1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

S-1-5-21 Virus: Hidden User

Discussion in 'Virus & Other Malware Removal' started by pollyproof23, Dec 29, 2012.

Thread Status:
Not open for further replies.
  1. pollyproof23

    pollyproof23 Thread Starter

    Joined:
    Dec 29, 2012
    Messages:
    3
    This S-1-5-21 shows up on my users when i click file properties, and then dissappears. I also read where someone on this forum with the same problem, their screen would change to blue. I get blue dots on my screen but I think that is because my background is stuck on solid colors. My load up is very slow recently and my fingerprint scanner messes up now and I keep getting error codes. All help is appreciated and thank you for taking the time to read my post.

    Logs>>

    HiJackThis:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:37:40 PM, on 12/29/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
    c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files (x86)\RocketDock\RocketDock.exe
    C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
    C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files (x86)\HP\Button Manager\BM.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    C:\Windows\Samsung\PanelMgr\SSMMgr.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\klwtblfs.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Users\Jarrett\Desktop\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
    O2 - BHO: HelloWorldBHO - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
    O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
    O3 - Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
    O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    O4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
    O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [Grid] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe"
    O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
    O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [dcomhost] rundll32 "C:\Users\Jarrett\AppData\Local\Temp\dialperf.dll",DllEntryPoint
    O4 - HKCU\..\Run: [Bamboo Dock] "C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe"
    O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [dcomexec] rundll32 "C:\Users\Jarrett\AppData\Local\Temp\dialetup.dll",DllGetVersion
    O4 - HKCU\..\Run: [NVIDIA Media Center Library] C:\Users\Jarrett\Jarrett1\winlogon.exe
    O4 - HKCU\..\Run: [UnifiedRemoteServer] C:\Program Files (x86)\Relmtech\Unified Remote\UnifiedRemoteServer.exe
    O4 - HKCU\..\Run: [Unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: HP Button Manager.lnk = ?
    O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files (x86)\Wireless LAN\WlanUtil.exe
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files (x86)\Common Files\VistaRunApp.exe
    O4 - Global Startup: PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
    O9 - Extra button: ShopperReports - Compare product prices - {DB38E21A-0133-419d-92AD-ECDFD5244D6D} - (no file)
    O9 - Extra button: ShopperReports - Compare travel rates - {EB620C54-E229-4942-87CE-E717109FC8C6} - (no file)
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
    O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} (Enlite 2.x Simulation Engine Installer) - http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.1.01\AllShareFrameworkManagerDMS.exe
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)
    O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Program Files\WTouch\WTouchService.exe
    --
    End of file - 16668 bytes


    DDS:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16457
    Run by Jarrett at 14:29:31 on 2012-12-29
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6143.3572 [GMT -6:00]
    .
    AV: Kaspersky Anti-Virus *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
    SP: Kaspersky Anti-Virus *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\WTouch\WTouchService.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Protector Suite\upeksvr.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Samsung\AllShare Framework DMS\1.1.01\AllShareFrameworkManagerDMS.exe
    C:\Program Files\Samsung\AllShare Framework DMS\1.1.01\AllShareFrameworkDMS.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
    c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\Pen_Tablet.exe
    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\WTouch\WTouchUser.exe
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Windows\system32\WTablet\Pen_TabletUser.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\Pen_Tablet.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Windows\system32\SearchIndexer.exe
    c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
    c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe
    C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
    C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    C:\Program Files\Zune\ZuneLauncher.exe
    C:\Program Files\Protector Suite\psqltray.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
    C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files (x86)\RocketDock\RocketDock.exe
    C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
    C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
    C:\Program Files (x86)\ATI Technologies\HydraVision\Grid64.exe
    C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files (x86)\HP\Button Manager\BM.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Samsung\AllShare Play\AllShare Play.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    C:\Windows\Samsung\PanelMgr\SSMMgr.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
    C:\Windows\Samsung\PanelMgr\caller64.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\klwtblfs.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
    uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
    mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - <orphaned>
    BHO: hpBHO Class: {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
    TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
    EB: {BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} - <orphaned>
    uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
    uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
    uRun: [Grid] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe"
    uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
    uRun: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
    uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    uRun: [dcomhost] rundll32 "C:\Users\Jarrett\AppData\Local\Temp\dialperf.dll",DllEntryPoint
    uRun: [Bamboo Dock] "C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe"
    uRun: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
    uRun: [dcomexec] rundll32 "C:\Users\Jarrett\AppData\Local\Temp\dialetup.dll",DllGetVersion
    uRun: [NVIDIA Media Center Library] C:\Users\Jarrett\Jarrett1\winlogon.exe
    uRun: [UnifiedRemoteServer] C:\Program Files (x86)\Relmtech\Unified Remote\UnifiedRemoteServer.exe
    uRun: [Unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    mRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
    StartupFolder: C:\Users\Jarrett\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPBUTT~1.LNK - C:\Program Files (x86)\HP\Button Manager\BM.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\IEEE80~1.LNK - C:\Program Files (x86)\Wireless LAN\WlanUtil.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\Common Files\VistaRunApp.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: DisableCAD = dword:1
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
    IE: {DB38E21A-0133-419d-92AD-ECDFD5244D6D} - {3E2DFD6A-4E20-4d4c-AA8B-E1F9DBEF3C80} - <orphaned>
    IE: {EB620C54-E229-4942-87CE-E717109FC8C6} - {714E0876-FCEE-49ce-A429-B9AD8AEFCB56} - <orphaned>
    DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab
    DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
    DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 75.75.76.76 75.75.75.75
    TCP: Interfaces\{08338A68-A464-4B6C-9246-73895106F531} : DHCPNameServer = 75.75.76.76 75.75.75.75
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    SSODL: WebCheck - <orphaned>
    LSA: Notification Packages = scecli C:\Program Files\Protector Suite\psqlpwd.dll
    x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
    x64-mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
    x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
    x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
    x64-Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
    x64-Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
    x64-Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
    x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
    x64-Run: [PSQLLauncher] "C:\Program Files\Protector Suite\launcher.exe" /startup
    x64-Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
    x64-Run: [AllShare Play] C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
    x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Notify: igfxcui - igfxdev.dll
    x64-Notify: psfus - C:\Program Files\Protector Suite\psqlpwd.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-6-9 52856]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
    R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54104]
    R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178008]
    R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
    R2 AllShare Framework DMS;AllShare Framework DMS;C:\Program Files\Samsung\AllShare Framework DMS\1.1.01\AllShareFrameworkManagerDMS.exe [2012-7-6 32768]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-10-6 202752]
    R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -r [?]
    R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2008-4-30 11576]
    R2 TabletServicePen;TabletServicePen;C:\Windows\System32\Pen_Tablet.exe [2010-6-9 5556520]
    R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2009-11-24 104960]
    R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2010-6-9 127784]
    R3 appliandMP;appliandMP;C:\Windows\System32\drivers\appliand.sys [2010-6-24 33888]
    R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-10-25 29016]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-10-25 29528]
    R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
    R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-11-11 239616]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 appliand;Applian Network Service;C:\Windows\System32\drivers\appliand.sys [2010-6-24 33888]
    S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2009-11-24 19968]
    S3 athrusb6;Atheros Wireless LAN USB device driver 6 Series;C:\Windows\System32\drivers\athrxu6.sys [2007-7-5 1041920]
    S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-1-16 59392]
    S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2010-6-9 18216]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-30 1255736]
    .
    =============== Created Last 30 ================
    .
    2012-12-28 13:54:00 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4C27422B-82DB-4B1D-A93E-974F909C6071}\mpengine.dll
    2012-12-21 15:08:07 16363960 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-12-21 07:43:23 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2012-12-21 07:43:23 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2012-12-21 07:43:23 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2012-12-21 07:43:23 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2012-12-21 07:33:10 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-12-20 08:34:20 64856 ----a-w- C:\Windows\System32\klfphc.dll
    2012-12-20 08:33:37 -------- d-----w- C:\Windows\ELAMBKUP
    2012-12-13 01:13:16 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2012-12-13 01:13:16 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-12-13 01:13:04 3149824 ----a-w- C:\Windows\System32\win32k.sys
    2012-12-13 01:11:58 478208 ----a-w- C:\Windows\System32\dpnet.dll
    2012-12-13 01:11:58 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
    2012-12-02 04:29:50 -------- d-----w- C:\Users\Jarrett\AppData\Roaming\Philipp Winterberg
    2012-12-02 04:29:47 -------- d-----w- C:\Program Files (x86)\Free RAR Extract Frog
    .
    ==================== Find3M ====================
    .
    2012-12-28 17:58:46 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-20 17:19:43 54104 ----a-w- C:\Windows\System32\drivers\kltdi.sys
    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-10-25 23:23:06 29528 ----a-w- C:\Windows\System32\drivers\klmouflt.sys
    2012-10-25 23:23:06 29016 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys
    2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
    2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
    2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
    2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
    2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
    2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
    2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll
    2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
    2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
    2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
    2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
    2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
    2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
    2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
    2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
    2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
    2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
    2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
    2007-01-06 15:09:26 208896 ----a-w- C:\Program Files (x86)\Common Files\VistaRunApp.exe
    .
    ============= FINISH: 14:30:18.74 ===============
     

    Attached Files:

    pollyproof23, Dec 29, 2012
    #1
  2. pollyproof23

    pollyproof23 Thread Starter

    Joined:
    Dec 29, 2012
    Messages:
    3
    Hello, is there someone who can help me?
     
    pollyproof23, Jan 3, 2013
    #2
  3. pollyproof23

    pollyproof23 Thread Starter

    Joined:
    Dec 29, 2012
    Messages:
    3
    Bump
     
    pollyproof23, Jan 4, 2013
    #3
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Virus Hidden User
  1. prncsclo

    New Could Be A Virus??

    prncsclo, Oct 20, 2019 at 4:22 PM, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    34
    prncsclo
    Oct 20, 2019 at 4:22 PM
  2. Baggio

    In Progress Potential Virus

    Baggio, Oct 19, 2019 at 2:21 PM, in forum: Virus & Other Malware Removal
    Replies:
    4
    Views:
    120
    iMacg3
    Oct 20, 2019 at 1:45 PM
  3. Timon76

    New virus

    Timon76, Oct 11, 2019, in forum: Virus & Other Malware Removal
    Replies:
    1
    Views:
    129
    Cookiegal
    Oct 11, 2019
  4. K1979

    Solved Trojan Virus Worry

    K1979, Sep 27, 2019, in forum: Virus & Other Malware Removal
    Replies:
    26
    Views:
    1,128
    iMacg3
    Oct 18, 2019 at 10:53 PM
  5. Prasadhrhp

    In Progress Virus removal tool

    Prasadhrhp, Sep 25, 2019, in forum: Virus & Other Malware Removal
    Replies:
    1
    Views:
    408
    iMacg3
    Sep 26, 2019
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1082909

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice