Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-07-2013
Ran by Prince (administrator) on 21-07-2013 11:14:10
Running from C:\Users\Prince\Desktop
Microsoft Windows 7 Ultimate (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(IDT, Inc.) c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
() C:\Program Files\Garena Plus\ggdllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\system32\ChgService.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
() C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
() C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
==================== Registry (Whitelisted) ==================
MountPoints2: {a8067054-3c18-11e2-8fa0-4487fc8947a4} - F:\.\ShowModem.exe
MountPoints2: {d6fcd473-7189-11e2-b91c-4487fc8947a4} - F:\LaunchU3.exe -a
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
MSN | Philippines - Hotmail, Outlook.com, Skype, Free online News, Video, Photos, Movies, Entertainment, Sports & more..
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchboxes.info/?l=1&q={searchTerms}&pid=964&r=2013/07/18&hid=2128542089&lg=EN&cc=PH&unqvl=28
SearchScopes: HKCU - {632191A1-115D-400F-8081-C7C3579A3F13} URL = http://websearch.ask.com/redirect?client=ie&tb=SGT&o=APN10374&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AHO&apn_dtid=^YYYYYY^YY^PH&apn_uid=389ff80c-afd6-4ee5-a588-c38f6d0a7abb&apn_sauid=E7FC96A7-1694-4CFB-AD17-FB81C7B410A1
SearchScopes: HKCU - {B15002AD-BAC6-4D53-9ED5-ECA4A2687274} URL = http://tuvaro.com/ws/?source=9e9471a2&tbp=rbox&toolbarid=base&u=1094c82c0000000000004487fc8947a4&q={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchboxes.info/?l=1&q={searchTerms}&pid=964&r=2013/07/18&hid=2128542089&lg=EN&cc=PH&unqvl=28
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6R8Sh4jaVE&i=26
BHO: GigagetIEHelper Class - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\Windows\system32\gigagetbho_v10.dll (Giganology Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: DealPly Shopping - {AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default
FF user.js: detected! => C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\user.js
FF SelectedSearchEngine: Google
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @raidcall.en/RCplugin - C:\Users\Prince\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin: @t.garena.com/garenatalk - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Prince\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\searchplugins\tuvaro.xml
FF SearchPlugin: C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: SearchNewTab - C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\Extensions\
[email protected]
FF Extension: safee save - C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\Extensions\
[email protected]
FF Extension: MagniPic - C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\Extensions\
[email protected]
FF Extension: No Name - C:\Users\Prince\AppData\Roaming\Mozilla\Firefox\Profiles\ejnl5ptn.default\Extensions\
[email protected]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [
[email protected]] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR HomePage: about:blank
CHR RestoreOnStartup: "about:blank"
CHR DefaultSearchURL: (Google) - http://www.google.com/search?q={searchTerms}
CHR DefaultSuggestURL: (Google) - "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (DealPlyLive Update) - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
CHR Plugin: (Garena Talk Plugin) - C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Prince\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Raidcall plugin) - C:\Users\Prince\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Extension: (Google Docs) - C:\Users\Prince\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Prince\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Prince\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Prince\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Prince\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Change Modem Device Service; C:\Windows\system32\ChgService.exe [135168 2010-02-05] ()
S2 dealplylive; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000 2013-07-17] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000 2013-07-17] (DealPly Technologies Ltd)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [5128560 2012-12-20] (INCA Internet Co., Ltd.)
R2 STacSV; c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe [217185 2009-06-11] (IDT, Inc.)
R2 vToolbarUpdater15.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-07-17] (AVG Secure Search)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [376896 2013-07-21] (Wsys Co., Ltd.)
==================== Drivers (Whitelisted) ====================
S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11832 2010-03-31] (Advanced Micro Devices Inc.)
S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-07-09] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-07-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-07-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-07-21] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-07-17] (AVG Technologies)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [105984 2010-01-21] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [x]
S3 MemAccDrv32; \??\E:\Install\Drivers\MemAccDrv32.sys [x]
S3 taphss6; system32\DRIVERS\taphss6.sys [x]
==================== NetSvcs (Whitelisted) ===================
uments\PS Vita