1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer Constantly redirects in I.E.

Discussion in 'Virus & Other Malware Removal' started by JoelJ, Nov 16, 2011.

Thread Status:
Not open for further replies.
  1. JoelJ

    JoelJ Thread Starter

    Joined:
    Nov 16, 2011
    Messages:
    1
    Hello,
    My computer browser is constantly redirecting to the wrong site. Please help! Logs attached.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:58:56 AM, on 11/16/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    Running processes:
    C:\Program Files\Webroot\WRSA.exe
    C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
    C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Program Files (x86)\AIM\aim.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    C:\Program Files (x86)\PayPal Payment Request Wizard\QB US edition\OEHook.exe
    C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe
    C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
    c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\owner\Desktop\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: ShopAtHome.com Toolbar - {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Program Files (x86)\ShopAtHome\tbcore3U.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [hpsysdrv] "c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    O4 - HKLM\..\Run: [Intuit SyncManager] "C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" startup
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [BrMfcWnd] "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun
    O4 - HKLM\..\Run: [BlackBerryAutoUpdate] "C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" /background
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [HPADVISOR] "C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" autorun=AUTORUN
    O4 - HKCU\..\Run: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - Global Startup: PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    O4 - Global Startup: QuickBooks US Plugin.lnk = ?
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
    O16 - DPF: {C2ED62BE-4FF5-4FAF-9274-3BA328DCA35C} (TimeTrackingV2.UserControl1) - https://timetracking.quickbooks.com/ocx/tts/TimeTrackingV2.ocx
    O16 - DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} (RingCentral Message Player Control) - https://service.ringcentral.com/ActiveX/RingCentral_Message_Player.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: intu-help-qb3 - {C5E479EA-0A65-4B05-8C6C-2FC8CC682EB4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll
    O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD RAIDXpert (AMD_RAIDXpert) - AMD - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: lxecCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe
    O23 - Service: lxec_device - - C:\Windows\system32\lxeccoms.exe
    O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: WRSVC - Webroot - C:\Program Files\Webroot\WRSA.exe
    --
    End of file - 15411 bytes


    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by owner at 12:06:23 on 2011-11-16
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8184.6034 [GMT -5:00]
    .
    AV: Webroot SecureAnywhere *Enabled/Updated* {53211D91-0C31-95F2-E3A5-7661FB22889E}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Webroot SecureAnywhere *Enabled/Updated* {E840FC75-2A0B-9A7C-D915-4D1380A5C223}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files\Webroot\WRSA.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
    C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\lxeccoms.exe
    C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
    C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Webroot\WRSA.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
    C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Program Files (x86)\AIM\aim.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    C:\Program Files (x86)\PayPal Payment Request Wizard\QB US edition\OEHook.exe
    C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe
    C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\taskeng.exe
    c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\SysWOW64\WinMsgBalloonServer.exe
    C:\Windows\SysWOW64\WinMsgBalloonClient.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\REGSVR32.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uSearch Page =
    uSearch Bar =
    uInternet Settings,ProxyOverride = *.local
    mSearchAssistant =
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: ShopAtHome.com Toolbar: {66516a07-f617-488a-90cf-4e690cfb3c5f} - C:\Program Files (x86)\ShopAtHome\tbcore3U.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
    BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    uRun: [HPADVISOR] "C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" autorun=AUTORUN
    uRun: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    mRun: [hpsysdrv] "c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [HP Software Update] "c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
    mRun: [<NO NAME>]
    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    mRun: [Intuit SyncManager] "C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" startup
    mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
    mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    mRun: [BrMfcWnd] "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN
    mRun: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun
    mRun: [BlackBerryAutoUpdate] "C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" /background
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\PayPal Payment Request Wizard\QB US edition\OEHook.exe
    uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {C2ED62BE-4FF5-4FAF-9274-3BA328DCA35C} - hxxps://timetracking.quickbooks.com/ocx/tts/TimeTrackingV2.ocx
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} - hxxps://service.ringcentral.com/ActiveX/RingCentral_Message_Player.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{B945AC73-89F9-493B-95D6-3FC836709611} : DhcpNameServer = 66.174.95.44 69.78.96.14
    TCP: Interfaces\{E29D7A26-DAF3-4F3F-8796-4482F6715FF1} : DhcpNameServer = 192.168.1.229
    TCP: Interfaces\{FA94D0AA-568A-4DCA-BB37-6E76DD2CA3F1} : DhcpNameServer = 192.168.1.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: ShopAtHome.com Toolbar: {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Program Files (x86)\ShopAtHome\tbcore3U.dll
    BHO-X64: ShopAtHome.com Toolbar - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO-X64: SmartSelect - No File
    TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    mRun-x64: [hpsysdrv] "c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [HP Software Update] "c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
    mRun-x64: [(Default)]
    mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    mRun-x64: [Intuit SyncManager] "C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" startup
    mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
    mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    mRun-x64: [BrMfcWnd] "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN
    mRun-x64: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun
    mRun-x64: [BlackBerryAutoUpdate] "C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" /background
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 ahcix64s;ahcix64s;C:\Windows\system32\DRIVERS\ahcix64s.sys --> C:\Windows\system32\DRIVERS\ahcix64s.sys [?]
    R0 WRkrn;WRkrn;C:\Windows\system32\drivers\WRkrn.sys --> C:\Windows\system32\drivers\WRkrn.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/02/22 18:44:19];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-2-22 146928]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-9-19 122880]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
    R2 lxec_device;lxec_device;C:\Windows\system32\lxeccoms.exe -service --> C:\Windows\system32\lxeccoms.exe -service [?]
    R2 MotoConnect Service;MotoConnect Service;C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-6-24 91456]
    R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2011-11-7 605272]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\system32\drivers\ScreamingBAudio64.sys --> C:\Windows\system32\drivers\ScreamingBAudio64.sys [?]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-12 136176]
    S2 lxecCATSCustConnectService;lxecCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxecserv.exe [2010-12-28 45736]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-12 136176]
    S3 htcusbnet;HTC USB-NDIS miniport;C:\Windows\system32\DRIVERS\htcusbnet.sys --> C:\Windows\system32\DRIVERS\htcusbnet.sys [?]
    S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\system32\DRIVERS\motccgp.sys --> C:\Windows\system32\DRIVERS\motccgp.sys [?]
    S3 motccgpfl;MotCcgpFlService;C:\Windows\system32\DRIVERS\motccgpfl.sys --> C:\Windows\system32\DRIVERS\motccgpfl.sys [?]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
    .
    =============== Created Last 30 ================
    .
    2011-11-16 16:33:49 -------- d-----w- C:\Users\owner\AppData\Local\{5ABE1CA3-52D2-40FB-BC4D-4DBBBAC704E5}
    2011-11-16 16:33:37 -------- d-----w- C:\Users\owner\AppData\Local\{BF772EFA-F864-42D7-81C7-A0FBDF8A4D76}
    2011-11-16 16:27:09 -------- d-----w- C:\Windows\pss
    2011-11-16 16:12:13 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
    2011-11-16 16:12:13 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
    2011-11-16 16:12:07 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2011-11-16 16:12:04 3144704 ----a-w- C:\Windows\System32\win32k.sys
    2011-11-16 16:11:47 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70EF85E3-6D55-439D-A76F-DB7BDA7BB6E8}\offreg.dll
    2011-11-16 16:11:43 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70EF85E3-6D55-439D-A76F-DB7BDA7BB6E8}\mpengine.dll
    2011-11-16 15:34:12 -------- d-----w- C:\Users\owner\AppData\Local\{12914C64-F032-42EB-8C9A-28B849EDDF37}
    2011-11-16 15:15:23 -------- d-----w- C:\Users\owner\AppData\Local\{13CF712F-B3F4-4DF9-B0DF-3D19EF2EDAFC}
    2011-11-16 02:52:35 -------- d-----w- C:\Users\owner\AppData\Local\{753E1560-8D13-4D59-8E8C-4E027EC1D348}
    2011-11-16 02:52:23 -------- d-----w- C:\Users\owner\AppData\Local\{29FA74D3-83DF-4389-9C2D-6E01602BFCB7}
    2011-11-16 00:52:55 -------- d-----w- C:\ProgramData\AVAST Software
    2011-11-16 00:52:55 -------- d-----w- C:\Program Files\AVAST Software
    2011-11-15 14:44:44 -------- d-----w- C:\Users\owner\AppData\Local\{651012FE-0165-4117-8652-72666FB887DC}
    2011-11-15 14:44:21 -------- d-----w- C:\Users\owner\AppData\Local\{21F0F854-D783-449F-A923-0D4E695FAFC7}
    2011-11-15 02:36:22 -------- d-----w- C:\Users\owner\AppData\Roaming\Malwarebytes
    2011-11-15 02:36:11 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-11-15 02:36:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-11-15 02:33:58 -------- d-----w- C:\Users\owner\AppData\Roaming\Sammsoft
    2011-11-14 21:27:25 -------- d-----w- C:\Users\owner\AppData\Local\Mozilla
    2011-11-14 21:26:21 646104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
    2011-11-14 21:26:20 924632 ----a-w- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    2011-11-14 14:52:51 -------- d-----w- C:\Users\owner\AppData\Local\{98D72AF2-32DA-4CDC-BF3A-56825EDBF552}
    2011-11-14 14:52:35 -------- d-----w- C:\Users\owner\AppData\Local\{8E7BB4B4-4EB7-415A-A1A2-0EF0783D44BA}
    2011-11-11 17:31:43 -------- d-----w- C:\Users\owner\AppData\Local\{8037FFC4-47C0-406A-813F-2BB503F49FB2}
    2011-11-11 17:31:23 -------- d-----w- C:\Users\owner\AppData\Local\{513E584E-08A0-4BD6-8CA4-A2BD269A7AF1}
    2011-11-10 08:25:09 -------- d-----w- C:\Users\owner\AppData\Local\{7D02A3EF-2108-4886-B78F-2410E6C8C24A}
    2011-11-10 08:24:51 -------- d-----w- C:\Users\owner\AppData\Local\{E2299529-A2A8-459A-962E-C0956E70A255}
    2011-11-07 15:09:47 -------- d-----w- C:\Users\owner\AppData\Local\{A8E70D11-A3BF-46E1-88ED-A67CAC38270B}
    2011-11-07 15:08:36 -------- d-----w- C:\Users\owner\AppData\Local\{C3DB3215-B056-41EC-9E7A-58BD01B91B54}
    2011-11-07 15:00:40 -------- d-----we C:\Windows\system64
    2011-11-07 14:34:58 91832 ----a-w- C:\Windows\System32\WRusr.dll
    2011-11-07 14:34:58 140760 ----a-w- C:\Windows\SysWow64\WRusr.dll
    2011-11-07 14:34:58 107336 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
    2011-11-07 14:34:55 -------- d-----w- C:\Program Files\Webroot
    2011-11-07 14:34:52 -------- d-----w- C:\ProgramData\WRData
    2011-11-07 14:28:52 -------- d-----w- C:\Users\owner\AppData\Local\{C19B13B3-9D6C-457B-B0D4-3DA86AE6BA98}
    2011-11-07 14:28:35 -------- d-----w- C:\Users\owner\AppData\Local\{08B4334B-BA67-4461-967E-BD133D99C31D}
    2011-11-03 14:02:54 -------- d--h--w- C:\Users\owner\AppData\Local\{D71DDE40-67F4-4381-A09A-B2729AE35DD4}
    2011-11-02 21:00:30 -------- d--h--w- C:\Users\owner\AppData\Local\{AA23C819-CC98-4602-AA9F-05750D1587B2}
    2011-11-02 20:58:55 -------- d--h--w- C:\Users\owner\AppData\Local\{A4E70B31-E39D-4DCC-9DEC-2DEB206C8149}
    2011-11-01 15:13:28 -------- d--h--w- C:\Users\owner\AppData\Roaming\AVS4YOU
    2011-11-01 15:13:01 -------- d--h--w- C:\ProgramData\AVS4YOU
    2011-11-01 15:12:40 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia
    2011-11-01 15:12:40 -------- d-----w- C:\Program Files (x86)\AVS4YOU
    2011-11-01 15:04:18 -------- d--h--w- C:\Users\owner\AppData\Roaming\Softplicity
    2011-11-01 15:04:16 -------- d--h--w- C:\Users\owner\AppData\Local\{D48EC98D-64BE-44F5-A468-79A5BCA6DED4}
    2011-11-01 15:04:05 -------- d--h--w- C:\Users\owner\AppData\Local\{62589421-B745-446D-81CF-6CA3ACB2DDD9}
    2011-10-31 18:46:47 -------- d--h--w- C:\Users\owner\AppData\Local\{3A6DBE60-6981-4F9F-9E27-E3F5299510E5}
    2011-10-31 18:45:17 -------- d--h--w- C:\Users\owner\AppData\Local\{04FFBCA0-81A4-45B5-831C-1DA4FAB4BB89}
    2011-10-29 21:13:58 -------- d-----w- C:\Program Files (x86)\ShopAtHome
    2011-10-27 14:11:38 -------- d--h--w- C:\Users\owner\AppData\Local\{801197A9-810B-493D-A631-48F014F6EF8B}
    2011-10-26 21:09:44 -------- d--h--w- C:\Users\owner\AppData\Local\{5FDA446A-5D7E-4601-998B-89C03293563F}
    2011-10-26 21:08:06 -------- d--h--w- C:\Users\owner\AppData\Local\{0BC94C8F-F128-4820-8121-DD0C7EF06EC5}
    2011-10-21 13:41:12 -------- d--h--w- C:\Users\owner\AppData\Local\{EA5EEEC5-D4BC-407F-8064-AE3C415237CE}
    2011-10-20 20:08:51 -------- d--h--w- C:\Users\owner\AppData\Local\{C07E9C94-C15C-4287-8CF8-01263C239EB4}
    2011-10-20 20:07:30 -------- d--h--w- C:\Users\owner\AppData\Local\{14BA85AD-8482-41D3-B22D-04D0B4ED6131}
    2011-10-18 14:56:20 -------- d--h--w- C:\Users\owner\AppData\Local\Apple Computer
    2011-10-18 14:55:59 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
    2011-10-18 14:55:59 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
    2011-10-18 14:55:59 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
    2011-10-18 14:55:23 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
    2011-10-18 14:55:23 -------- d-----w- C:\Program Files\iTunes
    2011-10-18 14:55:23 -------- d-----w- C:\Program Files\iPod
    2011-10-18 14:55:23 -------- d-----w- C:\Program Files (x86)\iTunes
    2011-10-18 14:54:33 -------- d-----w- C:\Program Files\Bonjour
    2011-10-18 14:54:33 -------- d-----w- C:\Program Files (x86)\Bonjour
    2011-10-17 22:12:39 -------- d-----w- C:\Windows\en
    2011-10-17 22:09:18 18328 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-10-17 21:57:33 -------- d--h--w- C:\Users\owner\AppData\Local\{0EA9F6A2-40F9-411A-A54F-5B78135E35F1}
    2011-10-17 21:55:57 -------- d--h--w- C:\Users\owner\AppData\Local\{78FBFD99-FE41-40C2-A5F5-C155C4B5326B}
    2011-10-17 21:29:54 -------- d--h--w- C:\Users\owner\AppData\Local\{04E14969-8259-4455-A78B-B9B1A1ACAA69}
    2011-10-17 21:28:04 -------- d--h--w- C:\Users\owner\AppData\Local\{9FE9EBE2-3244-4668-9F54-18A99269CAA6}
    .
    ==================== Find3M ====================
    .
    2011-09-23 17:03:46 2024465 ---ha-w- C:\ProgramData\SPL2E6C.tmp
    2011-09-23 16:50:11 1423285 ---ha-w- C:\ProgramData\SPLBDC3.tmp
    2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
    2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
    2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-08-31 03:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe
    2011-08-31 03:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll
    2011-08-31 03:05:32 61288 ----a-w- C:\Windows\System32\jdns_sd.dll
    2011-08-31 03:05:32 212840 ----a-w- C:\Windows\System32\dnssdX.dll
    2011-08-31 03:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
    2011-08-31 03:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
    2011-08-31 03:05:04 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
    2011-08-31 03:05:04 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll
    2011-08-30 18:27:52 2568380 ---ha-w- C:\ProgramData\SPLC2E8.tmp
    2011-08-27 05:37:49 861696 ----a-w- C:\Windows\System32\oleaut32.dll
    2011-08-27 05:37:48 331776 ----a-w- C:\Windows\System32\oleacc.dll
    2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
    2011-08-27 04:26:27 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
    2011-08-26 22:31:54 227587 ---ha-w- C:\ProgramData\SPL9C00.tmp
    .
    ============= FINISH: 12:15:11.44 ===============
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1027113

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice