Hi, I hope someone can help me. I'm not sure that I have a virus or spyware, but I'm assuming so. There haven't been any major problems going on but several small ones that I'm assuming aren't normal. The latest is the fact that internet exporer keeps popping up with "about" blank page. I don't use internet explorer ever, so I'm not sure what's going on. I typically only use firefox and on occasion if firefox is having issues chrome for a very short time. I have added no extensions or add ons to chrome or ie, I've only added them to firefox. I currently run a paid version of trend micro, and free version of malware bites. In the past few weeks I've downloaded several of the top rated other ones from CNET, ran them once and uninstalled them all except for the 2 listed above. My internet also has a lot of freezing issues. Theres also some crap called strongvault I recently discovered on my computer and thought I had rid myself of them but looking at the logs created it appears I haven't so any help with that is appreciated!
.
=============
DS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by micah and jesse at 16:33:05 on 2012-12-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8087.4981 [GMT -6:00]
.
AV: Trend Micro Titanium 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Ditto\Ditto.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\VTech\DownloadManager\System\DownloadManager.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe
C:\Windows\notepad.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\micah and jesse\VECTOR AND CLIPART\FONTS\FONTS\HijackThis.exe
C:\Windows\SysWow64\NOTEPAD.EXE
C:\Windows\SysWow64\NOTEPAD.EXE
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = Preserve
mStart Page = hxxp://search.babylon.com/?affID=117087&tt=4712_7&babsrc=HP_ss&mntrId=aec2b70c000000000000844bf5224b1d
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: {0EEDB912-C5FA-486F-8334-57288578C627} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
BHO: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - <orphaned>
BHO: {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
BHO: Microsoft SPFS Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [Ditto] C:\Program Files (x86)\Ditto\Ditto.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727"
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRunOnce: [PhotoCollageMaxunstall] <no file>
StartupFolder: C:\Users\MICAHA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with &Shareaza - C:\Program Files (x86)\Shareaza\RazaWebHook32.dll/3000
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{AA02AE61-F9AF-4B69-A610-B4C32D86B508} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{AA02AE61-F9AF-4B69-A610-B4C32D86B508} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D0610DB2-514F-4C91-AD31-6640458A6D56} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\16474777966696 : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\16474777966696 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\4656661657C647 : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\4656661657C647 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\54C602451636F602245756E6F6 : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\54C602451636F602245756E6F6 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\948414455484F4553545F4E4 : DHCPNameServer = 192.168.2.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: {0EEDB912-C5FA-486F-8334-57288578C627} - <orphaned>
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-BHO: Microsoft SPFS Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\npspwrap.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Users\micah and jesse\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-11-14 19:56; {38783831-6098-4faa-A9C9-1EE1E343F4D2}; C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
FF - ExtSQL: 2012-11-15 11:27; {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
FF - ExtSQL: 2012-11-21 16:12; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2012-11-24 02:48; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-11-24 12:08; autocopy2@teo.pl; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\autocopy2@teo.pl.xpi
FF - ExtSQL: 2012-11-24 12:08; rainbow@colors.org; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\rainbow@colors.org.xpi
FF - ExtSQL: 2012-11-24 12:08; sortbookmarks@bouanto; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\sortbookmarks@bouanto.xpi
FF - ExtSQL: 2012-11-24 12:08; youtubeunblocker@unblocker.yt; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\youtubeunblocker@unblocker.yt.xpi
FF - ExtSQL: 2012-11-24 12:08; {E71B541F-5E72-5555-A47C-E47863195841}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{E71B541F-5E72-5555-A47C-E47863195841}
FF - ExtSQL: 2012-11-29 02:58; {cd617375-6743-4ee8-bac4-fbf10f35729e}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
FF - ExtSQL: 2012-12-01 17:55; {dc572301-7619-498c-a57d-39143191b318}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF - ExtSQL: 2012-12-09 20:31; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF - ExtSQL: 2012-12-09 21:07; web2pdfextension@web2pdf.adobedotcom; C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF - ExtSQL: 2012-12-11 22:40; artur.dubovoy@gmail.com; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2012-12-15 21:36; {1280606b-2510-4fe0-97ef-9b5a22eafe30}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
FF - ExtSQL: 2012-12-15 23:19; jid0-vIQLXACIhaAd4GQzLBL1RSeoaKk@jetpack; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\jid0-vIQLXACIhaAd4GQzLBL1RSeoaKk@jetpack.xpi
FF - ExtSQL: 2012-12-17 22:41; {22C7F6C6-8D67-4534-92B5-529A0EC09405}; C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2011-12-5 16152]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-11-19 56336]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-12-26 77184]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-12-26 275912]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2012-11-26 168448]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-11-26 131072]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2012-10-15 1641320]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-7-29 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-7-29 161560]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-10-22 72216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-24 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-24 676936]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-10-20 1494144]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-29 363800]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-7-29 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2011-12-5 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2011-12-5 785688]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-24 25928]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-7-29 1860672]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-7-29 565352]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2011-10-13 20016]
R3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-7-16 401256]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2012-9-20 33872]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-8-23 57280]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-8-28 69640]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-7-29 259688]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-18 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
FileExt: .jse: JSEFile=C:\Windows\SysWow64\WScript.exe "%1" %*
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-27 05:53:28 105744 ----a-w- C:\Windows\System32\drivers\tmtdi.sys
2012-12-27 05:52:53 77184 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys
2012-12-27 05:52:53 173504 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2012-12-27 05:52:53 107048 ----a-w- C:\Windows\System32\drivers\tmactmon.sys
2012-12-27 05:50:57 -------- d-----w- C:\Program Files\Trend Micro
2012-12-27 05:48:11 -------- d-----r- C:\Users\micah and jesse\Desktop 2
2012-12-27 04:43:31 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
2012-12-27 03:09:05 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-12-26 07:25:11 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Trillian
2012-12-25 17:36:15 -------- d-----w- C:\Users\micah and jesse\AppData\Local\cache
2012-12-25 17:25:05 -------- d-----w- C:\ProgramData\VTech
2012-12-25 17:25:05 -------- d-----w- C:\Program Files (x86)\VTech
2012-12-25 12:05:50 -------- d-----w- C:\Program Files\McAfee
2012-12-25 02:08:14 -------- d-----w- C:\Program Files (x86)\GPPSoft
2012-12-24 19:36:20 -------- d-----w- C:\Program Files (x86)\RocketDock
2012-12-24 14:52:41 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Gamelab
2012-12-24 14:17:48 -------- d-----w- C:\Program Files (x86)\WildGames
2012-12-24 14:16:52 -------- d-sh--w- C:\Windows\ftpcache
2012-12-24 11:31:39 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-24 11:31:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-24 04:37:26 -------- d-----w- C:\Program Files (x86)\AnVir Task Manager Free
2012-12-24 04:31:11 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\SUPERAntiSpyware.com
2012-12-24 04:31:03 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-12-24 04:31:03 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-12-22 20:38:21 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Ditto
2012-12-22 20:38:13 -------- d-----w- C:\Program Files (x86)\Ditto
2012-12-21 18:01:17 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{67BEF274-0726-4AB2-9157-BDF260E0161C}\mpengine.dll
2012-12-21 17:07:43 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 17:07:43 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 17:07:42 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 17:07:42 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-20 06:05:49 -------- d-----w- C:\ProgramData\SecTaskMan
2012-12-20 06:05:30 -------- d-----w- C:\Program Files (x86)\Security Task Manager
2012-12-18 08:31:38 -------- d-----w- C:\ProgramData\AVAST Software
2012-12-18 08:31:38 -------- d-----w- C:\Program Files\AVAST Software
2012-12-18 01:30:51 -------- d-----w- C:\Users\micah and jesse\AppData\Local\AnVir
2012-12-17 20:19:39 -------- d-----w- C:\Windows\pss
2012-12-17 06:24:46 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\.purple
2012-12-17 06:23:58 -------- d-----w- C:\ProgramData\IObit
2012-12-17 06:22:12 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-12-17 06:21:44 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-12-17 06:21:44 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-12-17 06:20:08 -------- d-----w- C:\Program Files\CCleaner
2012-12-17 06:16:59 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\DMCache
2012-12-12 19:27:40 -------- d-----w- C:\Users\micah and jesse\AppData\Local\WinZip
2012-12-11 23:04:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-11 23:04:49 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-11 22:59:53 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-12-11 22:59:00 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-12-11 22:59:00 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-12-11 22:59:00 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-12-11 22:08:07 -------- d-----w- C:\Program Files (x86)\IZArc
2012-12-10 03:25:39 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Visan
2012-12-10 03:06:38 -------- d-----w- C:\ProgramData\Visan
2012-12-10 03:06:38 -------- d-----w- C:\ProgramData\HP Photo Creations
2012-12-10 03:06:38 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2012-12-09 08:42:03 -------- d-----w- C:\Users\micah and jesse\VECTOR AND CLIPART
2012-12-08 21:14:54 -------- d-----w- C:\Users\micah and jesse\.thumbnails
2012-12-08 08:46:54 -------- d-----w- C:\ProgramData\sitoo
2012-12-08 08:36:17 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Virtual Mechanics
2012-12-08 08:36:17 -------- d-----w- C:\ProgramData\Virtual Mechanics
2012-12-04 16:01:25 -------- d-----w- C:\ProgramData\Bitstream
2012-12-03 07:08:19 -------- d-----w- C:\ProgramData\ALM
2012-12-03 06:15:53 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\com.adobe.WidgetBrowser
2012-12-03 05:54:16 -------- d-----w- C:\Users\micah and jesse\CS6 Design and Web Premium
2012-12-03 05:44:52 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-12-02 21:15:47 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-12-02 21:06:16 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\com.extend.csslayouts
2012-12-02 19:48:37 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\inkscape
2012-12-02 13:14:15 -------- d-----w- C:\Program Files (x86)\Inkscape
2012-12-02 12:21:21 -------- d-----w- C:\Users\micah and jesse\Adobe Illustrator CS6
2012-12-02 11:27:40 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\PDAppFlex
2012-12-02 09:03:48 -------- d-----w- C:\ProgramData\Protexis
2012-12-01 07:52:04 -------- d-----w- C:\Program Files (x86)\Corel
2012-12-01 07:30:05 -------- d-----w- C:\ProgramData\Protexis64
2012-12-01 07:23:34 -------- d-----w- C:\Program Files\Common Files\Protexis
2012-12-01 03:58:58 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\simplitec
2012-11-30 16:14:37 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2012-11-30 16:13:06 -------- d-----w- C:\Program Files (x86)\Microsoft Expression
2012-11-30 10:03:31 -------- d-----w- C:\Users\micah and jesse\AppData\Local\Xara
2012-11-30 10:03:18 -------- d-----w- C:\ProgramData\Xara
2012-11-30 10:03:18 -------- d-----w- C:\Program Files (x86)\Common Files\Xara Services
2012-11-30 10:03:14 -------- d-----w- C:\ProgramData\simplitec
2012-11-30 08:58:19 -------- d-----w- C:\Users\micah and jesse\AppData\Local\fontconfig
2012-11-30 08:58:18 -------- d-----w- C:\Users\micah and jesse\AppData\Local\gegl-0.2
2012-11-30 08:58:18 -------- d-----w- C:\Users\micah and jesse\.gimp-2.8
2012-11-30 08:39:09 -------- d-----w- C:\ProgramData\AVG2013
2012-11-30 08:38:23 -------- d-----w- C:\Program Files (x86)\AVG
2012-11-30 08:26:44 -------- d-----w- C:\Program Files\GIMP 2
2012-11-30 07:11:03 -------- d--h--w- C:\ProgramData\Common Files
2012-11-30 07:11:03 -------- d-----w- C:\Users\micah and jesse\AppData\Local\MFAData
2012-11-30 07:11:03 -------- d-----w- C:\Users\micah and jesse\AppData\Local\Avg2013
2012-11-30 07:11:03 -------- d-----w- C:\ProgramData\MFAData
2012-11-29 10:18:34 -------- d-----w- C:\Program Files (x86)\RealDrawPRO5
2012-11-29 08:36:05 -------- d-----w- C:\Program Files (x86)\Common Files\LiveMetrics
.
==================== Find3M ====================
.
2012-12-27 05:51:36 56 ----a-w- C:\Windows\System32\SupportTool.exe.bat
2012-12-11 20:55:24 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 20:55:24 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-07 11:38:47 737280 ----a-w- C:\Windows\iun6002.exe
2012-11-30 10:03:45 120200 ----a-w- C:\Windows\SysWow64\DLLDEV32i.dll
2012-11-19 10:54:51 258048 ----a-w- C:\Windows\ies_Shell.dll
2012-11-17 02:55:10 88008 ------w- C:\Windows\System32\LMIRfsClientNP.dll
2012-11-17 02:55:10 83880 ------w- C:\Windows\System32\LMIinit.dll
2012-11-17 02:55:10 35240 ------w- C:\Windows\System32\LMIport.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
.
(end)
.
=============
DS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by micah and jesse at 16:33:05 on 2012-12-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8087.4981 [GMT -6:00]
.
AV: Trend Micro Titanium 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Ditto\Ditto.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\VTech\DownloadManager\System\DownloadManager.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe
C:\Windows\notepad.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\micah and jesse\VECTOR AND CLIPART\FONTS\FONTS\HijackThis.exe
C:\Windows\SysWow64\NOTEPAD.EXE
C:\Windows\SysWow64\NOTEPAD.EXE
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = Preserve
mStart Page = hxxp://search.babylon.com/?affID=117087&tt=4712_7&babsrc=HP_ss&mntrId=aec2b70c000000000000844bf5224b1d
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: {0EEDB912-C5FA-486F-8334-57288578C627} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
BHO: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - <orphaned>
BHO: {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
BHO: Microsoft SPFS Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [Ditto] C:\Program Files (x86)\Ditto\Ditto.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727"
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
uRunOnce: [Uninstall C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\micah and jesse\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRunOnce: [PhotoCollageMaxunstall] <no file>
StartupFolder: C:\Users\MICAHA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with &Shareaza - C:\Program Files (x86)\Shareaza\RazaWebHook32.dll/3000
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{AA02AE61-F9AF-4B69-A610-B4C32D86B508} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{AA02AE61-F9AF-4B69-A610-B4C32D86B508} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D0610DB2-514F-4C91-AD31-6640458A6D56} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\16474777966696 : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\16474777966696 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\4656661657C647 : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\4656661657C647 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\54C602451636F602245756E6F6 : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\54C602451636F602245756E6F6 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{EDAD79F8-AC43-4EA0-8AA9-2BD1A7350A18}\948414455484F4553545F4E4 : DHCPNameServer = 192.168.2.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: {0EEDB912-C5FA-486F-8334-57288578C627} - <orphaned>
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-BHO: Microsoft SPFS Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\npspwrap.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Users\micah and jesse\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-11-14 19:56; {38783831-6098-4faa-A9C9-1EE1E343F4D2}; C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
FF - ExtSQL: 2012-11-15 11:27; {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
FF - ExtSQL: 2012-11-21 16:12; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2012-11-24 02:48; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-11-24 12:08; autocopy2@teo.pl; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\autocopy2@teo.pl.xpi
FF - ExtSQL: 2012-11-24 12:08; rainbow@colors.org; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\rainbow@colors.org.xpi
FF - ExtSQL: 2012-11-24 12:08; sortbookmarks@bouanto; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\sortbookmarks@bouanto.xpi
FF - ExtSQL: 2012-11-24 12:08; youtubeunblocker@unblocker.yt; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\youtubeunblocker@unblocker.yt.xpi
FF - ExtSQL: 2012-11-24 12:08; {E71B541F-5E72-5555-A47C-E47863195841}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{E71B541F-5E72-5555-A47C-E47863195841}
FF - ExtSQL: 2012-11-29 02:58; {cd617375-6743-4ee8-bac4-fbf10f35729e}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
FF - ExtSQL: 2012-12-01 17:55; {dc572301-7619-498c-a57d-39143191b318}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF - ExtSQL: 2012-12-09 20:31; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF - ExtSQL: 2012-12-09 21:07; web2pdfextension@web2pdf.adobedotcom; C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF - ExtSQL: 2012-12-11 22:40; artur.dubovoy@gmail.com; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2012-12-15 21:36; {1280606b-2510-4fe0-97ef-9b5a22eafe30}; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
FF - ExtSQL: 2012-12-15 23:19; jid0-vIQLXACIhaAd4GQzLBL1RSeoaKk@jetpack; C:\Users\micah and jesse\AppData\Roaming\Mozilla\Firefox\Profiles\exmz1hau.default\extensions\jid0-vIQLXACIhaAd4GQzLBL1RSeoaKk@jetpack.xpi
FF - ExtSQL: 2012-12-17 22:41; {22C7F6C6-8D67-4534-92B5-529A0EC09405}; C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2011-12-5 16152]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-11-19 56336]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-12-26 77184]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-12-26 275912]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2012-11-26 168448]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-11-26 131072]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2012-10-15 1641320]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-7-29 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-7-29 161560]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-10-22 72216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-24 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-24 676936]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-10-20 1494144]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-29 363800]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-7-29 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2011-12-5 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2011-12-5 785688]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-24 25928]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-7-29 1860672]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-7-29 565352]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2011-10-13 20016]
R3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-7-16 401256]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2012-9-20 33872]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-8-23 57280]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-8-28 69640]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-7-29 259688]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-18 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
FileExt: .jse: JSEFile=C:\Windows\SysWow64\WScript.exe "%1" %*
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-27 05:53:28 105744 ----a-w- C:\Windows\System32\drivers\tmtdi.sys
2012-12-27 05:52:53 77184 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys
2012-12-27 05:52:53 173504 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2012-12-27 05:52:53 107048 ----a-w- C:\Windows\System32\drivers\tmactmon.sys
2012-12-27 05:50:57 -------- d-----w- C:\Program Files\Trend Micro
2012-12-27 05:48:11 -------- d-----r- C:\Users\micah and jesse\Desktop 2
2012-12-27 04:43:31 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
2012-12-27 03:09:05 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-12-26 07:25:11 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Trillian
2012-12-25 17:36:15 -------- d-----w- C:\Users\micah and jesse\AppData\Local\cache
2012-12-25 17:25:05 -------- d-----w- C:\ProgramData\VTech
2012-12-25 17:25:05 -------- d-----w- C:\Program Files (x86)\VTech
2012-12-25 12:05:50 -------- d-----w- C:\Program Files\McAfee
2012-12-25 02:08:14 -------- d-----w- C:\Program Files (x86)\GPPSoft
2012-12-24 19:36:20 -------- d-----w- C:\Program Files (x86)\RocketDock
2012-12-24 14:52:41 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Gamelab
2012-12-24 14:17:48 -------- d-----w- C:\Program Files (x86)\WildGames
2012-12-24 14:16:52 -------- d-sh--w- C:\Windows\ftpcache
2012-12-24 11:31:39 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-24 11:31:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-24 04:37:26 -------- d-----w- C:\Program Files (x86)\AnVir Task Manager Free
2012-12-24 04:31:11 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\SUPERAntiSpyware.com
2012-12-24 04:31:03 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-12-24 04:31:03 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-12-22 20:38:21 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Ditto
2012-12-22 20:38:13 -------- d-----w- C:\Program Files (x86)\Ditto
2012-12-21 18:01:17 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{67BEF274-0726-4AB2-9157-BDF260E0161C}\mpengine.dll
2012-12-21 17:07:43 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 17:07:43 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 17:07:42 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 17:07:42 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-20 06:05:49 -------- d-----w- C:\ProgramData\SecTaskMan
2012-12-20 06:05:30 -------- d-----w- C:\Program Files (x86)\Security Task Manager
2012-12-18 08:31:38 -------- d-----w- C:\ProgramData\AVAST Software
2012-12-18 08:31:38 -------- d-----w- C:\Program Files\AVAST Software
2012-12-18 01:30:51 -------- d-----w- C:\Users\micah and jesse\AppData\Local\AnVir
2012-12-17 20:19:39 -------- d-----w- C:\Windows\pss
2012-12-17 06:24:46 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\.purple
2012-12-17 06:23:58 -------- d-----w- C:\ProgramData\IObit
2012-12-17 06:22:12 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-12-17 06:21:44 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-12-17 06:21:44 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-12-17 06:20:08 -------- d-----w- C:\Program Files\CCleaner
2012-12-17 06:16:59 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\DMCache
2012-12-12 19:27:40 -------- d-----w- C:\Users\micah and jesse\AppData\Local\WinZip
2012-12-11 23:04:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-11 23:04:49 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-11 22:59:53 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-12-11 22:59:00 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-12-11 22:59:00 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-12-11 22:59:00 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-12-11 22:08:07 -------- d-----w- C:\Program Files (x86)\IZArc
2012-12-10 03:25:39 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Visan
2012-12-10 03:06:38 -------- d-----w- C:\ProgramData\Visan
2012-12-10 03:06:38 -------- d-----w- C:\ProgramData\HP Photo Creations
2012-12-10 03:06:38 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2012-12-09 08:42:03 -------- d-----w- C:\Users\micah and jesse\VECTOR AND CLIPART
2012-12-08 21:14:54 -------- d-----w- C:\Users\micah and jesse\.thumbnails
2012-12-08 08:46:54 -------- d-----w- C:\ProgramData\sitoo
2012-12-08 08:36:17 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\Virtual Mechanics
2012-12-08 08:36:17 -------- d-----w- C:\ProgramData\Virtual Mechanics
2012-12-04 16:01:25 -------- d-----w- C:\ProgramData\Bitstream
2012-12-03 07:08:19 -------- d-----w- C:\ProgramData\ALM
2012-12-03 06:15:53 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\com.adobe.WidgetBrowser
2012-12-03 05:54:16 -------- d-----w- C:\Users\micah and jesse\CS6 Design and Web Premium
2012-12-03 05:44:52 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-12-02 21:15:47 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-12-02 21:06:16 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\com.extend.csslayouts
2012-12-02 19:48:37 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\inkscape
2012-12-02 13:14:15 -------- d-----w- C:\Program Files (x86)\Inkscape
2012-12-02 12:21:21 -------- d-----w- C:\Users\micah and jesse\Adobe Illustrator CS6
2012-12-02 11:27:40 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\PDAppFlex
2012-12-02 09:03:48 -------- d-----w- C:\ProgramData\Protexis
2012-12-01 07:52:04 -------- d-----w- C:\Program Files (x86)\Corel
2012-12-01 07:30:05 -------- d-----w- C:\ProgramData\Protexis64
2012-12-01 07:23:34 -------- d-----w- C:\Program Files\Common Files\Protexis
2012-12-01 03:58:58 -------- d-----w- C:\Users\micah and jesse\AppData\Roaming\simplitec
2012-11-30 16:14:37 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2012-11-30 16:13:06 -------- d-----w- C:\Program Files (x86)\Microsoft Expression
2012-11-30 10:03:31 -------- d-----w- C:\Users\micah and jesse\AppData\Local\Xara
2012-11-30 10:03:18 -------- d-----w- C:\ProgramData\Xara
2012-11-30 10:03:18 -------- d-----w- C:\Program Files (x86)\Common Files\Xara Services
2012-11-30 10:03:14 -------- d-----w- C:\ProgramData\simplitec
2012-11-30 08:58:19 -------- d-----w- C:\Users\micah and jesse\AppData\Local\fontconfig
2012-11-30 08:58:18 -------- d-----w- C:\Users\micah and jesse\AppData\Local\gegl-0.2
2012-11-30 08:58:18 -------- d-----w- C:\Users\micah and jesse\.gimp-2.8
2012-11-30 08:39:09 -------- d-----w- C:\ProgramData\AVG2013
2012-11-30 08:38:23 -------- d-----w- C:\Program Files (x86)\AVG
2012-11-30 08:26:44 -------- d-----w- C:\Program Files\GIMP 2
2012-11-30 07:11:03 -------- d--h--w- C:\ProgramData\Common Files
2012-11-30 07:11:03 -------- d-----w- C:\Users\micah and jesse\AppData\Local\MFAData
2012-11-30 07:11:03 -------- d-----w- C:\Users\micah and jesse\AppData\Local\Avg2013
2012-11-30 07:11:03 -------- d-----w- C:\ProgramData\MFAData
2012-11-29 10:18:34 -------- d-----w- C:\Program Files (x86)\RealDrawPRO5
2012-11-29 08:36:05 -------- d-----w- C:\Program Files (x86)\Common Files\LiveMetrics
.
==================== Find3M ====================
.
2012-12-27 05:51:36 56 ----a-w- C:\Windows\System32\SupportTool.exe.bat
2012-12-11 20:55:24 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 20:55:24 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-07 11:38:47 737280 ----a-w- C:\Windows\iun6002.exe
2012-11-30 10:03:45 120200 ----a-w- C:\Windows\SysWow64\DLLDEV32i.dll
2012-11-19 10:54:51 258048 ----a-w- C:\Windows\ies_Shell.dll
2012-11-17 02:55:10 88008 ------w- C:\Windows\System32\LMIRfsClientNP.dll
2012-11-17 02:55:10 83880 ------w- C:\Windows\System32\LMIinit.dll
2012-11-17 02:55:10 35240 ------w- C:\Windows\System32\LMIport.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
.
(end)