Need some help finding

By micah smith
Dec 28, 2012
Topic Status:
Not open for further replies.
  1. Hi, I hope someone can help me. I'm not sure that I have a virus or spyware, but I'm assuming so. There haven't been any major problems going on but several small ones that I'm assuming aren't normal. The latest is the fact that internet exporer keeps popping up with "about" blank page. I don't use internet explorer ever, so I'm not sure what's going on. I typically only use firefox and on occasion if firefox is having issues chrome for a very short time. I have added no extensions or add ons to chrome or ie, I've only added them to firefox. I currently run a paid version of trend micro, and free version of malware bites. In the past few weeks I've downloaded several of the top rated other ones from CNET, ran them once and uninstalled them all except for the 2 listed above. My internet also has a lot of freezing issues. Theres also some crap called strongvault I recently discovered on my computer and thought I had rid myself of them but looking at the logs created it appears I haven't so any help with that is appreciated!


    DS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
    Run by micah and jesse at 16:33:05 on 2012-12-28
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8087.4981 [GMT -6:00]
    AV: Trend Micro Titanium 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
    SP: Trend Micro Titanium 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    ============== Running Processes ===============
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files\IDT\WDM\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k WbioSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\HP SimplePass\TouchControl.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
    C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files (x86)\Ditto\Ditto.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
    C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Common Files\AuthenTec\TrueService.exe
    C:\Program Files\Common Files\AuthenTec\TrueService.exe
    C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files (x86)\VTech\DownloadManager\System\DownloadManager.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe
    C:\Users\micah and jesse\VECTOR AND CLIPART\FONTS\FONTS\HijackThis.exe
    C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
    ============== Pseudo HJT Report ===============
    uStart Page = about:blank
    uSearch Bar = Preserve
    mStart Page = hxxp://
    uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
    mWinlogon: Userinit = userinit.exe,
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: {0EEDB912-C5FA-486F-8334-57288578C627} - <orphaned>
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
    BHO: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - <orphaned>
    BHO: {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
    BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
    BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
    BHO: Microsoft SPFS Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
    EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
    uRun: [Ditto] C:\Program Files (x86)\Ditto\Ditto.exe
    uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
    uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727"
    uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
    uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
    mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    mRunOnce: [PhotoCollageMaxunstall] <no file>
    StartupFolder: C:\Users\MICAHA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: SoftwareSASGeneration = dword:1
    IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
    IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
    IE: Download with &Shareaza - C:\Program Files (x86)\Shareaza\RazaWebHook32.dll/3000
    IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
    IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
    IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
    DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
    TCP: NameServer =
    TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer =,
    TCP: Interfaces\{AA02AE61-F9AF-4B69-A610-B4C32D86B508} : NameServer =,
    TCP: Interfaces\{AA02AE61-F9AF-4B69-A610-B4C32D86B508} : DHCPNameServer =
    TCP: Interfaces\{D0610DB2-514F-4C91-AD31-6640458A6D56} : NameServer =,
    TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18} : NameServer =,
    TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18} : DHCPNameServer =
    TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\16474777966696 : NameServer =,
    TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\16474777966696 : DHCPNameServer =
    TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\4656661657C647 : NameServer =,
    TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\4656661657C647 : DHCPNameServer =
    TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\54C602451636F602245756E6F6 : NameServer =,
    TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\54C602451636F602245756E6F6 : DHCPNameServer =
    TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\948414455484F4553545F4E4 : DHCPNameServer =
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
    x64-BHO: {0EEDB912-C5FA-486F-8334-57288578C627} - <orphaned>
    x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
    x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
    x64-BHO: Microsoft SPFS Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
    x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
    x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
    x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn
    ================= FIREFOX ===================
    FF - ProfilePath - C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\
    FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\npspwrap.dll
    FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
    FF - plugin: C:\Users\micah and jesse\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
    FF - plugin: C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    FF - ExtSQL: 2012-11-14 19:56; {38783831-6098-4faa-A9C9-1EE1E343F4D2}; C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
    FF - ExtSQL: 2012-11-15 11:27; {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
    FF - ExtSQL: 2012-11-21 16:12; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    FF - ExtSQL: 2012-11-24 02:48; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    FF - ExtSQL: 2012-11-24 12:08;; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\
    FF - ExtSQL: 2012-11-24 12:08;; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\
    FF - ExtSQL: 2012-11-24 12:08; sortbookmarks@bouanto; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\sortbookmarks@bouanto.xpi
    FF - ExtSQL: 2012-11-24 12:08;; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\
    FF - ExtSQL: 2012-11-24 12:08; {E71B541F-5E72-5555-A47C-E47863195841}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{E71B541F-5E72-5555-A47C-E47863195841}
    FF - ExtSQL: 2012-11-29 02:58; {cd617375-6743-4ee8-bac4-fbf10f35729e}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
    FF - ExtSQL: 2012-12-01 17:55; {dc572301-7619-498c-a57d-39143191b318}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
    FF - ExtSQL: 2012-12-09 20:31; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
    FF - ExtSQL: 2012-12-09 21:07; web2pdfextension@web2pdf.adobedotcom; C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
    FF - ExtSQL: 2012-12-11 22:40;; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\
    FF - ExtSQL: 2012-12-15 21:36; {1280606b-2510-4fe0-97ef-9b5a22eafe30}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
    FF - ExtSQL: 2012-12-15 23:19; jid0-vIQLXACIhaAd4GQzLBL1RSeoaKk@jetpack; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\jid0-vIQLXACIhaAd4GQzLBL1RSeoaKk@jetpack.xpi
    FF - ExtSQL: 2012-12-17 22:41; {22C7F6C6-8D67-4534-92B5-529A0EC09405}; C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension
    ---- FIREFOX POLICIES ----
    user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
    ============= SERVICES / DRIVERS ===============
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2011-12-5 16152]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-11-19 56336]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-12-26 77184]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
    R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600]
    R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-12-26 275912]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2012-11-26 168448]
    R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-11-26 131072]
    R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2012-10-15 1641320]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
    R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-29 13592]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-7-29 128280]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-7-29 161560]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-10-22 72216]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-24 399432]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-24 676936]
    R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-10-20 1494144]
    R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-29 363800]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
    R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-7-29 331264]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2011-12-5 355096]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2011-12-5 785688]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-24 25928]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-7-29 1860672]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-7-29 565352]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2011-10-13 20016]
    R3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-7-16 401256]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2012-9-20 33872]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-8-23 57280]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-8-28 69640]
    S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-7-29 259688]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
    S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-18 1255736]
    S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
    =============== File Associations ===============
    FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
    FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
    FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
    FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
    FileExt: .jse: JSEFile=C:\Windows\SysWow64\WScript.exe "%1" %*
    ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
    =============== Created Last 30 ================
    2012-12-27 05:53:28 105744 ----a-w- C:\Windows\System32\drivers\tmtdi.sys
    2012-12-27 05:52:53 77184 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys
    2012-12-27 05:52:53 173504 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
    2012-12-27 05:52:53 107048 ----a-w- C:\Windows\System32\drivers\tmactmon.sys
    2012-12-27 05:50:57 -------- d-----w- C:\Program Files\Trend Micro
    2012-12-27 05:48:11 -------- d-----r- C:\Users\micah and jesse\Desktop 2
    2012-12-27 04:43:31 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
    2012-12-27 03:09:05 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2012-12-26 07:25:11 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Trillian
    2012-12-25 17:36:15 -------- d-----w- C:\Users\micah and jesse\AppData\Local\cache
    2012-12-25 17:25:05 -------- d-----w- C:\ProgramData\VTech
    2012-12-25 17:25:05 -------- d-----w- C:\Program Files (x86)\VTech
    2012-12-25 12:05:50 -------- d-----w- C:\Program Files\McAfee
    2012-12-25 02:08:14 -------- d-----w- C:\Program Files (x86)\GPPSoft
    2012-12-24 19:36:20 -------- d-----w- C:\Program Files (x86)\RocketDock
    2012-12-24 14:52:41 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Gamelab
    2012-12-24 14:17:48 -------- d-----w- C:\Program Files (x86)\WildGames
    2012-12-24 14:16:52 -------- d-sh--w- C:\Windows\ftpcache
    2012-12-24 11:31:39 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-12-24 11:31:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-12-24 04:37:26 -------- d-----w- C:\Program Files (x86)\AnVir Task Manager Free
    2012-12-24 04:31:11 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\
    2012-12-24 04:31:03 -------- d-----w- C:\ProgramData\
    2012-12-24 04:31:03 -------- d-----w- C:\Program Files\SUPERAntiSpyware
    2012-12-22 20:38:21 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Ditto
    2012-12-22 20:38:13 -------- d-----w- C:\Program Files (x86)\Ditto
    2012-12-21 18:01:17 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{67BEF274-0726-4AB2-9157-BDF260E0161C}\mpengine.dll
    2012-12-21 17:07:43 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2012-12-21 17:07:43 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2012-12-21 17:07:42 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2012-12-21 17:07:42 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2012-12-20 06:05:49 -------- d-----w- C:\ProgramData\SecTaskMan
    2012-12-20 06:05:30 -------- d-----w- C:\Program Files (x86)\Security Task Manager
    2012-12-18 08:31:38 -------- d-----w- C:\ProgramData\AVAST Software
    2012-12-18 08:31:38 -------- d-----w- C:\Program Files\AVAST Software
    2012-12-18 01:30:51 -------- d-----w- C:\Users\micah and jesse\AppData\Local\AnVir
    2012-12-17 20:19:39 -------- d-----w- C:\Windows\pss
    2012-12-17 06:24:46 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\.purple
    2012-12-17 06:23:58 -------- d-----w- C:\ProgramData\IObit
    2012-12-17 06:22:12 -------- d-----w- C:\Program Files (x86)\VS Revo Group
    2012-12-17 06:21:44 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-12-17 06:21:44 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2012-12-17 06:20:08 -------- d-----w- C:\Program Files\CCleaner
    2012-12-17 06:16:59 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\DMCache
    2012-12-12 19:27:40 -------- d-----w- C:\Users\micah and jesse\AppData\Local\WinZip
    2012-12-11 23:04:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2012-12-11 23:04:49 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-12-11 22:59:53 3149824 ----a-w- C:\Windows\System32\win32k.sys
    2012-12-11 22:59:00 424960 ----a-w- C:\Windows\System32\KernelBase.dll
    2012-12-11 22:59:00 338432 ----a-w- C:\Windows\System32\conhost.exe
    2012-12-11 22:59:00 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2012-12-11 22:08:07 -------- d-----w- C:\Program Files (x86)\IZArc
    2012-12-10 03:25:39 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Visan
    2012-12-10 03:06:38 -------- d-----w- C:\ProgramData\Visan
    2012-12-10 03:06:38 -------- d-----w- C:\ProgramData\HP Photo Creations
    2012-12-10 03:06:38 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
    2012-12-09 08:42:03 -------- d-----w- C:\Users\micah and jesse\VECTOR AND CLIPART
    2012-12-08 21:14:54 -------- d-----w- C:\Users\micah and jesse\.thumbnails
    2012-12-08 08:46:54 -------- d-----w- C:\ProgramData\sitoo
    2012-12-08 08:36:17 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Virtual Mechanics
    2012-12-08 08:36:17 -------- d-----w- C:\ProgramData\Virtual Mechanics
    2012-12-04 16:01:25 -------- d-----w- C:\ProgramData\Bitstream
    2012-12-03 07:08:19 -------- d-----w- C:\ProgramData\ALM
    2012-12-03 06:15:53 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\com.adobe.WidgetBrowser
    2012-12-03 05:54:16 -------- d-----w- C:\Users\micah and jesse\CS6 Design and Web Premium
    2012-12-03 05:44:52 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2012-12-02 21:15:47 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    2012-12-02 21:06:16 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\com.extend.csslayouts
    2012-12-02 19:48:37 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\inkscape
    2012-12-02 13:14:15 -------- d-----w- C:\Program Files (x86)\Inkscape
    2012-12-02 12:21:21 -------- d-----w- C:\Users\micah and jesse\Adobe Illustrator CS6
    2012-12-02 11:27:40 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\PDAppFlex
    2012-12-02 09:03:48 -------- d-----w- C:\ProgramData\Protexis
    2012-12-01 07:52:04 -------- d-----w- C:\Program Files (x86)\Corel
    2012-12-01 07:30:05 -------- d-----w- C:\ProgramData\Protexis64
    2012-12-01 07:23:34 -------- d-----w- C:\Program Files\Common Files\Protexis
    2012-12-01 03:58:58 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\simplitec
    2012-11-30 16:14:37 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
    2012-11-30 16:13:06 -------- d-----w- C:\Program Files (x86)\Microsoft Expression
    2012-11-30 10:03:31 -------- d-----w- C:\Users\micah and jesse\AppData\Local\Xara
    2012-11-30 10:03:18 -------- d-----w- C:\ProgramData\Xara
    2012-11-30 10:03:18 -------- d-----w- C:\Program Files (x86)\Common Files\Xara Services
    2012-11-30 10:03:14 -------- d-----w- C:\ProgramData\simplitec
    2012-11-30 08:58:19 -------- d-----w- C:\Users\micah and jesse\AppData\Local\fontconfig
    2012-11-30 08:58:18 -------- d-----w- C:\Users\micah and jesse\AppData\Local\gegl-0.2
    2012-11-30 08:58:18 -------- d-----w- C:\Users\micah and jesse\.gimp-2.8
    2012-11-30 08:39:09 -------- d-----w- C:\ProgramData\AVG2013
    2012-11-30 08:38:23 -------- d-----w- C:\Program Files (x86)\AVG
    2012-11-30 08:26:44 -------- d-----w- C:\Program Files\GIMP 2
    2012-11-30 07:11:03 -------- d--h--w- C:\ProgramData\Common Files
    2012-11-30 07:11:03 -------- d-----w- C:\Users\micah and jesse\AppData\Local\MFAData
    2012-11-30 07:11:03 -------- d-----w- C:\Users\micah and jesse\AppData\Local\Avg2013
    2012-11-30 07:11:03 -------- d-----w- C:\ProgramData\MFAData
    2012-11-29 10:18:34 -------- d-----w- C:\Program Files (x86)\RealDrawPRO5
    2012-11-29 08:36:05 -------- d-----w- C:\Program Files (x86)\Common Files\LiveMetrics
    ==================== Find3M ====================
    2012-12-27 05:51:36 56 ----a-w- C:\Windows\System32\SupportTool.exe.bat
    2012-12-11 20:55:24 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-11 20:55:24 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-12-07 11:38:47 737280 ----a-w- C:\Windows\iun6002.exe
    2012-11-30 10:03:45 120200 ----a-w- C:\Windows\SysWow64\DLLDEV32i.dll
    2012-11-19 10:54:51 258048 ----a-w- C:\Windows\ies_Shell.dll
    2012-11-17 02:55:10 88008 ------w- C:\Windows\System32\LMIRfsClientNP.dll
    2012-11-17 02:55:10 83880 ------w- C:\Windows\System32\LMIinit.dll
    2012-11-17 02:55:10 35240 ------w- C:\Windows\System32\LMIport.dll
    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
    2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
    2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
    2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
    2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
    2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
    2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
    2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
    2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
    2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
    2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
    2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
    2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
    2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
    2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
    2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
    2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
    2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

  2. micah smith

    micah smith Newcomer, in training Topic Starter

    [HJT log removed by Broni]

    Malwarebytes Anti-Malware

    Database version: v2012.12.27.03

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    micah and jesse :: MICAHS [administrator]

    12/27/2012 11:10:07 PM
    mbam-log-2012-12-27 (23-10-07).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 508581
    Time elapsed: 2 hour(s), 10 minute(s), 40 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)
  3. Broni

    Broni Malware Annihilator Posts: 45,226   +243

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.


    Is IE misbehavior the only issue you're having?

    I still need Attach.txt part of DDS.


    Go here: and run "FixIt" procedure.
    Make sure you follow ALL steps listed there.
    See if IE works better.
  4. micah smith

    micah smith Newcomer, in training Topic Starter

    Hi, thank you for such a quick reply! First I just wanna give you a huge thank you! I know you guys do this on a volunteer basis and I'm sure you live a busy life like the rest of us so thank you again so much for using your free time to help tech illiterate like myself!! Here is the attach.txt, I'm sorry it wasn't there before but I read conflicting instructions on whether to post them or wait until requested and since I can't figure out how to zip it to attach it I decided to wait. Please note again I don't know how to zip it and it's not working with winzip so I'm going to copy and paste it here. I hope that's okay. If that's wrong please leave me step by step instructions on how to zip it. Also, no the problems with IE aren't the only issues, but I figured since I never ever use IE I can't understand why all the sudden it's popping up. The other issues are hard for me to describe. I guess the main things I can think of easily have to do with the computer freezing and lagging, and theres a lot of problems with my internet. It's constantly either freezing, crashing, or I'm being told that the page could not be displayed because the connection has been reset. Thats a constant problem, at least every 5 to 10 pages. Also about a week ago I noticed a program called sprotector in my installed programs list and then several sprotector files buried throughout my computer and after digging on the internet for hours everything I read said it was a virus, but most av software doesn't pick it up, so I used revo uninstaller to uninstall and search the computer for any files left behind , and then I searched the best I could manually, but I now notice it on the DDS log. I'm also having trouble getting rid of something called strongvault that I again didn't download and everything I've read said it's a hard to get rid of that I also noticed still on one of the logs.

    DDS (Ver_2012-11-20.01)
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 8/16/2012 7:49:01 PM
    System Uptime: 12/28/2012 6:45:37 PM (2 hours ago)
    Motherboard: Hewlett-Packard | | 181C
    Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz | U3E1 | 2301/100mhz
    ==== Disk Partitions =========================
    C: is FIXED (NTFS) - 910 GiB total, 700.113 GiB free.
    D: is FIXED (NTFS) - 21 GiB total, 2.3 GiB free.
    E: is CDROM (CDFS)
    ==== Disabled Device Manager Items =============
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft Virtual WiFi Miniport Adapter
    Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&6499983&0&01
    Manufacturer: Microsoft
    Name: Microsoft Virtual WiFi Miniport Adapter
    PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&6499983&0&01
    Service: vwifimp
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: Kaspersky Anti-Virus NDIS 6 Filter
    Device ID: ROOT\LEGACY_KLIM6\0000
    Name: Kaspersky Anti-Virus NDIS 6 Filter
    PNP Device ID: ROOT\LEGACY_KLIM6\0000
    Service: KLIM6
    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Lexmark X422
    Device ID: ROOT\IMAGE\0000
    Manufacturer: Lexmark
    Name: Lexmark X422
    PNP Device ID: ROOT\IMAGE\0000
    Service: usbscan
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: LogMeIn Kernel Information Provider
    Name: LogMeIn Kernel Information Provider
    Service: LMIInfo
    ==== System Restore Points ===================
    RP158: 12/27/2012 12:17:03 AM - Revo Uninstaller's restore point - ArcSoft Software Suite
    RP159: 12/27/2012 12:47:10 AM - Revo Uninstaller's restore point - ArcSoft Software Suite
    RP160: 12/27/2012 12:50:00 AM - Revo Uninstaller's restore point - GPP Remote Server
    RP161: 12/27/2012 12:50:20 AM - Removed GPP Remote Server
    RP162: 12/27/2012 12:56:53 AM - Revo Uninstaller's restore point - Pidgin
    RP163: 12/27/2012 12:59:36 AM - Revo Uninstaller's restore point - WinDirStat 1.1.2
    RP164: 12/27/2012 1:00:56 AM - Removed Corel Graphics - Windows Shell Extension.
    RP165: 12/27/2012 1:01:16 AM - Removed Corel Graphics - Windows Shell Extension 32 Bit.
    RP166: 12/27/2012 1:01:25 AM - Revo Uninstaller's restore point - Corel PaintShop Pro X5
    RP167: 12/27/2012 1:11:03 AM - Revo Uninstaller's restore point - Corel PaintShop Pro X5
    RP168: 12/27/2012 2:12:15 AM - Revo Uninstaller's restore point - FlexiLayouts 2 Editor
    RP169: 12/27/2012 2:12:32 AM - Removed FlexiLayouts 2 Editor
    RP170: 12/27/2012 2:17:41 AM - Revo Uninstaller's restore point - McAfee SiteAdvisor
    RP171: 12/27/2012 2:23:27 AM - Revo Uninstaller's restore point - Corel Website Creator X6
    RP172: 12/28/2012 4:04:51 PM - Revo Uninstaller's restore point - Trillian
    RP173: 12/28/2012 4:09:57 PM - Revo Uninstaller's restore point - Photo Collage Max
    RP174: 12/28/2012 4:15:38 PM - Revo Uninstaller's restore point - Photo Collage Max
    RP175: 12/28/2012 4:18:38 PM - Revo Uninstaller's restore point - Wise Registry Cleaner 7.55
    RP176: 12/28/2012 4:20:51 PM - Revo Uninstaller's restore point - Scrapbook MAX! 2.0 Trial
    RP177: 12/28/2012 4:23:34 PM - Windows Update
    ==== Installed Programs ======================
    64 Bit HP CIO Components Installer
    Adobe Acrobat X Pro - English, Fran├žais, Deutsch
    Adobe AIR
    Adobe CS6 Design and Web Premium
    Adobe Download Assistant
    Adobe Dreamweaver CS6
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Help Manager
    Adobe Illustrator CS6
    Adobe Photoshop Elements 11
    Adobe Reader X (10.1.0) MUI
    Adobe Reader X (10.1.4)
    Adobe Shockwave Player 11.6
    Adobe Widget Browser
    AnVir Task Manager Free
    ArcSoft Software Suite
    AuthenTec TrueAPI 64-bit
    Bejeweled 3
    Blackhawk Striker 2
    Bob the Builder Can-Do-Zoo
    Chuzzle Deluxe
    CorelDRAW Graphics Suite X6 - Capture (x64)
    CorelDRAW Graphics Suite X6 - Common (x64)
    CorelDRAW Graphics Suite X6 - Connect (x64)
    CorelDRAW Graphics Suite X6 - Custom Data (x64)
    CorelDRAW Graphics Suite X6 - Draw (x64)
    CorelDRAW Graphics Suite X6 - EN (x64)
    CorelDRAW Graphics Suite X6 - Filters (x64)
    CorelDRAW Graphics Suite X6 - FontNav (x64)
    CorelDRAW Graphics Suite X6 - IPM
    CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
    CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
    CorelDRAW Graphics Suite X6 - Redist (x64)
    CorelDRAW Graphics Suite X6 - Setup Files (x64)
    CorelDRAW Graphics Suite X6 - VBA (x64)
    CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
    CorelDRAW Graphics Suite X6 - VSTA (x64)
    CorelDRAW Graphics Suite X6 - Writing Tools (x64)
    CorelDRAW Graphics Suite X6 (x64)
    Cradle of Rome 2
    CyberLink YouCam
    Diego's Dinosaur Adventure
    Diego's Safari Adventure
    Dora's Carnival Adventure
    Dora's World Adventure
    Elements 11 Organizer
    EPSON NX330 Series Printer Uninstall
    ESU for Microsoft Windows 7 SP1
    Evernote v. 4.5.2
    Farm Frenzy
    File Type Assistant
    Final Drive Fury
    Free RAR Extract Frog
    GIMP 2.8.2
    Google Chrome
    Google Drive
    Google Update Helper
    Hewlett-Packard ACLM.NET v1.2.1.1
    Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
    Hoyle Card Games
    HP 3D DriveGuard
    HP Application Assistant
    HP Auto
    HP Client Services
    HP Connection Manager
    HP CoolSense
    HP Customer Experience Enhancements
    HP Documentation
    HP Games
    HP Launch Box
    HP MovieStore
    HP On Screen Display
    HP Photo Creations
    HP Power Manager
    HP Product Detection
    HP Quick Launch
    HP Recovery Manager
    HP Security Assistant
    HP Setup
    HP Setup Manager
    HP SimplePass
    HP Software Framework
    HP Support Assistant
    HP Update
    IDT Audio
    Inkscape 0.48.2
    Intel(R) C++ Redistributables for Windows* on Intel(R) 64
    Intel(R) Control Center
    Intel(R) Management Engine Components
    Intel(R) OpenCL CPU Runtime
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    Intel(R) USB 3.0 eXtensible Host Controller Driver
    Intel® Trusted Connect Service Client
    IZArc 4.1.7
    Java 7 Update 9
    Java Auto Updater
    Jewel Match 3
    Jewel Quest Mysteries: The Seventh Gate Collector's Edition
    John Deere Drive Green
    JumpStart 3D Ages 3-5
    JumpStart Phonics Read and Rhyme
    Junk Mail filter update
    Learning Lodge Navigator
    Letters from Nowhere 2
    Lost Photos version 1.1
    Luxor HD
    Mah Jong Medley
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Office 2010
    Microsoft Office 365 Home Premium Preview - en-us
    Microsoft Office Click-to-Run 2010
    Microsoft Office Starter 2010 - English
    Microsoft Silverlight
    Microsoft SkyDrive
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual Basic for Applications 7.1 (x64)
    Microsoft Visual Basic for Applications 7.1 (x64) English
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual Studio Tools for Applications 2.0 - ENU
    Microsoft Visual Studio Tools for Applications 2.0 Runtime
    Microsoft WSE 3.0 Runtime
    Movie Maker
    Mozilla Firefox 14.0.1 (x86 en-US)
    Mozilla Firefox 17.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2721691)
    Office 15 Click-to-Run Extensibility Component
    Office 15 Click-to-Run Licensing Component
    PDF Settings CS6
    Photo Common
    Photo Gallery
    Photo Story 3 for Windows
    Plants vs. Zombies - Game of the Year
    PlayReady PC Runtime amd64
    PlayReady PC Runtime x86
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    PSE11 STI Installer
    Ralink RT5390R 802.11b/g/n 1x1 Wi-Fi Adapter
    Real-Draw PRO 5.2.4
    Realtek Ethernet Controller Driver
    Realtek PCIE Card Reader
    Revo Uninstaller 1.94
    RocketDock 1.3.5
    RollerCoaster Tycoon 3: Platinum
    Security Task Manager 1.8f
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Shrek 2: Ogre Bowler
    Strongvault Online Backup
    Synaptics Pointing Device Driver
    The Treasures of Mystery Island: The Ghost Ship
    Trend Micro Titanium
    Trend Micro Titanium Internet Security
    Unity Web Player
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update Installer for WildTangent Games App
    Validity WBF DDK
    Virtual Villagers 4 - The Tree of Life
    Visual Studio 2010 x64 Redistributables
    VLC media player 2.0.4
    VTech Download Agent Library
    WildTangent Games
    WildTangent Games App (HP Games)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinZip 17.0
    Wonder Pets! Save the Puppy
    Wondershare Video Converter Ultimate(Build
    WYSIWYG Web Builder 8
    Yahoo! Detect
    Yahoo! Messenger
    Yahoo! Software Update
    Zuma's Revenge
    ==== Event Viewer Messages From Past Week ========
    12/28/2012 9:08:49 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address with the system having network hardware address F8-0C-F3-F6-98-1C. Network operations on this system may be disrupted as a result.
    12/28/2012 6:47:25 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    12/28/2012 6:46:25 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver AVGIDSHA Avgldx64 Avgloga Avgmfx64 Avgrkx64 Avgtdia KLIM6
    12/28/2012 6:46:16 PM, Error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.
    12/28/2012 6:27:53 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
    12/28/2012 4:24:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.141.2694.0).
    12/28/2012 1:56:27 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
    12/28/2012 1:56:22 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
    12/27/2012 3:09:29 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3.
    12/27/2012 10:36:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.141.2549.0).
    12/27/2012 10:07:43 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4.
    12/27/2012 1:31:27 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
    12/26/2012 5:17:33 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR30.
    12/26/2012 1:05:44 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR26.
    12/25/2012 9:59:20 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR16.
    12/25/2012 8:55:36 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR7.
    12/25/2012 8:52:48 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.
    12/25/2012 8:52:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
    12/25/2012 12:20:46 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
    12/25/2012 12:01:46 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
    12/23/2012 11:00:34 PM, Error: Service Control Manager [7034] - The Protexis Licensing V2 x64 service terminated unexpectedly. It has done this 1 time(s).
    12/22/2012 11:43:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver AVGIDSHA Avgldx64 Avgloga Avgmfx64 Avgrkx64 Avgtdia
    12/21/2012 6:29:01 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address The computer with the IP address did not allow the name to be claimed by this computer.
    ==== End Of File ===========================
  5. Broni

    Broni Malware Annihilator Posts: 45,226   +243

  6. micah smith

    micah smith Newcomer, in training Topic Starter

    Well, I have been trying to since I read your first post which was well over several hours ago, and it's stuck or frozen. The progress bar is less than a quarter of the way finished and it's been like that since right after it started. I've used those fix it downloads before and they've always finished in a few minutes. I had left my computer alone so not to disturb anything so I'm only just noticing that it hasn't finished. I guess I should "end task" and try to rerun it?
  7. Broni

    Broni Malware Annihilator Posts: 45,226   +243

    Go ahead and redo.
  8. micah smith

    micah smith Newcomer, in training Topic Starter

    Hi, I'm sorry I've taken so long to post the results. Yes I was able to successfully run the microsoft fix it from the download link sent. It successfully restored all of my internet explorer settings back to default. It did not help at all. It almost actually seemed to make it worse. The pop ups started happening more often and closer together. Like I said I never ever use IE only firefox. Now it also seems that instead of just it being the "about blank page" pop up it's not got babylon toolbar installed on it somehow. I've not downloaded anything else except for the microsoft fix it. I was able to find about 50 zip files on my computer that say babylon toolbar on them, download date says the 17th which I did download something from cnet, but I'm almost positive I declined it. Also last time that annoying toolbar was added to my computer it was in my programs list that I was easily able to uninstall and this time it's not. I once again restored my internet explorer settings and deleted it manually from the IE settings, but that didn't get rid of it. What should I do now?
  9. Broni

    Broni Malware Annihilator Posts: 45,226   +243

    Not a problem.
    We'll run more checks. I just needed to know if it's not just IE issue.

    • Download RogueKiller on the desktop
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or and try again


    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
    Click the "Scan" button to start scan.
    On completion of the scan click "Save log", save it to your desktop and post in your next reply.

    NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
Topic Status:
Not open for further replies.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...

Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.