Inactive Need some help finding

[micah smith]

Hi, I hope someone can help me. I'm not sure that I have a virus or spyware, but I'm assuming so. There haven't been any major problems going on but several small ones that I'm assuming aren't normal. The latest is the fact that internet exporer keeps popping up with "about" blank page. I don't use internet explorer ever, so I'm not sure what's going on. I typically only use firefox and on occasion if firefox is having issues chrome for a very short time. I have added no extensions or add ons to chrome or ie, I've only added them to firefox. I currently run a paid version of trend micro, and free version of malware bites. In the past few weeks I've downloaded several of the top rated other ones from CNET, ran them once and uninstalled them all except for the 2 listed above. My internet also has a lot of freezing issues. Theres also some crap called strongvault I recently discovered on my computer and thought I had rid myself of them but looking at the logs created it appears I haven't so any help with that is appreciated!

.
=============



DS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by micah and jesse at 16:33:05 on 2012-12-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8087.4981 [GMT -6:00]
.
AV: Trend Micro Titanium 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Ditto\Ditto.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\VTech\DownloadManager\System\DownloadManager.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe
C:\Windows\notepad.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\micah and jesse\VECTOR AND CLIPART\FONTS\FONTS\HijackThis.exe
C:\Windows\SysWow64\NOTEPAD.EXE
C:\Windows\SysWow64\NOTEPAD.EXE
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = Preserve
mStart Page = hxxp://search.babylon.com/?affID=117087&tt=4712_7&babsrc=HP_ss&mntrId=aec2b70c000000000000844bf5224b1d
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: {0EEDB912-C5FA-486F-8334-57288578C627} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
BHO: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - <orphaned>
BHO: {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
BHO: Microsoft SPFS Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [Ditto] C:\Program Files (x86)\Ditto\Ditto.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727"
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRunOnce: [PhotoCollageMaxunstall] <no file>
StartupFolder: C:\Users\MICAHA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with &Shareaza - C:\Program Files (x86)\Shareaza\RazaWebHook32.dll/3000
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{AA02AE61-F9AF-4B69-A610-B4C32D86B508} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{AA02AE61-F9AF-4B69-A610-B4C32D86B508} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D0610DB2-514F-4C91-AD31-6640458A6D56} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\16474777966696 : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\16474777966696 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\4656661657C647 : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\4656661657C647 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\54C602451636F602245756E6F6 : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\54C602451636F602245756E6F6 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\948414455484F4553545F4E4 : DHCPNameServer = 192.168.2.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: {0EEDB912-C5FA-486F-8334-57288578C627} - <orphaned>
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-BHO: Microsoft SPFS Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\npspwrap.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Users\micah and jesse\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-11-14 19:56; {38783831-6098-4faa-A9C9-1EE1E343F4D2}; C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
FF - ExtSQL: 2012-11-15 11:27; {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
FF - ExtSQL: 2012-11-21 16:12; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2012-11-24 02:48; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-11-24 12:08; autocopy2@teo.pl; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\autocopy2@teo.pl.xpi
FF - ExtSQL: 2012-11-24 12:08; rainbow@colors.org; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\rainbow@colors.org.xpi
FF - ExtSQL: 2012-11-24 12:08; sortbookmarks@bouanto; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\sortbookmarks@bouanto.xpi
FF - ExtSQL: 2012-11-24 12:08; youtubeunblocker@unblocker.yt; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\youtubeunblocker@unblocker.yt.xpi
FF - ExtSQL: 2012-11-24 12:08; {E71B541F-5E72-5555-A47C-E47863195841}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{E71B541F-5E72-5555-A47C-E47863195841}
FF - ExtSQL: 2012-11-29 02:58; {cd617375-6743-4ee8-bac4-fbf10f35729e}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
FF - ExtSQL: 2012-12-01 17:55; {dc572301-7619-498c-a57d-39143191b318}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF - ExtSQL: 2012-12-09 20:31; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF - ExtSQL: 2012-12-09 21:07; web2pdfextension@web2pdf.adobedotcom; C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF - ExtSQL: 2012-12-11 22:40; artur.dubovoy@gmail.com; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2012-12-15 21:36; {1280606b-2510-4fe0-97ef-9b5a22eafe30}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
FF - ExtSQL: 2012-12-15 23:19; jid0-vIQLXACIhaAd4GQzLBL1RSeoaKk@jetpack; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\jid0-vIQLXACIhaAd4GQzLBL1RSeoaKk@jetpack.xpi
FF - ExtSQL: 2012-12-17 22:41; {22C7F6C6-8D67-4534-92B5-529A0EC09405}; C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2011-12-5 16152]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-11-19 56336]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-12-26 77184]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-12-26 275912]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2012-11-26 168448]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-11-26 131072]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2012-10-15 1641320]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-7-29 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-7-29 161560]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-10-22 72216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-24 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-24 676936]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-10-20 1494144]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-29 363800]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-7-29 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2011-12-5 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2011-12-5 785688]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-24 25928]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-7-29 1860672]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-7-29 565352]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2011-10-13 20016]
R3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-7-16 401256]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2012-9-20 33872]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-8-23 57280]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-8-28 69640]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-7-29 259688]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-18 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
FileExt: .jse: JSEFile=C:\Windows\SysWow64\WScript.exe "%1" %*
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-27 05:53:28 105744 ----a-w- C:\Windows\System32\drivers\tmtdi.sys
2012-12-27 05:52:53 77184 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys
2012-12-27 05:52:53 173504 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2012-12-27 05:52:53 107048 ----a-w- C:\Windows\System32\drivers\tmactmon.sys
2012-12-27 05:50:57 -------- d-----w- C:\Program Files\Trend Micro
2012-12-27 05:48:11 -------- d-----r- C:\Users\micah and jesse\Desktop 2
2012-12-27 04:43:31 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
2012-12-27 03:09:05 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-12-26 07:25:11 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Trillian
2012-12-25 17:36:15 -------- d-----w- C:\Users\micah and jesse\AppData\Local\cache
2012-12-25 17:25:05 -------- d-----w- C:\ProgramData\VTech
2012-12-25 17:25:05 -------- d-----w- C:\Program Files (x86)\VTech
2012-12-25 12:05:50 -------- d-----w- C:\Program Files\McAfee
2012-12-25 02:08:14 -------- d-----w- C:\Program Files (x86)\GPPSoft
2012-12-24 19:36:20 -------- d-----w- C:\Program Files (x86)\RocketDock
2012-12-24 14:52:41 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Gamelab
2012-12-24 14:17:48 -------- d-----w- C:\Program Files (x86)\WildGames
2012-12-24 14:16:52 -------- d-sh--w- C:\Windows\ftpcache
2012-12-24 11:31:39 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-24 11:31:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-24 04:37:26 -------- d-----w- C:\Program Files (x86)\AnVir Task Manager Free
2012-12-24 04:31:11 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\SUPERAntiSpyware.com
2012-12-24 04:31:03 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-12-24 04:31:03 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-12-22 20:38:21 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Ditto
2012-12-22 20:38:13 -------- d-----w- C:\Program Files (x86)\Ditto
2012-12-21 18:01:17 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{67BEF274-0726-4AB2-9157-BDF260E0161C}\mpengine.dll
2012-12-21 17:07:43 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 17:07:43 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 17:07:42 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 17:07:42 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-20 06:05:49 -------- d-----w- C:\ProgramData\SecTaskMan
2012-12-20 06:05:30 -------- d-----w- C:\Program Files (x86)\Security Task Manager
2012-12-18 08:31:38 -------- d-----w- C:\ProgramData\AVAST Software
2012-12-18 08:31:38 -------- d-----w- C:\Program Files\AVAST Software
2012-12-18 01:30:51 -------- d-----w- C:\Users\micah and jesse\AppData\Local\AnVir
2012-12-17 20:19:39 -------- d-----w- C:\Windows\pss
2012-12-17 06:24:46 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\.purple
2012-12-17 06:23:58 -------- d-----w- C:\ProgramData\IObit
2012-12-17 06:22:12 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-12-17 06:21:44 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-12-17 06:21:44 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-12-17 06:20:08 -------- d-----w- C:\Program Files\CCleaner
2012-12-17 06:16:59 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\DMCache
2012-12-12 19:27:40 -------- d-----w- C:\Users\micah and jesse\AppData\Local\WinZip
2012-12-11 23:04:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-11 23:04:49 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-11 22:59:53 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-12-11 22:59:00 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-12-11 22:59:00 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-12-11 22:59:00 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-12-11 22:08:07 -------- d-----w- C:\Program Files (x86)\IZArc
2012-12-10 03:25:39 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Visan
2012-12-10 03:06:38 -------- d-----w- C:\ProgramData\Visan
2012-12-10 03:06:38 -------- d-----w- C:\ProgramData\HP Photo Creations
2012-12-10 03:06:38 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2012-12-09 08:42:03 -------- d-----w- C:\Users\micah and jesse\VECTOR AND CLIPART
2012-12-08 21:14:54 -------- d-----w- C:\Users\micah and jesse\.thumbnails
2012-12-08 08:46:54 -------- d-----w- C:\ProgramData\sitoo
2012-12-08 08:36:17 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Virtual Mechanics
2012-12-08 08:36:17 -------- d-----w- C:\ProgramData\Virtual Mechanics
2012-12-04 16:01:25 -------- d-----w- C:\ProgramData\Bitstream
2012-12-03 07:08:19 -------- d-----w- C:\ProgramData\ALM
2012-12-03 06:15:53 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\com.adobe.WidgetBrowser
2012-12-03 05:54:16 -------- d-----w- C:\Users\micah and jesse\CS6 Design and Web Premium
2012-12-03 05:44:52 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-12-02 21:15:47 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-12-02 21:06:16 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\com.extend.csslayouts
2012-12-02 19:48:37 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\inkscape
2012-12-02 13:14:15 -------- d-----w- C:\Program Files (x86)\Inkscape
2012-12-02 12:21:21 -------- d-----w- C:\Users\micah and jesse\Adobe Illustrator CS6
2012-12-02 11:27:40 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\PDAppFlex
2012-12-02 09:03:48 -------- d-----w- C:\ProgramData\Protexis
2012-12-01 07:52:04 -------- d-----w- C:\Program Files (x86)\Corel
2012-12-01 07:30:05 -------- d-----w- C:\ProgramData\Protexis64
2012-12-01 07:23:34 -------- d-----w- C:\Program Files\Common Files\Protexis
2012-12-01 03:58:58 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\simplitec
2012-11-30 16:14:37 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2012-11-30 16:13:06 -------- d-----w- C:\Program Files (x86)\Microsoft Expression
2012-11-30 10:03:31 -------- d-----w- C:\Users\micah and jesse\AppData\Local\Xara
2012-11-30 10:03:18 -------- d-----w- C:\ProgramData\Xara
2012-11-30 10:03:18 -------- d-----w- C:\Program Files (x86)\Common Files\Xara Services
2012-11-30 10:03:14 -------- d-----w- C:\ProgramData\simplitec
2012-11-30 08:58:19 -------- d-----w- C:\Users\micah and jesse\AppData\Local\fontconfig
2012-11-30 08:58:18 -------- d-----w- C:\Users\micah and jesse\AppData\Local\gegl-0.2
2012-11-30 08:58:18 -------- d-----w- C:\Users\micah and jesse\.gimp-2.8
2012-11-30 08:39:09 -------- d-----w- C:\ProgramData\AVG2013
2012-11-30 08:38:23 -------- d-----w- C:\Program Files (x86)\AVG
2012-11-30 08:26:44 -------- d-----w- C:\Program Files\GIMP 2
2012-11-30 07:11:03 -------- d--h--w- C:\ProgramData\Common Files
2012-11-30 07:11:03 -------- d-----w- C:\Users\micah and jesse\AppData\Local\MFAData
2012-11-30 07:11:03 -------- d-----w- C:\Users\micah and jesse\AppData\Local\Avg2013
2012-11-30 07:11:03 -------- d-----w- C:\ProgramData\MFAData
2012-11-29 10:18:34 -------- d-----w- C:\Program Files (x86)\RealDrawPRO5
2012-11-29 08:36:05 -------- d-----w- C:\Program Files (x86)\Common Files\LiveMetrics
.
==================== Find3M ====================
.
2012-12-27 05:51:36 56 ----a-w- C:\Windows\System32\SupportTool.exe.bat
2012-12-11 20:55:24 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 20:55:24 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-07 11:38:47 737280 ----a-w- C:\Windows\iun6002.exe
2012-11-30 10:03:45 120200 ----a-w- C:\Windows\SysWow64\DLLDEV32i.dll
2012-11-19 10:54:51 258048 ----a-w- C:\Windows\ies_Shell.dll
2012-11-17 02:55:10 88008 ------w- C:\Windows\System32\LMIRfsClientNP.dll
2012-11-17 02:55:10 83880 ------w- C:\Windows\System32\LMIinit.dll
2012-11-17 02:55:10 35240 ------w- C:\Windows\System32\LMIport.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
.


(end)

 

[micah smith]

undefined
[HJT log removed by Broni]


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.27.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
micah and jesse :: MICAHS [administrator]

12/27/2012 11:10:07 PM
mbam-log-2012-12-27 (23-10-07).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 508581
Time elapsed: 2 hour(s), 10 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

 

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

Is IE misbehavior the only issue you're having?

I still need Attach.txt part of DDS.

Next...

Go here: http://support.microsoft.com/kb/923737 and run "FixIt" procedure.
Make sure you follow ALL steps listed there.
See if IE works better.

 

[micah smith]

Hi, thank you for such a quick reply! First I just wanna give you a huge thank you! I know you guys do this on a volunteer basis and I'm sure you live a busy life like the rest of us so thank you again so much for using your free time to help tech illiterate like myself!! Here is the attach.txt, I'm sorry it wasn't there before but I read conflicting instructions on whether to post them or wait until requested and since I can't figure out how to zip it to attach it I decided to wait. Please note again I don't know how to zip it and it's not working with winzip so I'm going to copy and paste it here. I hope that's okay. If that's wrong please leave me step by step instructions on how to zip it. Also, no the problems with IE aren't the only issues, but I figured since I never ever use IE I can't understand why all the sudden it's popping up. The other issues are hard for me to describe. I guess the main things I can think of easily have to do with the computer freezing and lagging, and theres a lot of problems with my internet. It's constantly either freezing, crashing, or I'm being told that the page could not be displayed because the connection has been reset. Thats a constant problem, at least every 5 to 10 pages. Also about a week ago I noticed a program called sprotector in my installed programs list and then several sprotector files buried throughout my computer and after digging on the internet for hours everything I read said it was a virus, but most av software doesn't pick it up, so I used revo uninstaller to uninstall and search the computer for any files left behind , and then I searched the best I could manually, but I now notice it on the DDS log. I'm also having trouble getting rid of something called strongvault that I again didn't download and everything I've read said it's a hard to get rid of that I also noticed still on one of the logs.


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 8/16/2012 7:49:01 PM
System Uptime: 12/28/2012 6:45:37 PM (2 hours ago)
.
Motherboard: Hewlett-Packard | | 181C
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz | U3E1 | 2301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 910 GiB total, 700.113 GiB free.
D: is FIXED (NTFS) - 21 GiB total, 2.3 GiB free.
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&6499983&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&6499983&0&01
Service: vwifimp
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Kaspersky Anti-Virus NDIS 6 Filter
Device ID: ROOT\LEGACY_KLIM6\0000
Manufacturer:
Name: Kaspersky Anti-Virus NDIS 6 Filter
PNP Device ID: ROOT\LEGACY_KLIM6\0000
Service: KLIM6
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Lexmark X422
Device ID: ROOT\IMAGE\0000
Manufacturer: Lexmark
Name: Lexmark X422
PNP Device ID: ROOT\IMAGE\0000
Service: usbscan
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: LogMeIn Kernel Information Provider
Device ID: ROOT\LEGACY_LMIINFO\0000
Manufacturer:
Name: LogMeIn Kernel Information Provider
PNP Device ID: ROOT\LEGACY_LMIINFO\0000
Service: LMIInfo
.
==== System Restore Points ===================
.
RP158: 12/27/2012 12:17:03 AM - Revo Uninstaller's restore point - ArcSoft Software Suite
RP159: 12/27/2012 12:47:10 AM - Revo Uninstaller's restore point - ArcSoft Software Suite
RP160: 12/27/2012 12:50:00 AM - Revo Uninstaller's restore point - GPP Remote Server
RP161: 12/27/2012 12:50:20 AM - Removed GPP Remote Server
RP162: 12/27/2012 12:56:53 AM - Revo Uninstaller's restore point - Pidgin
RP163: 12/27/2012 12:59:36 AM - Revo Uninstaller's restore point - WinDirStat 1.1.2
RP164: 12/27/2012 1:00:56 AM - Removed Corel Graphics - Windows Shell Extension.
RP165: 12/27/2012 1:01:16 AM - Removed Corel Graphics - Windows Shell Extension 32 Bit.
RP166: 12/27/2012 1:01:25 AM - Revo Uninstaller's restore point - Corel PaintShop Pro X5
RP167: 12/27/2012 1:11:03 AM - Revo Uninstaller's restore point - Corel PaintShop Pro X5
RP168: 12/27/2012 2:12:15 AM - Revo Uninstaller's restore point - FlexiLayouts 2 Editor
RP169: 12/27/2012 2:12:32 AM - Removed FlexiLayouts 2 Editor
RP170: 12/27/2012 2:17:41 AM - Revo Uninstaller's restore point - McAfee SiteAdvisor
RP171: 12/27/2012 2:23:27 AM - Revo Uninstaller's restore point - Corel Website Creator X6
RP172: 12/28/2012 4:04:51 PM - Revo Uninstaller's restore point - Trillian
RP173: 12/28/2012 4:09:57 PM - Revo Uninstaller's restore point - Photo Collage Max
RP174: 12/28/2012 4:15:38 PM - Revo Uninstaller's restore point - Photo Collage Max
RP175: 12/28/2012 4:18:38 PM - Revo Uninstaller's restore point - Wise Registry Cleaner 7.55
RP176: 12/28/2012 4:20:51 PM - Revo Uninstaller's restore point - Scrapbook MAX! 2.0 Trial
RP177: 12/28/2012 4:23:34 PM - Windows Update
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe CS6 Design and Web Premium
Adobe Download Assistant
Adobe Dreamweaver CS6
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Manager
Adobe Illustrator CS6
Adobe Photoshop Elements 11
Adobe Reader X (10.1.0) MUI
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.6
Adobe Widget Browser
AnVir Task Manager Free
ArcSoft Software Suite
AuthenTec TrueAPI 64-bit
Bejeweled 3
Blackhawk Striker 2
Bob the Builder Can-Do-Zoo
CCleaner
Chuzzle Deluxe
CorelDRAW Graphics Suite X6 - Capture (x64)
CorelDRAW Graphics Suite X6 - Common (x64)
CorelDRAW Graphics Suite X6 - Connect (x64)
CorelDRAW Graphics Suite X6 - Custom Data (x64)
CorelDRAW Graphics Suite X6 - Draw (x64)
CorelDRAW Graphics Suite X6 - EN (x64)
CorelDRAW Graphics Suite X6 - Filters (x64)
CorelDRAW Graphics Suite X6 - FontNav (x64)
CorelDRAW Graphics Suite X6 - IPM
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
CorelDRAW Graphics Suite X6 - Redist (x64)
CorelDRAW Graphics Suite X6 - Setup Files (x64)
CorelDRAW Graphics Suite X6 - VBA (x64)
CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
CorelDRAW Graphics Suite X6 - VSTA (x64)
CorelDRAW Graphics Suite X6 - Writing Tools (x64)
CorelDRAW Graphics Suite X6 (x64)
Cradle of Rome 2
CyberLink YouCam
D3DX10
Diego's Dinosaur Adventure
Diego's Safari Adventure
Ditto
Dora's Carnival Adventure
Dora's World Adventure
Elements 11 Organizer
EPSON NX330 Series Printer Uninstall
ESU for Microsoft Windows 7 SP1
Evernote v. 4.5.2
Farm Frenzy
Farmscapes
FATE
File Type Assistant
Final Drive Fury
Free RAR Extract Frog
GIMP 2.8.2
Google Chrome
Google Drive
Google Update Helper
Hewlett-Packard ACLM.NET v1.2.1.1
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hoyle Card Games
HP 3D DriveGuard
HP Application Assistant
HP Auto
HP Client Services
HP Connection Manager
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP Launch Box
HP MovieStore
HP On Screen Display
HP Photo Creations
HP Power Manager
HP Product Detection
HP Quick Launch
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP SimplePass
HP Software Framework
HP Support Assistant
HP Update
IDT Audio
Inkscape 0.48.2
Intel(R) C++ Redistributables for Windows* on Intel(R) 64
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) OpenCL CPU Runtime
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
IZArc 4.1.7
Java 7 Update 9
Java Auto Updater
Jewel Match 3
Jewel Quest Mysteries: The Seventh Gate Collector's Edition
John Deere Drive Green
JS3DPreSchool
JumpStart 3D Ages 3-5
JumpStart Phonics Read and Rhyme
Junk Mail filter update
Learning Lodge Navigator
Letters from Nowhere 2
Lost Photos version 1.1
Luxor HD
Mah Jong Medley
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office 365 Home Premium Preview - en-us
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual Basic for Applications 7.1 (x64)
Microsoft Visual Basic for Applications 7.1 (x64) English
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft WSE 3.0 Runtime
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Movie Maker
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Firefox 17.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
opensource
PDF Settings CS6
Penguins!
Photo Common
Photo Gallery
Photo Story 3 for Windows
PhotoScape
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
PSE11 STI Installer
Ralink RT5390R 802.11b/g/n 1x1 Wi-Fi Adapter
Real-Draw PRO 5.2.4
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
Recuva
Revo Uninstaller 1.94
RocketDock 1.3.5
RollerCoaster Tycoon 3: Platinum
Security Task Manager 1.8f
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Shrek 2: Ogre Bowler
Strongvault Online Backup
SUPERAntiSpyware
swMSM
Synaptics Pointing Device Driver
The Treasures of Mystery Island: The Ghost Ship
Torchlight
Trend Micro Titanium
Trend Micro Titanium Internet Security
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update Installer for WildTangent Games App
Validity WBF DDK
Virtual Villagers 4 - The Tree of Life
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.4
VTech Download Agent Library
WildTangent Games
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinZip 17.0
Wonder Pets! Save the Puppy
Wondershare Video Converter Ultimate(Build 6.0.1.0)
WYSIWYG Web Builder 8
Yahoo! Detect
Yahoo! Messenger
Yahoo! Software Update
Zoodles
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
12/28/2012 9:08:49 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.2.2 with the system having network hardware address F8-0C-F3-F6-98-1C. Network operations on this system may be disrupted as a result.
12/28/2012 6:47:25 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/28/2012 6:46:25 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver AVGIDSHA Avgldx64 Avgloga Avgmfx64 Avgrkx64 Avgtdia KLIM6
12/28/2012 6:46:16 PM, Error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.
12/28/2012 6:27:53 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
12/28/2012 4:24:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.141.2694.0).
12/28/2012 1:56:27 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
12/28/2012 1:56:22 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
12/27/2012 3:09:29 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3.
12/27/2012 10:36:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.141.2549.0).
12/27/2012 10:07:43 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4.
12/27/2012 1:31:27 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
12/26/2012 5:17:33 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR30.
12/26/2012 1:05:44 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR26.
12/25/2012 9:59:20 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR16.
12/25/2012 8:55:36 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR7.
12/25/2012 8:52:48 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.
12/25/2012 8:52:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
12/25/2012 12:20:46 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
12/25/2012 12:01:46 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
12/23/2012 11:00:34 PM, Error: Service Control Manager [7034] - The Protexis Licensing V2 x64 service terminated unexpectedly. It has done this 1 time(s).
12/22/2012 11:43:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver AVGIDSHA Avgldx64 Avgloga Avgmfx64 Avgrkx64 Avgtdia
12/21/2012 6:29:01 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.2.5. The computer with the IP address 192.168.2.2 did not allow the name to be claimed by this computer.
.
==== End Of File ===========================

 

[Broni]

Did you?

Go here: http://support.microsoft.com/kb/923737 and run "FixIt" procedure.
Make sure you follow ALL steps listed there.
See if IE works better.

 

[micah smith]

Well, I have been trying to since I read your first post which was well over several hours ago, and it's stuck or frozen. The progress bar is less than a quarter of the way finished and it's been like that since right after it started. I've used those fix it downloads before and they've always finished in a few minutes. I had left my computer alone so not to disturb anything so I'm only just noticing that it hasn't finished. I guess I should "end task" and try to rerun it?

 

[Broni]

Go ahead and redo.

 

[micah smith]

Hi, I'm sorry I've taken so long to post the results. Yes I was able to successfully run the microsoft fix it from the download link sent. It successfully restored all of my internet explorer settings back to default. It did not help at all. It almost actually seemed to make it worse. The pop ups started happening more often and closer together. Like I said I never ever use IE only firefox. Now it also seems that instead of just it being the "about blank page" pop up it's not got babylon toolbar installed on it somehow. I've not downloaded anything else except for the microsoft fix it. I was able to find about 50 zip files on my computer that say babylon toolbar on them, download date says the 17th which I did download something from cnet, but I'm almost positive I declined it. Also last time that annoying toolbar was added to my computer it was in my programs list that I was easily able to uninstall and this time it's not. I once again restored my internet explorer settings and deleted it manually from the IE settings, but that didn't get rid of it. What should I do now?

 

[Broni]

Not a problem.
We'll run more checks. I just needed to know if it's not just IE issue.

• Download RogueKiller on the desktop
• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

==============================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.