Hello Community!
I have a very interesting computer problem on my hands. On my (main computer) the Internet does not work at all EXCEPT on Internet Explorer and Skype.
It is NOT a network or ISP problem. The other computers' internet on the same network is just fine. It's definitely inside the computer.
I've run scans for everything: here's a list of the ones I can think of:
I'm posting here for malware help, so here's the dds log:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16490 BrowserJavaVersion: 10.21.2
Run by Bippes at 16:26:11 on 2013-06-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.4407 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Windows\system32\locator.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\RunDll32.exe
C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:tabs
uWindow Title = Internet Explorer
uSearch Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c167991
uSearchURL,(Default) = hxxp://www.bing.com/search?q=%s&r=663
uURLSearchHooks: {3fcda028-893f-496b-84cc-b411cc83021f} - <orphaned>
mURLSearchHooks: {3fcda028-893f-496b-84cc-b411cc83021f} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Zoomex: {327BFB94-EE64-C56C-AFB6-14D9139AB10F} - LocalServer32 - <no file>
BHO: WebCGMHlprObj Class: {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\Windows\SysWOW64\cgmopenbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Zoomex: {C03F51BE-3ACF-D3C1-0E7A-3E5D49330740} - LocalServer32 - <no file>
BHO: MagniPic: {CC0AEA9C-2109-A543-415B-B93586785D37} - LocalServer32 - <no file>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\npchrome_frame.dll
BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
uRun: [HP Officejet 6500 E710n-z (NET)] "C:\Program Files\hp\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN12L1332S05JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1
uRun: [googletalk] C:\Users\Bippes\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [Google Update] "C:\Users\Bippes\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SpeetItUpFree] "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRun: [Norton Download Manager{NSME22-B22-4abb-B07C-C084B04B4F12}] C:\Users\Public\Downloads\Norton\{NSME22-B22-4abb-B07C-C084B04B4F12}\ccSvcHst.exe /m
dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
StartupFolder: C:\Users\Bippes\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoThumbnailCache = dword:1
uPolicies-System: NoSecCPL = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
uPolicies-System: NoDevMgrPage = dword:0
uPolicies-System: NoConfigPage = dword:0
uPolicies-System: NoVirtMemPage = dword:0
uPolicies-System: NoFileSysPage = dword:0
uPolicies-System: NoNetSetup = dword:0
uPolicies-System: NoNetSetupIDPage = dword:0
uPolicies-System: NoNetSetupSecurityPage = dword:0
uPolicies-System: NoWorkgroupContents = dword:0
uPolicies-System: NoEntireNetwork = dword:0
uPolicies-System: NoFileSharingControl = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
TCP: NameServer = 192.168.1.1 192.168.2.1 192.168.1.1
TCP: Interfaces\{8594CA23-4B9E-41B5-A98A-57CCAC371087} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{8594CA23-4B9E-41B5-A98A-57CCAC371087} : DHCPNameServer = 192.168.1.1 192.168.2.1 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\npchrome_frame.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} -
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: DVDVideoSoft WebPageAdjuster Class: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
x64-BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
Hosts: 127.0.0.1 spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-3-31 82600]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-3-31 42664]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-6-12 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-6-12 189936]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-5-9 55856]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-6-12 1025808]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-6-12 378432]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-6-12 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-6-12 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-6-12 46808]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
R3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2012-11-8 33872]
R3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-9-21 24608]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-9-21 351520]
R3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\System32\drivers\LVUVC64.sys [2011-8-19 4763680]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-6 2350176]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-23 708200]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-11-24 38456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-10-13 46136]
S3 DFX11_1;DFX Audio Enhancer 11.1;C:\Windows\System32\drivers\dfx11_1x64.sys [2012-8-29 28008]
S3 NisSrv;NisSrv; [x]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-9-15 31800]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-9 1255736]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-11-24 204288]
S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-5-14 1030600]
S4 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
S4 metasploitPostgreSQL;metasploitPostgreSQL;C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N "metasploitPostgreSQL" -D "C:/METASP~1/POSTGR~1/data" --> C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N metasploitPostgreSQL [?]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-11 3574624]
.
=============== Created Last 30 ================
.
2013-06-18 18:53:04 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FC7EE263-671D-4AFF-8F1A-FFF735E44BE6}\mpengine.dll
2013-06-14 13:32:48 -------- d-----w- C:\Users\Bippes\AppData\Roaming\SongManager
2013-06-14 12:50:07 -------- d-----w- C:\Windows\CheckSur
2013-06-12 18:09:20 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-06-12 18:09:18 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-06-12 18:09:18 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-06-12 18:09:17 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-06-12 18:09:16 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-06-12 18:09:01 41664 ----a-w- C:\Windows\avastSS.scr
2013-06-12 10:18:25 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-12 10:14:19 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-06-12 10:14:19 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-06-12 10:13:59 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-06-12 10:13:59 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-06-12 10:13:35 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-06-12 10:13:35 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-06-12 10:13:10 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-06-12 10:13:06 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-06-12 10:12:59 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-06-12 10:12:59 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-06-12 10:12:59 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-06-12 10:12:58 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-06-12 10:12:58 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-06-12 10:12:58 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-06-12 10:12:58 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-06-12 10:12:58 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-06-12 10:12:20 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-06-12 10:12:20 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-06-10 14:49:26 -------- d-----w- C:\Program Files (x86)\AVAST Software
2013-06-10 14:35:28 -------- d-----w- C:\Program Files\AVAST Software
2013-06-10 14:33:09 -------- d-----w- C:\ProgramData\AVAST Software
2013-06-10 02:20:51 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-06-08 00:28:05 -------- d-----w- C:\Users\Bippes\AppData\Local\Spoon
2013-06-07 23:47:47 -------- d-----w- C:\ubuntu
2013-05-28 13:35:09 -------- d-----w- C:\Users\Bippes\AppData\Local\DownBook
.
==================== Find3M ====================
.
2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-15 15:42:21 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 15:42:21 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-14 21:31:34 2560 ----a-w- C:\Windows\System32\thunk.dll
2013-05-14 21:31:34 1024 ----a-w- C:\Windows\SysWow64\thunk.dll
2013-05-02 07:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-17 20:39:45 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-17 20:39:43 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-04-17 20:39:43 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-03-31 23:32:04 82600 ----a-w- C:\Windows\System32\drivers\amd_sata.sys
2013-03-31 23:32:04 42664 ----a-w- C:\Windows\System32\drivers\amd_xata.sys
2004-02-03 21:13:58 121856 --sha-w- C:\Windows\SysWOW64\nfssys.exe
.
============= FINISH: 16:26:29.85 ===============
I do NOT have a Windows install disk.
Thanks!
DaveRB97
I have a very interesting computer problem on my hands. On my (main computer) the Internet does not work at all EXCEPT on Internet Explorer and Skype.
It is NOT a network or ISP problem. The other computers' internet on the same network is just fine. It's definitely inside the computer.
I've run scans for everything: here's a list of the ones I can think of:
- SlimCleaner
- Disk Cleanup
- Defrags (several)
- CCleaner
- Troubleshooters (none of the Windows troubleshooters had AN
- YTHING to say)
- Microsoft Malicious Software Removal Tool
- Windows Defender
- Avast! Antivirus Full-Scan and Boot-Time Scan (found some malware and removed it successfully removed it)
I'm posting here for malware help, so here's the dds log:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16490 BrowserJavaVersion: 10.21.2
Run by Bippes at 16:26:11 on 2013-06-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.4407 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Windows\system32\locator.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\RunDll32.exe
C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:tabs
uWindow Title = Internet Explorer
uSearch Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c167991
uSearchURL,(Default) = hxxp://www.bing.com/search?q=%s&r=663
uURLSearchHooks: {3fcda028-893f-496b-84cc-b411cc83021f} - <orphaned>
mURLSearchHooks: {3fcda028-893f-496b-84cc-b411cc83021f} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Zoomex: {327BFB94-EE64-C56C-AFB6-14D9139AB10F} - LocalServer32 - <no file>
BHO: WebCGMHlprObj Class: {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\Windows\SysWOW64\cgmopenbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Zoomex: {C03F51BE-3ACF-D3C1-0E7A-3E5D49330740} - LocalServer32 - <no file>
BHO: MagniPic: {CC0AEA9C-2109-A543-415B-B93586785D37} - LocalServer32 - <no file>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\npchrome_frame.dll
BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
uRun: [HP Officejet 6500 E710n-z (NET)] "C:\Program Files\hp\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN12L1332S05JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1
uRun: [googletalk] C:\Users\Bippes\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [Google Update] "C:\Users\Bippes\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SpeetItUpFree] "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRun: [Norton Download Manager{NSME22-B22-4abb-B07C-C084B04B4F12}] C:\Users\Public\Downloads\Norton\{NSME22-B22-4abb-B07C-C084B04B4F12}\ccSvcHst.exe /m
dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
StartupFolder: C:\Users\Bippes\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoThumbnailCache = dword:1
uPolicies-System: NoSecCPL = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
uPolicies-System: NoDevMgrPage = dword:0
uPolicies-System: NoConfigPage = dword:0
uPolicies-System: NoVirtMemPage = dword:0
uPolicies-System: NoFileSysPage = dword:0
uPolicies-System: NoNetSetup = dword:0
uPolicies-System: NoNetSetupIDPage = dword:0
uPolicies-System: NoNetSetupSecurityPage = dword:0
uPolicies-System: NoWorkgroupContents = dword:0
uPolicies-System: NoEntireNetwork = dword:0
uPolicies-System: NoFileSharingControl = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
TCP: NameServer = 192.168.1.1 192.168.2.1 192.168.1.1
TCP: Interfaces\{8594CA23-4B9E-41B5-A98A-57CCAC371087} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{8594CA23-4B9E-41B5-A98A-57CCAC371087} : DHCPNameServer = 192.168.1.1 192.168.2.1 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\npchrome_frame.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} -
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: DVDVideoSoft WebPageAdjuster Class: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
x64-BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
Hosts: 127.0.0.1 spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-3-31 82600]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-3-31 42664]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-6-12 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-6-12 189936]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-5-9 55856]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-6-12 1025808]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-6-12 378432]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-6-12 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-6-12 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-6-12 46808]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
R3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2012-11-8 33872]
R3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-9-21 24608]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-9-21 351520]
R3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\System32\drivers\LVUVC64.sys [2011-8-19 4763680]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-6 2350176]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-23 708200]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-11-24 38456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-10-13 46136]
S3 DFX11_1;DFX Audio Enhancer 11.1;C:\Windows\System32\drivers\dfx11_1x64.sys [2012-8-29 28008]
S3 NisSrv;NisSrv; [x]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-9-15 31800]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-9 1255736]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-11-24 204288]
S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-5-14 1030600]
S4 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
S4 metasploitPostgreSQL;metasploitPostgreSQL;C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N "metasploitPostgreSQL" -D "C:/METASP~1/POSTGR~1/data" --> C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N metasploitPostgreSQL [?]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-11 3574624]
.
=============== Created Last 30 ================
.
2013-06-18 18:53:04 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FC7EE263-671D-4AFF-8F1A-FFF735E44BE6}\mpengine.dll
2013-06-14 13:32:48 -------- d-----w- C:\Users\Bippes\AppData\Roaming\SongManager
2013-06-14 12:50:07 -------- d-----w- C:\Windows\CheckSur
2013-06-12 18:09:20 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-06-12 18:09:18 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-06-12 18:09:18 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-06-12 18:09:17 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-06-12 18:09:16 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-06-12 18:09:01 41664 ----a-w- C:\Windows\avastSS.scr
2013-06-12 10:18:25 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-12 10:14:19 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-06-12 10:14:19 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-06-12 10:13:59 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-06-12 10:13:59 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-06-12 10:13:35 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-06-12 10:13:35 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-06-12 10:13:10 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-06-12 10:13:06 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-06-12 10:12:59 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-06-12 10:12:59 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-06-12 10:12:59 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-06-12 10:12:58 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-06-12 10:12:58 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-06-12 10:12:58 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-06-12 10:12:58 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-06-12 10:12:58 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-06-12 10:12:20 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-06-12 10:12:20 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-06-10 14:49:26 -------- d-----w- C:\Program Files (x86)\AVAST Software
2013-06-10 14:35:28 -------- d-----w- C:\Program Files\AVAST Software
2013-06-10 14:33:09 -------- d-----w- C:\ProgramData\AVAST Software
2013-06-10 02:20:51 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-06-08 00:28:05 -------- d-----w- C:\Users\Bippes\AppData\Local\Spoon
2013-06-07 23:47:47 -------- d-----w- C:\ubuntu
2013-05-28 13:35:09 -------- d-----w- C:\Users\Bippes\AppData\Local\DownBook
.
==================== Find3M ====================
.
2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-15 15:42:21 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 15:42:21 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-14 21:31:34 2560 ----a-w- C:\Windows\System32\thunk.dll
2013-05-14 21:31:34 1024 ----a-w- C:\Windows\SysWow64\thunk.dll
2013-05-02 07:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-17 20:39:45 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-17 20:39:43 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-04-17 20:39:43 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-03-31 23:32:04 82600 ----a-w- C:\Windows\System32\drivers\amd_sata.sys
2013-03-31 23:32:04 42664 ----a-w- C:\Windows\System32\drivers\amd_xata.sys
2004-02-03 21:13:58 121856 --sha-w- C:\Windows\SysWOW64\nfssys.exe
.
============= FINISH: 16:26:29.85 ===============
I do NOT have a Windows install disk.
Thanks!
DaveRB97