Windows 7 Laptop take 30 mins to start

Posted 9/27/2016 4:31 PM
#124423
User avatar

petlad Advanced member

Date Joined Nov 2016
Total Posts: 31
Hi all,
I have had an issue with laptop since few months though it seems it got resolved today after chkdsk utility run. I later had CCleaner , Mbam and DDS runs for posting here and getting help from Forum members.

I see that my laptop is restarting within 4/5 mins I am still posting the logs for any other issue that may be reviewed potential to be removed.

The logs are as below
1. Malwarebytes..

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/27/2016
Scan Time: 9:40 PM
Logfile: mbam log.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.09.27.11
Rootkit Database: v2016.09.26.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tasmai

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 399061
Time Elapsed: 45 min, 57 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 14
PUP.Optional.Somoto, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FilesFrog Update Checker, Quarantined, [f2357205f6a49f975b0f33d9639db050],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT1561552, Quarantined, [73b4afc891094de90b63a3eed62d669a],
PUP.Optional.Somoto, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{31C9779F-9700-43B5-82A9-A15F9F82A7EC}, Delete-on-Reboot, [2afd66118c0e181e2580569b7e85b44c],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Bidaily Synchronize Task[973b], Delete-on-Reboot, [0b1cf97e3a6086b0dfaa4567b84b1ce4],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Bidaily Synchronize Task[pr], Delete-on-Reboot, [2205492efb9f3ff78405aefe0ef5af51],
PUP.Optional.Somoto, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SomotoUpdateCheckerAutoStart, Delete-on-Reboot, [3ee9c3b4e5b542f45077734258abcd33],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT1561552, Quarantined, [8b9ca9ce26741d196e00d7ba4bb8f010],
PUP.Optional.Somoto, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\Somoto, Quarantined, [a97ecfa8e4b633034e76ab0a20e3af51],
PUP.Optional.Conduit, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\Tbccint_HKLM, Quarantined, [fb2cabccc8d29c9ac6c50795788be21e],
PUP.Optional.WeDownLoadManager, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\WeDlMngr, Quarantined, [50d76413554581b517edfbc1bf44827e],
PUP.Optional.Conduit, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, Quarantined, [f92efc7bebafad89225e4458719240c0],
PUP.Optional.Somoto, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\SOMOTO\SDP, Quarantined, [a3844037ebaf96a0b90c9421de25916f],
PUP.Optional.MultiPlug, HKU\S-1-5-21-1792239026-444330481-3054984096-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, Quarantined, [59ce6d0aa4f6d4620b7a8c38da298878],
PUP.Optional.MultiPlug, HKU\S-1-5-21-1792239026-444330481-3054984096-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, Quarantined, [59ce6d0aa4f6d4620b7a8c38da298878],

Registry Values: 6
PUP.Optional.FilesFrog, HKLM\SOFTWARE\CLASSES\SDP\SHELL\OPEN\COMMAND, "C:\Users\Tasmai\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol Quarantined, [4ddae592b1e93204afa5ee02649f4ab6], %5
PUP.Optional.FilesFrog, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SDP\SHELL\OPEN\COMMAND, "C:\Users\Tasmai\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol Quarantined, [4cdb46311b7f4ceae66e0ce4cc379b65], %5
PUP.Optional.Somoto, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{31C9779F-9700-43B5-82A9-A15F9F82A7EC}|Path, \SomotoUpdateCheckerAutoStart, Delete-on-Reboot, [2afd66118c0e181e2580569b7e85b44c]
PUP.Optional.FilesFrog, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SDP\SHELL\OPEN\COMMAND, "C:\Users\Tasmai\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol Quarantined, [9b8cde995941a591db7916daa55e956b], %5
PUP.Optional.FreeMakeConverter, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|fmconverter@gmail.com, C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\, Quarantined, [13147700d9c18da9f1082a788281c838]
PUP.Optional.Somoto, HKU\S-1-5-21-1792239026-444330481-3054984096-1000\SOFTWARE\SOMOTO\SDP|affid, unlockrootwqme, Quarantined, [a3844037ebaf96a0b90c9421de25916f]

Registry Data: 0
(No malicious items detected)

Folders: 20
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Conduit\Community Alerts, Quarantined, [bf681760dfbbcb6bfbb99817d62cb64a],
PUP.Optional.FilesFrog, C:\Users\Tasmai\AppData\Local\FilesFrog Update Checker, Quarantined, [6eb96e090d8dcb6b641a0ba8a95905fb],
PUP.Optional.FilesFrog, C:\Users\Tasmai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker, Quarantined, [92950e695545280ebcc49b1812f002fe],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\Local\Conduit, Quarantined, [61c694e39901f83e7d6a0abc877bba46],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\Local\Conduit\Community Alerts, Quarantined, [61c694e39901f83e7d6a0abc877bba46],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Feeds, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Log, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.FileViewPro, C:\Users\Tasmai\AppData\Local\FileViewPro, Quarantined, [52d5fb7ce3b73303c57807d4c044f60a],
PUP.Optional.FileViewPro, C:\Users\Tasmai\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm, Quarantined, [52d5fb7ce3b73303c57807d4c044f60a],
PUP.Optional.FileViewPro, C:\Users\Tasmai\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm\1.5.0.0, Quarantined, [52d5fb7ce3b73303c57807d4c044f60a],
PUP.Optional.Solvusoft, C:\Users\Tasmai\AppData\Roaming\Solvusoft, Quarantined, [1d0a3542c1d97bbb1826a43739cba45c],
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro, Quarantined, [7aad581f7b1f7cba72cdc912c044b24e],

Files: 54
RiskWare.GameHack.Steam, C:\Program Files (x86)\The Amazing Spider-Man 2\steamclient.dll, Quarantined, [b671d7a031697cbabc6ddfdee61e629e],
PUP.Optional.APNToolBar, C:\Users\Tasmai\Documents\APNSetup.exe, Quarantined, [9b8c7ef99406de587a44b772a85956aa],
PUP.Optional.OpenCandy, C:\Users\Tasmai\Downloads\KeyFinderInstaller.exe, Quarantined, [f235cbac900ada5c28323736c141a45c],
PUP.Optional.Somoto, C:\Users\Tasmai\AppData\Local\FilesFrog Update Checker\uninstall.exe, Quarantined, [f2357205f6a49f975b0f33d9639db050],
PUP.Optional.MultiPlug, C:\Windows\System32\Tasks\Bidaily Synchronize Task[973b], Quarantined, [e5421d5a099170c64c348923000349b7],
PUP.Optional.MultiPlug, C:\Windows\System32\Tasks\Bidaily Synchronize Task[pr], Quarantined, [5acd5720d4c6dc5ab0d0dece0ff4748c],
PUP.Optional.MultiPlug, C:\Windows\Tasks\Bidaily Synchronize Task[973b].job, Quarantined, [1b0ce790ff9b5bdb1074aa02a85b24dc],
PUP.Optional.MultiPlug, C:\Windows\Tasks\Bidaily Synchronize Task[pr].job, Quarantined, [31f6f5821f7b95a1d8ac9f0de32030d0],
PUP.Optional.Somoto, C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart, Quarantined, [b07791e6049680b6efd205b049ba57a9],
PUP.Optional.FilesFrog, C:\Users\Tasmai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk, Quarantined, [92950e695545280ebcc49b1812f002fe],
PUP.Optional.FilesFrog, C:\Users\Tasmai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk, Quarantined, [92950e695545280ebcc49b1812f002fe],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\DynamicDialogs.zip, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\DialogsAPI.js, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\PIE.htc, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\settings.js, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\version.txt, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\close.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\closeBtn.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\powered-by.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\settings.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\settingsBtn.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\close.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\closeBtn.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Next.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Next_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\powered-by.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Prev.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Prev_hover.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\settings.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\settingsBtn.png, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Thumbs.db, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_15257_14923_IN.xml, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_15257_14923_US.xml, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.Conduit, C:\Users\Tasmai\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks\en.xml, Quarantined, [4ed9393e57431f17b5339135c43e8c74],
PUP.Optional.FileViewPro, C:\Users\Tasmai\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm\1.5.0.0\user.config, Quarantined, [52d5fb7ce3b73303c57807d4c044f60a],

Physical Sectors: 0
(No malicious items detected)


(end)


2. DDS first log.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840 BrowserJavaVersion: 11.60.2
Run by Tasmai at 23:13:17 on 2016-09-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4078.2024 [GMT 4:00]
.
AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files (x86)\IBM\Platform-MPI\sbin\PCMPIWin32Service.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\windows\SysWOW64\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files\CyberGhost 5\Service.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files (x86)\Breakaway\breakaway.exe
C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Breakaway\breakaway.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosSkypeApl.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\windows\system32\sppsvc.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
\\?\C:\windows\system32\wbem\WMIADAP.EXE
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://mysearch.avg.com/?cid={EDF9637E-27A3-4618-BC00-6F4E710922DA}&mid=a3b5e345923147d08ac1d5343da5f8d7-54743b3f99c25125efb995676bbdf8952c7792e0&lang=en&ds=AVG&coid=avgtbavg&cmpid=0615pit&pr=fr&d=2015-12-20 21:08:11&v=4.2.9.726&pid=wtu&sg=&sap=hp
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
uProxyServer = proxy.ssn.net:8080
uProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [AdobeBridge]
mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
mRun: [Breakaway] "C:\Program Files (x86)\Breakaway\breakaway.exe" force
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
StartupFolder: C:\Users\Tasmai\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERA~1.LNK - C:\Users\Tasmai\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TOSHIB~1.LNK - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VIRTUA~1.LNK - C:\windows\Installer\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}\_E6D9769DD20AF384865041.exe
IE: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
TCP: Interfaces\{058FB978-51B1-444F-AC31-6750C05BA499} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{18E0318C-EFF5-4097-ACC3-94380A135061} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{9308206D-1C45-41FF-A304-C5B62B5F43FC} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{E946F9CA-6BBC-4A7C-96F5-E068B3D5AC7C} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{F85BD874-3B36-49E3-99B5-F2F8426A3796} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F85BD874-3B36-49E3-99B5-F2F8426A3796}\07271647F63786 : DHCPNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{F85BD874-3B36-49E3-99B5-F2F8426A3796}\25F43554 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{F85BD874-3B36-49E3-99B5-F2F8426A3796}\A516E6A796261627A557A7A757 : DHCPNameServer = 192.168.254.254 192.168.254.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck -
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
x64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -
x64-SSODL: WebCheck -
Hosts: 127.0.0.3 www.anchorfree.net
Hosts: 127.0.0.2 www.mefeedia.com
Hosts: 127.0.0.3 anchorfree.net
Hosts: 127.0.0.2 mefeedia.com
Hosts: 8
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Tasmai\AppData\Roaming\Mozilla\Firefox\Profiles\atv2lfo8.default-1474347542377\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\Users\Tasmai\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Tasmai\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\Tasmai\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Users\Tasmai\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Tasmai\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2016-1-26 272304]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2016-3-29 248576]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2016-4-14 51968]
R0 vsock;vSockets Driver;C:\windows\System32\drivers\vsock.sys [2013-7-1 70296]
R1 Avgdiska;AVG Disk Driver;C:\windows\System32\drivers\avgdiska.sys [2016-2-16 162592]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2015-10-8 302000]
R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2012-11-8 45856]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2012-12-20 283200]
R1 ndiskhaz;Azzouzi HotSpot LightWeight Filter;C:\windows\System32\drivers\ndiskhaz.sys [2015-7-26 30536]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-7-18 741568]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-3-3 2159320]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-5-13 70984]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-5-13 384840]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-5-25 1364096]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-5-25 1687680]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
R2 CGVPNCliService;CyberGhost 5 Client Service;C:\Program Files\CyberGhost 5\Service.exe [2016-2-7 65640]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 DiagTrack;Diagnostics Tracking Service;C:\windows\System32\svchost.exe -k utcsvc [2011-8-3 27648]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-12-1 101888]
R2 IBM Platform MPI SMPID;IBM Platform MPI Remote Launch;C:\Program Files (x86)\IBM\Platform-MPI\sbin\pcmpiwin32service.exe [2015-4-1 368640]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2013-1-11 213440]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-9-27 1514464]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-9-27 1136608]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-3-29 598312]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-3-26 230416]
R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-3-22 625304]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-7 167424]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-10-26 39568]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-7-12 409800]
R2 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-1-5 5426448]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-3-2 266680]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-1-8 2595824]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\windows\System32\drivers\btfilter.sys [2012-1-8 42096]
R3 EuMusDesignVirtualAudioCableWdm_lcs;Breakaway Pipeline (WDM);C:\windows\System32\drivers\vaclcskd.sys [2009-12-6 66016]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-8-3 76912]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2016-9-27 27008]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2016-9-27 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2016-9-27 64896]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-1-8 38096]
R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-7-1 828856]
S0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2016-2-16 360736]
S1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2016-4-20 307456]
S1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2015-10-21 284080]
S2 AVGIDSAgent;AVGIDSAgent;"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe" --> C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [?]
S2 avgwd;AVG WatchDog;"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" --> C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [?]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-5-13 393032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 MyPublicWiFiService;MyPublicWiFi Service;C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe --> C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [?]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-11-23 1141848]
S2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2013;"C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe" "SOFTWARE\SRAC\COSMOS_FloWorks 2013" --> C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-7-25 324224]
S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [?]
S3 andnetadb;ADB Interface DriverNet;C:\windows\System32\drivers\lgandnetadb.sys [2014-6-2 31744]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\windows\System32\drivers\lgandnetdiag64.sys [2014-6-2 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem;C:\windows\System32\drivers\lgandnetmodem64.sys [2014-6-2 36352]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;C:\windows\System32\drivers\lgandnetndis64.sys [2014-6-2 93696]
S3 androidusb;ADB Interface Driver;C:\windows\System32\drivers\ANDROIDUSB.sys [2014-11-27 33736]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files\BitComet\tools\BitCometService.exe -service --> C:\Program Files\BitComet\tools\BitCometService.exe -service [?]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;"C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe" --> C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe [?]
S3 DFX11_1;DFX Audio Enhancer 11.1;C:\windows\System32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe" --> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [?]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HTCAND64;HTC Device Driver;C:\windows\System32\drivers\ANDROIDUSB.sys [2014-11-27 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\windows\System32\drivers\htcnprot.sys [2012-12-7 36928]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-6-10 114688]
S3 pneteth;PdaNet Broadband;C:\windows\System32\drivers\pneteth.sys [2014-4-14 15360]
S3 pwdrvio;pwdrvio;C:\windows\System32\pwdrvio.sys [2014-7-5 19152]
S3 pwdspio;pwdspio;C:\windows\System32\pwdspio.sys [2014-7-5 12504]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-1-8 250984]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2012-1-8 307304]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S3 SwitchBoard;SwitchBoard;"C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" --> C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [?]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\System32\drivers\taphss6.sys [2015-12-19 42088]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-1-8 57216]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-31 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2015-4-29 23200]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .js: Applications\notepad.exe=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-09-27 17:31:50 192216 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2016-09-27 17:31:10 64896 ----a-w- C:\windows\System32\drivers\mwac.sys
2016-09-27 17:31:10 27008 ----a-w- C:\windows\System32\drivers\mbam.sys
2016-09-27 17:31:10 140672 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2016-09-27 17:31:09 -------- d-----w- C:\ProgramData\Malwarebytes
2016-09-27 17:31:09 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-13 05:38:02 52510152 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
2016-09-01 18:51:38 -------- d-----w- C:\Users\Tasmai\AppData\Roaming\Kodi
2016-09-01 18:47:09 -------- d-----w- C:\Program Files (x86)\Kodi
.
==================== Find3M ====================
.
2016-09-14 03:48:05 796352 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2016-09-14 03:48:05 142528 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 23:16:17.25 ===============

If you need second log of DDS sacn pls let me know.

Kindly review and let me know if any other potential hazard is still present.

Thanks and Regards,

Petlad
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Friday, August 17, 2018, 12:20 AM (GMT +2)
There are a total of 61,647 posts in 13,575 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,368 registered members. Please welcome our newest member, seomelon01.
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.