[whriley]

i had what I think was the google redirect virus. I read on forums that TDSSKiller would remove it. I installed it ran cure and it now no longer will boot. I can't boot with system restore or in safe mode or normal mode. I have only been able to access my compuetr through safe mode using a program disc called reatgo-X-Pe. it looks like it is a bunch of tools running in an XP environment from th edisc. My computer is an Inspiron 1750 running vista.
i ran frst log and it is pasted below as is a log from tdsskiller. I downloaded OTL per your forum instrcution on a USB and ran it on my infected computer and i got the following error. "This application failed to start becasue framedyn.dll was not found. reinstaling the application may fix this problem."

I am pasting all the logs I have below. I am beside myself with this.

13:28:11.0586 8052 TDSS rootkit removing tool 2.7.10.0 Feb 7 2012 15:14:46
13:28:13.0599 8052 ============================================================
13:28:13.0599 8052 Current date / time: 2012/02/08 13:28:13.0599
13:28:13.0599 8052 SystemInfo:
13:28:13.0599 8052
13:28:13.0599 8052 OS Version: 6.1.7600 ServicePack: 0.0
13:28:13.0599 8052 Product type: Workstation
13:28:13.0599 8052 ComputerName: BILLRILEY-PC
13:28:13.0646 8052 UserName: Bill Riley
13:28:13.0646 8052 Windows directory: C:\Windows
13:28:13.0646 8052 System windows directory: C:\Windows
13:28:13.0646 8052 Running under WOW64
13:28:13.0646 8052 Processor architecture: Intel x64
13:28:13.0646 8052 Number of processors: 2
13:28:13.0646 8052 Page size: 0x1000
13:28:13.0646 8052 Boot type: Normal boot
13:28:13.0646 8052 ============================================================
13:28:14.0270 8052 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:28:14.0270 8052 \Device\Harddisk0\DR0:
13:28:14.0270 8052 MBR used
13:28:14.0270 8052 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x95800, BlocksNum 0x25C0000
13:28:14.0270 8052 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2655800, BlocksNum 0x37D30030
13:28:14.0317 8052 Initialize success
13:28:14.0317 8052 ============================================================
13:28:22.0414 8088 ============================================================
13:28:22.0414 8088 Scan started
13:28:22.0414 8088 Mode: Manual;
13:28:22.0414 8088 ============================================================
13:28:23.0771 8088 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
13:28:23.0803 8088 1394ohci - ok
13:28:23.0974 8088 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
13:28:23.0974 8088 ACPI - ok
13:28:24.0068 8088 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
13:28:24.0068 8088 AcpiPmi - ok
13:28:24.0161 8088 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:28:24.0193 8088 adp94xx - ok
13:28:24.0302 8088 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:28:24.0317 8088 adpahci - ok
13:28:24.0505 8088 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:28:24.0536 8088 adpu320 - ok
13:28:24.0692 8088 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
13:28:24.0707 8088 AFD - ok
13:28:24.0801 8088 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
13:28:24.0801 8088 agp440 - ok
13:28:24.0910 8088 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
13:28:24.0926 8088 aliide - ok
13:28:25.0019 8088 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
13:28:25.0019 8088 amdide - ok
13:28:25.0129 8088 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:28:25.0129 8088 AmdK8 - ok
13:28:25.0222 8088 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:28:25.0222 8088 AmdPPM - ok
13:28:25.0316 8088 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
13:28:25.0331 8088 amdsata - ok
13:28:25.0706 8088 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:28:25.0721 8088 amdsbs - ok
13:28:25.0815 8088 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
13:28:25.0815 8088 amdxata - ok
13:28:25.0909 8088 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
13:28:25.0909 8088 AppID - ok
13:28:26.0033 8088 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:28:26.0049 8088 arc - ok
13:28:26.0065 8088 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:28:26.0080 8088 arcsas - ok
13:28:26.0111 8088 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:28:26.0127 8088 AsyncMac - ok
13:28:26.0221 8088 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
13:28:26.0221 8088 atapi - ok
13:28:26.0345 8088 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:28:26.0377 8088 b06bdrv - ok
13:28:26.0517 8088 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:28:26.0533 8088 b57nd60a - ok
13:28:26.0626 8088 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
13:28:26.0626 8088 BCM42RLY - ok
13:28:26.0720 8088 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
13:28:26.0735 8088 BCM43XX - ok
13:28:26.0860 8088 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:28:26.0860 8088 Beep - ok
13:28:26.0954 8088 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:28:26.0969 8088 blbdrive - ok
13:28:27.0079 8088 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
13:28:27.0079 8088 bowser - ok
13:28:27.0125 8088 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:28:27.0141 8088 BrFiltLo - ok
13:28:27.0157 8088 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:28:27.0172 8088 BrFiltUp - ok
13:28:27.0188 8088 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:28:27.0203 8088 Brserid - ok
13:28:27.0219 8088 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:28:27.0235 8088 BrSerWdm - ok
13:28:27.0297 8088 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:28:27.0313 8088 BrUsbMdm - ok
13:28:27.0344 8088 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:28:27.0359 8088 BrUsbSer - ok
13:28:27.0406 8088 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:28:27.0406 8088 BTHMODEM - ok
13:28:27.0453 8088 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:28:27.0453 8088 cdfs - ok
13:28:27.0531 8088 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
13:28:27.0531 8088 cdrom - ok
13:28:27.0656 8088 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
13:28:27.0718 8088 cfwids - ok
13:28:27.0796 8088 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:28:27.0796 8088 circlass - ok
13:28:27.0843 8088 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:28:27.0843 8088 CLFS - ok
13:28:27.0890 8088 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:28:27.0905 8088 CmBatt - ok
13:28:27.0937 8088 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
13:28:27.0937 8088 cmdide - ok
13:28:28.0046 8088 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
13:28:28.0077 8088 CNG - ok
13:28:28.0124 8088 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:28:28.0124 8088 Compbatt - ok
13:28:28.0155 8088 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:28:28.0155 8088 CompositeBus - ok
13:28:28.0217 8088 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:28:28.0217 8088 crcdisk - ok
13:28:28.0280 8088 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
13:28:28.0342 8088 CtClsFlt - ok
13:28:28.0421 8088 dc3d (c3cecf0919bc03a0bab3a3691f5f43ba) C:\Windows\system32\DRIVERS\dc3d.sys
13:28:28.0468 8088 dc3d - ok
13:28:28.0562 8088 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
13:28:28.0608 8088 DfsC - ok
13:28:28.0655 8088 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:28:28.0671 8088 discache - ok
13:28:28.0702 8088 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:28:28.0702 8088 Disk - ok
13:28:28.0842 8088 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:28:28.0858 8088 drmkaud - ok
13:28:28.0952 8088 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
13:28:29.0030 8088 DXGKrnl - ok
13:28:29.0186 8088 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:28:29.0295 8088 ebdrv - ok
13:28:29.0405 8088 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:28:29.0421 8088 elxstor - ok
13:28:29.0452 8088 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
13:28:29.0452 8088 ErrDev - ok
13:28:29.0499 8088 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:28:29.0499 8088 exfat - ok
13:28:29.0530 8088 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:28:29.0530 8088 fastfat - ok
13:28:29.0577 8088 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:28:29.0577 8088 fdc - ok
13:28:29.0623 8088 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:28:29.0623 8088 FileInfo - ok
13:28:29.0655 8088 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:28:29.0655 8088 Filetrace - ok
13:28:29.0686 8088 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:28:29.0686 8088 flpydisk - ok
13:28:29.0764 8088 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
13:28:29.0779 8088 FltMgr - ok
13:28:29.0811 8088 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:28:29.0811 8088 FsDepends - ok
13:28:29.0873 8088 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
13:28:29.0920 8088 fssfltr - ok
13:28:29.0982 8088 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:28:29.0982 8088 Fs_Rec - ok
13:28:30.0029 8088 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:28:30.0029 8088 fvevol - ok
13:28:30.0060 8088 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:28:30.0076 8088 gagp30kx - ok
13:28:30.0138 8088 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:28:30.0201 8088 GEARAspiWDM - ok
13:28:30.0404 8088 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:28:30.0420 8088 hcw85cir - ok
13:28:30.0451 8088 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:28:30.0467 8088 HDAudBus - ok
13:28:30.0498 8088 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:28:30.0498 8088 HidBatt - ok
13:28:30.0529 8088 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:28:30.0529 8088 HidBth - ok
13:28:30.0560 8088 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:28:30.0560 8088 HidIr - ok
13:28:30.0592 8088 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
13:28:30.0592 8088 HidUsb - ok
13:28:30.0638 8088 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
13:28:30.0638 8088 HpSAMD - ok
13:28:30.0701 8088 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
13:28:30.0732 8088 HTTP - ok
13:28:30.0763 8088 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
13:28:30.0763 8088 hwpolicy - ok
13:28:30.0826 8088 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:28:30.0826 8088 i8042prt - ok
13:28:30.0888 8088 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
13:28:30.0888 8088 iaStor - ok
13:28:30.0935 8088 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
13:28:30.0935 8088 iaStorV - ok
13:28:31.0153 8088 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
13:28:31.0418 8088 igfx - ok
13:28:31.0560 8088 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:28:31.0560 8088 iirsp - ok
13:28:31.0591 8088 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
13:28:31.0591 8088 intelide - ok
13:28:31.0622 8088 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:28:31.0622 8088 intelppm - ok
13:28:31.0669 8088 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:28:31.0685 8088 IpFilterDriver - ok
13:28:31.0716 8088 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:28:31.0731 8088 IPMIDRV - ok
13:28:31.0747 8088 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:28:31.0763 8088 IPNAT - ok
13:28:31.0825 8088 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:28:31.0825 8088 IRENUM - ok
13:28:31.0856 8088 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
13:28:31.0872 8088 isapnp - ok
13:28:31.0903 8088 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
13:28:31.0919 8088 iScsiPrt - ok
13:28:31.0950 8088 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:28:31.0950 8088 kbdclass - ok
13:28:32.0012 8088 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
13:28:32.0012 8088 kbdhid - ok
13:28:32.0059 8088 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
13:28:32.0090 8088 KSecDD - ok
13:28:32.0121 8088 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
13:28:32.0184 8088 KSecPkg - ok
13:28:32.0199 8088 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:28:32.0199 8088 ksthunk - ok
13:28:32.0262 8088 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:28:32.0262 8088 lltdio - ok
13:28:32.0309 8088 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:28:32.0309 8088 LSI_FC - ok
13:28:32.0324 8088 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:28:32.0324 8088 LSI_SAS - ok
13:28:32.0340 8088 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:28:32.0355 8088 LSI_SAS2 - ok
13:28:32.0371 8088 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:28:32.0387 8088 LSI_SCSI - ok
13:28:32.0418 8088 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:28:32.0418 8088 luafv - ok
13:28:32.0605 8088 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:28:32.0605 8088 megasas - ok
13:28:32.0636 8088 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:28:32.0652 8088 MegaSR - ok
13:28:32.0683 8088 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
13:28:32.0745 8088 mfeapfk - ok
13:28:32.0808 8088 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
13:28:32.0855 8088 mfeavfk - ok
13:28:32.0917 8088 mfeavfk01 - ok
13:28:32.0964 8088 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
13:28:33.0026 8088 mfefirek - ok
13:28:33.0104 8088 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
13:28:33.0167 8088 mfehidk - ok
13:28:33.0229 8088 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
13:28:33.0276 8088 mfenlfk - ok
13:28:33.0323 8088 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
13:28:33.0338 8088 mferkdet - ok
13:28:33.0416 8088 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
13:28:33.0479 8088 mfewfpk - ok
13:28:33.0525 8088 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:28:33.0541 8088 Modem - ok
13:28:33.0572 8088 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:28:33.0572 8088 monitor - ok
13:28:33.0603 8088 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:28:33.0603 8088 mouclass - ok
13:28:33.0666 8088 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:28:33.0666 8088 mouhid - ok
13:28:33.0713 8088 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
13:28:33.0713 8088 mountmgr - ok
13:28:33.0759 8088 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
13:28:33.0759 8088 mpio - ok
13:28:33.0775 8088 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:28:33.0775 8088 mpsdrv - ok
13:28:33.0915 8088 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
13:28:33.0915 8088 MREMP50 - ok
13:28:33.0962 8088 MREMP50a64 - ok
13:28:33.0978 8088 MREMPR5 - ok
13:28:33.0978 8088 MRENDIS5 - ok
13:28:34.0071 8088 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
13:28:34.0134 8088 MRESP50 - ok
13:28:34.0149 8088 MRESP50a64 - ok
13:28:34.0243 8088 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
13:28:34.0259 8088 MRxDAV - ok
13:28:34.0305 8088 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:28:34.0383 8088 mrxsmb - ok
13:28:34.0415 8088 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:28:34.0493 8088 mrxsmb10 - ok
13:28:34.0524 8088 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:28:34.0571 8088 mrxsmb20 - ok
13:28:34.0586 8088 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
13:28:34.0602 8088 msahci - ok
13:28:34.0617 8088 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
13:28:34.0617 8088 msdsm - ok
13:28:34.0649 8088 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:28:34.0649 8088 Msfs - ok
13:28:34.0695 8088 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:28:34.0711 8088 mshidkmdf - ok
13:28:34.0727 8088 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
13:28:34.0727 8088 msisadrv - ok
13:28:34.0773 8088 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:28:34.0773 8088 MSKSSRV - ok
13:28:34.0789 8088 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:28:34.0789 8088 MSPCLOCK - ok
13:28:34.0820 8088 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:28:34.0820 8088 MSPQM - ok
13:28:34.0851 8088 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
13:28:34.0851 8088 MsRPC - ok
13:28:34.0867 8088 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:28:34.0883 8088 mssmbios - ok
13:28:34.0929 8088 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:28:34.0945 8088 MSTEE - ok
13:28:34.0992 8088 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:28:34.0992 8088 MTConfig - ok
13:28:35.0039 8088 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:28:35.0039 8088 Mup - ok
13:28:35.0101 8088 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:28:35.0117 8088 NativeWifiP - ok
13:28:35.0179 8088 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
13:28:35.0210 8088 NDIS - ok
13:28:35.0257 8088 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:28:35.0257 8088 NdisCap - ok
13:28:35.0288 8088 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:28:35.0304 8088 NdisTapi - ok
13:28:35.0335 8088 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
13:28:35.0351 8088 Ndisuio - ok
13:28:35.0382 8088 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:28:35.0382 8088 NdisWan - ok
13:28:35.0413 8088 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
13:28:35.0413 8088 NDProxy - ok
13:28:35.0444 8088 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:28:35.0444 8088 NetBIOS - ok
13:28:35.0491 8088 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
13:28:35.0491 8088 NetBT - ok
13:28:35.0539 8088 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:28:35.0539 8088 nfrd960 - ok
13:28:35.0570 8088 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:28:35.0570 8088 Npfs - ok
13:28:35.0586 8088 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:28:35.0601 8088 nsiproxy - ok
13:28:35.0648 8088 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
13:28:35.0695 8088 Ntfs - ok
13:28:35.0726 8088 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:28:35.0726 8088 Null - ok
13:28:35.0757 8088 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
13:28:35.0757 8088 nvraid - ok
13:28:35.0788 8088 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
13:28:35.0788 8088 nvstor - ok
13:28:35.0820 8088 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
13:28:35.0820 8088 nv_agp - ok
13:28:35.0866 8088 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
13:28:35.0882 8088 ohci1394 - ok
13:28:35.0913 8088 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:28:35.0913 8088 Parport - ok
13:28:35.0960 8088 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
13:28:35.0976 8088 partmgr - ok
13:28:36.0022 8088 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
13:28:36.0022 8088 pci - ok
13:28:36.0069 8088 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
13:28:36.0085 8088 pciide - ok
13:28:36.0116 8088 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:28:36.0132 8088 pcmcia - ok
13:28:36.0178 8088 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:28:36.0178 8088 pcw - ok
13:28:36.0225 8088 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:28:36.0241 8088 PEAUTH - ok
13:28:36.0319 8088 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
13:28:36.0319 8088 PptpMiniport - ok
13:28:36.0334 8088 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:28:36.0350 8088 Processor - ok
13:28:36.0397 8088 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
13:28:36.0397 8088 Psched - ok
13:28:36.0444 8088 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
13:28:36.0444 8088 PxHlpa64 - ok
13:28:36.0522 8088 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:28:36.0584 8088 ql2300 - ok
13:28:36.0615 8088 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:28:36.0615 8088 ql40xx - ok
13:28:36.0646 8088 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:28:36.0646 8088 QWAVEdrv - ok
13:28:36.0662 8088 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:28:36.0678 8088 RasAcd - ok
13:28:36.0709 8088 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:28:36.0709 8088 RasAgileVpn - ok
13:28:36.0771 8088 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:28:36.0771 8088 Rasl2tp - ok
13:28:36.0802 8088 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:28:36.0802 8088 RasPppoe - ok
13:28:36.0818 8088 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:28:36.0834 8088 RasSstp - ok
13:28:36.0865 8088 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
13:28:36.0865 8088 rdbss - ok
13:28:36.0896 8088 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:28:36.0896 8088 rdpbus - ok
13:28:36.0927 8088 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:28:36.0927 8088 RDPCDD - ok
13:28:36.0958 8088 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:28:36.0974 8088 RDPENCDD - ok
13:28:36.0990 8088 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:28:36.0990 8088 RDPREFMP - ok
13:28:37.0021 8088 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
13:28:37.0036 8088 RDPWD - ok
13:28:37.0130 8088 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
13:28:37.0130 8088 rdyboost - ok
13:28:37.0224 8088 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:28:37.0224 8088 rspndr - ok
13:28:37.0286 8088 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
13:28:37.0286 8088 RSUSBSTOR - ok
13:28:37.0317 8088 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
13:28:37.0317 8088 sbp2port - ok
13:28:37.0348 8088 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
13:28:37.0364 8088 scfilter - ok
13:28:37.0458 8088 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:28:37.0458 8088 secdrv - ok
13:28:37.0520 8088 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:28:37.0520 8088 Serenum - ok
13:28:37.0551 8088 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:28:37.0567 8088 Serial - ok
13:28:37.0598 8088 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:28:37.0598 8088 sermouse - ok
13:28:37.0660 8088 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
13:28:37.0676 8088 sffdisk - ok
13:28:37.0723 8088 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:28:37.0723 8088 sffp_mmc - ok
13:28:37.0754 8088 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:28:37.0801 8088 sffp_sd - ok
13:28:37.0848 8088 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:28:37.0848 8088 sfloppy - ok
13:28:37.0910 8088 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:28:37.0910 8088 SiSRaid2 - ok
13:28:37.0957 8088 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:28:37.0957 8088 SiSRaid4 - ok
13:28:38.0050 8088 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:28:38.0050 8088 Smb - ok
13:28:38.0113 8088 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:28:38.0113 8088 spldr - ok
13:28:38.0238 8088 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
13:28:38.0300 8088 srv - ok
13:28:38.0347 8088 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
13:28:38.0394 8088 srv2 - ok
13:28:38.0425 8088 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
13:28:38.0472 8088 srvnet - ok
13:28:38.0518 8088 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:28:38.0518 8088 stexstor - ok
13:28:38.0565 8088 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
13:28:38.0643 8088 STHDA - ok
13:28:38.0690 8088 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:28:38.0706 8088 swenum - ok
13:28:38.0752 8088 SynTP (3178b56219e0e4fb5f95299e49b83b44) C:\Windows\system32\DRIVERS\SynTP.sys
13:28:38.0815 8088 SynTP - ok
13:28:38.0908 8088 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
13:28:38.0971 8088 Tcpip - ok
13:28:39.0033 8088 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
13:28:39.0080 8088 TCPIP6 - ok
13:28:39.0111 8088 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
13:28:39.0111 8088 tcpipreg - ok
13:28:39.0158 8088 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:28:39.0158 8088 TDPIPE - ok
13:28:39.0174 8088 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:28:39.0174 8088 TDTCP - ok
13:28:39.0205 8088 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
13:28:39.0205 8088 tdx - ok
13:28:39.0236 8088 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
13:28:39.0252 8088 TermDD - ok
13:28:39.0345 8088 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:28:39.0345 8088 tssecsrv - ok
13:28:39.0376 8088 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
13:28:39.0392 8088 tunnel - ok
13:28:39.0408 8088 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:28:39.0423 8088 uagp35 - ok
13:28:39.0439 8088 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
13:28:39.0454 8088 udfs - ok
13:28:39.0501 8088 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
13:28:39.0501 8088 uliagpkx - ok
13:28:39.0548 8088 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
13:28:39.0548 8088 umbus - ok
13:28:39.0579 8088 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:28:39.0579 8088 UmPass - ok
13:28:39.0626 8088 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
13:28:39.0673 8088 USBAAPL64 - ok
13:28:39.0688 8088 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
13:28:39.0704 8088 usbccgp - ok
13:28:39.0704 8088 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
13:28:39.0720 8088 usbcir - ok
13:28:39.0735 8088 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
13:28:39.0735 8088 usbehci - ok
13:28:39.0782 8088 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
13:28:39.0798 8088 usbhub - ok
13:28:39.0813 8088 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
13:28:39.0829 8088 usbohci - ok
13:28:39.0860 8088 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:28:39.0860 8088 usbprint - ok
13:28:39.0938 8088 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:28:39.0938 8088 usbscan - ok
13:28:39.0985 8088 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:28:40.0000 8088 USBSTOR - ok
13:28:40.0032 8088 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
13:28:40.0047 8088 usbuhci - ok
13:28:40.0094 8088 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
13:28:40.0141 8088 usbvideo - ok
13:28:40.0203 8088 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
13:28:40.0203 8088 vdrvroot - ok
13:28:40.0266 8088 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:28:40.0266 8088 vga - ok
13:28:40.0297 8088 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:28:40.0297 8088 VgaSave - ok
13:28:40.0328 8088 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
13:28:40.0344 8088 vhdmp - ok
13:28:40.0359 8088 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
13:28:40.0375 8088 viaide - ok
13:28:40.0406 8088 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
13:28:40.0406 8088 volmgr - ok
13:28:40.0437 8088 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
13:28:40.0437 8088 volmgrx - ok
13:28:40.0453 8088 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
13:28:40.0453 8088 volsnap - ok
13:28:40.0484 8088 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:28:40.0484 8088 vsmraid - ok
13:28:40.0515 8088 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:28:40.0531 8088 vwifibus - ok
13:28:40.0562 8088 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:28:40.0562 8088 vwififlt - ok
13:28:40.0609 8088 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
13:28:40.0624 8088 vwifimp - ok
13:28:40.0640 8088 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:28:40.0640 8088 WacomPen - ok
13:28:40.0687 8088 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:28:40.0687 8088 WANARP - ok
13:28:40.0702 8088 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:28:40.0702 8088 Wanarpv6 - ok
13:28:40.0749 8088 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:28:40.0765 8088 Wd - ok
13:28:40.0796 8088 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:28:40.0812 8088 Wdf01000 - ok
13:28:40.0890 8088 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:28:40.0890 8088 WfpLwf - ok
13:28:40.0936 8088 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
13:28:40.0983 8088 WimFltr - ok
13:28:40.0999 8088 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:28:40.0999 8088 WIMMount - ok
13:28:41.0077 8088 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
13:28:41.0077 8088 WinUsb - ok
13:28:41.0202 8088 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:28:41.0202 8088 WmiAcpi - ok
13:28:41.0280 8088 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:28:41.0280 8088 ws2ifsl - ok
13:28:41.0311 8088 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
13:28:41.0311 8088 WudfPf - ok
13:28:41.0342 8088 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:28:41.0358 8088 WUDFRd - ok
13:28:41.0420 8088 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys
13:28:41.0420 8088 yukonw7 - ok
13:28:41.0451 8088 MBR (0x1B8) (ae8fa489bdbabb7f15572f885c9ff9ae) \Device\Harddisk0\DR0
13:28:41.0467 8088 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
13:28:41.0467 8088 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
13:28:41.0498 8088 Boot (0x1200) (9025f5f50a56850b1f101cd31fc80309) \Device\Harddisk0\DR0\Partition0
13:28:41.0498 8088 \Device\Harddisk0\DR0\Partition0 - ok
13:28:41.0529 8088 Boot (0x1200) (45e1dc5f68aa56a619c7427965da6aac) \Device\Harddisk0\DR0\Partition1
13:28:41.0529 8088 \Device\Harddisk0\DR0\Partition1 - ok
13:28:41.0529 8088 ============================================================
13:28:41.0529 8088 Scan finished
13:28:41.0529 8088 ============================================================
13:28:41.0560 6956 Detected object count: 1
13:28:41.0560 6956 Actual detected object count: 1
13:28:55.0273 6956 \Device\Harddisk0\DR0\# - copied to quarantine
13:28:55.0273 6956 \Device\Harddisk0\DR0 - copied to quarantine
13:28:55.0335 6956 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
13:29:00.0936 6956 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
13:29:00.0982 6956 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
13:29:09.0048 6956 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
13:29:14.0461 6956 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
13:29:14.0476 6956 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
13:29:14.0476 6956 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
13:29:14.0492 6956 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
13:29:20.0062 6956 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
13:29:25.0382 6956 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
13:29:25.0429 6956 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
13:29:25.0429 6956 \Device\Harddisk0\DR0 - ok
13:29:25.0429 6956 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
13:29:46.0801 8048 Deinitialize success

Fix result of Farbar Recovery Tool (FRST written by farbar) Version: 17-02-2012 (L)
Ran by SYSTEM at 2012-02-17 18:51:14 R:1
Running from H:\

==============================================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\*Restore Value deleted successfully.

========= type C:\TDSSKiller*.txt =========

The system cannot find the file specified.

========= End of CMD: =========


'bcdedit' is not recognized as an internal or external command,
operable program or batch file.
'bcdedit' is not recognized as an internal or external command,
operable program or batch file.

Attached Files

•  TDSSKiller.2.7.10.0_08.02.2012_13.28.11_log.txt   78.63KB   62 downloads
•  Fixlog.txt   659bytes   77 downloads
•  FRST.txt   23.44KB   88 downloads

[Advertisements]

Playing Geek,aren't you? It will be easy to join a boot camp.



Download the enclosed file:

Save it in a the same UBD drive containing FRST overwriting any similar file.

Run FRST as you did before, except this time around click on the Fix button.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

If successful, attempt to boot in Normal Mode. If able to do so, run Combofix as follows:

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Please, never rename Combofix unless instructed.
• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  

  -----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    

    -----------------------------------------------------------

  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

  -----------------------------------------------------------

• Double click on combofix.exe & follow the prompts.
• Install the Recovery Console if prompted.
• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt" .

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

[JSntgRvr]

Playing Geek,aren't you? It will be easy to join a boot camp.



Download the enclosed file:

Save it in a the same UBD drive containing FRST overwriting any similar file.

Run FRST as you did before, except this time around click on the Fix button.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

If successful, attempt to boot in Normal Mode. If able to do so, run Combofix as follows:

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Please, never rename Combofix unless instructed.
• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  

  -----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    

    -----------------------------------------------------------

  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

  -----------------------------------------------------------

• Double click on combofix.exe & follow the prompts.
• Install the Recovery Console if prompted.
• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt" .

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

[JSntgRvr]

Due to the lack of feedback this Topic is closed. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!