HELP! *Urgent* A Trojan.VBAgent Virus

Page 3 of 6 FirstFirst 12345 ... LastLast

  1. Posts : 75
    Windows 7 32Bit
    Thread Starter
       #21

    ==================== One Month Created Files and Folders ========

    2013-07-21 11:13 - 2013-07-21 11:13 - 00000000 ____D C:\FRST
    2013-07-21 11:13 - 2013-07-21 11:12 - 01219758 _____ (Farbar) C:\Users\Prince\Desktop\FRST.exe
    2013-07-21 11:12 - 2013-07-21 11:12 - 01219758 _____ (Farbar) C:\Users\Prince\Downloads\FRST.exe
    2013-07-21 11:12 - 2013-07-21 11:12 - 00000000 ____D C:\Program Files\ESET
    2013-07-21 11:11 - 2013-07-21 11:12 - 00000000 ___HD C:\Windows\AxInstSV
    2013-07-21 11:09 - 2013-07-21 11:09 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Google
    2013-07-21 11:00 - 2013-07-21 11:00 - 00000000 ____D C:\Users\Prince\Desktop\New folder (7)
    2013-07-21 09:03 - 2013-07-21 09:03 - 00001978 _____ C:\Users\Prince\Desktop\RKreport[0]_D_07212013_090338.txt
    2013-07-21 08:50 - 2013-07-21 08:50 - 00001869 _____ C:\Users\Prince\Desktop\RKreport[0]_S_07212013_085024.txt
    2013-07-21 08:48 - 2013-07-21 09:03 - 00000000 ____D C:\Users\Prince\Desktop\RK_Quarantine
    2013-07-21 08:48 - 2013-07-21 08:48 - 00915968 _____ C:\Users\Prince\Desktop\RogueKiller.exe
    2013-07-21 08:47 - 2013-07-21 08:48 - 00915968 _____ C:\Users\Prince\Downloads\RogueKiller.exe
    2013-07-21 08:25 - 2013-07-21 08:25 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-07-21 08:25 - 2013-07-21 08:25 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
    2013-07-21 08:25 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2013-07-21 07:35 - 2013-07-21 07:35 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
    2013-07-21 07:34 - 2013-07-21 07:35 - 02423680 _____ C:\Users\Prince\Downloads\bitdefender_tsecurity.exe
    2013-07-21 07:09 - 2013-07-21 07:09 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
    2013-07-21 07:09 - 2013-07-21 07:09 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
    2013-07-21 07:09 - 2013-07-21 07:09 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
    2013-07-21 07:09 - 2013-07-21 07:09 - 00000000 ____D C:\ProgramData\Google
    2013-07-21 07:08 - 2013-07-21 07:09 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2013-07-21 07:08 - 2013-07-21 07:09 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2013-07-21 07:08 - 2013-07-21 07:09 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
    2013-07-21 07:08 - 2013-07-21 07:08 - 00002075 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2013-07-21 07:08 - 2013-05-09 16:59 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2013-07-21 07:08 - 2013-05-09 16:59 - 00061680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2013-07-21 07:08 - 2013-05-09 16:59 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
    2013-07-21 07:08 - 2013-05-09 16:59 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
    2013-07-21 07:08 - 2013-05-09 16:59 - 00029816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
    2013-07-21 07:08 - 2013-05-09 16:58 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2013-07-21 07:07 - 2013-05-09 16:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
    2013-07-21 07:06 - 2013-07-21 07:06 - 00000000 ____D C:\ProgramData\AVAST Software
    2013-07-21 07:06 - 2013-07-21 07:06 - 00000000 ____D C:\Program Files\AVAST Software
    2013-07-21 06:49 - 2013-07-21 07:06 - 117478104 _____ C:\Users\Prince\Downloads\avast_free_antivirus_setup.exe
    2013-07-21 06:26 - 2013-07-21 10:50 - 00020090 _____ C:\Windows\PFRO.log
    2013-07-21 06:26 - 2013-07-21 10:50 - 00000112 _____ C:\Windows\setupact.log
    2013-07-21 06:26 - 2013-07-21 09:49 - 00000000 _RSHD C:\Avenger
    2013-07-21 06:26 - 2013-07-21 06:26 - 00000000 _____ C:\Windows\setuperr.log
    2013-07-21 06:25 - 2013-07-21 06:25 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Prince\Downloads\rkill.com
    2013-07-21 06:25 - 2013-07-21 06:25 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Prince\Desktop\rkill.com
    2013-07-21 06:24 - 2013-07-21 06:25 - 00002300 _____ C:\Users\Prince\Desktop\Rkill.txt
    2013-07-21 06:24 - 2013-07-21 06:23 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Prince\Desktop\rkill.exe
    2013-07-21 06:23 - 2013-07-21 06:23 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Prince\Downloads\rkill.exe
    2013-07-21 05:44 - 2013-07-21 05:45 - 00000000 ____D C:\Users\Prince\AppData\Roaming\iSafe
    2013-07-21 05:44 - 2013-07-21 05:44 - 00000000 ____D C:\Users\Prince\AppData\Roaming\eCyber
    2013-07-21 05:44 - 2013-07-18 23:40 - 00867656 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110.dll
    2013-07-21 05:44 - 2013-07-18 23:40 - 00527176 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110.dll
    2013-07-21 05:43 - 2013-07-21 05:44 - 00000000 ____D C:\Users\Prince\AppData\Roaming\eDownload
    2013-07-21 05:43 - 2013-07-21 05:43 - 00344672 _____ C:\Users\Prince\Downloads\iSafe.exe
    2013-07-21 05:43 - 2013-07-21 05:43 - 00000000 ____D C:\ProgramData\eSafe
    2013-07-21 05:09 - 2013-07-21 05:10 - 04913198 _____ (BitDefender LLC) C:\Users\Prince\Downloads\BDRemovalToolDropper.exe
    2013-07-21 04:49 - 2013-07-21 04:49 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Malwarebytes
    2013-07-21 04:49 - 2013-07-21 04:49 - 00000000 ____D C:\ProgramData\Malwarebytes
    2013-07-21 04:42 - 2013-07-21 04:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Prince\Downloads\mbam-setup-1.75.0.1300.exe
    2013-07-21 04:36 - 2013-07-21 04:37 - 00000000 _RSHD C:\Users\Prince\Desktop\New folder (5)
    2013-07-21 04:15 - 2013-07-21 04:17 - 00000000 _RSHD C:\Users\Prince\Desktop\New folder (4)
    2013-07-21 02:20 - 2013-07-21 02:20 - 00000000 ____D C:\Users\Prince\CabalRider
    2013-07-21 01:22 - 2013-07-21 01:23 - 06583119 _____ C:\Users\Prince\Downloads\CabalRider_PH2.0.150.rar
    2013-07-20 21:19 - 2013-07-20 21:19 - 00000000 _RSHD C:\Users\Prince\Desktop\Sony
    2013-07-20 19:42 - 2013-07-20 19:42 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
    2013-07-20 19:42 - 2012-12-20 03:34 - 05128560 _____ (INCA Internet Co., Ltd.) C:\Windows\system32\GameMon.des
    2013-07-20 19:42 - 2005-01-03 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\system32\npptNT2.sys
    2013-07-20 19:42 - 2003-07-19 23:17 - 00005174 _____ C:\Windows\system32\nppt9x.vxd
    2013-07-20 18:43 - 2013-07-20 18:58 - 00000000 _RSHD C:\Users\Prince\Desktop\New Thingy
    2013-07-20 18:40 - 2013-07-20 18:40 - 00000000 _RSHD C:\Users\Prince\Desktop\New folder (2)
    2013-07-20 18:39 - 2013-07-20 18:39 - 00000729 _____ C:\Users\Public\Desktop\Grand Chase.lnk
    2013-07-20 18:34 - 2013-07-20 18:34 - 00000000 ____D C:\Program Files\Level Up Games
    2013-07-18 23:25 - 2013-07-18 23:25 - 00000000 _RSHD C:\Users\Prince\Documents\OFX Presets
    2013-07-18 15:40 - 2013-07-18 15:40 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
    2013-07-18 12:38 - 2013-07-18 12:38 - 00000000 ____D C:\Users\Prince\AppData\Local\AVG Secure Search
    2013-07-18 04:04 - 2013-07-18 05:03 - 38397999 _____ C:\Users\Prince\Documents\Chubaek - Copy.wmv
    2013-07-18 04:01 - 2013-07-18 04:03 - 46596096 _____ C:\Users\Prince\Documents\Chubaek - Copy.mxf
    2013-07-18 03:58 - 2013-07-18 06:21 - 00059184 _____ C:\Users\Prince\Documents\Chubaek - Copy.veg
    2013-07-18 03:58 - 2013-07-18 03:57 - 00059400 _____ C:\Users\Prince\Documents\Chubaek - Copy.veg.bak
    2013-07-18 03:57 - 2013-07-18 03:57 - 00000000 _RSHD C:\Users\Prince\Desktop\New folder
    2013-07-18 03:38 - 2013-07-19 00:30 - 00117720 _____ C:\Users\Prince\Documents\Chubaek.veg
    2013-07-18 03:38 - 2013-07-19 00:15 - 00103480 _____ C:\Users\Prince\Documents\Chubaek.veg.bak
    2013-07-18 03:34 - 2013-07-18 03:34 - 08472677 _____ C:\Users\Prince\Documents\If You Stay - Joseph Vincent with lyrics.wmv
    2013-07-18 01:03 - 2013-07-18 01:03 - 03207595 _____ C:\Users\Prince\Documents\Jewell Studios Countdown.wmv
    2013-07-18 00:56 - 2013-07-18 00:56 - 00000218 _____ C:\Users\Prince\AppData\Local\recently-used.xbel
    2013-07-18 00:52 - 2013-07-18 00:52 - 00000000 ____D C:\ProgramData\APN
    2013-07-18 00:35 - 2013-07-18 00:37 - 11067384 _____ C:\Users\Prince\Downloads\YTDSetup.exe
    2013-07-18 00:30 - 2013-07-18 00:30 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Publish Providers
    2013-07-18 00:21 - 2013-07-18 00:22 - 00000000 ____D C:\Users\Prince\AppData\Local\Sony
    2013-07-18 00:21 - 2013-07-18 00:21 - 00001038 _____ C:\Users\Public\Desktop\Vegas Pro 11.0.lnk
    2013-07-18 00:21 - 2013-07-18 00:21 - 00000000 ____D C:\ProgramData\Sony
    2013-07-18 00:20 - 2013-07-18 04:01 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Sony
    2013-07-17 23:36 - 2013-07-18 00:56 - 00000000 ____D C:\Users\Prince\AppData\Roaming\BitLord
    2013-07-17 23:36 - 2013-07-17 23:36 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Python-Eggs
    2013-07-17 23:26 - 2013-07-17 23:38 - 00000000 _RSHD C:\Users\Prince\Documents\BitLord
    2013-07-17 23:26 - 2013-07-17 23:26 - 00001969 _____ C:\Users\Prince\Desktop\BitLord.lnk
    2013-07-17 23:26 - 2013-07-17 23:26 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
    2013-07-17 23:26 - 2013-07-17 23:26 - 00000000 ____D C:\Program Files\BitLord 2
    2013-07-17 23:23 - 2013-07-18 00:54 - 00000000 ____D C:\Users\Prince\AppData\Local\AVG SafeGuard toolbar
    2013-07-17 23:22 - 2013-07-17 23:22 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
    2013-07-17 23:22 - 2013-07-17 23:22 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
    2013-07-17 23:22 - 2013-07-17 23:22 - 00000000 ____D C:\Program Files\AVG SafeGuard toolbar
    2013-07-17 23:20 - 2013-07-21 10:51 - 00000890 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
    2013-07-17 23:20 - 2013-07-21 09:25 - 00000894 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
    2013-07-17 23:20 - 2013-07-21 05:24 - 00000000 ____D C:\Program Files\DealPly
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Users\Prince\AppData\Roaming\SimilarSites
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Dealply
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Users\Prince\AppData\Local\DealPlyLive
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\ProgramData\DealPlyLive
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Program Files\SimilarSites
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Program Files\DealPlyLive
    2013-07-17 23:09 - 2013-07-21 10:02 - 00000000 ____D C:\ProgramData\SearchNewTab
    2013-07-17 23:08 - 2013-07-18 12:29 - 00000000 ____D C:\Program Files\WebSearch
    2013-07-17 23:07 - 2013-07-18 12:29 - 00000000 ____D C:\Program Files\SafeSaver
    2013-07-17 23:06 - 2013-07-21 10:02 - 00000000 ____D C:\ProgramData\safee save
    2013-07-17 23:05 - 2013-07-17 23:05 - 00298928 _____ (StarApp) C:\Users\Prince\Downloads\Sony Vegas Pro 11 (32 Bit) Inc Crack And keygen.exe
    2013-07-17 22:58 - 2013-07-17 22:58 - 00000000 ____D C:\ProgramData\StarApp
    2013-07-17 22:57 - 2013-07-21 10:02 - 00000000 ____D C:\ProgramData\MagniPic
    2013-07-17 22:57 - 2013-07-17 23:15 - 00000000 ____D C:\ProgramData\InstallMate
    2013-07-17 22:57 - 2013-07-17 23:02 - 00000000 ____D C:\Program Files\MagniPic
    2013-07-17 22:56 - 2013-07-17 22:56 - 00893000 _____ (PrivitizeVPN) C:\Users\Prince\Downloads\Sony_Vegas_Pro_11_(32_Bit)_{+_Crack_and_Keygen}_secure.exe
    2013-07-17 21:57 - 2013-07-17 23:15 - 00000000 ____D C:\Users\Prince\AppData\Roaming\uTorrent
    2013-07-17 06:39 - 2013-07-17 07:33 - 00000000 _RSHD C:\Users\Prince\Desktop\LAdytookie
    2013-07-09 15:01 - 2013-07-09 15:01 - 00016304 ____N C:\Windows\system32\apl003.sys
    2013-07-09 15:01 - 2013-07-09 15:01 - 00013232 ____N C:\Windows\system32\apf003.sys
    2013-07-09 15:00 - 2013-07-09 15:00 - 00001679 _____ C:\Users\Public\Desktop\Avatar Star.lnk
    2013-07-09 14:59 - 2013-07-09 14:59 - 00000000 _RSHD C:\CherryDeGames
    2013-07-09 05:49 - 2013-07-09 07:18 - 469892039 _____ (Shanda Games International) C:\Users\Prince\Downloads\ASClientVer1_1_0_35405_20130706.exe
    2013-07-04 16:52 - 2013-07-04 16:52 - 00000000 ____D C:\Users\Prince\AppData\Local\Garena
    2013-07-04 16:51 - 2013-07-04 16:51 - 00000000 _RSHD C:\GarenaDownload
    2013-07-03 18:43 - 2013-07-19 01:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2013-06-30 05:59 - 2013-06-30 05:59 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2013-06-30 05:59 - 2013-06-30 05:59 - 00000000 ____D C:\Program Files\CCleaner
    2013-06-30 05:34 - 2013-06-30 05:41 - 00000000 _RSHD C:\Users\Prince\Desktop\GG
    2013-06-30 05:34 - 2013-06-30 05:37 - 00000000 _RSHD C:\Users\Prince\Desktop\Txt
    2013-06-22 15:06 - 2013-06-22 15:06 - 00000000 ____D C:\Users\Prince\AppData\Roaming\SanDisk SecureAccess
    2013-06-21 07:34 - 2013-07-17 23:01 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Sony Corporation
    2013-06-21 07:34 - 2013-06-21 07:45 - 00000000 _RSHD C:\Users\Prince\Documents\PS Vita
      My Computer


  2. Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       #22

    AdwCleaner

    Click here AdwCleaner

    Click on Download Now button

    Save to the Desktop

    Right-click on AdwCleaner.exe and choose

    Click on Delete and confirm the prompt.



    Your computer will be rebooted automatically. A text file will open after the restart.

    Upload the log : The log file is at C:\AdwCleaner[Sn].txt


    Download Junkware Removal Toolkit

    Click here Junkware Removal Tool to download

    Drag the JRT.exe from the Downloads folder to your Desktop

    Right click JRT.exe and choose

    Once done upload the JRT.txt file
      My Computer


  3. Posts : 75
    Windows 7 32Bit
    Thread Starter
       #23

    ==================== One Month Modified Files and Folders =======

    2013-07-21 11:13 - 2013-07-21 11:13 - 00000000 ____D C:\FRST
    2013-07-21 11:13 - 2012-11-18 16:43 - 00000000 ___RD C:\Users\Prince\Desktop
    2013-07-21 11:12 - 2013-07-21 11:13 - 01219758 _____ (Farbar) C:\Users\Prince\Desktop\FRST.exe
    2013-07-21 11:12 - 2013-07-21 11:12 - 01219758 _____ (Farbar) C:\Users\Prince\Downloads\FRST.exe
    2013-07-21 11:12 - 2013-07-21 11:12 - 00000000 ____D C:\Program Files\ESET
    2013-07-21 11:12 - 2013-07-21 11:11 - 00000000 ___HD C:\Windows\AxInstSV
    2013-07-21 11:09 - 2013-07-21 11:09 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Google
    2013-07-21 11:09 - 2012-11-19 06:57 - 00000000 ____D C:\Users\Prince\AppData\Local\Google
    2013-07-21 11:00 - 2013-07-21 11:00 - 00000000 ____D C:\Users\Prince\Desktop\New folder (7)
    2013-07-21 10:58 - 2009-07-14 12:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-07-21 10:58 - 2009-07-14 12:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-07-21 10:51 - 2013-07-17 23:20 - 00000890 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
    2013-07-21 10:51 - 2012-11-19 06:57 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-07-21 10:50 - 2013-07-21 06:26 - 00020090 _____ C:\Windows\PFRO.log
    2013-07-21 10:50 - 2013-07-21 06:26 - 00000112 _____ C:\Windows\setupact.log
    2013-07-21 10:50 - 2012-11-19 05:58 - 00000000 ____D C:\ProgramData\NVIDIA
    2013-07-21 10:50 - 2009-07-14 12:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2013-07-21 10:02 - 2013-07-17 23:09 - 00000000 ____D C:\ProgramData\SearchNewTab
    2013-07-21 10:02 - 2013-07-17 23:06 - 00000000 ____D C:\ProgramData\safee save
    2013-07-21 10:02 - 2013-07-17 22:57 - 00000000 ____D C:\ProgramData\MagniPic
    2013-07-21 09:50 - 2012-11-18 00:24 - 02028461 _____ C:\Windows\WindowsUpdate.log
    2013-07-21 09:49 - 2013-07-21 06:26 - 00000000 _RSHD C:\Avenger
    2013-07-21 09:49 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\LiveKernelReports
    2013-07-21 09:40 - 2012-11-19 05:27 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-07-21 09:33 - 2012-11-19 06:57 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-07-21 09:25 - 2013-07-17 23:20 - 00000894 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
    2013-07-21 09:03 - 2013-07-21 09:03 - 00001978 _____ C:\Users\Prince\Desktop\RKreport[0]_D_07212013_090338.txt
    2013-07-21 09:03 - 2013-07-21 08:48 - 00000000 ____D C:\Users\Prince\Desktop\RK_Quarantine
    2013-07-21 08:50 - 2013-07-21 08:50 - 00001869 _____ C:\Users\Prince\Desktop\RKreport[0]_S_07212013_085024.txt
    2013-07-21 08:48 - 2013-07-21 08:48 - 00915968 _____ C:\Users\Prince\Desktop\RogueKiller.exe
    2013-07-21 08:48 - 2013-07-21 08:47 - 00915968 _____ C:\Users\Prince\Downloads\RogueKiller.exe
    2013-07-21 08:25 - 2013-07-21 08:25 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-07-21 08:25 - 2013-07-21 08:25 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
    2013-07-21 08:25 - 2009-07-14 10:37 - 00000000 __RHD C:\Users\Public\Desktop
    2013-07-21 08:24 - 2009-07-14 10:04 - 00002577 _____ C:\Windows\system32\config.nt
    2013-07-21 07:35 - 2013-07-21 07:35 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
    2013-07-21 07:35 - 2013-07-21 07:34 - 02423680 _____ C:\Users\Prince\Downloads\bitdefender_tsecurity.exe
    2013-07-21 07:09 - 2013-07-21 07:09 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
    2013-07-21 07:09 - 2013-07-21 07:09 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
    2013-07-21 07:09 - 2013-07-21 07:09 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
    2013-07-21 07:09 - 2013-07-21 07:09 - 00000000 ____D C:\ProgramData\Google
    2013-07-21 07:09 - 2013-07-21 07:08 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2013-07-21 07:09 - 2013-07-21 07:08 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2013-07-21 07:09 - 2013-07-21 07:08 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
    2013-07-21 07:09 - 2012-11-30 08:04 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4197590477-4063348244-817859574-1001UA.job
    2013-07-21 07:09 - 2012-11-19 06:57 - 00000000 ____D C:\Program Files\Google
    2013-07-21 07:08 - 2013-07-21 07:08 - 00002075 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2013-07-21 07:06 - 2013-07-21 07:06 - 00000000 ____D C:\ProgramData\AVAST Software
    2013-07-21 07:06 - 2013-07-21 07:06 - 00000000 ____D C:\Program Files\AVAST Software
    2013-07-21 07:06 - 2013-07-21 06:49 - 117478104 _____ C:\Users\Prince\Downloads\avast_free_antivirus_setup.exe
    2013-07-21 06:26 - 2013-07-21 06:26 - 00000000 _____ C:\Windows\setuperr.log
    2013-07-21 06:25 - 2013-07-21 06:25 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Prince\Downloads\rkill.com
    2013-07-21 06:25 - 2013-07-21 06:25 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Prince\Desktop\rkill.com
    2013-07-21 06:25 - 2013-07-21 06:24 - 00002300 _____ C:\Users\Prince\Desktop\Rkill.txt
    2013-07-21 06:23 - 2013-07-21 06:24 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Prince\Desktop\rkill.exe
    2013-07-21 06:23 - 2013-07-21 06:23 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Prince\Downloads\rkill.exe
    2013-07-21 05:45 - 2013-07-21 05:44 - 00000000 ____D C:\Users\Prince\AppData\Roaming\iSafe
    2013-07-21 05:45 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\LogFiles
    2013-07-21 05:44 - 2013-07-21 05:44 - 00000000 ____D C:\Users\Prince\AppData\Roaming\eCyber
    2013-07-21 05:44 - 2013-07-21 05:43 - 00000000 ____D C:\Users\Prince\AppData\Roaming\eDownload
    2013-07-21 05:43 - 2013-07-21 05:43 - 00344672 _____ C:\Users\Prince\Downloads\iSafe.exe
    2013-07-21 05:43 - 2013-07-21 05:43 - 00000000 ____D C:\ProgramData\eSafe
    2013-07-21 05:24 - 2013-07-17 23:20 - 00000000 ____D C:\Program Files\DealPly
    2013-07-21 05:10 - 2013-07-21 05:09 - 04913198 _____ (BitDefender LLC) C:\Users\Prince\Downloads\BDRemovalToolDropper.exe
    2013-07-21 04:49 - 2013-07-21 04:49 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Malwarebytes
    2013-07-21 04:49 - 2013-07-21 04:49 - 00000000 ____D C:\ProgramData\Malwarebytes
    2013-07-21 04:48 - 2013-04-14 02:56 - 00000000 _RSHD C:\TDdownload
    2013-07-21 04:48 - 2009-07-14 12:33 - 00267496 _____ C:\Windows\system32\FNTCACHE.DAT
    2013-07-21 04:44 - 2013-07-21 04:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Prince\Downloads\mbam-setup-1.75.0.1300.exe
    2013-07-21 04:37 - 2013-07-21 04:36 - 00000000 _RSHD C:\Users\Prince\Desktop\New folder (5)
    2013-07-21 04:18 - 2012-11-18 16:47 - 00794718 _____ C:\Windows\system32\PerfStringBackup.INI
    2013-07-21 04:17 - 2013-07-21 04:15 - 00000000 _RSHD C:\Users\Prince\Desktop\New folder (4)
    2013-07-21 02:44 - 2012-11-19 03:42 - 00057944 _____ C:\Users\Prince\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-07-21 02:20 - 2013-07-21 02:20 - 00000000 ____D C:\Users\Prince\CabalRider
    2013-07-21 02:20 - 2012-11-18 16:43 - 00000000 ____D C:\Users\Prince
    2013-07-21 01:23 - 2013-07-21 01:22 - 06583119 _____ C:\Users\Prince\Downloads\CabalRider_PH2.0.150.rar
    2013-07-20 21:19 - 2013-07-20 21:19 - 00000000 _RSHD C:\Users\Prince\Desktop\Sony
    2013-07-20 19:42 - 2013-07-20 19:42 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
    2013-07-20 18:58 - 2013-07-20 18:43 - 00000000 _RSHD C:\Users\Prince\Desktop\New Thingy
    2013-07-20 18:40 - 2013-07-20 18:40 - 00000000 _RSHD C:\Users\Prince\Desktop\New folder (2)
    2013-07-20 18:39 - 2013-07-20 18:39 - 00000729 _____ C:\Users\Public\Desktop\Grand Chase.lnk
    2013-07-20 18:34 - 2013-07-20 18:34 - 00000000 ____D C:\Program Files\Level Up Games
    2013-07-20 16:09 - 2012-11-30 08:04 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4197590477-4063348244-817859574-1001Core.job
    2013-07-19 08:47 - 2013-01-23 19:53 - 00045270 _____ C:\Users\Prince\AppData\Roaming\room_v3.dat
    2013-07-19 03:46 - 2013-01-23 19:29 - 00000000 ____D C:\Users\Prince\AppData\Roaming\GarenaPlus
    2013-07-19 03:46 - 2013-01-23 19:29 - 00000000 ____D C:\ProgramData\GarenaMessenger
    2013-07-19 02:12 - 2013-01-23 19:29 - 00000000 ____D C:\Program Files\Garena Plus
    2013-07-19 01:10 - 2013-07-03 18:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2013-07-19 00:30 - 2013-07-18 03:38 - 00117720 _____ C:\Users\Prince\Documents\Chubaek.veg
    2013-07-19 00:15 - 2013-07-18 03:38 - 00103480 _____ C:\Users\Prince\Documents\Chubaek.veg.bak
    2013-07-19 00:06 - 2013-05-28 21:18 - 00000000 _RSHD C:\Users\Prince\Desktop\New folder (3)
    2013-07-19 00:04 - 2013-04-24 15:05 - 00000000 _RSHD C:\Users\Prince\Desktop\CzechII
    2013-07-19 00:04 - 2013-03-16 08:32 - 00000000 _RSHD C:\Users\Prince\Desktop\ash
    2013-07-18 23:40 - 2013-07-21 05:44 - 00867656 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110.dll
    2013-07-18 23:40 - 2013-07-21 05:44 - 00527176 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110.dll
    2013-07-18 23:25 - 2013-07-18 23:25 - 00000000 _RSHD C:\Users\Prince\Documents\OFX Presets
    2013-07-18 15:40 - 2013-07-18 15:40 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
    2013-07-18 12:38 - 2013-07-18 12:38 - 00000000 ____D C:\Users\Prince\AppData\Local\AVG Secure Search
    2013-07-18 12:29 - 2013-07-17 23:08 - 00000000 ____D C:\Program Files\WebSearch
    2013-07-18 12:29 - 2013-07-17 23:07 - 00000000 ____D C:\Program Files\SafeSaver
    2013-07-18 06:21 - 2013-07-18 03:58 - 00059184 _____ C:\Users\Prince\Documents\Chubaek - Copy.veg
    2013-07-18 05:03 - 2013-07-18 04:04 - 38397999 _____ C:\Users\Prince\Documents\Chubaek - Copy.wmv
    2013-07-18 04:03 - 2013-07-18 04:01 - 46596096 _____ C:\Users\Prince\Documents\Chubaek - Copy.mxf
    2013-07-18 04:01 - 2013-07-18 00:20 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Sony
    2013-07-18 03:57 - 2013-07-18 03:58 - 00059400 _____ C:\Users\Prince\Documents\Chubaek - Copy.veg.bak
    2013-07-18 03:57 - 2013-07-18 03:57 - 00000000 _RSHD C:\Users\Prince\Desktop\New folder
    2013-07-18 03:54 - 2013-04-10 15:03 - 00000000 _RSHD C:\Users\Prince\Desktop\Us
    2013-07-18 03:34 - 2013-07-18 03:34 - 08472677 _____ C:\Users\Prince\Documents\If You Stay - Joseph Vincent with lyrics.wmv
    2013-07-18 03:32 - 2012-12-20 23:18 - 00000000 ____D C:\ProgramData\YTD Video Downloader
    2013-07-18 01:03 - 2013-07-18 01:03 - 03207595 _____ C:\Users\Prince\Documents\Jewell Studios Countdown.wmv
    2013-07-18 00:56 - 2013-07-18 00:56 - 00000218 _____ C:\Users\Prince\AppData\Local\recently-used.xbel
    2013-07-18 00:56 - 2013-07-17 23:36 - 00000000 ____D C:\Users\Prince\AppData\Roaming\BitLord
    2013-07-18 00:54 - 2013-07-17 23:23 - 00000000 ____D C:\Users\Prince\AppData\Local\AVG SafeGuard toolbar
    2013-07-18 00:54 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\DriverStore
    2013-07-18 00:52 - 2013-07-18 00:52 - 00000000 ____D C:\ProgramData\APN
    2013-07-18 00:52 - 2012-12-20 23:18 - 00001247 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
    2013-07-18 00:37 - 2013-07-18 00:35 - 11067384 _____ C:\Users\Prince\Downloads\YTDSetup.exe
    2013-07-18 00:30 - 2013-07-18 00:30 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Publish Providers
    2013-07-18 00:30 - 2013-01-20 16:45 - 00000000 ____D C:\Users\Prince\AppData\Roaming\NVIDIA
    2013-07-18 00:22 - 2013-07-18 00:21 - 00000000 ____D C:\Users\Prince\AppData\Local\Sony
    2013-07-18 00:21 - 2013-07-18 00:21 - 00001038 _____ C:\Users\Public\Desktop\Vegas Pro 11.0.lnk
    2013-07-18 00:21 - 2013-07-18 00:21 - 00000000 ____D C:\ProgramData\Sony
    2013-07-18 00:21 - 2012-11-29 08:46 - 00000000 ____D C:\Program Files\Sony
    2013-07-18 00:10 - 2013-04-10 22:03 - 00000000 ____D C:\Windows\Minidump
    2013-07-17 23:38 - 2013-07-17 23:26 - 00000000 _RSHD C:\Users\Prince\Documents\BitLord
    2013-07-17 23:36 - 2013-07-17 23:36 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Python-Eggs
    2013-07-17 23:26 - 2013-07-17 23:26 - 00001969 _____ C:\Users\Prince\Desktop\BitLord.lnk
    2013-07-17 23:26 - 2013-07-17 23:26 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
    2013-07-17 23:26 - 2013-07-17 23:26 - 00000000 ____D C:\Program Files\BitLord 2
    2013-07-17 23:22 - 2013-07-17 23:22 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
    2013-07-17 23:22 - 2013-07-17 23:22 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
    2013-07-17 23:22 - 2013-07-17 23:22 - 00000000 ____D C:\Program Files\AVG SafeGuard toolbar
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Users\Prince\AppData\Roaming\SimilarSites
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Dealply
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Users\Prince\AppData\Local\DealPlyLive
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\ProgramData\DealPlyLive
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Program Files\SimilarSites
    2013-07-17 23:20 - 2013-07-17 23:20 - 00000000 ____D C:\Program Files\DealPlyLive
    2013-07-17 23:15 - 2013-07-17 22:57 - 00000000 ____D C:\ProgramData\InstallMate
    2013-07-17 23:15 - 2013-07-17 21:57 - 00000000 ____D C:\Users\Prince\AppData\Roaming\uTorrent
    2013-07-17 23:10 - 2012-12-05 02:26 - 00000000 ____D C:\Users\Prince\AppData\Local\Adobe
    2013-07-17 23:10 - 2012-11-19 05:27 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2013-07-17 23:10 - 2012-11-19 05:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2013-07-17 23:07 - 2012-11-19 07:02 - 00001409 _____ C:\Users\Prince\Desktop\Google Chrome.lnk
    2013-07-17 23:07 - 2012-11-19 05:31 - 00001983 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2013-07-17 23:05 - 2013-07-17 23:05 - 00298928 _____ (StarApp) C:\Users\Prince\Downloads\Sony Vegas Pro 11 (32 Bit) Inc Crack And keygen.exe
    2013-07-17 23:02 - 2013-07-17 22:57 - 00000000 ____D C:\Program Files\MagniPic
    2013-07-17 23:01 - 2013-06-21 07:34 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Sony Corporation
    2013-07-17 22:58 - 2013-07-17 22:58 - 00000000 ____D C:\ProgramData\StarApp
    2013-07-17 22:58 - 2013-06-05 10:51 - 00000000 _RSHD C:\Users\Prince\Desktop\Kodak
    2013-07-17 22:58 - 2013-04-24 21:28 - 00000000 _RSHD C:\Users\Prince\Desktop\asd
    2013-07-17 22:56 - 2013-07-17 22:56 - 00893000 _____ (PrivitizeVPN) C:\Users\Prince\Downloads\Sony_Vegas_Pro_11_(32_Bit)_{+_Crack_and_Keygen}_secure.exe
    2013-07-17 07:33 - 2013-07-17 06:39 - 00000000 _RSHD C:\Users\Prince\Desktop\LAdytookie
    2013-07-16 15:28 - 2012-11-26 15:43 - 00000000 _RSHD C:\Users\Prince\Documents\DragonNest
    2013-07-14 16:58 - 2012-12-30 12:52 - 00000000 ____D C:\Users\Prince\AppData\Roaming\Skype
    2013-07-12 01:52 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\NDF
    2013-07-10 15:13 - 2009-07-14 12:53 - 00032628 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2013-07-09 15:01 - 2013-07-09 15:01 - 00016304 ____N C:\Windows\system32\apl003.sys
    2013-07-09 15:01 - 2013-07-09 15:01 - 00013232 ____N C:\Windows\system32\apf003.sys
    2013-07-09 15:00 - 2013-07-09 15:00 - 00001679 _____ C:\Users\Public\Desktop\Avatar Star.lnk
    2013-07-09 14:59 - 2013-07-09 14:59 - 00000000 _RSHD C:\CherryDeGames
    2013-07-09 14:59 - 2012-11-19 06:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
    2013-07-09 07:18 - 2013-07-09 05:49 - 469892039 _____ (Shanda Games International) C:\Users\Prince\Downloads\ASClientVer1_1_0_35405_20130706.exe
    2013-07-05 22:59 - 2012-11-19 05:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2013-07-04 16:52 - 2013-07-04 16:52 - 00000000 ____D C:\Users\Prince\AppData\Local\Garena
    2013-07-04 16:51 - 2013-07-04 16:51 - 00000000 _RSHD C:\GarenaDownload
    2013-07-01 16:29 - 2013-01-15 23:35 - 00000000 _RSHD C:\Users\Prince\Desktop\iPod Photo Cache
    2013-06-30 06:00 - 2012-11-18 00:20 - 00000000 ____D C:\Windows\Panther
    2013-06-30 05:59 - 2013-06-30 05:59 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2013-06-30 05:59 - 2013-06-30 05:59 - 00000000 ____D C:\Program Files\CCleaner
    2013-06-30 05:41 - 2013-06-30 05:34 - 00000000 _RSHD C:\Users\Prince\Desktop\GG
    2013-06-30 05:37 - 2013-06-30 05:34 - 00000000 _RSHD C:\Users\Prince\Desktop\Txt
    2013-06-30 05:36 - 2013-01-22 22:59 - 00000000 _RSHD C:\Users\Prince\Desktop\Ranked Gaming Client
    2013-06-30 01:18 - 2013-06-05 00:01 - 00000000 _____ C:\Windows\system32\filetrace.log
    2013-06-22 15:06 - 2013-06-22 15:06 - 00000000 ____D C:\Users\Prince\AppData\Roaming\SanDisk SecureAccess
    2013-06-21 07:45 - 2013-06-21 07:34 - 00000000 _RSHD C:\Users\Prince\Documents\PS Vita

    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2013-07-13 02:23

    ==================== End Of Log ============================
      My Computer


  4. Posts : 75
    Windows 7 32Bit
    Thread Starter
       #24

    There sir
    HELP! *Urgent* A Trojan.VBAgent Virus Attached Files
      My Computer


  5. Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       #25

    Once you ran Adwcleaner and Junkware tool run this tool below

    TDSSKILLER

    download link TDSSKiller

    Right-click the program and select: Extract to tdsskiller\


    A TDSSKiller folder is found on your Desktop.
    Open the folder, and double-click the TDSSKiller application.


    When the TDSSKiller console opens, click on: Change Parameters
    Under Additional Options, place a check in the box next to: Detect TDLFS File System
    Click: OK


    Press: Start Scan


    If a suspicious object is detected, the default action is Skip, leave it as is, and click on: Continue
    If malicious objects are found, they show in the Scan results.
    Ensure Cure (the default) is selected, then click: Continue > Reboot now, to finish the cleaning process.
    (Note: If Cure is not available, select Skip, >>Do not select: Delete<<)


    When done, the tool outputs its log to the disk with the Windows Operating System, normally C:\


    Logs have a name like:
    C:\TDSSKiller.X.X.X_12.04.2013_15.31.43_log.txt


    Please post the TDSSKiller log in your reply.
      My Computer


  6. Posts : 75
    Windows 7 32Bit
    Thread Starter
       #26

    ok sir Im still waiting for the online scanner ... please sir wait .. I need to fix the folder that are missing .. Thank you so much
      My Computer


  7. Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       #27

    I'm waiting .
      My Computer


  8. Posts : 75
    Windows 7 32Bit
    Thread Starter
       #28

    Sir What Scanner will I use to the Flash Drives where the virus is.
      My Computer


  9. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #29

    You need to stay away from cracks and keygens---->
    C:\Users\Prince\Downloads\Sony_Vegas_Pro_11_(32_Bit)_{+_Crack_and_Keygen}_secure.exe
      My Computer


  10. Posts : 75
    Windows 7 32Bit
    Thread Starter
       #30

    Jacee said:
    You need to stay away from cracks and keygens---->
    C:\Users\Prince\Downloads\Sony_Vegas_Pro_11_(32_Bit)_{+_Crack_and_Keygen}_secure.exe
    Yes sir, I've learned my lesson..sorry
      My Computer


 
Page 3 of 6 FirstFirst 12345 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:28.
Find Us