Get your Halloween Treats

Windows 7 Laptop take 30 mins to start

Posted 9/27/2016 4:31 PM
#124423
User avatar

petlad Advanced member

Date Joined Nov 2016
Total Posts: 33
Hi all,
I have had an issue with laptop since few months though it seems it got resolved today after chkdsk utility run. I later had CCleaner , Mbam and DDS runs for posting here and getting help from Forum members.

I see that my laptop is restarting within 4/5 mins I am still posting the logs for any other issue that may be reviewed potential to be removed.

The logs are as below
1. Malwarebytes..

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/27/2016
Scan Time: 9:40 PM
Logfile: mbam log.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.09.27.11
Rootkit Database: v2016.09.26.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tasmai

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 399061
Time Elapsed: 45 min, 57 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 14
PUP.Optional.Somoto, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FilesFrog Update Checker, Quarantined, [f2357205f6a49f975b0f33d9639db050],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT1561552, Quarantined, [73b4afc891094de90b63a3eed62d669a],
PUP.Optional.Somoto, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{31C9779F-9700-43B5-82A9-A15F9F82A7EC}, Delete-on-Reboot, [2afd66118c0e181e2580569b7e85b44c],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Bidaily Synchronize Task[973b], Delete-on-Reboot, [0b1cf97e3a6086b0dfaa4567b84b1ce4],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Bidaily Synchronize Task[pr], Delete-on-Reboot, [2205492efb9f3ff78405aefe0ef5af51],
PUP.Optional.Somoto, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SomotoUpdateCheckerAutoStart, Delete-on-Reboot, [3ee9c3b4e5b542f45077734258abcd33],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT1561552, Quarantined, [8b9ca9ce26741d196e00d7ba4bb8f010],
PUP.Optional.Somoto, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\Somoto, Quarantined, [a97ecfa8e4b633034e76ab0a20e3af51],
PUP.Optional.Conduit, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\Tbccint_HKLM, Quarantined, [fb2cabccc8d29c9ac6c50795788be21e],
PUP.Optional.WeDownLoadManager, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\WeDlMngr, Quarantined, [50d76413554581b517edfbc1bf44827e],
PUP.Optional.Conduit, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, Quarantined, [f92efc7bebafad89225e4458719240c0],
PUP.Optional.Somoto, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\SOMOTO\SDP, Quarantined, [a3844037ebaf96a0b90c9421de25916f],
PUP.Optional.MultiPlug, HKU\S-1-5-21-1792239026-444330481-3054984096-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, Quarantined, [59ce6d0aa4f6d4620b7a8c38da298878],
PUP.Optional.MultiPlug, HKU\S-1-5-21-1792239026-444330481-3054984096-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, Quarantined, [59ce6d0aa4f6d4620b7a8c38da298878],

Registry Values: 6
PUP.Optional.FilesFrog, HKLM\SOFTWARE\CLASSES\SDP\SHELL\OPEN\COMMAND, "C:\Users\Tasmai\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol Quarantined, [4ddae592b1e93204afa5ee02649f4ab6], %5
PUP.Optional.FilesFrog, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SDP\SHELL\OPEN\COMMAND, "C:\Users\Tasmai\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol Quarantined, [4cdb46311b7f4ceae66e0ce4cc379b65], %5
PUP.Optional.Somoto, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{31C9779F-9700-43B5-82A9-A15F9F82A7EC}|Path, \SomotoUpdateCheckerAutoStart, Delete-on-Reboot, [2afd66118c0e181e2580569b7e85b44c]
PUP.Optional.FilesFrog, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SDP\SHELL\OPEN\COMMAND, "C:\Users\Tasmai\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol Quarantined, [9b8cde995941a591db7916daa55e956b], %5
PUP.Optional.FreeMakeConverter, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|fmconverter@gmail.com, C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\, Quarantined, [13147700d9c18da9f1082a788281c838]
PUP.Optional.Somoto, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\SOMOTO\SDP|affid, unlockrootwqme, Quarantined, [a3844037ebaf96a0b90c9421de25916f]

Registry Data: 0
(No malicious items detected)

Folders: 20
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Conduit\Community Alerts, Quarantined, [bf681760dfbbcb6bfbb99817d62cb64a],
PUP.Optional.FilesFrog, C:\Users\Tasmai\AppData\Local\FilesFrog Update Checker, Quarantined, [6eb96e090d8dcb6b641a0ba8a95905fb],
PUP.Optional.FilesFrog, C:\Users\Tasmai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker, Quarantined, [92950e695545280ebcc49b1812f002fe],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\Local\Conduit, Quarantined, [61c694e39901f83e7d6a0abc877bba46],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\Local\Conduit\Community Alerts, Quarantined, [61c694e39901f83e7d6a0abc877bba46],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Feeds, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Log, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.FileViewPro, C:\Users\Tasmai\AppData\Local\FileViewPro, Quarantined, [52d5fb7ce3b73303c57807d4c044f60a],
PUP.Optional.FileViewPro, C:\Users\Tasmai\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm, Quarantined, [52d5fb7ce3b73303c57807d4c044f60a],
PUP.Optional.FileViewPro, C:\Users\Tasmai\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm\1.5.0.0, Quarantined, [52d5fb7ce3b73303c57807d4c044f60a],
PUP.Optional.Solvusoft, C:\Users\Tasmai\AppData\Roaming\Solvusoft, Quarantined, [1d0a3542c1d97bbb1826a43739cba45c],
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro, Quarantined, [7aad581f7b1f7cba72cdc912c044b24e],

Files: 54
RiskWare.GameHack.Steam, C:\Program Files (x86)\The Amazing Spider-Man 2\steamclient.dll, Quarantined, [b671d7a031697cbabc6ddfdee61e629e],
PUP.Optional.APNToolBar, C:\Users\Tasmai\Documents\APNSetup.exe, Quarantined, [9b8c7ef99406de587a44b772a85956aa],
PUP.Optional.OpenCandy, C:\Users\Tasmai\Downloads\KeyFinderInstaller.exe, Quarantined, [f235cbac900ada5c28323736c141a45c],
PUP.Optional.Somoto, C:\Users\Tasmai\AppData\Local\FilesFrog Update Checker\uninstall.exe, Quarantined, [f2357205f6a49f975b0f33d9639db050],
PUP.Optional.MultiPlug, C:\Windows\System32\Tasks\Bidaily Synchronize Task[973b], Quarantined, [e5421d5a099170c64c348923000349b7],
PUP.Optional.MultiPlug, C:\Windows\System32\Tasks\Bidaily Synchronize Task[pr], Quarantined, [5acd5720d4c6dc5ab0d0dece0ff4748c],
PUP.Optional.MultiPlug, C:\Windows\Tasks\Bidaily Synchronize Task[973b].job, Quarantined, [1b0ce790ff9b5bdb1074aa02a85b24dc],
PUP.Optional.MultiPlug, C:\Windows\Tasks\Bidaily Synchronize Task[pr].job, Quarantined, [31f6f5821f7b95a1d8ac9f0de32030d0],
PUP.Optional.Somoto, C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart, Quarantined, [b07791e6049680b6efd205b049ba57a9],
PUP.Optional.FilesFrog, C:\Users\Tasmai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk, Quarantined, [92950e695545280ebcc49b1812f002fe],
PUP.Optional.FilesFrog, C:\Users\Tasmai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk, Quarantined, [92950e695545280ebcc49b1812f002fe],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\DynamicDialogs.zip, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\DialogsAPI.js, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\PIE.htc, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\settings.js, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\version.txt, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\close.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\closeBtn.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\powered-by.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\settings.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\settingsBtn.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\close.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\closeBtn.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Next.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Next_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\powered-by.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Prev.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Prev_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\settings.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\settingsBtn.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Thumbs.db, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_15257_14923_IN.xml, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_15257_14923_US.xml, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks\en.xml, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.FileViewPro, C:\Users\Tasmai\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm\1.5.0.0\user.config, Quarantined, [52d5fb7ce3b73303c57807d4c044f60a],

Physical Sectors: 0
(No malicious items detected)


(end)


2. DDS first log.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840 BrowserJavaVersion: 11.60.2
Run by Tasmai at 23:13:17 on 2016-09-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4078.2024 [GMT 4:00]
.
AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files (x86)\IBM\Platform-MPI\sbin\PCMPIWin32Service.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\windows\SysWOW64\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files\CyberGhost 5\Service.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files (x86)\Breakaway\breakaway.exe
C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Breakaway\breakaway.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosSkypeApl.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\windows\system32\sppsvc.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
\\?\C:\windows\system32\wbem\WMIADAP.EXE
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://mysearch.avg.com/?cid={EDF9637E-27A3-4618-BC00-6F4E710922DA}&mid=a3b5e345923147d08ac1d5343da5f8d7-54743b3f99c25125efb995676bbdf8952c7792e0&lang=en&ds=AVG&coid=avgtbavg&cmpid=0615pit&pr=fr&d=2015-12-20 21:08:11&v=4.2.9.726&pid=wtu&sg=&sap=hp
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
uProxyServer = proxy.ssn.net:8080
uProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [AdobeBridge]
mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
mRun: [Breakaway] "C:\Program Files (x86)\Breakaway\breakaway.exe" force
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
StartupFolder: C:\Users\Tasmai\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERA~1.LNK - C:\Users\Tasmai\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TOSHIB~1.LNK - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VIRTUA~1.LNK - C:\windows\Installer\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}\_E6D9769DD20AF384865041.exe
IE: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
TCP: Interfaces\{058FB978-51B1-444F-AC31-6750C05BA499} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{18E0318C-EFF5-4097-ACC3-94380A135061} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{9308206D-1C45-41FF-A304-C5B62B5F43FC} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{E946F9CA-6BBC-4A7C-96F5-E068B3D5AC7C} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{F85BD874-3B36-49E3-99B5-F2F8426A3796} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F85BD874-3B36-49E3-99B5-F2F8426A3796}\07271647F63786 : DHCPNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{F85BD874-3B36-49E3-99B5-F2F8426A3796}\25F43554 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{F85BD874-3B36-49E3-99B5-F2F8426A3796}\A516E6A796261627A557A7A757 : DHCPNameServer = 192.168.254.254 192.168.254.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck -
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
x64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -
x64-SSODL: WebCheck -
Hosts: 127.0.0.3 www.anchorfree.net
Hosts: 127.0.0.2 www.mefeedia.com
Hosts: 127.0.0.3 anchorfree.net
Hosts: 127.0.0.2 mefeedia.com
Hosts: 8
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Tasmai\AppData\Roaming\Mozilla\Firefox\Profiles\atv2lfo8.default-1474347542377\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\Users\Tasmai\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Tasmai\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\Tasmai\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Users\Tasmai\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Tasmai\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2016-1-26 272304]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2016-3-29 248576]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2016-4-14 51968]
R0 vsock;vSockets Driver;C:\windows\System32\drivers\vsock.sys [2013-7-1 70296]
R1 Avgdiska;AVG Disk Driver;C:\windows\System32\drivers\avgdiska.sys [2016-2-16 162592]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2015-10-8 302000]
R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2012-11-8 45856]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2012-12-20 283200]
R1 ndiskhaz;Azzouzi HotSpot LightWeight Filter;C:\windows\System32\drivers\ndiskhaz.sys [2015-7-26 30536]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-7-18 741568]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-3-3 2159320]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-5-13 70984]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-5-13 384840]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-5-25 1364096]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-5-25 1687680]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
R2 CGVPNCliService;CyberGhost 5 Client Service;C:\Program Files\CyberGhost 5\Service.exe [2016-2-7 65640]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 DiagTrack;Diagnostics Tracking Service;C:\windows\System32\svchost.exe -k utcsvc [2011-8-3 27648]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-12-1 101888]
R2 IBM Platform MPI SMPID;IBM Platform MPI Remote Launch;C:\Program Files (x86)\IBM\Platform-MPI\sbin\pcmpiwin32service.exe [2015-4-1 368640]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2013-1-11 213440]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-9-27 1514464]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-9-27 1136608]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-3-29 598312]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-3-26 230416]
R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-3-22 625304]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-7 167424]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-10-26 39568]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-7-12 409800]
R2 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-1-5 5426448]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-3-2 266680]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-1-8 2595824]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\windows\System32\drivers\btfilter.sys [2012-1-8 42096]
R3 EuMusDesignVirtualAudioCableWdm_lcs;Breakaway Pipeline (WDM);C:\windows\System32\drivers\vaclcskd.sys [2009-12-6 66016]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-8-3 76912]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2016-9-27 27008]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2016-9-27 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2016-9-27 64896]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-1-8 38096]
R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-7-1 828856]
S0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2016-2-16 360736]
S1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2016-4-20 307456]
S1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2015-10-21 284080]
S2 AVGIDSAgent;AVGIDSAgent;"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe" --> C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [?]
S2 avgwd;AVG WatchDog;"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" --> C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [?]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-5-13 393032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 MyPublicWiFiService;MyPublicWiFi Service;C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe --> C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [?]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-11-23 1141848]
S2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2013;"C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe" "SOFTWARE\SRAC\COSMOS_FloWorks 2013" --> C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-7-25 324224]
S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [?]
S3 andnetadb;ADB Interface DriverNet;C:\windows\System32\drivers\lgandnetadb.sys [2014-6-2 31744]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\windows\System32\drivers\lgandnetdiag64.sys [2014-6-2 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem;C:\windows\System32\drivers\lgandnetmodem64.sys [2014-6-2 36352]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;C:\windows\System32\drivers\lgandnetndis64.sys [2014-6-2 93696]
S3 androidusb;ADB Interface Driver;C:\windows\System32\drivers\ANDROIDUSB.sys [2014-11-27 33736]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files\BitComet\tools\BitCometService.exe -service --> C:\Program Files\BitComet\tools\BitCometService.exe -service [?]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;"C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe" --> C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe [?]
S3 DFX11_1;DFX Audio Enhancer 11.1;C:\windows\System32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe" --> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [?]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HTCAND64;HTC Device Driver;C:\windows\System32\drivers\ANDROIDUSB.sys [2014-11-27 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\windows\System32\drivers\htcnprot.sys [2012-12-7 36928]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-6-10 114688]
S3 pneteth;PdaNet Broadband;C:\windows\System32\drivers\pneteth.sys [2014-4-14 15360]
S3 pwdrvio;pwdrvio;C:\windows\System32\pwdrvio.sys [2014-7-5 19152]
S3 pwdspio;pwdspio;C:\windows\System32\pwdspio.sys [2014-7-5 12504]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-1-8 250984]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2012-1-8 307304]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S3 SwitchBoard;SwitchBoard;"C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" --> C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [?]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\System32\drivers\taphss6.sys [2015-12-19 42088]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-1-8 57216]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-31 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2015-4-29 23200]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .js: Applications\notepad.exe=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-09-27 17:31:50 192216 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2016-09-27 17:31:10 64896 ----a-w- C:\windows\System32\drivers\mwac.sys
2016-09-27 17:31:10 27008 ----a-w- C:\windows\System32\drivers\mbam.sys
2016-09-27 17:31:10 140672 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2016-09-27 17:31:09 -------- d-----w- C:\ProgramData\Malwarebytes
2016-09-27 17:31:09 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-13 05:38:02 52510152 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
2016-09-01 18:51:38 -------- d-----w- C:\Users\Tasmai\AppData\Roaming\Kodi
2016-09-01 18:47:09 -------- d-----w- C:\Program Files (x86)\Kodi
.
==================== Find3M ====================
.
2016-09-14 03:48:05 796352 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2016-09-14 03:48:05 142528 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 23:16:17.25 ===============

If you need second log of DDS sacn pls let me know.

Kindly review and let me know if any other potential hazard is still present.

Thanks and Regards,

Petlad
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Thursday, October 21, 2021, 8:37 PM (GMT +2)
There are a total of 61,936 posts in 13,682 threads.
In the last 3 days there were 0 new threads and 1 reply posts.

Who's online

This forum has 38,652 registered members. Please welcome our newest member, rb_coding.
271 Guest(s), 0 Registered Member(s) are currently online.
×

Just a minute

Privacy has never been so important.

Nearly 50% of online users are now using a VPN to protect their privacy.

Find out why

…and if it grabs you bag yourself a VPN bargain.