hello everyone, I believe that my computer system is infected v the VBS: malware-gen. I ran a boot time scan v avast and also it showed countless files that were infected and moved come quarantine. Avast likewise pops up through a notice saying it has actually blocked a hazard whenever i am utilizing google chrome. Please assist me as shortly as possible. I really appreciate everyone the is taking the time to help out and also fix ours computers. Please examine the HJT log in below. Thanks!


R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search web page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start web page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search web page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start web page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O2 - BHO: Groove GFS internet browser Helper - 72853161-30C5-4D22-B7F9-0BBC1D38A37E - C:PROGRA~2MICROS~1Office14GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - B4F3A835-0E21-4959-BA22-42B3008E02FF - C:PROGRA~2MICROS~1Office14URLREDIR.DLL
O4 - HKLM..Run: C:Program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
O4 - HKLM..Run: "C:Program files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe" -launchedbylogin
O4 - HKLM..Run: "C:Program documents (x86)Microsoft OfficeOffice14BCSSync.exe" /DelayServices
O4 - HKCU..Run: "C:UsersDaanyal SiddiquiAppDataLocalMicrosoftOneDriveOneDrive.exe" /background
O4 - HKCU..Run: "C:UsersDaanyal SiddiquiAppDataRoamingSpotifySpotifyWebHelper.exe"
O4 - HKCU..Run: "C:UsersDaanyal SiddiquiAppDataRoamingSpotifySpotify.exe" -autostart -minimized
O4 - HKCU..Run: "C:Program files (x86)GoogleDrivegoogledrivesync.exe" /autostart
O4 - HKCU..Run: "C:Program documents (x86)Kaspersky LabKaspersky security Scankss.exe" autorun
O4 - HKCU..Run: "C:Program documents (x86)Kaspersky LabKaspersky software Updaterkl_platf.exe" ksu autorun
O4 - HKCU..RunOnce: C:WINDOWSsystem32cmd.exe /q /c rmdir /s /q "C:UsersDaanyal SiddiquiAppDataLocalMicrosoftOneDrive17.3.6281.1202amd64"
O4 - HKCU..RunOnce: C:WINDOWSsystem32cmd.exe /q /c rmdir /s /q "C:UsersDaanyal SiddiquiAppDataLocalMicrosoftOneDrive17.3.6281.1202"
O4 - HKUS.DEFAULT..Run: "C:Program files (x86)Kaspersky LabKaspersky protection Scankss.exe" autorun (User "Default user")
O4 - worldwide Startup: TP-LINK Wireless configuration Utility.lnk = C:Program records (x86)TP-LINKTP-LINK Wireless configuration UtilityTWCU.exe
O8 - Extra context food selection item: E&xport to Microsoft Excel - res://C:Program records (x86)Microsoft OfficeOffice14EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:Program documents (x86)Microsoft OfficeOffice14ONBttnIE.dll/105
O9 - Extra button: HP Smart publish - 22CC3EBD-C286-43aa-B8E6-06B115F74162 - C:Program papers (x86)Hewlett-PackardSmart PrintSmartPrintSetup.exe
O9 - Extra "Tools" menuitem: HP Smart publish - 22CC3EBD-C286-43aa-B8E6-06B115F74162 - C:Program papers (x86)Hewlett-PackardSmart PrintSmartPrintSetup.exe
O9 - Extra button: Send to OneNote - 2670000A-7350-4f3c-8081-5663EE0C6C49 - C:Program documents (x86)Microsoft OfficeOffice14ONBttnIE.dll
O9 - Extra "Tools" menuitem: Se&nd to OneNote - 2670000A-7350-4f3c-8081-5663EE0C6C49 - C:Program papers (x86)Microsoft OfficeOffice14ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked note - 789FE86F-6FC4-46A1-9849-EDE0DB0C95CA - C:Program documents (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll
O9 - Extra "Tools" menuitem: OneNote Lin&ked notes - 789FE86F-6FC4-46A1-9849-EDE0DB0C95CA - C:Program documents (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll
O18 - Protocol: windows.tbauth - 14654CA6-5711-491D-B89A-58E571679951 - C:WindowsSysWOW64 bauth.dll
O18 - Filter hijack: text/xml - 807573E5-5146-11D5-A672-00B0D022E945 - C:Program papers (x86)Common FilesMicrosoft SharedOFFICE14MSOXMLMF.DLL
O23 - Service: AdaptiveSleepService - Unknown owner - C:Program FilesATI TechnologiesATI.ACEA4AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update service (AdobeARMservice) - Adobe Systems included - C:Program documents (x86)Common FilesAdobeARM1.0armsvc.exe
%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WINDOWSSystem32alg.exe (file missing)
O23 - Service: AMD External occasions Utility - Unknown owner - C:WINDOWSsystem32atiesrxx.exe (file missing)
O23 - Service: ACP User organization (amdacpusrsvc) - progressed Micro gadgets - C:Program FilesAMD920DEC42-4CA5-4d1d-9487-67BE645CDDFCamdacpusrsvc.exe
O23 - Service: aswbIDSAgent - AVAST software s.r.o. - C:Program FilesAVAST SoftwareAvastx64aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST software - C:Program FilesAVAST SoftwareAvastAvastSvc.exe
%SystemRoot%system32DiagSvcsDiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:WINDOWSsystem32DiagSvcsDiagnosticsHub.StandardCollector.Service.exe (file missing)
%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WINDOWSSystem32lsass.exe (file missing)
%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:WINDOWSsystem32fxssvc.exe (file missing)
O23 - Service: Google Update service (gupdate) (gupdate) - Google Inc. - C:Program papers (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: Google Update service (gupdatem) (gupdatem) - Google Inc. - C:Program papers (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: Hotspot Shield organization (hshld) - AnchorFree Inc. - C:Program records (x86)Hotspot Shieldincmw_srv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision coporation, group - C:Program documents (x86)Common FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: Kaspersky protection Scan organization (kss) - AO Kaspersky laboratory - C:Program records (x86)Kaspersky LabKaspersky defense Scankss.exe
O23 - Service: KSU business (ksu) - AO Kaspersky laboratory - C:Program documents (x86)Kaspersky LabKaspersky software application Updaterkl_platf.exe
O23 - Service: Mozilla Maintenance company (MozillaMaintenance) - Mozilla foundation - C:Program documents (x86)Mozilla maintenance Servicemaintenanceservice.exe
O23 - Service: MSI_Trigger_Service - MICRO-STAR worldwide CO., LTD. - C:Program records (x86)MSIMSITriggerMSI_Trigger_Service.exe
%SystemRoot%System32 etlogon.dll,-102 (Netlogon) - Unknown owner - C:WINDOWSsystem32lsass.exe (file missing)
%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:WINDOWSsystem32locator.exe (file missing)
%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:WINDOWSsystem32lsass.exe (file missing)
%ProgramFiles%Windows Defender progressed Threat ProtectionMsSense.exe,-1001 (Sense) - Unknown owner - C:Program records (x86)Windows Defender progressed Threat ProtectionMsSense.exe (file missing)
%SystemRoot%system32SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:WINDOWSSystem32SensorDataService.exe (file missing)
%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WINDOWSSystem32snmptrap.exe (file missing)
%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WINDOWSSystem32spoolsv.exe (file missing)
%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:WINDOWSsystem32sppsvc.exe (file missing)
O23 - Service: Steam client Service - Valve copy, group - C:Program files (x86)Common FilesSteamSteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems included - C:Program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
%SystemRoot%system32TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:WINDOWSsystem32TieringEngineService.exe (file missing)
%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:WINDOWSsystem32UI0Detect.exe (file missing)
%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:WINDOWSsystem32lsass.exe (file missing)
%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WINDOWSSystem32vds.exe (file missing)
%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:WINDOWSsystem32vssvc.exe (file missing)
%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:WINDOWSsystem32wbengine.exe (file missing)
%ProgramFiles%Windows DefenderMpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:Program records (x86)Windows DefenderNisSrv.exe (file missing)
%ProgramFiles%Windows DefenderMpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:Program records (x86)Windows DefenderMsMpEng.exe (file missing)
%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:WINDOWSsystem32wbemWmiApSrv.exe (file missing)
%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program papers (x86)Windows Media Playerwmpnetwk.exe (file missing)
music-from-a.comRegister to eliminate ads


Malware solution Team3,812 postsOFFLINEGender:MaleLocal time:07:48 PM

Hello Daanyal and Welcome come the music-from-a.com.

  My name is Yılmaz and I"ll help you v the cleanup of malware from her computer.Before we move on, please check out the following points carefully.

You are watching: Vbs:malware-gen chrome

Please finish all actions in the specified order.Even if tools don"t uncover malware, I desire you to short article the logfiles anyway.Please copy and also paste the logfiles straight into your posts. Please perform not attach them uneven you are instructed to carry out so.Read the instructions carefully. If you have actually problems, prevent what you  were doing and describe the difficulties you encountered as specifically as  friend can.Don"t download or uninstall software throughout the cleanup uneven you are told to carry out so.Ensure your exterior and/or USB cd driver are put during always the scan.If friend can"t answer because that the next couple of days, you re welcome let me know. If  you haven"t answered in ~ 5 days, i am assuming that you don"t need  help anymore and your topic will be closed.If you have actually illegal/cracked software, cracks, keygens, etc. Top top the system, please eliminate or uninstall them now!I have the right to not guarantee the we will certainly find and be may be to eliminate all  malware. The cleaning process is not instant. Please continue to review  my answers until I call you that your computer system is cleanPlease reply to this thread. Do not start a brand-new topicAs my very first language is not English, please perform not usage slang or idioms. It can be tough for me to understand.

Thanks Please execute the following. Please download Farbar restore Scan Tool and also save the to your desktop.Note: You must run the variation compatibale through your system. If you are not certain which version applies to your system download both of castle and try to operation them. Only among them will run on her system, that will be the best version.

See more: Warning: Assignment Makes Integer From Pointer Without A Cast

Double-click to operation it. When the tool opens click Yes come disclaimer.Make certain the complying with option is checked: Additional.txtPress Scan button.It will certainly make a log in (FRST.txt) in the same directory the device is run. Please copy and paste the to her reply.The very first time the tool is run, the makes also another log in (Addition.txt). Please affix it to her reply.

Sincerely  .


Best regards 

If you great to show appreciation and also support me personal fighting versus malware, climate you can think about a donation. Give thanks to you.
Malware settle forumIf ns don"t answer within 24 hrs please pm me!




DaanyalTopic Starter
Members5 postsOFFLINE
Posted 22 February 2017 - 10:47 PM

Ok many thanks for your quick reply! here are the frst and added logs from farbar rescue scan tool