My laptop is a HP Pavilion dm1, and has become extremely slow in the past few days. Also, there are some unknown processes shown in task manager, and some extensions in chrome that random pop-up tabs suggesting I may also like t read the following etc. This usually comes on Google results, YouTube, and other news articles.
I don't have access to the boot cd unfortunately.
DDS.txt:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518
Run by hp at 21:18:08 on 2014-03-12
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.1641.256 [GMT 3.5:30]
.
AV: AVG Internet Security 2014 *Enabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG Internet Security 2014 *Enabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\ProgramData\DatacardService\DCService.exe
C:\Windows\system32\HPSIsvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\VoipGain.com\VoipGain\voipgain.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\PING.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uProxyServer = hxxp=127.0.0.1:8080;https=127.0.0.1:8080
uProxyOverride = <local>
uWindows: Load = C:\Users\hp\LOCALS~1\Temp\cccihqex.com
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Object Browser: {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [VoipGain] "C:\Program Files (x86)\VoipGain.com\VoipGain\voipgain.exe" -nosplash -minimized
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
LSP: C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4749CBE8-2413-4C3C-9477-526EDB9FF11F} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4749CBE8-2413-4C3C-9477-526EDB9FF11F}\37162716E6 : DHCPNameServer = 5.201.138.5 4.2.2.4
TCP: Interfaces\{4749CBE8-2413-4C3C-9477-526EDB9FF11F}\7594D41485 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{4749CBE8-2413-4C3C-9477-526EDB9FF11F}\96140707C6563456E6475627 : DHCPNameServer = 5.201.138.5 4.2.2.4
TCP: Interfaces\{A7C76418-8E2A-407C-906D-3F888C9C77D1} : NameServer = 10.3.192.154 10.3.192.155
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Object Browser: {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\waiv2oaq.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Windows\System32\Adobe\Director\np32dsw_1200112.dll
FF - plugin: C:\Windows\System32\Macromed\AUTHORWA\np32asw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-7-12 82600]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-7-12 42664]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-8-22 192824]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-8-22 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-8-1 31544]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-7-12 20024]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-8-1 147768]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2012-9-4 50296]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-8-22 241464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-8-22 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-2-21 175480]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2013-7-12 228008]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-7-12 165688]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2013-8-27 86016]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-7-12 243712]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-7-12 838216]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2013-8-27 117248]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2013-8-27 256000]
S3 mvusbews;USB EWS Device;C:\Windows\System32\drivers\mvusbews.sys [2012-12-24 20480]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-9-5 59392]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-03-11 14:12:29 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0804C4A2-6C52-432A-9762-DE9543B52FB0}\mpengine.dll
2014-03-04 11:29:54 -------- d-----w- C:\Users\hp\AppData\Local\Skype
2014-03-03 14:58:15 -------- d-----w- C:\a3eb616d61af81d579312207
2014-03-01 08:32:39 -------- d-----w- C:\Windows\Migration
2014-02-21 13:20:34 175480 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2014-02-16 13:07:00 -------- d-----w- C:\dc577246e848f32d7a0d69d43e
2014-02-16 12:54:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-16 12:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-15 14:25:12 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-02-15 14:25:11 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-15 14:25:11 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-02-15 14:25:11 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-15 14:23:10 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-15 14:23:10 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-15 14:23:09 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-15 14:23:09 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-15 14:11:43 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-15 14:11:43 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
==================== Find3M ====================
.
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-01-26 09:32:48 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-26 09:32:48 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-18 02:43:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-02-07 12:22:00 50330 ----a-w- C:\Program Files (x86)\AntiDust.exe
.
============= FINISH: 21:20:30.53 ===============
I don't have access to the boot cd unfortunately.
DDS.txt:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518
Run by hp at 21:18:08 on 2014-03-12
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.1641.256 [GMT 3.5:30]
.
AV: AVG Internet Security 2014 *Enabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG Internet Security 2014 *Enabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\ProgramData\DatacardService\DCService.exe
C:\Windows\system32\HPSIsvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\VoipGain.com\VoipGain\voipgain.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\PING.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uProxyServer = hxxp=127.0.0.1:8080;https=127.0.0.1:8080
uProxyOverride = <local>
uWindows: Load = C:\Users\hp\LOCALS~1\Temp\cccihqex.com
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Object Browser: {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [VoipGain] "C:\Program Files (x86)\VoipGain.com\VoipGain\voipgain.exe" -nosplash -minimized
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
LSP: C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4749CBE8-2413-4C3C-9477-526EDB9FF11F} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4749CBE8-2413-4C3C-9477-526EDB9FF11F}\37162716E6 : DHCPNameServer = 5.201.138.5 4.2.2.4
TCP: Interfaces\{4749CBE8-2413-4C3C-9477-526EDB9FF11F}\7594D41485 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{4749CBE8-2413-4C3C-9477-526EDB9FF11F}\96140707C6563456E6475627 : DHCPNameServer = 5.201.138.5 4.2.2.4
TCP: Interfaces\{A7C76418-8E2A-407C-906D-3F888C9C77D1} : NameServer = 10.3.192.154 10.3.192.155
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Object Browser: {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\waiv2oaq.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Windows\System32\Adobe\Director\np32dsw_1200112.dll
FF - plugin: C:\Windows\System32\Macromed\AUTHORWA\np32asw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-7-12 82600]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-7-12 42664]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-8-22 192824]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-8-22 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-8-1 31544]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-7-12 20024]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-8-1 147768]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2012-9-4 50296]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-8-22 241464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-8-22 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-2-21 175480]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2013-7-12 228008]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-7-12 165688]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2013-8-27 86016]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-7-12 243712]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-7-12 838216]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2013-8-27 117248]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2013-8-27 256000]
S3 mvusbews;USB EWS Device;C:\Windows\System32\drivers\mvusbews.sys [2012-12-24 20480]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-9-5 59392]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-03-11 14:12:29 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0804C4A2-6C52-432A-9762-DE9543B52FB0}\mpengine.dll
2014-03-04 11:29:54 -------- d-----w- C:\Users\hp\AppData\Local\Skype
2014-03-03 14:58:15 -------- d-----w- C:\a3eb616d61af81d579312207
2014-03-01 08:32:39 -------- d-----w- C:\Windows\Migration
2014-02-21 13:20:34 175480 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2014-02-16 13:07:00 -------- d-----w- C:\dc577246e848f32d7a0d69d43e
2014-02-16 12:54:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-16 12:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-15 14:25:12 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-02-15 14:25:11 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-15 14:25:11 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-02-15 14:25:11 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-15 14:23:10 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-15 14:23:10 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-15 14:23:09 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-15 14:23:09 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-15 14:11:43 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-15 14:11:43 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
==================== Find3M ====================
.
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-01-26 09:32:48 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-26 09:32:48 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-18 02:43:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-02-07 12:22:00 50330 ----a-w- C:\Program Files (x86)\AntiDust.exe
.
============= FINISH: 21:20:30.53 ===============