - ok

06:17:29.0863 1296 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

06:17:29.0878 1296 Disk - ok

06:17:29.0894 1296 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

06:17:29.0925 1296 drmkaud - ok

06:17:29.0972 1296 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys

06:17:29.0987 1296 DXGKrnl - ok

06:17:30.0097 1296 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

06:17:30.0159 1296 ebdrv - ok

06:17:30.0253 1296 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

06:17:30.0253 1296 eeCtrl - ok

06:17:30.0377 1296 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

06:17:30.0393 1296 elxstor - ok

06:17:30.0502 1296 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

06:17:30.0518 1296 EraserUtilRebootDrv - ok

06:17:30.0643 1296 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

06:17:30.0674 1296 ErrDev - ok

06:17:30.0736 1296 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

06:17:30.0783 1296 exfat - ok

06:17:30.0814 1296 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

06:17:30.0861 1296 fastfat - ok

06:17:30.0908 1296 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

06:17:30.0939 1296 fdc - ok

06:17:30.0970 1296 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

06:17:30.0970 1296 FileInfo - ok

06:17:31.0017 1296 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

06:17:31.0079 1296 Filetrace - ok

06:17:31.0126 1296 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

06:17:31.0157 1296 flpydisk - ok

06:17:31.0189 1296 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

06:17:31.0204 1296 FltMgr - ok

06:17:31.0220 1296 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

06:17:31.0220 1296 FsDepends - ok

06:17:31.0235 1296 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

06:17:31.0251 1296 Fs_Rec - ok

06:17:31.0251 1296 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys

06:17:31.0267 1296 fvevol - ok

06:17:31.0298 1296 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

06:17:31.0313 1296 gagp30kx - ok

06:17:31.0345 1296 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

06:17:31.0345 1296 GEARAspiWDM - ok

06:17:31.0376 1296 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

06:17:31.0407 1296 hcw85cir - ok

06:17:31.0438 1296 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

06:17:31.0469 1296 HdAudAddService - ok

06:17:31.0501 1296 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys

06:17:31.0532 1296 HDAudBus - ok

06:17:31.0579 1296 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

06:17:31.0594 1296 HidBatt - ok

06:17:31.0610 1296 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

06:17:31.0641 1296 HidBth - ok

06:17:31.0672 1296 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

06:17:31.0688 1296 HidIr - ok

06:17:31.0735 1296 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

06:17:31.0766 1296 HidUsb - ok

06:17:31.0813 1296 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys

06:17:31.0828 1296 HpSAMD - ok

06:17:31.0859 1296 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

06:17:31.0906 1296 HTTP - ok

06:17:31.0922 1296 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

06:17:31.0922 1296 hwpolicy - ok

06:17:31.0953 1296 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

06:17:31.0969 1296 i8042prt - ok

06:17:31.0984 1296 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys

06:17:32.0000 1296 iaStor - ok

06:17:32.0047 1296 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\drivers\iaStorV.sys

06:17:32.0062 1296 iaStorV - ok

06:17:32.0296 1296 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120201.002\IDSvia64.sys

06:17:32.0312 1296 IDSVia64 - ok

06:17:32.0421 1296 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

06:17:32.0437 1296 iirsp - ok

06:17:32.0452 1296 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys

06:17:32.0499 1296 Impcd - ok

06:17:32.0593 1296 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys

06:17:32.0639 1296 IntcAzAudAddService - ok

06:17:32.0749 1296 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

06:17:32.0749 1296 intelide - ok

06:17:32.0780 1296 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys

06:17:32.0811 1296 intelppm - ok

06:17:32.0827 1296 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

06:17:32.0858 1296 IpFilterDriver - ok

06:17:32.0889 1296 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys

06:17:32.0920 1296 IPMIDRV - ok

06:17:33.0014 1296 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

06:17:33.0076 1296 IPNAT - ok

06:17:33.0092 1296 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

06:17:33.0123 1296 IRENUM - ok

06:17:33.0170 1296 is3srv - ok

06:17:33.0201 1296 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

06:17:33.0201 1296 isapnp - ok

06:17:33.0263 1296 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys

06:17:33.0279 1296 iScsiPrt - ok

06:17:33.0295 1296 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

06:17:33.0310 1296 kbdclass - ok

06:17:33.0341 1296 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

06:17:33.0373 1296 kbdhid - ok

06:17:33.0404 1296 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

06:17:33.0404 1296 KSecDD - ok

06:17:33.0451 1296 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

06:17:33.0466 1296 KSecPkg - ok

06:17:33.0482 1296 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

06:17:33.0529 1296 ksthunk - ok

06:17:33.0560 1296 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

06:17:33.0622 1296 lltdio - ok

06:17:33.0653 1296 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

06:17:33.0669 1296 LSI_FC - ok

06:17:33.0685 1296 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

06:17:33.0700 1296 LSI_SAS - ok

06:17:33.0731 1296 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

06:17:33.0731 1296 LSI_SAS2 - ok

06:17:33.0763 1296 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

06:17:33.0778 1296 LSI_SCSI - ok

06:17:33.0794 1296 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

06:17:33.0841 1296 luafv - ok

06:17:33.0919 1296 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

06:17:33.0919 1296 MBAMProtector - ok

06:17:33.0981 1296 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

06:17:33.0981 1296 megasas - ok

06:17:34.0012 1296 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

06:17:34.0028 1296 MegaSR - ok

06:17:34.0059 1296 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

06:17:34.0121 1296 Modem - ok

06:17:34.0137 1296 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

06:17:34.0168 1296 monitor - ok

06:17:34.0199 1296 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

06:17:34.0199 1296 mouclass - ok

06:17:34.0215 1296 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

06:17:34.0246 1296 mouhid - ok

06:17:34.0277 1296 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

06:17:34.0277 1296 mountmgr - ok

06:17:34.0293 1296 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys

06:17:34.0309 1296 mpio - ok

06:17:34.0340 1296 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

06:17:34.0387 1296 mpsdrv - ok

06:17:34.0418 1296 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

06:17:34.0449 1296 MRxDAV - ok

06:17:34.0480 1296 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

06:17:34.0527 1296 mrxsmb - ok

06:17:34.0589 1296 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

06:17:34.0621 1296 mrxsmb10 - ok

06:17:34.0667 1296 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

06:17:34.0699 1296 mrxsmb20 - ok

06:17:34.0730 1296 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys

06:17:34.0745 1296 msahci - ok

06:17:34.0777 1296 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys

06:17:34.0777 1296 msdsm - ok

06:17:34.0808 1296 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

06:17:34.0839 1296 Msfs - ok

06:17:34.0870 1296 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

06:17:34.0917 1296 mshidkmdf - ok

06:17:34.0948 1296 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

06:17:34.0948 1296 msisadrv - ok

06:17:34.0964 1296 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

06:17:35.0026 1296 MSKSSRV - ok

06:17:35.0042 1296 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

06:17:35.0089 1296 MSPCLOCK - ok

06:17:35.0120 1296 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

06:17:35.0167 1296 MSPQM - ok

06:17:35.0198 1296 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

06:17:35.0213 1296 MsRPC - ok

06:17:35.0229 1296 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

06:17:35.0245 1296 mssmbios - ok

06:17:35.0260 1296 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

06:17:35.0307 1296 MSTEE - ok

06:17:35.0338 1296 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

06:17:35.0369 1296 MTConfig - ok

06:17:35.0369 1296 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

06:17:35.0385 1296 Mup - ok

06:17:35.0463 1296 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

06:17:35.0494 1296 NativeWifiP - ok

06:17:35.0666 1296 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120202.018\ENG64.SYS

06:17:35.0681 1296 NAVENG - ok

06:17:35.0728 1296 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120202.018\EX64.SYS

06:17:35.0775 1296 NAVEX15 - ok

06:17:35.0900 1296 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

06:17:35.0931 1296 NDIS - ok

06:17:35.0947 1296 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

06:17:36.0009 1296 NdisCap - ok

06:17:36.0040 1296 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

06:17:36.0087 1296 NdisTapi - ok

06:17:36.0118 1296 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

06:17:36.0165 1296 Ndisuio - ok

06:17:36.0196 1296 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

06:17:36.0243 1296 NdisWan - ok

06:17:36.0274 1296 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

06:17:36.0321 1296 NDProxy - ok

06:17:36.0352 1296 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

06:17:36.0399 1296 NetBIOS - ok

06:17:36.0415 1296 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

06:17:36.0461 1296 NetBT - ok

06:17:36.0633 1296 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys

06:17:36.0836 1296 NETw5s64 - ok

06:17:36.0945 1296 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

06:17:36.0961 1296 nfrd960 - ok

06:17:36.0992 1296 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

06:17:37.0039 1296 Npfs - ok

06:17:37.0070 1296 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

06:17:37.0132 1296 nsiproxy - ok

06:17:37.0179 1296 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys

06:17:37.0226 1296 Ntfs - ok

06:17:37.0241 1296 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

06:17:37.0304 1296 Null - ok

06:17:37.0351 1296 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\drivers\nusb3hub.sys

06:17:37.0366 1296 nusb3hub - ok

06:17:37.0397 1296 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\drivers\nusb3xhc.sys

06:17:37.0397 1296 nusb3xhc - ok

06:17:37.0429 1296 NVHDA (a842341ef3c702ef8208e610be0fd1d9) C:\Windows\system32\drivers\nvhda64v.sys

06:17:37.0444 1296 NVHDA - ok

06:17:37.0663 1296 nvlddmkm (b4402e1d61a3015fc29bef94bb1c81fd) C:\Windows\system32\DRIVERS\nvlddmkm.sys

06:17:37.0990 1296 nvlddmkm - ok

06:17:38.0099 1296 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\drivers\nvraid.sys

06:17:38.0099 1296 nvraid - ok

06:17:38.0115 1296 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\drivers\nvstor.sys

06:17:38.0131 1296 nvstor - ok

06:17:38.0177 1296 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

06:17:38.0177 1296 nv_agp - ok

06:17:38.0209 1296 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

06:17:38.0240 1296 ohci1394 - ok

06:17:38.0287 1296 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

06:17:38.0287 1296 Parport - ok

06:17:38.0333 1296 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

06:17:38.0349 1296 partmgr - ok

06:17:38.0365 1296 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys

06:17:38.0380 1296 pci - ok

06:17:38.0396 1296 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

06:17:38.0411 1296 pciide - ok

06:17:38.0427 1296 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

06:17:38.0443 1296 pcmcia - ok

06:17:38.0474 1296 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

06:17:38.0474 1296 pcw - ok

06:17:38.0505 1296 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

06:17:38.0583 1296 PEAUTH - ok

06:17:38.0677 1296 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

06:17:38.0723 1296 PptpMiniport - ok

06:17:38.0770 1296 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

06:17:38.0786 1296 Processor - ok

06:17:38.0833 1296 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

06:17:38.0895 1296 Psched - ok

06:17:38.0926 1296 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

06:17:38.0973 1296 ql2300 - ok

06:17:39.0004 1296 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

06:17:39.0004 1296 ql40xx - ok

06:17:39.0035 1296 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

06:17:39.0067 1296 QWAVEdrv - ok

06:17:39.0098 1296 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

06:17:39.0145 1296 RasAcd - ok

06:17:39.0176 1296 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

06:17:39.0223 1296 RasAgileVpn - ok

06:17:39.0254 1296 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

06:17:39.0301 1296 Rasl2tp - ok

06:17:39.0332 1296 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

06:17:39.0379 1296 RasPppoe - ok

06:17:39.0410 1296 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

06:17:39.0472 1296 RasSstp - ok

06:17:39.0488 1296 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

06:17:39.0535 1296 rdbss - ok

06:17:39.0566 1296 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

06:17:39.0597 1296 rdpbus - ok

06:17:39.0613 1296 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

06:17:39.0644 1296 RDPCDD - ok

06:17:39.0659 1296 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

06:17:39.0706 1296 RDPENCDD - ok

06:17:39.0722 1296 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

06:17:39.0753 1296 RDPREFMP - ok

06:17:39.0784 1296 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

06:17:39.0831 1296 RDPWD - ok

06:17:39.0862 1296 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys

06:17:39.0878 1296 rdyboost - ok

06:17:39.0925 1296 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys

06:17:39.0940 1296 regi - ok

06:17:39.0956 1296 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

06:17:39.0987 1296 RFCOMM - ok

06:17:40.0018 1296 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys

06:17:40.0049 1296 rimspci - ok

06:17:40.0096 1296 risdsnpe (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys

06:17:40.0127 1296 risdsnpe - ok

06:17:40.0143 1296 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

06:17:40.0190 1296 rspndr - ok

06:17:40.0299 1296 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

06:17:40.0299 1296 SASDIFSV - ok

06:17:40.0315 1296 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

06:17:40.0315 1296 SASKUTIL - ok

06:17:40.0346 1296 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys

06:17:40.0361 1296 sbp2port - ok

06:17:40.0408 1296 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys

06:17:40.0408 1296 SCDEmu - ok

06:17:40.0439 1296 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

06:17:40.0486 1296 scfilter - ok

06:17:40.0517 1296 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys

06:17:40.0580 1296 sdbus - ok

06:17:40.0595 1296 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

06:17:40.0658 1296 secdrv - ok

06:17:40.0689 1296 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

06:17:40.0720 1296 Serenum - ok

06:17:40.0736 1296 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

06:17:40.0751 1296 Serial - ok

06:17:40.0767 1296 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

06:17:40.0798 1296 sermouse - ok

06:17:40.0845 1296 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys

06:17:40.0876 1296 SFEP - ok

06:17:40.0907 1296 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

06:17:40.0939 1296 sffdisk - ok

06:17:40.0985 1296 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

06:17:41.0017 1296 sffp_mmc - ok

06:17:41.0048 1296 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys

06:17:41.0048 1296 sffp_sd - ok

06:17:41.0079 1296 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

06:17:41.0095 1296 sfloppy - ok

06:17:41.0157 1296 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

06:17:41.0173 1296 SiSRaid2 - ok

06:17:41.0204 1296 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

06:17:41.0219 1296 SiSRaid4 - ok

06:17:41.0266 1296 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

06:17:41.0313 1296 Smb - ok

06:17:41.0438 1296 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

06:17:41.0453 1296 spldr - ok

06:17:41.0578 1296 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS

06:17:41.0594 1296 SRTSP - ok

06:17:41.0625 1296 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS

06:17:41.0641 1296 SRTSPX - ok

06:17:41.0703 1296 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

06:17:41.0765 1296 srv - ok

06:17:41.0812 1296 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

06:17:41.0828 1296 srv2 - ok

06:17:41.0875 1296 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

06:17:41.0890 1296 srvnet - ok

06:17:41.0968 1296 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

06:17:41.0984 1296 stexstor - ok

06:17:42.0062 1296 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys

06:17:42.0093 1296 StillCam - ok

06:17:42.0171 1296 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

06:17:42.0187 1296 swenum - ok

06:17:42.0343 1296 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS

06:17:42.0343 1296 SymDS - ok

06:17:42.0374 1296 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS

06:17:42.0405 1296 SymEFA - ok

06:17:42.0452 1296 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

06:17:42.0467 1296 SymEvent - ok

06:17:42.0499 1296 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS

06:17:42.0499 1296 SymIRON - ok

06:17:42.0561 1296 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS

06:17:42.0577 1296 SymNetS - ok

06:17:42.0592 1296 szkg5 - ok

06:17:42.0686 1296 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

06:17:42.0733 1296 Tcpip - ok

06:17:42.0779 1296 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

06:17:42.0811 1296 TCPIP6 - ok

06:17:42.0842 1296 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

06:17:42.0873 1296 tcpipreg - ok

06:17:42.0904 1296 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

06:17:42.0951 1296 TDPIPE - ok

06:17:42.0982 1296 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

06:17:43.0029 1296 TDTCP - ok

06:17:43.0045 1296 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

06:17:43.0107 1296 tdx - ok

06:17:43.0107 1296 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys

06:17:43.0123 1296 TermDD - ok

06:17:43.0169 1296 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

06:17:43.0201 1296 tssecsrv - ok

06:17:43.0216 1296 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

06:17:43.0263 1296 tunnel - ok

06:17:43.0294 1296 TurboB (f37d49111a12a97de4bb5d8ff444bd2c) C:\Windows\system32\DRIVERS\TurboB.sys

06:17:43.0310 1296 TurboB - ok

06:17:43.0341 1296 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

06:17:43.0357 1296 uagp35 - ok

06:17:43.0419 1296 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys

06:17:43.0466 1296 udfs - ok

06:17:43.0513 1296 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

06:17:43.0528 1296 uliagpkx - ok

06:17:43.0559 1296 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

06:17:43.0575 1296 umbus - ok

06:17:43.0606 1296 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

06:17:43.0653 1296 UmPass - ok

06:17:43.0684 1296 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys

06:17:43.0715 1296 usbccgp - ok

06:17:43.0747 1296 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

06:17:43.0778 1296 usbcir - ok

06:17:43.0809 1296 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\drivers\usbehci.sys

06:17:43.0825 1296 usbehci - ok

06:17:43.0856 1296 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\drivers\usbhub.sys

06:17:43.0887 1296 usbhub - ok

06:17:43.0918 1296 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys

06:17:43.0918 1296 usbohci - ok

06:17:43.0949 1296 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

06:17:43.0996 1296 usbprint - ok

06:17:44.0027 1296 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS

06:17:44.0059 1296 USBSTOR - ok

06:17:44.0090 1296 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys

06:17:44.0121 1296 usbuhci - ok

06:17:44.0152 1296 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys

06:17:44.0168 1296 usbvideo - ok

06:17:44.0230 1296 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

06:17:44.0230 1296 vdrvroot - ok

06:17:44.0261 1296 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

06:17:44.0261 1296 vga - ok

06:17:44.0277 1296 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

06:17:44.0324 1296 VgaSave - ok

06:17:44.0355 1296 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys

06:17:44.0371 1296 vhdmp - ok

06:17:44.0386 1296 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

06:17:44.0402 1296 viaide - ok

06:17:44.0433 1296 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys

06:17:44.0449 1296 volmgr - ok

06:17:44.0464 1296 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

06:17:44.0480 1296 volmgrx - ok

06:17:44.0495 1296 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys

06:17:44.0511 1296 volsnap - ok

06:17:44.0542 1296 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

06:17:44.0542 1296 vsmraid - ok

06:17:44.0589 1296 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

06:17:44.0605 1296 vwifibus - ok

06:17:44.0620 1296 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

06:17:44.0651 1296 vwififlt - ok

06:17:44.0714 1296 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

06:17:44.0714 1296 WacomPen - ok

06:17:44.0745 1296 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

06:17:44.0792 1296 WANARP - ok

06:17:44.0807 1296 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

06:17:44.0839 1296 Wanarpv6 - ok

06:17:44.0885 1296 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

06:17:44.0901 1296 Wd - ok

06:17:44.0917 1296 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

06:17:44.0932 1296 Wdf01000 - ok

06:17:44.0995 1296 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

06:17:45.0026 1296 WfpLwf - ok

06:17:45.0057 1296 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

06:17:45.0057 1296 WIMMount - ok

06:17:45.0151 1296 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

06:17:45.0182 1296 WinUsb - ok

06:17:45.0229 1296 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys

06:17:45.0229 1296 WmBEnum - ok

06:17:45.0275 1296 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys

06:17:45.0275 1296 WmFilter - ok

06:17:45.0307 1296 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

06:17:45.0322 1296 WmiAcpi - ok

06:17:45.0369 1296 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys

06:17:45.0369 1296 WmVirHid - ok

06:17:45.0385 1296 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys

06:17:45.0385 1296 WmXlCore - ok

06:17:45.0463 1296 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

06:17:45.0494 1296 ws2ifsl - ok

06:17:45.0572 1296 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

06:17:45.0619 1296 WudfPf - ok

06:17:45.0650 1296 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

06:17:45.0697 1296 WUDFRd - ok

06:17:45.0806 1296 xnacc (4a5ce13408945e525503b5f73d29b9c5) C:\Windows\system32\DRIVERS\xnacc.sys

06:17:45.0853 1296 xnacc - ok

06:17:45.0899 1296 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys

06:17:45.0899 1296 yukonw7 - ok

06:17:45.0931 1296 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0

06:17:45.0962 1296 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected

06:17:45.0962 1296 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)

06:17:45.0993 1296 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

06:17:45.0993 1296 \Device\Harddisk0\DR0 - detected TDSS File System (1)

06:17:46.0009 1296 Boot (0x1200) (3219a0267e3b4c84a32621fcee4af897) \Device\Harddisk0\DR0\Partition0

06:17:46.0009 1296 \Device\Harddisk0\DR0\Partition0 - ok

06:17:46.0024 1296 Boot (0x1200) (81d42fc928afd12c3d83e0d07d25cc82) \Device\Harddisk0\DR0\Partition1

06:17:46.0024 1296 \Device\Harddisk0\DR0\Partition1 - ok

06:17:46.0024 1296 ============================================================

06:17:46.0024 1296 Scan finished

06:17:46.0024 1296 ============================================================

06:17:46.0040 1336 Detected object count: 2

06:17:46.0040 1336 Actual detected object count: 2

06:19:26.0442 1336 \Device\Harddisk0\DR0\# - copied to quarantine

06:19:26.0442 1336 \Device\Harddisk0\DR0 - copied to quarantine

06:19:26.0473 1336 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

06:19:26.0473 1336 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine

06:19:26.0473 1336 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine

06:19:26.0488 1336 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine

06:19:26.0488 1336 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine

06:19:26.0488 1336 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine

06:19:26.0488 1336 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine

06:19:26.0488 1336 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine

06:19:26.0488 1336 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine

06:19:26.0488 1336 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine

06:19:26.0488 1336 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine

06:19:26.0520 1336 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot

06:19:26.0520 1336 \Device\Harddisk0\DR0 - ok

06:19:26.0520 1336 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

06:19:26.0520 1336 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

06:19:26.0520 1336 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

06:19:44.0272 1224 Deinitialize success

[LDTate]

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

[siu]

my computer is currently in safe mode with networking. In normal mode the computer have blue screen and restarts. In safe mode there is no issue with blue screen. On my windows task manager there are 8 processes of svchost.exe

Malwarebytes Anti-Malware (Trial) 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.04.03

Windows 7 x64 NTFS (Safe Mode/Networking)

Internet Explorer 8.0.7600.16385

Kaleb :: KALEB-VAIO [administrator]

Protection: Disabled

2012/02/04 12:06:42

mbam-log-2012-02-04 (12-52-52).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 371515

Time elapsed: 45 minute(s), 54 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.

(end)

[LDTate]

Open Malwarebytes > click on More Tools > run File ASSASSIN by clicking Run Tool

Select the File you want to delete.

C:\Windows\svchost.exe <--NOTE: ONLY from this location

[siu]

ok I ran File ASSASSIN and deleted C:\Windows\svchost.exe

[LDTate]

Run a new MBAM scan and let me know how it's running

[siu]

Everything seems to be ok so far. The MBAM scan show no malware found. I am now on normal mode. I heard that Java 6 Update26 is a P2P should I delete it. It was after I updated java that the problem started.

[LDTate]

For JAVA,

Java updates:

http://www.java.com/en/download/manual.jsp

Remove old

Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe (double-click for XP/right-click and Run as Administrator for Vista), pick the language of your choice and click Select. Then click Remove Older Versions.
  
• Accept any prompts.
  
• Open JavaRa.exe (double-click for XP/right-click and Run as Administrator for Vista) again and select Search For Updates.
  
• Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.
  

Good job

The following will implement some cleanup procedures as well as reset System Restore points:

For XP:

• Click START run
  
• Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.
  

For Vista / Windows 7

• Click START Search
  
• Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.
  

Here's my usual all clean post

To be on the safe side, I would also change all my passwords.

This infection appears to have been cleaned, but as the malware could be configured to run any program a remote attacker requires, it's impossible to be 100% sure that any machine is clean.

Log looks good

• Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week
  (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  
• Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.
  Without a firewall your computer is succeptible to being hacked and taken over.
  I am very serious about this and see it happen almost every day with my clients.
  Simply using a Firewall in its default configuration can lower your risk greatly.
  
• Using a secure browser plugin M86 SecureBrowsing makes it safe to search, surf and socialize online. This free browser plug-in displays security icons next to links on search engines and social networking sites like Facebook, Twitter and LinkedIn, so you'll know which pages are safe and which ones to avoid.
  •Free browser plug-in for Internet Explorer and Firefox
  •Real-time safety ratings
  •Ideal for Facebook, Twitter and LinkedIn
  
• JAVA Click this link and click on the Free JAVA Download
  
• Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.
  This will ensure your computer has always the latest security updates available installed on your computer.
  If there are new updates to install, install them immediately, reboot your computer, and revisit the site
  until there are no more critical updates.
  

Only run one Anti-Virus and Firewall program.

I would suggest you read:

PC Safety and Security--What Do I Need?.

How to Prevent Malware:

The full version of Malwarebytes' Anti-Malware could have helped protect your computer against this threat.

We use different ways of protecting your computer(s):

• Dynamically Blocks Malware Sites & Servers
  
• Malware Execution Prevention
  

Save yourself the hassle and get protected.

[siu]

Thank you for taking your take to help me

[siu]

Thank you for taking your time to help me

[LDTate]

You're more than welcome.

Glad we were able to help

Peace be with you

[LDTate]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.