My computer is infected by a virus or malware that hijacks my browsers (Firefox, Chrome, and Internet Explorer 11). When I try to use the Google search engine the browser is routed to a web page that says:
Welcome to XFINITY Activation!
You're just a few steps away from activating your devices and experiencing entertainment like never before.
and displays this url:
hXXps://activate.comcast.com/RoutingEngine/accountlookup.do
If I try to go to a specific website (for example, YouTube or Ebay) I get an error message that the browser is unable to connect: Firefox can't establish a connection to the server at xxxxxxxxx.
I have installed Malwarebytes Anti-Malware, SUPERAntiSpyware Professional and avast! Free Antivirus. Only avast detects that there is anything wrong with my computer. When avast is turned on I can enter the url for specific websites but I am unable to use the Google search engine.
Unfortunately I do not have access to a windows install disc or boot CD.
My Attach.zip file is attached. Here is the text from DDS.txt:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126
Run by Yecats at 0:21:10 on 2014-07-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3563.2100 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Users\Yecats\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
uSearch Bar = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
uSearch Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
mStart Page = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
mSearch Bar = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
mSearch Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
mWinlogon: Userinit = userinit.exe,
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
uRun: [Spotify Web Helper] "C:\Users\Yecats\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 68.87.66.234 162.150.8.16
TCP: Interfaces\{36A4991B-9CE0-49A5-A32F-0E1451DC3102} : DHCPNameServer = 4.2.2.1
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF} : DHCPNameServer = 68.87.66.234 162.150.8.16
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF}\34840502055726C69636 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF}\35861677F40756E6 : DHCPNameServer = 10.63.8.194 10.63.8.195
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF}\6416D696C697C4F6467656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF}\7756374756C6C623930393 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF}\84940254870727563737 : DHCPNameServer = 4.2.2.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Yecats\AppData\Roaming\Mozilla\Firefox\Profiles\kiqmfr1h.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! (Avast)
FF - prefs.js: browser.search.defaulturl - hxxps://search.yahoo.com/yhs/search
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/yhs/search
FF - prefs.js: browser.startup.homepage - hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-15 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-15 40064]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-7-5 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-7-5 224896]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-7-5 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-7-5 427360]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-10 144152]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2014-1-31 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-2 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-2 365568]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-7-5 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-7-5 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-7-5 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-5 50344]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-14 2279608]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-2-28 92216]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-1-26 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2014-1-31 2375168]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-5 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-5 860472]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-3-17 87168]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2014-1-31 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-3-17 188544]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [2014-6-8 31920]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-7-5 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-5 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-5 63704]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2014-1-31 1353280]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2014-1-31 337512]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-31 428136]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2014-1-31 47232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-17 265544]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-17 111616]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-2-2 1255736]
.
=============== Created Last 30 ================
.
2014-07-06 05:22:00 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-06 05:21:17 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-06 05:21:17 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-07-06 05:21:17 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-07-06 04:25:06 -------- d-----w- C:\Users\Yecats\AppData\Roaming\SUPERAntiSpyware.com
2014-07-06 04:24:37 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2014-07-06 04:24:37 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-07-06 04:20:34 -------- d-----w- C:\Users\Yecats\AppData\Roaming\AVAST Software
2014-07-06 04:17:02 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-07-06 04:17:01 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-06 04:17:01 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-06 04:17:01 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-07-06 04:17:01 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-07-06 04:17:01 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-07-06 04:17:01 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-07-06 04:16:57 43152 ----a-w- C:\Windows\avastSS.scr
2014-07-06 04:15:17 -------- d-----w- C:\Program Files\AVAST Software
2014-07-06 04:14:17 -------- d-----w- C:\ProgramData\AVAST Software
2014-07-06 03:22:23 -------- d-----w- C:\NPE
2014-07-06 03:18:49 -------- d-----w- C:\Users\Yecats\AppData\Local\NPE
2014-07-06 03:18:49 -------- d-----w- C:\ProgramData\Norton
2014-07-06 01:50:17 -------- d-----w- C:\ProgramData\Malwarebytes
2014-07-06 01:50:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-02 22:34:42 -------- d-----w- C:\Users\Yecats\AppData\Local\Adobe
2014-06-29 00:54:59 -------- d-sh--w- C:\Users\Yecats\AppData\Local\EmieUserList
2014-06-29 00:54:59 -------- d-sh--w- C:\Users\Yecats\AppData\Local\EmieSiteList
2014-06-20 20:16:48 -------- d-s---w- C:\Windows\System32\CompatTel
2014-06-19 13:25:35 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{863EE22E-17F8-4E73-968A-EC350B5F1A33}\offreg.dll
2014-06-18 05:12:11 -------- d-----w- C:\Windows\System32\MRT
2014-06-18 05:03:49 -------- d-----w- C:\Windows\Migration
2014-06-18 04:58:31 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{863EE22E-17F8-4E73-968A-EC350B5F1A33}\mpengine.dll
2014-06-18 04:47:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-06-18 04:46:58 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-18 04:46:58 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-18 04:44:47 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-06-18 04:43:05 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-06-18 04:43:05 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-06-13 07:28:33 -------- d-----w- C:\Program Files\iPod
2014-06-13 07:28:32 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-13 07:28:32 -------- d-----w- C:\Program Files\iTunes
2014-06-13 07:28:32 -------- d-----w- C:\Program Files (x86)\iTunes
2014-06-09 10:22:31 -------- d-----w- C:\Program Files (x86)\Free Screen Video Capture by Topviewsoft
2014-06-09 06:28:55 443568 ---ha-w- C:\Windows\SysWow64\ApowersoftScreenCapturing.dll
2014-06-09 06:28:55 31920 ----a-w- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys
2014-06-09 06:28:55 271536 ---ha-w- C:\Windows\SysWow64\ApowersoftScreenCapturingFilter.dll
2014-06-09 06:28:55 181424 ---ha-w- C:\Windows\SysWow64\ApowersoftVideoMixerFilter.dll
2014-06-09 06:28:55 -------- d-----w- C:\Users\Yecats\AppData\Roaming\Apowersoft
2014-06-09 06:28:55 -------- d-----w- C:\Program Files (x86)\Apowersoft
2014-06-09 06:28:21 -------- d-----w- C:\Users\Yecats\AppData\Local\Programs
.
==================== Find3M ====================
.
2014-06-30 19:07:23 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-30 19:07:23 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-08 09:13:05 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-08 09:08:04 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
.
============= FINISH: 0:22:12.77 ===============
Welcome to XFINITY Activation!
You're just a few steps away from activating your devices and experiencing entertainment like never before.
and displays this url:
hXXps://activate.comcast.com/RoutingEngine/accountlookup.do
If I try to go to a specific website (for example, YouTube or Ebay) I get an error message that the browser is unable to connect: Firefox can't establish a connection to the server at xxxxxxxxx.
I have installed Malwarebytes Anti-Malware, SUPERAntiSpyware Professional and avast! Free Antivirus. Only avast detects that there is anything wrong with my computer. When avast is turned on I can enter the url for specific websites but I am unable to use the Google search engine.
Unfortunately I do not have access to a windows install disc or boot CD.
My Attach.zip file is attached. Here is the text from DDS.txt:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126
Run by Yecats at 0:21:10 on 2014-07-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3563.2100 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Users\Yecats\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
uSearch Bar = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
uSearch Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
mStart Page = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
mSearch Bar = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
mSearch Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
mWinlogon: Userinit = userinit.exe,
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
uRun: [Spotify Web Helper] "C:\Users\Yecats\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 68.87.66.234 162.150.8.16
TCP: Interfaces\{36A4991B-9CE0-49A5-A32F-0E1451DC3102} : DHCPNameServer = 4.2.2.1
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF} : DHCPNameServer = 68.87.66.234 162.150.8.16
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF}\34840502055726C69636 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF}\35861677F40756E6 : DHCPNameServer = 10.63.8.194 10.63.8.195
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF}\6416D696C697C4F6467656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF}\7756374756C6C623930393 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{9F877B1D-3893-47DB-A7B3-627B3578FDCF}\84940254870727563737 : DHCPNameServer = 4.2.2.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Yecats\AppData\Roaming\Mozilla\Firefox\Profiles\kiqmfr1h.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! (Avast)
FF - prefs.js: browser.search.defaulturl - hxxps://search.yahoo.com/yhs/search
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/yhs/search
FF - prefs.js: browser.startup.homepage - hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-15 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-15 40064]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-7-5 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-7-5 224896]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-7-5 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-7-5 427360]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-10 144152]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2014-1-31 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-2 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-2 365568]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-7-5 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-7-5 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-7-5 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-5 50344]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-14 2279608]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-2-28 92216]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-1-26 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2014-1-31 2375168]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-5 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-5 860472]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-3-17 87168]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2014-1-31 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-3-17 188544]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [2014-6-8 31920]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-7-5 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-5 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-5 63704]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2014-1-31 1353280]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2014-1-31 337512]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-31 428136]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2014-1-31 47232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-17 265544]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-17 111616]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-2-2 1255736]
.
=============== Created Last 30 ================
.
2014-07-06 05:22:00 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-06 05:21:17 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-06 05:21:17 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-07-06 05:21:17 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-07-06 04:25:06 -------- d-----w- C:\Users\Yecats\AppData\Roaming\SUPERAntiSpyware.com
2014-07-06 04:24:37 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2014-07-06 04:24:37 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-07-06 04:20:34 -------- d-----w- C:\Users\Yecats\AppData\Roaming\AVAST Software
2014-07-06 04:17:02 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-07-06 04:17:01 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-06 04:17:01 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-06 04:17:01 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-07-06 04:17:01 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-07-06 04:17:01 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-07-06 04:17:01 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-07-06 04:16:57 43152 ----a-w- C:\Windows\avastSS.scr
2014-07-06 04:15:17 -------- d-----w- C:\Program Files\AVAST Software
2014-07-06 04:14:17 -------- d-----w- C:\ProgramData\AVAST Software
2014-07-06 03:22:23 -------- d-----w- C:\NPE
2014-07-06 03:18:49 -------- d-----w- C:\Users\Yecats\AppData\Local\NPE
2014-07-06 03:18:49 -------- d-----w- C:\ProgramData\Norton
2014-07-06 01:50:17 -------- d-----w- C:\ProgramData\Malwarebytes
2014-07-06 01:50:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-02 22:34:42 -------- d-----w- C:\Users\Yecats\AppData\Local\Adobe
2014-06-29 00:54:59 -------- d-sh--w- C:\Users\Yecats\AppData\Local\EmieUserList
2014-06-29 00:54:59 -------- d-sh--w- C:\Users\Yecats\AppData\Local\EmieSiteList
2014-06-20 20:16:48 -------- d-s---w- C:\Windows\System32\CompatTel
2014-06-19 13:25:35 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{863EE22E-17F8-4E73-968A-EC350B5F1A33}\offreg.dll
2014-06-18 05:12:11 -------- d-----w- C:\Windows\System32\MRT
2014-06-18 05:03:49 -------- d-----w- C:\Windows\Migration
2014-06-18 04:58:31 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{863EE22E-17F8-4E73-968A-EC350B5F1A33}\mpengine.dll
2014-06-18 04:47:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-06-18 04:46:58 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-18 04:46:58 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-18 04:44:47 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-06-18 04:43:05 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-06-18 04:43:05 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-06-13 07:28:33 -------- d-----w- C:\Program Files\iPod
2014-06-13 07:28:32 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-13 07:28:32 -------- d-----w- C:\Program Files\iTunes
2014-06-13 07:28:32 -------- d-----w- C:\Program Files (x86)\iTunes
2014-06-09 10:22:31 -------- d-----w- C:\Program Files (x86)\Free Screen Video Capture by Topviewsoft
2014-06-09 06:28:55 443568 ---ha-w- C:\Windows\SysWow64\ApowersoftScreenCapturing.dll
2014-06-09 06:28:55 31920 ----a-w- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys
2014-06-09 06:28:55 271536 ---ha-w- C:\Windows\SysWow64\ApowersoftScreenCapturingFilter.dll
2014-06-09 06:28:55 181424 ---ha-w- C:\Windows\SysWow64\ApowersoftVideoMixerFilter.dll
2014-06-09 06:28:55 -------- d-----w- C:\Users\Yecats\AppData\Roaming\Apowersoft
2014-06-09 06:28:55 -------- d-----w- C:\Program Files (x86)\Apowersoft
2014-06-09 06:28:21 -------- d-----w- C:\Users\Yecats\AppData\Local\Programs
.
==================== Find3M ====================
.
2014-06-30 19:07:23 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-30 19:07:23 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-08 09:13:05 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-08 09:08:04 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
.
============= FINISH: 0:22:12.77 ===============