I think I have the Google redirect virus what do I do?

[Shayleigh]

It started last week 2 days after we got out computer back from the computer Dr. for some fake virus protection spywear program.  I was using google and it kept redirecting me to other search sites.  It was frustrating me so I looked on Yahoo and it seems to fit the symptoms.  I basically know how to use the computer and internet but I kinda get lost when you get into the real technical stuff.  Every site has a different method to get rid of it.  Almost everyone requires downloading something.  I don't know which to trust.  What do I do?    Please help!

Susie

[Asyn]

I don't know which to trust.  What do I do?    Please help!
Susie

If you trust us, we will help you...
asyn

[mikaelrask]

welcome to the forum. lets see if we can solve the problem for you.

i suggest you download, install, update and run a scan with malwarebytes antimalware.

http://www.malwarebytes.org/mbam.php

remove whats it finds. reboot of your system might be necessary.

let us know how it goes and good luck.

[Tenko]

Hey and Welcome Shayleigh!

Download malwarebyes as it was suggested by others and run it in safe mode, not all malware will be active then, by pressing F8 when the computer boots.

If nothing helps try with boot scan from Avast.

Regards,
              Tenko

[Shayleigh]

Nope.  I did the scan in safe mode and Google is still redirecting. 

[mikaelrask]

did malwarebytes detects something? please post the result of the malwarebytes scan.

another suggestion is to scan with superantispyware.

http://www.superantispyware.com/

sometimes it detects things malwarebyes don't an vice versa.

if that should not solve your problem scan with trend micros hijack this and post the result here so we can try to find problem through there.

when i was google the malware i found removeing guide of your malware and it also suggest A-squared as another tool to remove it.

good luck and keep us notified on how it goes.

[SafeSurf]

Hello Shayleigh,

If you are still be redirected and unable to run an MBAM scan, then you have some problems.  As long as you can get on this forum, please check the information on the first post of this thread under Virus/Worms for you to check your machine for malware: http://forum.avast.com/index.php?topic=53253.0. 

Follow the directions for obtaining the OTL logs (you can click on it from the forum to download it from this site).  Post the two (2) OTL log as an attachment (Additional Options > Attach > Browse (the logs will be on your desktop > Post). 

I am going to refer you to our Certified Malware expert, named Essexboy.  He will also review your logs and give you further instructions, however he comes on the forum late UK time.  He will respond to you in this thread, so remember to check this thread daily.  I will continue to provide assistance in the meantime, then remain in the background while he works with you.

IMPORTANT: If you are on a home network, disconnect the affected machine from the network.  Do not share a USB/flash drive with this affected machine.  Do not use this machine unless Essexboy instructs you do to malware removal instructions; use a different machine if possible to check email, sync your phone, etc.

***Please do not make any further changes to your machine after you have provided the logs.***

Let me know if you have any questions.  Thank you.

[Shayleigh]

did malwarebytes detects something? please post the result of the malwarebytes scan.

another suggestion is to scan with superantispyware.

http://www.superantispyware.com/

sometimes it detects things malwarebyes don't an vice versa.

if that should not solve your problem scan with trend micros hijack this and post the result here so we can try to find problem through there.

when i was google the malware i found removeing guide of your malware and it also suggest A-squared as another tool to remove it.

good luck and keep us notified on how it goes.

I'm kinda technically illiterate, so be patient with me.  Are trend micros hijack and A-squared other scanning programs and can I have multiple programs in use on my computer?  Thank you for the help.

[Shayleigh]

Hello Shayleigh,

If you are still be redirected and unable to run an MBAM scan, then you have some problems.  As long as you can get on this forum, please check the information on the first post of this thread under Virus/Worms for you to check your machine for malware: http://forum.avast.com/index.php?topic=53253.0. 

Follow the directions for obtaining the OTL logs (you can click on it from the forum to download it from this site).  Post the two (2) OTL log as an attachment (Additional Options > Attach > Browse (the logs will be on your desktop > Post). 

I am going to refer you to our Certified Malware expert, named Essexboy.  He will also review your logs and give you further instructions, however he comes on the forum late UK time.  He will respond to you in this thread, so remember to check this thread daily.  I will continue to provide assistance in the meantime, then remain in the background while he works with you.

IMPORTANT: If you are on a home network, disconnect the affected machine from the network.  Do not share a USB/flash drive with this affected machine.  Do not use this machine unless Essexboy instructs you do to malware removal instructions; use a different machine if possible to check email, sync your phone, etc.

***Please do not make any further changes to your machine after you have provided the logs.***

Let me know if you have any questions.  Thank you.

I DO run the virus and malware scan every night.  The virus scan found a few things I deleted but the malware found none.  I think the yahoo search is beginning to redirect too.  I'm reluctant to search too often as I fear it might progress the problem or something.  I'm downloading that OTL file you told me about.

[Gargamel360]

I'm kinda technically illiterate, so be patient with me.  Are trend micros hijack and A-squared other scanning programs and can I have multiple programs in use on my computer?  Thank you for the help.

What you want to avoid (especially if you are technically illiterate) is more than one on-access scanner.>>http://en.wikipedia.org/wiki/Real-time_protection

You can have as many on-demand scanners as you like.  Just avoid scanning with them at the same time.  HijackThis is on-demand.  I think A2 can be installed as on-demand also but I'm not positive about that one.

Lucky for you, Avast! forums have Essexboy on-demand.  I would follow Safesurf's posted instructions below, if I where in your situation.

[essexboy]

Hi Susie - looks like the repair guys did not do a proper job..  I have two programmes for you to download and run..  The first is a fixing tool and the second an analysis log for me to peruse

Please read carefully and follow these steps. 

• Download TDSSKiller and save it to your Desktop.
  
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
   
   
  
   
   
  
• If an infected file is detected, the default action will be Cure, click on Continue.
   
   
  
   
   
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
   
   
  
   
   
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
   
   
  
   
   
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  

.
THEN

Download OTL  to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Select All Users
  
• Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Attach all logs to your next post please (it may take two or three posts)

[mikaelrask]

did malwarebytes detects something? please post the result of the malwarebytes scan.

another suggestion is to scan with superantispyware.

http://www.superantispyware.com/

sometimes it detects things malwarebyes don't an vice versa.

if that should not solve your problem scan with trend micros hijack this and post the result here so we can try to find problem through there.

when i was google the malware i found removeing guide of your malware and it also suggest A-squared as another tool to remove it.

good luck and keep us notified on how it goes.

I'm kinda technically illiterate, so be patient with me.  Are trend micros hijack and A-squared other scanning programs and can I have multiple programs in use on my computer?  Thank you for the help.

yes you can use those programs with avast.yeah hijack is a tool that will show what files you have one your computer and from there we should be able to check for the problem that is troubling your computer. a Squard was a tool that I found when I goggle your problem.it was a recommended tool that could solve the problem, but would recommend you use the tools Essexbox suggested.

I'm sorry if my previous post was unclear to you. 

[SafeSurf]

but would recommend you use the tools Essexbox suggested.

I am going to refer you to our Certified Malware expert, named Essexboy.  He will also review your logs and give you further instructions, however he comes on the forum late UK time.  He will respond to you in this thread, so remember to check this thread daily.  I will continue to provide assistance in the meantime, then remain in the background while he works with you.

IMPORTANT: If you are on a home network, disconnect the affected machine from the network.  Do not share a USB/flash drive with this affected machine.  Do not use this machine unless Essexboy instructs you do to malware removal instructions; use a different machine if possible to check email, sync your phone, etc.

***Please do not make any further changes to your machine after you have provided the logs.***

It has been a while since you have been on the forum and I had already referred you to Essexboy, our Certified Malware Expert.  Please follow his instructions for your malware removal.  Thank you.

[Shayleigh]

Sorry for the delayed response.   My mother insisted on taking the computer back tot he Dr.  but they returned it without fixing the problem.  I assure you we are not making it up, every time we type anything in google and now yahoo it directs you to a random shopping site.  

Here are the documents you requested. I hope I did them right.   Thanks for the help.

2010/12/07 05:06:55.0176   TDSS rootkit removing tool 2.4.10.1 Dec  2 2010 12:28:01
2010/12/07 05:06:55.0176   ================================================================================
2010/12/07 05:06:55.0176   SystemInfo:
2010/12/07 05:06:55.0176   
2010/12/07 05:06:55.0176   OS Version: 5.1.2600 ServicePack: 3.0
2010/12/07 05:06:55.0176   Product type: Workstation
2010/12/07 05:06:55.0176   ComputerName: JAKUBEK
2010/12/07 05:06:55.0176   UserName: Home
2010/12/07 05:06:55.0176   Windows directory: C:\WINDOWS
2010/12/07 05:06:55.0176   System windows directory: C:\WINDOWS
2010/12/07 05:06:55.0176   Processor architecture: Intel x86
2010/12/07 05:06:55.0176   Number of processors: 2
2010/12/07 05:06:55.0176   Page size: 0x1000
2010/12/07 05:06:55.0176   Boot type: Normal boot
2010/12/07 05:06:55.0176   ================================================================================
2010/12/07 05:06:55.0551   Initialize success
2010/12/07 05:06:57.0941   ================================================================================
2010/12/07 05:06:57.0941   Scan started
2010/12/07 05:06:57.0941   Mode: Manual;
2010/12/07 05:06:57.0941   ================================================================================
2010/12/07 05:07:01.0160   Aavmker4        (8d488938e2f7048906f1fbd3af394887) C:\WINDOWS\system32\drivers\Aavmker4.sys
2010/12/07 05:07:01.0254   abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2010/12/07 05:07:01.0316   ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/12/07 05:07:01.0363   ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/12/07 05:07:01.0410   adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2010/12/07 05:07:01.0488   aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/12/07 05:07:01.0551   AFD             (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/12/07 05:07:01.0598   agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/12/07 05:07:01.0676   agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2010/12/07 05:07:01.0754   Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2010/12/07 05:07:01.0816   aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2010/12/07 05:07:01.0894   aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2010/12/07 05:07:01.0957   AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2010/12/07 05:07:02.0019   alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2010/12/07 05:07:02.0066   amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2010/12/07 05:07:02.0129   amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2010/12/07 05:07:02.0207   asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2010/12/07 05:07:02.0254   asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2010/12/07 05:07:02.0316   asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2010/12/07 05:07:02.0363   ASCTRM          (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
2010/12/07 05:07:02.0426   aswFsBlk        (a0d86b8ac93ef95620420c7a24ac5344) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010/12/07 05:07:02.0473   aswMon2         (7d880c76a285a41284d862e2d798ec0d) C:\WINDOWS\system32\drivers\aswMon2.sys
2010/12/07 05:07:02.0535   aswRdr          (69823954bbd461a73d69774928c9737e) C:\WINDOWS\system32\drivers\aswRdr.sys
2010/12/07 05:07:02.0566   aswSP           (7ecc2776638b04553f9a85bd684c3abf) C:\WINDOWS\system32\drivers\aswSP.sys
2010/12/07 05:07:02.0598   aswTdi          (095ed820a926aa8189180b305e1bcfc9) C:\WINDOWS\system32\drivers\aswTdi.sys
2010/12/07 05:07:02.0676   AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/12/07 05:07:02.0723   atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/12/07 05:07:02.0785   Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/12/07 05:07:02.0863   audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/12/07 05:07:02.0941   Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/12/07 05:07:03.0004   cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2010/12/07 05:07:03.0035   cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/12/07 05:07:03.0098   cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2010/12/07 05:07:03.0144   Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/12/07 05:07:03.0223   Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/12/07 05:07:03.0269   Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/12/07 05:07:03.0332   cercsr6         (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
2010/12/07 05:07:03.0441   CmdIde          (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2010/12/07 05:07:03.0504   Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2010/12/07 05:07:03.0582   dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2010/12/07 05:07:03.0660   dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2010/12/07 05:07:03.0738   Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/12/07 05:07:03.0801   DLABMFSM        (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
2010/12/07 05:07:03.0832   DLABOIOM        (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
2010/12/07 05:07:03.0894   DLACDBHM        (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
2010/12/07 05:07:03.0941   DLADResM        (5615744a1056933b90e6ac54feb86f35) C:\WINDOWS\system32\DLA\DLADResM.SYS
2010/12/07 05:07:04.0004   DLAIFS_M        (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
2010/12/07 05:07:04.0051   DLAOPIOM        (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
2010/12/07 05:07:04.0113   DLAPoolM        (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
2010/12/07 05:07:04.0176   DLARTL_M        (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
2010/12/07 05:07:04.0223   DLAUDFAM        (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
2010/12/07 05:07:04.0254   DLAUDF_M        (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
2010/12/07 05:07:04.0348   dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/12/07 05:07:04.0488   dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/12/07 05:07:04.0551   dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/12/07 05:07:04.0629   DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/12/07 05:07:04.0738   dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2010/12/07 05:07:04.0848   drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/12/07 05:07:04.0910   DRVMCDB         (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
2010/12/07 05:07:04.0957   DRVNDDM         (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

[Shayleigh]

2010/12/07 05:07:05.0066   DSproct         (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2010/12/07 05:07:05.0160   dsunidrv        (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
2010/12/07 05:07:05.0207   E100B           (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2010/12/07 05:07:05.0316   e1express       (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2010/12/07 05:07:05.0535   Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/12/07 05:07:05.0566   Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/12/07 05:07:05.0598   Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/12/07 05:07:05.0644   Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/12/07 05:07:05.0676   FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/12/07 05:07:05.0723   Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/12/07 05:07:05.0785   Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/12/07 05:07:05.0863   GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2010/12/07 05:07:05.0894   Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/12/07 05:07:05.0941   HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/12/07 05:07:05.0988   HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/12/07 05:07:06.0051   hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2010/12/07 05:07:06.0098   HPZid412        (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2010/12/07 05:07:06.0144   HPZipr12        (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2010/12/07 05:07:06.0207   HPZius12        (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2010/12/07 05:07:06.0269   HSFHWBS2        (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
2010/12/07 05:07:06.0332   HSF_DP          (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2010/12/07 05:07:06.0426   HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/12/07 05:07:06.0488   i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2010/12/07 05:07:06.0535   i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2010/12/07 05:07:06.0613   i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/12/07 05:07:06.0848   ialm            (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2010/12/07 05:07:07.0035   iaStor          (2358c53f30cb9dcd1d3843c4e2f299b2) C:\WINDOWS\system32\drivers\iaStor.sys
2010/12/07 05:07:07.0082   Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/12/07 05:07:07.0129   ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2010/12/07 05:07:07.0285   IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010/12/07 05:07:07.0473   IntelIde        (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/12/07 05:07:07.0535   intelppm        (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/12/07 05:07:07.0566   Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/12/07 05:07:07.0629   IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/12/07 05:07:07.0676   IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/12/07 05:07:07.0738   IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/12/07 05:07:07.0816   IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/12/07 05:07:07.0863   IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/12/07 05:07:07.0926   isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/12/07 05:07:08.0019   Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/12/07 05:07:08.0066   kbdhid          (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/12/07 05:07:08.0113   kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/12/07 05:07:08.0176   KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/12/07 05:07:08.0285   mdmxsdk         (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2010/12/07 05:07:08.0348   mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/12/07 05:07:08.0394   Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/12/07 05:07:08.0441   MODEMCSA        (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2010/12/07 05:07:08.0488   Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/12/07 05:07:08.0535   mouhid          (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/12/07 05:07:08.0582   MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/12/07 05:07:08.0613   mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2010/12/07 05:07:08.0660   MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/12/07 05:07:08.0754   MRxSmb          (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/12/07 05:07:08.0816   Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/12/07 05:07:08.0863   MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/12/07 05:07:08.0910   MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/12/07 05:07:08.0941   MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/12/07 05:07:08.0988   mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/12/07 05:07:09.0019   Mup             (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/12/07 05:07:09.0082   NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/12/07 05:07:09.0129   NdisTapi        (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/12/07 05:07:09.0160   Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/12/07 05:07:09.0176   NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/12/07 05:07:09.0254   NDProxy         (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/12/07 05:07:09.0301   NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/12/07 05:07:09.0363   NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/12/07 05:07:09.0426   Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/12/07 05:07:09.0473   Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/12/07 05:07:09.0519   Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/12/07 05:07:09.0598   nv              (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/12/07 05:07:09.0707   NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/12/07 05:07:09.0957   NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9)