Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.



Windows 7: HELP! *Urgent* A Trojan.VBAgent Virus

21 Jul 2013   #11

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

In RogueKiller . Rerun the scan and click on the Delete button .

Inside malwarebytes


When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply and exit MBAM.

My System SpecsSystem Spec
21 Jul 2013   #12

Windows 7 32Bit
 
 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.21.03

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Prince :: CZECH [administrator]

Protection: Enabled

7/21/2013 4:51:55 AM
mbam-log-2013-07-21 (04-51-55).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 73675
Time elapsed: 29 minute(s), [aborted]

Memory Processes Detected: 1
C:\Windows\Kzzvxhikhwc.exe (Trojn.VBAgent) -> 3032 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCR\CLSID\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} (PUP.DealPly) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66} (PUP.DealPly) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run| (Trojn.VBAgent) -> Data: C:\Windows\820681872.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 51
C:\Windows\Kzzvxhikhwc.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Windows\820681872.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Program Files\DealPly\DealPlyIE.dll (PUP.DealPly) -> Quarantined and deleted successfully.
C:\*$Recycle.Bin.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*Boot.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*CherryDeGames.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*Documents and Settings.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*GarenaDownload.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*NVIDIA.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*PerfLogs.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*Program Files.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*ProgramData.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*Recovery.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*TDdownload.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*Users.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\*Windows.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Kzzvxhikhwc.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*GG.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*asd.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*ash.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*Czech.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*CzechII.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*Iphone.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*iPod Photo Cache.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*Kodak.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*LAdy.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*LAdytookie.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*mom.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*New folder (2).exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*New folder (3).exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*New folder (4).exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*New folder (5).exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*New folder.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*New Thingy.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*prince.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*Ranked Gaming Client.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*Sony.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*SSsS.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*To Be Uploaded.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*Txt.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Desktop\*Us.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Documents\*BitLord.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Documents\*DragonNest.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Documents\*My Music.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Documents\*My Pictures.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Documents\*My Videos.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Documents\*OFX Presets.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Documents\*PS Vita.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.
C:\Users\Prince\Documents\BitLord\Sony Vegas Pro 11\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Users\Prince\Documents\BitLord\Sony Vegas Pro 11\SonyVegasPro Patch.exe (RiskWare.Tool.HCK) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-4197590477-4063348244-817859574-1001\$RQT52LX.exe (Trojn.VBAgent) -> Quarantined and deleted successfully.

(end)
My System SpecsSystem Spec
21 Jul 2013   #13

Windows 7 32Bit
 
 

Sir all of my folders are gone , but no changes in the Hard disk space ..
My System SpecsSystem Spec
.


21 Jul 2013   #14

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

What you mean by folders are gone ?

On
Hold down Control and click on ESET Online Scanner to open ESET OnlineScan in a new window
Click the button
Check YES, I accept the Terms of Use.
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
° Scan potentially unwanted applications
° Scan for potentially unsafe applications
° Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.

On or
Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
Right click on choose on your desktop
Check YES, I accept the Terms of Use.
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
° Scan potentially unwanted applications
° Scan for potentially unsafe applications
° Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.
My System SpecsSystem Spec
21 Jul 2013   #15

Windows 7 32Bit
 
 

This sir..


Attached Thumbnails
HELP! *Urgent* A Trojan.VBAgent Virus-desktop.jpg  
My System SpecsSystem Spec
21 Jul 2013   #16

Windows 7 32Bit
 
 

This sir


Attached Thumbnails
HELP! *Urgent* A Trojan.VBAgent Virus-desktop.jpg  
My System SpecsSystem Spec
21 Jul 2013   #17

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Run this tool

Farbar Recovery Scan Tool


32-bit Version OS Farbar Recovery Scan Tool <==== Download Link

Drag the FRST.exe from the Downloads folder to your Desktop

Right click on FRST.exe and choose

When the tool opens click Yes on the disclaimer window .
Press Scan button.


Please upload both logs in your reply.(FRST.txt and Addition.txt)

FRST.txt and Addition.txt will be on the Desktop

Upload a File
Click on the Go Advanced button under the Message box . Scroll down to Additional Options then click on Manage Attachments in the Attach Files sections . Click the Browse button locate the file then click on the Open button . In the Upload File from your Computer section click on the Upload button . Wait until it finishes uploading then close the window . Then click Submit Reply .
My System SpecsSystem Spec
21 Jul 2013   #18

Windows 7 32Bit
 
 

Thank you so much sir !!! I really appreciate your help ..!! A blessing!
My System SpecsSystem Spec
21 Jul 2013   #19

Windows 7 32Bit
 
 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-07-2013
Ran by Prince at 2013-07-21 11:14:41
Running from C:\Users\Prince\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 8.0.1489.0)
Avatar Star (Version: 1.1.0.35405)
BitLord 2.3 (Version: 2.3.1-237)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.03)
Dragon Nest SEA (Version: 1.76.0000)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Garena Plus (Version: 2011)
Gigaget
Google Chrome (Version: 28.0.1500.72)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.153)
GrandChase (Version: 9.0.3.13)
iTunes (Version: 11.0.2.26)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Movie Maker 6.0 for Windows 7 (32-bit) (Version: 6.0.0)
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT Redists (Version: 1.0)
NVIDIA 3D Vision Controller Driver 306.97 (Version: 306.97)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
RaidCall (Version: 7.2.4-1.0.7299.14)
Skype™ 6.3 (Version: 6.3.105)
SmartBRO version 5.244
swMSM (Version: 12.0.0.1)
Vegas Pro 11.0 (Version: 11.0.682)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
Wsys Control 1.0.0.2557 (Version: 1.0.0.2557)
Yahoo! Messenger
YTD Video Downloader 4.3 (Version: 4.3)


==================== Restore Points =========================


==================== Hosts content: ==========================

2009-07-14 10:04 - 2009-06-11 05:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1ABDF1E4-56D2-4793-A952-38E733A6D0E7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4197590477-4063348244-817859574-1001Core => C:\Users\Prince\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-30] (Facebook Inc.)
Task: {333835CE-57CA-4BFB-9E5A-51AE6AC6C5AB} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [2013-07-17] (DealPly Technologies Ltd)
Task: {484483BD-7EEC-4EB7-96F2-5712C537739B} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe No File
Task: {6EE85918-1BB3-472B-BACF-8A2E5A9A8659} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-17] (Adobe Systems Incorporated)
Task: {883FACF5-3095-42EC-B31E-3D93B007E1A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-19] (Google Inc.)
Task: {934EABE6-0825-48BF-8750-25F366A71C30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-19] (Google Inc.)
Task: {9CBE8457-A20F-4E62-8917-1A382AA90780} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {9EF3BB46-F2AF-4066-87E8-5C3A1C3A2A1E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4197590477-4063348244-817859574-1001UA => C:\Users\Prince\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-30] (Facebook Inc.)
Task: {A40CB00B-D157-4E71-9800-660FC194A234} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
Task: {A77094C6-0F56-4759-B68C-D344C0101A44} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [2013-07-17] (DealPly Technologies Ltd)
Task: {C52F808A-8E6E-44BA-839C-3EAE08779A25} - System32\Tasks\gg_uac_daemon_Prince => C:\Program Files\Garena Plus\ggdllhost.exe [2013-07-10] ()
Task: {D6A8B33A-3C16-4A8A-8391-08B7AD739B7C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {DDFCA86F-04EA-492C-8E78-893AD04997CA} - \BrowserProtect No Task File
Task: {FAC7F928-F597-49C8-8D68-2394E37032E5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4197590477-4063348244-817859574-1001Core.job => C:\Users\Prince\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4197590477-4063348244-817859574-1001UA.job => C:\Users\Prince\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/21/2013 04:23:35 AM) (Source: Application Error) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: PhotoViewer.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdae1
Exception code: 0xc0000005
Fault offset: 0x00006e04
Faulting process id: 0x804
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3

Error: (07/21/2013 00:58:35 AM) (Source: Application Hang) (User: )
Description: The program WinRAR.exe version 4.20.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 678

Start Time: 01ce8569b5ec3194

Termination Time: 3

Application Path: C:\Program Files\WinRAR\WinRAR.exe

Report Id: 98b10668-f15d-11e2-8a19-4487fc8947a4

Error: (07/21/2013 00:52:58 AM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8d8

Start Time: 01ce8569773ad8b0

Termination Time: 18

Application Path: C:\Windows\Explorer.EXE

Report Id: d26355a3-f15c-11e2-8a19-4487fc8947a4

Error: (07/20/2013 09:19:43 PM) (Source: Application Hang) (User: )
Description: The program Gigaget.exe version 1.0.0.22 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fe8

Start Time: 01ce850a5e0ea451

Termination Time: 16884

Application Path: C:\Program Files\Giganology\Gigaget\Gigaget.exe

Report Id: e33f3b3d-f13e-11e2-bebf-4487fc8947a4

Error: (07/20/2013 09:19:28 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 22.0.0.4917 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fc8

Start Time: 01ce850abfec90ab

Termination Time: 913

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: f85afb9d-f13e-11e2-bebf-4487fc8947a4

Error: (07/20/2013 01:55:47 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8253

Error: (07/20/2013 01:55:47 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8253

Error: (07/20/2013 01:55:47 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/20/2013 01:55:46 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7239

Error: (07/20/2013 01:55:46 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7239


System errors:
=============
Error: (07/21/2013 11:04:34 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/21/2013 10:53:08 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%1058

Error: (07/21/2013 10:52:19 AM) (Source: Service Control Manager) (User: )
Description: The Wsys Service service hung on starting.

Error: (07/21/2013 08:48:58 AM) (Source: Service Control Manager) (User: )
Description: The Wsys Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/21/2013 06:30:16 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be changed by 61942 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->64.4.10.33:123) is working properly.

Error: (07/21/2013 06:28:26 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%1058

Error: (07/21/2013 06:28:19 AM) (Source: Service Control Manager) (User: )
Description: The Wsys Service service hung on starting.

Error: (07/21/2013 06:26:20 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/21/2013 06:26:20 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/21/2013 06:26:20 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801


Microsoft Office Sessions:
=========================
Error: (07/21/2013 04:23:35 AM) (Source: Application Error)(User: )
Description: DllHost.exe6.1.7600.163854a5bc6b7PhotoViewer.dll6.1.7600.163854a5bdae1c000000500006e0480401ce8585d53 e2415C:\Windows\system32\DllHost.exeC:\Program Files\Windows Photo Viewer\PhotoViewer.dll403ec6e2-f17a-11e2-8a19-4487fc8947a4

Error: (07/21/2013 00:58:35 AM) (Source: Application Hang)(User: )
Description: WinRAR.exe4.20.0.067801ce8569b5ec31943C:\Program Files\WinRAR\WinRAR.exe98b10668-f15d-11e2-8a19-4487fc8947a4

Error: (07/21/2013 00:52:58 AM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7600.163858d801ce8569773ad8b018C:\Windows\Explorer.EXEd26355a3-f15c-11e2-8a19-4487fc8947a4

Error: (07/20/2013 09:19:43 PM) (Source: Application Hang)(User: )
Description: Gigaget.exe1.0.0.22fe801ce850a5e0ea45116884C:\Program Files\Giganology\Gigaget\Gigaget.exee33f3b3d-f13e-11e2-bebf-4487fc8947a4

Error: (07/20/2013 09:19:28 PM) (Source: Application Hang)(User: )
Description: firefox.exe22.0.0.4917fc801ce850abfec90ab913C:\Program Files\Mozilla Firefox\firefox.exef85afb9d-f13e-11e2-bebf-4487fc8947a4

Error: (07/20/2013 01:55:47 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8253

Error: (07/20/2013 01:55:47 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8253

Error: (07/20/2013 01:55:47 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/20/2013 01:55:46 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7239

Error: (07/20/2013 01:55:46 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7239


==================== Memory info ===========================

Percentage of memory in use: 45%
Total physical RAM: 3071.3 MB
Available physical RAM: 1660.45 MB
Total Pagefile: 6140.89 MB
Available Pagefile: 4440.51 MB
Total Virtual: 2047.88 MB
Available Virtual: 1886.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:34.18 GB) (Free:3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:40.35 GB) (Free:10.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: D1A1EC48)
Partition 1: (Active) - (Size=34 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=40 GB) - (Type=OF Extended)

==================== End Of Log ============================
My System SpecsSystem Spec
21 Jul 2013   #20

Windows 7 32Bit
 
 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-07-2013
Ran by Prince (administrator) on 21-07-2013 11:14:10
Running from C:\Users\Prince\Desktop
Microsoft Windows 7 Ultimate (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(IDT, Inc.) c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
() C:\Program Files\Garena Plus\ggdllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\system32\ChgService.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
() C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
() C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe

==================== Registry (Whitelisted) ==================

MountPoints2: {a8067054-3c18-11e2-8fa0-4487fc8947a4} - F:\.\ShowModem.exe
MountPoints2: {d6fcd473-7189-11e2-b91c-4487fc8947a4} - F:\LaunchU3.exe -a
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN | Philippines - Hotmail, Outlook.com, Skype, Free online News, Video, Photos, Movies, Entertainment, Sports & more..
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchboxes.info/?l=1&q={searchTerms}&pid=964&r=2013/07/18&hid=2128542089&lg=EN&cc=PH&unqvl=28
SearchScopes: HKCU - {632191A1-115D-400F-8081-C7C3579A3F13} URL = http://websearch.ask.com/redirect?client=ie&tb=SGT&o=APN10374&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AHO&apn_dtid=^YYYYYY ^YY^PH&apn_uid=389ff80c-afd6-4ee5-a588-c38f6d0a7abb&apn_sauid=E7FC96A7-1694-4CFB-AD17-FB81C7B410A1
SearchScopes: HKCU - {B15002AD-BAC6-4D53-9ED5-ECA4A2687274} URL = http://tuvaro.com/ws/?source=9e9471a2&tbp=rbox&toolbarid=base&u=1094c82c0000000000004487fc8947a4&q={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchboxes.info/?l=1&q={searchTerms}&pid=964&r=2013/07/18&hid=2128542089&lg=EN&cc=PH&unqvl=28
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6R8Sh4jaVE&i=26
BHO: GigagetIEHelper Class - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\Windows\system32\gigagetbho_v10.dll (Giganology Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: DealPly Shopping - {AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...nt/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default
FF user.js: detected! => C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\user.js
FF SelectedSearchEngine: Google
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @raidcall.en/RCplugin - C:\Users\Prince\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin: @t.garena.com/garenatalk - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Prince\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\searchplugins\tuvaro.xml
FF SearchPlugin: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\searchplugins\WebSearch.xm l
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: SearchNewTab - C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\Extensions\a7-0kb@qqcsapwecfr.net
FF Extension: safee save - C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\Extensions\ajwzzrx@i-.net
FF Extension: MagniPic - C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\Extensions\fuyy-6so@uykztmrsauoo.com
FF Extension: No Name - C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\Extensions\WebSiteRecommen dation@weliketheweb.com
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: about:blank
CHR RestoreOnStartup: "about:blank"
CHR DefaultSearchURL: (Google) - http://www.google.com/search?q={searchTerms}
CHR DefaultSuggestURL: (Google) - "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (DealPlyLive Update) - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
CHR Plugin: (Garena Talk Plugin) - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Prince\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Raidcall plugin) - C:\Users\Prince\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Extension: (Google Docs) - C:\Users\Prince\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Prince\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Prince\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Prince\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Prince\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Change Modem Device Service; C:\Windows\system32\ChgService.exe [135168 2010-02-05] ()
S2 dealplylive; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000 2013-07-17] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000 2013-07-17] (DealPly Technologies Ltd)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [5128560 2012-12-20] (INCA Internet Co., Ltd.)
R2 STacSV; c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe [217185 2009-06-11] (IDT, Inc.)
R2 vToolbarUpdater15.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-07-17] (AVG Secure Search)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [376896 2013-07-21] (Wsys Co., Ltd.)

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11832 2010-03-31] (Advanced Micro Devices Inc.)
S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-07-09] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-07-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-07-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-07-21] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-07-17] (AVG Technologies)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [105984 2010-01-21] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [x]
S3 MemAccDrv32; \??\E:\Install\Drivers\MemAccDrv32.sys [x]
S3 taphss6; system32\DRIVERS\taphss6.sys [x]

==================== NetSvcs (Whitelisted) ===================


uments\PS Vita
My System SpecsSystem Spec
Reply

 HELP! *Urgent* A Trojan.VBAgent Virus





Thread Tools



Similar help and support threads for2: HELP! *Urgent* A Trojan.VBAgent Virus
Thread Forum
Solved Alureon.E (virus)trojan System Security
Help locating possible trojan or other virus System Security
Want are the best afforable anti-virus for a trojan virus System Security
Solved How do i remove a trojan/virus BSOD Help and Support
Help with trojan virus System Security
Need help, Trojan, *urgent* System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 06:20 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33