Results 1 to 3 of 3

Thread: Possible Infection - Babylon Toolbar and Giant Savings.exe

  1. 2012-08-11, 08:17 #1
    Hope12
    Hope12 is offline
    Junior Member
    Join Date
    Aug 2012
    Posts
    1

    Default

    Hello everyone,

    I was wondering if you could help me remove a virus. I keep having my anti-virus ask me if I want to allow "Giant savings.exe" I assume this is related to Babylon tool by. I cannot remember downloading babylon toolbar. I assume it was downloaded with Jdownloader but that is assumption like I said.

    Because I am a novice to all this I hope I have done the right thing by posting this here



    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by ****** at 7:07:35 on 2012-08-11
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8143.4584 [GMT 1:00]
    .
    AV: BullGuard Antivirus *Enabled/Updated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
    SP: BullGuard Antispyware *Enabled/Updated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: BullGuard Firewall *Enabled* {68747E43-7A47-EA26-053F-CB84640E3E67}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\System32\SvcHost.exe -k BullGuard_Backup
    C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
    C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy
    C:\Windows\System32\SvcHost.exe -k BullGuard_Main
    C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
    C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
    C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\IProsetMonitor.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\System32\SvcHost.exe -k BullGuard
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.5\MediaDetector.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\wuauclt.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.claro-search.com/?affID=113480&tt=090812_clr_3212_8&babsrc=HP_ss&mntrId=548b8fcd0000000000000008cae4732a
    uDefault_Page_URL = hxxp://www.pcspecialist.co.uk/
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    mWinlogon: Userinit=userinit.exe
    BHO: Claro LTD Helper Object: {000f18f2-09eb-4a59-82b2-5ae4184c39c3} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll
    BHO: Giant Savings: {11111111-1111-1111-1111-110011441179} - C:\Program Files (x86)\Giant Savings\Giant Savings.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
    BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll"
    TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: Claro LTD Toolbar: {9e131a93-eed7-4beb-b015-a0adb30b5646} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll
    uRun: [Google Update] "C:\Users\Darryl\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [BlazeServoTool] "C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.5\MediaDetector.exe"
    uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
    mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
    mRun: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
    mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    StartupFolder: C:\Users\Darryl\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
    StartupFolder: C:\Users\Darryl\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech\Ereg\eReg.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Files32\Antiphishing\IE\BGAntiphishingIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    LSP: C:\Windows\system32\BGLsp.dll
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{D8EDE661-A234-4F39-8C52-9B7A9C8DC7D9} : DhcpNameServer = 192.168.2.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs: BgGamingMonitor.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: Claro LTD Helper Object: {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll
    BHO-X64: Claro LTD Helper Object - No File
    BHO-X64: Giant Savings: {11111111-1111-1111-1111-110011441179} - C:\Program Files (x86)\Giant Savings\Giant Savings.dll
    BHO-X64: CrossriderApp0004479 - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
    BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO-X64: Ask Toolbar BHO - No File
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll"
    TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB-X64: Claro LTD Toolbar: {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll
    mRun-x64: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun-x64: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
    mRun-x64: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
    mRun-x64: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
    mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    AppInit_DLLs-X64: BgGamingMonitor.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 asahci64;asahci64;C:\Windows\system32\drivers\asahci64.sys --> C:\Windows\system32\drivers\asahci64.sys [?]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\system32\drivers\iusb3hcs.sys --> C:\Windows\system32\drivers\iusb3hcs.sys [?]
    R1 AFW;Agnitum Firewall Driver;C:\Windows\system32\DRIVERS\afw.sys --> C:\Windows\system32\DRIVERS\afw.sys [?]
    R1 BdSpy;BdSpy;C:\Windows\system32\DRIVERS\BdSpy.sys --> C:\Windows\system32\DRIVERS\BdSpy.sys [?]
    R1 NovaShieldFilterDriver;NovaShieldFilterDriver;C:\Windows\system32\DRIVERS\NSKernel.sys --> C:\Windows\system32\DRIVERS\NSKernel.sys [?]
    R1 NovaShieldTDIDriver;NovaShieldTDIDriver;C:\Windows\system32\DRIVERS\NSNetmon.sys --> C:\Windows\system32\DRIVERS\NSNetmon.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
    R2 BsBackup;BullGuard backup service;C:\Windows\System32\SvcHost.exe -k BullGuard_Backup [2009-7-14 20992]
    R2 BsBhvScan;BullGuard Behavioural Detection;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2012-7-13 368480]
    R2 BsFileScan;BullGuard on-access service;C:\Windows\System32\SvcHost.exe -k BullGuard [2009-7-14 20992]
    R2 BsFire;BullGuard firewall service;C:\Windows\System32\SvcHost.exe -k BullGuard [2009-7-14 20992]
    R2 BsMailProxy;BullGuard e-mail monitoring service;C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy [2009-7-14 20992]
    R2 BsMain;BullGuard main service;C:\Windows\System32\SvcHost.exe -k BullGuard_Main [2009-7-14 20992]
    R2 BsScanner;BullGuard scanning service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2012-7-13 199520]
    R2 BsUpdate;BullGuard update service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2012-7-13 379744]
    R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-7-12 225280]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-12 13592]
    R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-7-12 1262400]
    R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-7-5 3048136]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
    R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
    R3 afwcore;afwcore;C:\Windows\system32\DRIVERS\afwcore.sys --> C:\Windows\system32\DRIVERS\afwcore.sys [?]
    R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\drivers\asmthub3.sys --> C:\Windows\system32\drivers\asmthub3.sys [?]
    R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\drivers\asmtxhci.sys --> C:\Windows\system32\drivers\asmtxhci.sys [?]
    R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408]
    R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\system32\drivers\iusb3hub.sys --> C:\Windows\system32\drivers\iusb3hub.sys [?]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\drivers\iusb3xhc.sys --> C:\Windows\system32\drivers\iusb3xhc.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
    R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
    S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816]
    S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/07/18 19:56:41;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 CompFilter64;UVCCompositeFilter;C:\Windows\system32\DRIVERS\lvbflt64.sys --> C:\Windows\system32\DRIVERS\lvbflt64.sys [?]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
    S3 IAMTVE;Driver for Intel(R) Active Management Technology - KCS;C:\Windows\system32\drivers\IAMTVE.sys --> C:\Windows\system32\drivers\IAMTVE.sys [?]
    S3 IAMTXPE;Driver for Intel(R) Active Management Technology - KCS;C:\Windows\system32\drivers\IAMTXPE.sys --> C:\Windows\system32\drivers\IAMTXPE.sys [?]
    S3 ioatdma1;ioatdma1;C:\Windows\system32\Drivers\qd162x64.sys --> C:\Windows\system32\Drivers\qd162x64.sys [?]
    S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\system32\Drivers\qd262x64.sys --> C:\Windows\system32\Drivers\qd262x64.sys [?]
    S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
    S3 LVUVC64;Logitech HD Webcam C525(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
    S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\drivers\nvstusb.sys --> C:\Windows\system32\drivers\nvstusb.sys [?]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
    .
    =============== Created Last 30 ================
    .
    2012-08-10 21:29:50 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{385732B5-85D8-4B04-858A-3C14E039267E}\offreg.dll
    2012-08-10 21:20:24 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-08-10 21:20:24 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2012-08-10 18:42:59 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{385732B5-85D8-4B04-858A-3C14E039267E}\mpengine.dll
    2012-08-09 23:36:28 -------- d-----w- C:\Program Files (x86)\Claro LTD
    2012-08-09 23:35:39 -------- d-----w- C:\Program Files (x86)\JDownloader
    2012-08-09 23:35:23 -------- d-----w- C:\Users\Darryl\AppData\Local\Giant Savings
    2012-08-09 23:35:22 -------- d-----w- C:\Program Files (x86)\Giant Savings
    2012-08-09 23:35:11 -------- d-----w- C:\ProgramData\Babylon
    2012-08-08 22:55:23 -------- d-----w- C:\Users\Darryl\AppData\Roaming\Xilisoft
    2012-08-08 10:11:59 -------- d-----w- C:\Users\Darryl\AppData\Roaming\HandBrake
    2012-08-08 10:09:19 -------- d-----w- C:\Program Files\Handbrake
    2012-08-08 10:06:28 -------- d-----w- C:\Program Files (x86)\MKVcleaver
    2012-08-08 09:52:24 -------- d-----w- C:\Users\Darryl\AppData\Local\Sony
    2012-08-08 09:13:33 -------- d-----w- C:\Users\Darryl\AppData\Roaming\mkvtoolnix
    2012-08-07 08:23:11 -------- d-----w- C:\Program Files (x86)\MKVtoolnix
    2012-08-07 08:23:03 -------- d-----w- C:\Program Files (x86)\Haali
    2012-08-07 08:22:28 -------- d-----w- C:\Program Files (x86)\Ask.com
    2012-08-07 08:22:11 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
    2012-08-07 08:21:58 -------- d-----w- C:\Program Files (x86)\AVStoDVD
    2012-08-03 15:54:58 -------- d-----w- C:\Direct X
    2012-08-03 15:50:34 204800 ----a-w- C:\Windows\System32\unrar64.dll
    2012-08-03 15:50:33 -------- d-----w- C:\Program Files\MPC-HC
    2012-07-31 18:52:20 902656 ----a-w- C:\Windows\System32\d2d1.dll
    2012-07-31 18:52:20 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2012-07-31 18:52:20 1139200 ----a-w- C:\Windows\System32\FntCache.dll
    2012-07-30 15:51:54 -------- d-----w- C:\Users\Darryl\AppData\Local\Downloaded Installations
    2012-07-30 15:51:37 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
    2012-07-30 15:13:00 -------- d-----w- C:\Users\Darryl\AppData\Local\Apple Computer
    2012-07-30 15:10:19 -------- d-----w- C:\Users\Darryl\MSYNC
    2012-07-30 15:09:53 -------- d-----w- C:\Program Files (x86)\Media Mushroom Limited
    2012-07-27 12:43:07 -------- d-----w- C:\Users\Darryl\AppData\Local\Western Digital
    2012-07-25 20:47:12 -------- d-----w- C:\Users\Darryl\AppData\Local\Adobe
    2012-07-24 12:17:40 -------- d-----w- C:\Users\Darryl\AppData\Roaming\OpenOffice.org
    2012-07-24 12:17:22 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3
    2012-07-24 09:10:49 -------- d-----w- C:\Users\Darryl\AppData\Roaming\dBpoweramp
    2012-07-24 09:08:23 6908648 ----a-w- C:\Windows\SysWow64\SpoonUninstall.exe
    2012-07-24 09:08:23 -------- d-----w- C:\Users\Darryl\AppData\Roaming\AccurateRip
    2012-07-24 09:08:20 -------- d-----w- C:\Program Files (x86)\Illustrate
    2012-07-24 08:08:44 -------- d-----w- C:\Users\Darryl\AppData\Local\WinZip
    2012-07-24 08:08:31 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
    2012-07-24 08:07:38 -------- d-----w- C:\Users\Darryl\.swt
    2012-07-24 08:07:37 -------- d-----w- C:\Users\Darryl\AppData\Roaming\Azureus
    2012-07-24 08:06:40 -------- d-----w- C:\Program Files (x86)\Vuze
    2012-07-23 01:00:42 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
    2012-07-22 17:34:04 -------- d-----w- C:\Users\Darryl\AppData\Local\Logitech® Webcam Software
    2012-07-22 17:32:05 -------- d-----w- C:\Users\Darryl\AppData\Local\LogiShrd
    2012-07-21 19:44:58 53248 ----a-r- C:\Users\Darryl\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
    2012-07-21 19:43:41 -------- d-----w- C:\Program Files (x86)\Common Files\LWS
    2012-07-21 19:04:22 -------- d-----w- C:\Program Files (x86)\Microsoft
    2012-07-21 19:03:54 -------- d-----r- C:\Program Files (x86)\Skype
    2012-07-20 15:36:41 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-07-20 15:36:41 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-07-20 15:33:13 -------- d-----w- C:\Users\Darryl\AppData\Local\twitter
    2012-07-20 15:32:51 788536 ----a-r- C:\Users\Darryl\AppData\Roaming\Microsoft\Installer\{B2F34D92-C5CF-4801-90CB-D04A5634B334}\TweetDeck.exe
    2012-07-20 15:32:51 -------- d-----w- C:\Program Files (x86)\Twitter
    2012-07-18 21:36:53 -------- d-----w- C:\Windows\Downloaded Installations
    2012-07-18 21:36:47 14 ----a-w- C:\Windows\SysWow64\systni.dll
    2012-07-18 21:36:44 -------- d-----w- C:\ProgramData\BlazeVideo
    2012-07-18 21:36:35 18432 ----a-w- C:\Windows\System32\drivers\NTIDrvr.sys
    2012-07-18 21:36:35 17408 ----a-w- C:\Windows\System32\drivers\UBHelper.sys
    2012-07-18 21:36:30 -------- d-----w- C:\ProgramData\NTI Launcher
    2012-07-18 21:36:05 -------- d-----w- C:\Program Files (x86)\Common Files\muvee Technologies
    2012-07-18 21:36:03 -------- d-----w- C:\Program Files (x86)\NTI
    2012-07-18 21:34:07 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
    2012-07-18 21:25:45 -------- d-----w- C:\Program Files (x86)\Downloaded Installations
    2012-07-18 20:30:17 -------- d-----w- C:\Program Files (x86)\DVD Shrink
    2012-07-18 20:17:05 -------- d-----w- C:\Program Files (x86)\VideoLAN
    2012-07-18 19:52:45 -------- d-----w- C:\Users\Darryl\AppData\Local\Power2Go
    2012-07-18 19:33:58 -------- d-----w- C:\Program Files (x86)\DVD Decrypter
    2012-07-18 19:21:43 59904 ----a-w- C:\Windows\SysWow64\wbemdisp.tlb
    2012-07-18 19:21:43 16384 ----a-w- C:\Windows\SysWow64\lgfwunis.exe
    2012-07-18 19:21:43 115016 ----a-w- C:\Windows\SysWow64\MSINET.OCX
    2012-07-18 19:21:43 102912 ----a-w- C:\Windows\SysWow64\Vb6stkit.dll
    2012-07-18 19:21:43 102160 ----a-w- C:\Windows\SysWow64\VB6KO.DLL
    2012-07-18 19:21:42 -------- d-----w- C:\Program Files (x86)\lg_fwupdate
    2012-07-18 18:55:57 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2012-07-18 18:55:57 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2012-07-18 18:55:57 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
    2012-07-18 18:54:09 -------- d-----w- C:\Users\Darryl\AppData\Local\Cyberlink
    2012-07-18 18:52:11 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
    2012-07-18 18:52:11 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
    2012-07-18 18:52:11 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
    2012-07-18 18:52:11 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
    2012-07-18 18:04:51 -------- d-----w- C:\Users\Darryl\AppData\Local\Google
    2012-07-18 18:04:30 -------- d-----w- C:\Users\Darryl\AppData\Local\Deployment
    2012-07-18 18:04:30 -------- d-----w- C:\Users\Darryl\AppData\Local\Apps
    2012-07-18 18:01:55 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
    2012-07-18 18:00:57 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2012-07-18 17:53:38 -------- d-----w- C:\Windows\SysWow64\Wat
    2012-07-18 17:53:38 -------- d-----w- C:\Windows\System32\Wat
    2012-07-18 17:36:19 3148800 ----a-w- C:\Windows\System32\win32k.sys
    2012-07-18 17:30:01 294912 ----a-w- C:\Windows\System32\browserchoice.exe
    2012-07-18 17:27:21 81408 ----a-w- C:\Windows\System32\imagehlp.dll
    2012-07-18 17:27:21 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
    2012-07-18 17:27:21 5120 ----a-w- C:\Windows\System32\wmi.dll
    2012-07-18 17:27:21 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
    2012-07-18 17:27:21 220672 ----a-w- C:\Windows\System32\wintrust.dll
    2012-07-18 17:27:21 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2012-07-18 17:27:21 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
    2012-07-13 08:29:06 -------- d-----w- C:\Users\Darryl\AppData\Roaming\NVIDIA
    2012-07-13 08:06:24 62816 ----a-w- C:\Windows\System32\BGLsp.dll
    2012-07-13 08:06:24 53088 ----a-w- C:\Windows\SysWow64\BGLsp.dll
    2012-07-13 08:06:24 111064 ----a-w- C:\Windows\System32\BgGamingMonitor.dll
    2012-07-13 08:06:24 100216 ----a-w- C:\Windows\SysWow64\BgGamingMonitor.dll
    2012-07-13 07:59:33 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-07-13 07:59:33 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
    2012-07-13 07:59:33 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
    2012-07-12 15:37:52 -------- d-----w- C:\Windows\Panther
    2012-07-12 15:37:14 36472 ----a-w- C:\Windows\System32\NicCo36.dll
    2012-07-12 15:34:43 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
    2012-07-12 15:29:36 568600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
    2012-07-12 15:29:00 2791424 ----a-w- C:\Windows\System32\drivers\athrx.sys
    2012-07-12 15:29:00 2791424 ----a-w- C:\Windows\System32\athrx.sys
    2012-07-12 15:29:00 -------- d-----w- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
    2012-07-12 15:28:37 -------- d-----w- C:\ProgramData\Qualcomm Atheros
    2012-07-12 15:28:20 178344 ----a-w- C:\Windows\System32\IPROSetMonitor.exe
    2012-07-12 15:28:13 42192 ----a-w- C:\Windows\System32\drivers\qd262x64.sys
    2012-07-12 15:28:12 40144 ----a-w- C:\Windows\System32\drivers\qd162x64.sys
    2012-07-12 15:28:12 318152 ----a-w- C:\Windows\System32\ioatco.dll
    2012-07-12 15:28:09 51096 ----a-w- C:\Windows\System32\drivers\IAMTXPE.sys
    2012-07-12 15:28:08 43416 ----a-w- C:\Windows\System32\drivers\IAMTVE.sys
    2012-07-12 15:27:09 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
    2012-07-12 15:26:53 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
    2012-07-12 15:26:47 355096 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
    2012-07-12 15:26:46 786200 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
    2012-07-12 15:26:14 -------- d-----w- C:\Program Files (x86)\ASM106xSATA
    2012-07-12 15:18:09 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
    2012-07-12 15:18:06 60184 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
    2012-07-12 15:15:35 -------- d-----w- C:\Windows\SysWow64\RTCOM
    2012-07-12 15:15:35 -------- d-----w- C:\Program Files\Realtek
    2012-07-12 15:12:02 -------- d-----w- C:\Windows\AsusInstAll
    2012-07-12 15:12:01 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
    2012-07-12 14:56:59 26604032 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\SingleImage.WW\SingleImageWW.msi
    2012-07-12 14:55:56 949056 ----a-w- C:\Windows\System32\nvumdshimx.dll
    2012-07-12 14:40:35 355016 ----a-r- C:\Windows\System32\PROUnstl.exe
    .
    ==================== Find3M ====================
    .
    2012-07-13 08:06:22 25160 ----a-w- C:\Windows\System32\drivers\NSNetmon.sys
    2012-07-13 08:06:21 38528 ----a-r- C:\Windows\System32\drivers\Afw.sys
    2012-07-13 08:05:51 256072 ----a-w- C:\Windows\System32\drivers\NSKernel.sys
    2012-07-13 08:05:42 290376 ----a-w- C:\Windows\System32\drivers\Trufos.sys
    2012-07-13 08:05:17 445568 ----a-r- C:\Windows\System32\drivers\AfwCore.sys
    2012-06-25 15:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
    2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
    2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
    2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
    2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
    2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2012-06-02 14:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2012-06-02 14:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
    2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
    2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
    2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2012-05-31 11:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe
    2012-05-15 12:55:40 398656 ----a-w- C:\Windows\System32\drivers\nvstusb.sys
    2012-05-15 12:55:38 1468224 ----a-w- C:\Windows\System32\nvir3dgenco6420142.dll
    2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe
    2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll
    2012-05-15 09:29:46 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll
    2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll
    2012-05-15 09:29:45 2621723 ----a-w- C:\Windows\System32\nvcoproc.bin
    2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll
    2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll
    2012-05-15 09:21:50 423744 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    .
    ============= FINISH: 7:07:55.67 ===============

    Also I tried a spypot scan and it couldn't remove Babylon toolbar
  2. 2012-08-12, 11:12 #2
    Satchfan
    Satchfan is offline
    Anti-Malware Team Satchfan's Avatar
    Join Date
    Feb 2009
    Location
    Exeter, UK
    Posts
    172

    Default

    Hello Hope12 and welcome to the Safer Networking Forum .

    My name is Satchfan and I would be glad to help you with your computer problem.

    Please read the following guidelines which will help to make cleaning your machine easier:
    • please follow all instructions in the order posted
    • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
    • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
    • if you don't understand something, please don't hesitate to ask for clarification before proceeding
    • the fixes are specific to your problem and should only be used for this issue on this machine.
    • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

    IMPORTANT:

    Please DO NOT install/uninstall any programs unless asked to.
    Please DO NOT run any scans other than those requested

    Please can you send the Attach.txt log that was also produced when you ran DDS

    Thanks

    Satchfan
  3. 2012-08-15, 23:36 #3
    Satchfan
    Satchfan is offline
    Anti-Malware Team Satchfan's Avatar
    Join Date
    Feb 2009
    Location
    Exeter, UK
    Posts
    172

    Default

    Hi Hope12

    It has been a couple of days since I replied to your request for help with your computer problems.

    Please let me know if you are having problems and still need help.

    Thanks

    Satchfan
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules