Hope12
2012-08-11, 09:17
Hello everyone,
I was wondering if you could help me remove a virus. I keep having my anti-virus ask me if I want to allow "Giant savings.exe" I assume this is related to Babylon tool by. I cannot remember downloading babylon toolbar. I assume it was downloaded with Jdownloader but that is assumption like I said.
Because I am a novice to all this I hope I have done the right thing by posting this here
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by ****** at 7:07:35 on 2012-08-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8143.4584 [GMT 1:00]
.
AV: BullGuard Antivirus *Enabled/Updated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
SP: BullGuard Antispyware *Enabled/Updated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: BullGuard Firewall *Enabled* {68747E43-7A47-EA26-053F-CB84640E3E67}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_Backup
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy
C:\Windows\System32\SvcHost.exe -k BullGuard_Main
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\System32\SvcHost.exe -k BullGuard
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.5\MediaDetector.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.claro-search.com/?affID=113480&tt=090812_clr_3212_8&babsrc=HP_ss&mntrId=548b8fcd0000000000000008cae4732a
uDefault_Page_URL = hxxp://www.pcspecialist.co.uk/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit=userinit.exe
BHO: Claro LTD Helper Object: {000f18f2-09eb-4a59-82b2-5ae4184c39c3} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll
BHO: Giant Savings: {11111111-1111-1111-1111-110011441179} - C:\Program Files (x86)\Giant Savings\Giant Savings.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll"
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Claro LTD Toolbar: {9e131a93-eed7-4beb-b015-a0adb30b5646} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll
uRun: [Google Update] "C:\Users\Darryl\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [BlazeServoTool] "C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.5\MediaDetector.exe"
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Darryl\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Darryl\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech\Ereg\eReg.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Files32\Antiphishing\IE\BGAntiphishingIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: C:\Windows\system32\BGLsp.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{D8EDE661-A234-4F39-8C52-9B7A9C8DC7D9} : DhcpNameServer = 192.168.2.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: BgGamingMonitor.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Claro LTD Helper Object: {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll
BHO-X64: Claro LTD Helper Object - No File
BHO-X64: Giant Savings: {11111111-1111-1111-1111-110011441179} - C:\Program Files (x86)\Giant Savings\Giant Savings.dll
BHO-X64: CrossriderApp0004479 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll"
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: Claro LTD Toolbar: {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll
mRun-x64: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun-x64: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun-x64: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
AppInit_DLLs-X64: BgGamingMonitor.dll
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\system32\drivers\asahci64.sys --> C:\Windows\system32\drivers\asahci64.sys [?]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\system32\drivers\iusb3hcs.sys --> C:\Windows\system32\drivers\iusb3hcs.sys [?]
R1 AFW;Agnitum Firewall Driver;C:\Windows\system32\DRIVERS\afw.sys --> C:\Windows\system32\DRIVERS\afw.sys [?]
R1 BdSpy;BdSpy;C:\Windows\system32\DRIVERS\BdSpy.sys --> C:\Windows\system32\DRIVERS\BdSpy.sys [?]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;C:\Windows\system32\DRIVERS\NSKernel.sys --> C:\Windows\system32\DRIVERS\NSKernel.sys [?]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;C:\Windows\system32\DRIVERS\NSNetmon.sys --> C:\Windows\system32\DRIVERS\NSNetmon.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 BsBackup;BullGuard backup service;C:\Windows\System32\SvcHost.exe -k BullGuard_Backup [2009-7-14 20992]
R2 BsBhvScan;BullGuard Behavioural Detection;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2012-7-13 368480]
R2 BsFileScan;BullGuard on-access service;C:\Windows\System32\SvcHost.exe -k BullGuard [2009-7-14 20992]
R2 BsFire;BullGuard firewall service;C:\Windows\System32\SvcHost.exe -k BullGuard [2009-7-14 20992]
R2 BsMailProxy;BullGuard e-mail monitoring service;C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy [2009-7-14 20992]
R2 BsMain;BullGuard main service;C:\Windows\System32\SvcHost.exe -k BullGuard_Main [2009-7-14 20992]
R2 BsScanner;BullGuard scanning service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2012-7-13 199520]
R2 BsUpdate;BullGuard update service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2012-7-13 379744]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-7-12 225280]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-12 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-7-12 1262400]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-7-5 3048136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R3 afwcore;afwcore;C:\Windows\system32\DRIVERS\afwcore.sys --> C:\Windows\system32\DRIVERS\afwcore.sys [?]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\drivers\asmthub3.sys --> C:\Windows\system32\drivers\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\drivers\asmtxhci.sys --> C:\Windows\system32\drivers\asmtxhci.sys [?]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\system32\drivers\iusb3hub.sys --> C:\Windows\system32\drivers\iusb3hub.sys [?]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\drivers\iusb3xhc.sys --> C:\Windows\system32\drivers\iusb3xhc.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/07/18 19:56:41;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 CompFilter64;UVCCompositeFilter;C:\Windows\system32\DRIVERS\lvbflt64.sys --> C:\Windows\system32\DRIVERS\lvbflt64.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 IAMTVE;Driver for Intel(R) Active Management Technology - KCS;C:\Windows\system32\drivers\IAMTVE.sys --> C:\Windows\system32\drivers\IAMTVE.sys [?]
S3 IAMTXPE;Driver for Intel(R) Active Management Technology - KCS;C:\Windows\system32\drivers\IAMTXPE.sys --> C:\Windows\system32\drivers\IAMTXPE.sys [?]
S3 ioatdma1;ioatdma1;C:\Windows\system32\Drivers\qd162x64.sys --> C:\Windows\system32\Drivers\qd162x64.sys [?]
S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\system32\Drivers\qd262x64.sys --> C:\Windows\system32\Drivers\qd262x64.sys [?]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 LVUVC64;Logitech HD Webcam C525(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\drivers\nvstusb.sys --> C:\Windows\system32\drivers\nvstusb.sys [?]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-08-10 21:29:50 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{385732B5-85D8-4B04-858A-3C14E039267E}\offreg.dll
2012-08-10 21:20:24 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-08-10 21:20:24 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-08-10 18:42:59 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{385732B5-85D8-4B04-858A-3C14E039267E}\mpengine.dll
2012-08-09 23:36:28 -------- d-----w- C:\Program Files (x86)\Claro LTD
2012-08-09 23:35:39 -------- d-----w- C:\Program Files (x86)\JDownloader
2012-08-09 23:35:23 -------- d-----w- C:\Users\Darryl\AppData\Local\Giant Savings
2012-08-09 23:35:22 -------- d-----w- C:\Program Files (x86)\Giant Savings
2012-08-09 23:35:11 -------- d-----w- C:\ProgramData\Babylon
2012-08-08 22:55:23 -------- d-----w- C:\Users\Darryl\AppData\Roaming\Xilisoft
2012-08-08 10:11:59 -------- d-----w- C:\Users\Darryl\AppData\Roaming\HandBrake
2012-08-08 10:09:19 -------- d-----w- C:\Program Files\Handbrake
2012-08-08 10:06:28 -------- d-----w- C:\Program Files (x86)\MKVcleaver
2012-08-08 09:52:24 -------- d-----w- C:\Users\Darryl\AppData\Local\Sony
2012-08-08 09:13:33 -------- d-----w- C:\Users\Darryl\AppData\Roaming\mkvtoolnix
2012-08-07 08:23:11 -------- d-----w- C:\Program Files (x86)\MKVtoolnix
2012-08-07 08:23:03 -------- d-----w- C:\Program Files (x86)\Haali
2012-08-07 08:22:28 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-08-07 08:22:11 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
2012-08-07 08:21:58 -------- d-----w- C:\Program Files (x86)\AVStoDVD
2012-08-03 15:54:58 -------- d-----w- C:\Direct X
2012-08-03 15:50:34 204800 ----a-w- C:\Windows\System32\unrar64.dll
2012-08-03 15:50:33 -------- d-----w- C:\Program Files\MPC-HC
2012-07-31 18:52:20 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-07-31 18:52:20 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-07-31 18:52:20 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2012-07-30 15:51:54 -------- d-----w- C:\Users\Darryl\AppData\Local\Downloaded Installations
2012-07-30 15:51:37 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-07-30 15:13:00 -------- d-----w- C:\Users\Darryl\AppData\Local\Apple Computer
2012-07-30 15:10:19 -------- d-----w- C:\Users\Darryl\MSYNC
2012-07-30 15:09:53 -------- d-----w- C:\Program Files (x86)\Media Mushroom Limited
2012-07-27 12:43:07 -------- d-----w- C:\Users\Darryl\AppData\Local\Western Digital
2012-07-25 20:47:12 -------- d-----w- C:\Users\Darryl\AppData\Local\Adobe
2012-07-24 12:17:40 -------- d-----w- C:\Users\Darryl\AppData\Roaming\OpenOffice.org
2012-07-24 12:17:22 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3
2012-07-24 09:10:49 -------- d-----w- C:\Users\Darryl\AppData\Roaming\dBpoweramp
2012-07-24 09:08:23 6908648 ----a-w- C:\Windows\SysWow64\SpoonUninstall.exe
2012-07-24 09:08:23 -------- d-----w- C:\Users\Darryl\AppData\Roaming\AccurateRip
2012-07-24 09:08:20 -------- d-----w- C:\Program Files (x86)\Illustrate
2012-07-24 08:08:44 -------- d-----w- C:\Users\Darryl\AppData\Local\WinZip
2012-07-24 08:08:31 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2012-07-24 08:07:38 -------- d-----w- C:\Users\Darryl\.swt
2012-07-24 08:07:37 -------- d-----w- C:\Users\Darryl\AppData\Roaming\Azureus
2012-07-24 08:06:40 -------- d-----w- C:\Program Files (x86)\Vuze
2012-07-23 01:00:42 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2012-07-22 17:34:04 -------- d-----w- C:\Users\Darryl\AppData\Local\Logitech® Webcam Software
2012-07-22 17:32:05 -------- d-----w- C:\Users\Darryl\AppData\Local\LogiShrd
2012-07-21 19:44:58 53248 ----a-r- C:\Users\Darryl\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-07-21 19:43:41 -------- d-----w- C:\Program Files (x86)\Common Files\LWS
2012-07-21 19:04:22 -------- d-----w- C:\Program Files (x86)\Microsoft
2012-07-21 19:03:54 -------- d-----r- C:\Program Files (x86)\Skype
2012-07-20 15:36:41 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-20 15:36:41 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-20 15:33:13 -------- d-----w- C:\Users\Darryl\AppData\Local\twitter
2012-07-20 15:32:51 788536 ----a-r- C:\Users\Darryl\AppData\Roaming\Microsoft\Installer\{B2F34D92-C5CF-4801-90CB-D04A5634B334}\TweetDeck.exe
2012-07-20 15:32:51 -------- d-----w- C:\Program Files (x86)\Twitter
2012-07-18 21:36:53 -------- d-----w- C:\Windows\Downloaded Installations
2012-07-18 21:36:47 14 ----a-w- C:\Windows\SysWow64\systni.dll
2012-07-18 21:36:44 -------- d-----w- C:\ProgramData\BlazeVideo
2012-07-18 21:36:35 18432 ----a-w- C:\Windows\System32\drivers\NTIDrvr.sys
2012-07-18 21:36:35 17408 ----a-w- C:\Windows\System32\drivers\UBHelper.sys
2012-07-18 21:36:30 -------- d-----w- C:\ProgramData\NTI Launcher
2012-07-18 21:36:05 -------- d-----w- C:\Program Files (x86)\Common Files\muvee Technologies
2012-07-18 21:36:03 -------- d-----w- C:\Program Files (x86)\NTI
2012-07-18 21:34:07 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2012-07-18 21:25:45 -------- d-----w- C:\Program Files (x86)\Downloaded Installations
2012-07-18 20:30:17 -------- d-----w- C:\Program Files (x86)\DVD Shrink
2012-07-18 20:17:05 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-07-18 19:52:45 -------- d-----w- C:\Users\Darryl\AppData\Local\Power2Go
2012-07-18 19:33:58 -------- d-----w- C:\Program Files (x86)\DVD Decrypter
2012-07-18 19:21:43 59904 ----a-w- C:\Windows\SysWow64\wbemdisp.tlb
2012-07-18 19:21:43 16384 ----a-w- C:\Windows\SysWow64\lgfwunis.exe
2012-07-18 19:21:43 115016 ----a-w- C:\Windows\SysWow64\MSINET.OCX
2012-07-18 19:21:43 102912 ----a-w- C:\Windows\SysWow64\Vb6stkit.dll
2012-07-18 19:21:43 102160 ----a-w- C:\Windows\SysWow64\VB6KO.DLL
2012-07-18 19:21:42 -------- d-----w- C:\Program Files (x86)\lg_fwupdate
2012-07-18 18:55:57 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-07-18 18:55:57 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-07-18 18:55:57 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-07-18 18:54:09 -------- d-----w- C:\Users\Darryl\AppData\Local\Cyberlink
2012-07-18 18:52:11 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-07-18 18:52:11 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-07-18 18:52:11 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-07-18 18:52:11 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-07-18 18:04:51 -------- d-----w- C:\Users\Darryl\AppData\Local\Google
2012-07-18 18:04:30 -------- d-----w- C:\Users\Darryl\AppData\Local\Deployment
2012-07-18 18:04:30 -------- d-----w- C:\Users\Darryl\AppData\Local\Apps
2012-07-18 18:01:55 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2012-07-18 18:00:57 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-07-18 17:53:38 -------- d-----w- C:\Windows\SysWow64\Wat
2012-07-18 17:53:38 -------- d-----w- C:\Windows\System32\Wat
2012-07-18 17:36:19 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-18 17:30:01 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2012-07-18 17:27:21 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-07-18 17:27:21 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-07-18 17:27:21 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-07-18 17:27:21 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-07-18 17:27:21 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-07-18 17:27:21 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-07-18 17:27:21 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-07-13 08:29:06 -------- d-----w- C:\Users\Darryl\AppData\Roaming\NVIDIA
2012-07-13 08:06:24 62816 ----a-w- C:\Windows\System32\BGLsp.dll
2012-07-13 08:06:24 53088 ----a-w- C:\Windows\SysWow64\BGLsp.dll
2012-07-13 08:06:24 111064 ----a-w- C:\Windows\System32\BgGamingMonitor.dll
2012-07-13 08:06:24 100216 ----a-w- C:\Windows\SysWow64\BgGamingMonitor.dll
2012-07-13 07:59:33 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-07-13 07:59:33 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-07-13 07:59:33 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-07-12 15:37:52 -------- d-----w- C:\Windows\Panther
2012-07-12 15:37:14 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2012-07-12 15:34:43 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2012-07-12 15:29:36 568600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-07-12 15:29:00 2791424 ----a-w- C:\Windows\System32\drivers\athrx.sys
2012-07-12 15:29:00 2791424 ----a-w- C:\Windows\System32\athrx.sys
2012-07-12 15:29:00 -------- d-----w- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
2012-07-12 15:28:37 -------- d-----w- C:\ProgramData\Qualcomm Atheros
2012-07-12 15:28:20 178344 ----a-w- C:\Windows\System32\IPROSetMonitor.exe
2012-07-12 15:28:13 42192 ----a-w- C:\Windows\System32\drivers\qd262x64.sys
2012-07-12 15:28:12 40144 ----a-w- C:\Windows\System32\drivers\qd162x64.sys
2012-07-12 15:28:12 318152 ----a-w- C:\Windows\System32\ioatco.dll
2012-07-12 15:28:09 51096 ----a-w- C:\Windows\System32\drivers\IAMTXPE.sys
2012-07-12 15:28:08 43416 ----a-w- C:\Windows\System32\drivers\IAMTVE.sys
2012-07-12 15:27:09 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2012-07-12 15:26:53 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2012-07-12 15:26:47 355096 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2012-07-12 15:26:46 786200 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2012-07-12 15:26:14 -------- d-----w- C:\Program Files (x86)\ASM106xSATA
2012-07-12 15:18:09 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2012-07-12 15:18:06 60184 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2012-07-12 15:15:35 -------- d-----w- C:\Windows\SysWow64\RTCOM
2012-07-12 15:15:35 -------- d-----w- C:\Program Files\Realtek
2012-07-12 15:12:02 -------- d-----w- C:\Windows\AsusInstAll
2012-07-12 15:12:01 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2012-07-12 14:56:59 26604032 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\SingleImage.WW\SingleImageWW.msi
2012-07-12 14:55:56 949056 ----a-w- C:\Windows\System32\nvumdshimx.dll
2012-07-12 14:40:35 355016 ----a-r- C:\Windows\System32\PROUnstl.exe
.
==================== Find3M ====================
.
2012-07-13 08:06:22 25160 ----a-w- C:\Windows\System32\drivers\NSNetmon.sys
2012-07-13 08:06:21 38528 ----a-r- C:\Windows\System32\drivers\Afw.sys
2012-07-13 08:05:51 256072 ----a-w- C:\Windows\System32\drivers\NSKernel.sys
2012-07-13 08:05:42 290376 ----a-w- C:\Windows\System32\drivers\Trufos.sys
2012-07-13 08:05:17 445568 ----a-r- C:\Windows\System32\drivers\AfwCore.sys
2012-06-25 15:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 14:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 14:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-31 11:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-05-15 12:55:40 398656 ----a-w- C:\Windows\System32\drivers\nvstusb.sys
2012-05-15 12:55:38 1468224 ----a-w- C:\Windows\System32\nvir3dgenco6420142.dll
2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll
2012-05-15 09:29:46 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll
2012-05-15 09:29:45 2621723 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll
2012-05-15 09:21:50 423744 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
============= FINISH: 7:07:55.67 ===============
Also I tried a spypot scan and it couldn't remove Babylon toolbar
I was wondering if you could help me remove a virus. I keep having my anti-virus ask me if I want to allow "Giant savings.exe" I assume this is related to Babylon tool by. I cannot remember downloading babylon toolbar. I assume it was downloaded with Jdownloader but that is assumption like I said.
Because I am a novice to all this I hope I have done the right thing by posting this here
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by ****** at 7:07:35 on 2012-08-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8143.4584 [GMT 1:00]
.
AV: BullGuard Antivirus *Enabled/Updated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
SP: BullGuard Antispyware *Enabled/Updated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: BullGuard Firewall *Enabled* {68747E43-7A47-EA26-053F-CB84640E3E67}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_Backup
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy
C:\Windows\System32\SvcHost.exe -k BullGuard_Main
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\System32\SvcHost.exe -k BullGuard
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.5\MediaDetector.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darryl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.claro-search.com/?affID=113480&tt=090812_clr_3212_8&babsrc=HP_ss&mntrId=548b8fcd0000000000000008cae4732a
uDefault_Page_URL = hxxp://www.pcspecialist.co.uk/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit=userinit.exe
BHO: Claro LTD Helper Object: {000f18f2-09eb-4a59-82b2-5ae4184c39c3} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll
BHO: Giant Savings: {11111111-1111-1111-1111-110011441179} - C:\Program Files (x86)\Giant Savings\Giant Savings.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll"
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Claro LTD Toolbar: {9e131a93-eed7-4beb-b015-a0adb30b5646} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll
uRun: [Google Update] "C:\Users\Darryl\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [BlazeServoTool] "C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.5\MediaDetector.exe"
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Darryl\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Darryl\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech\Ereg\eReg.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Files32\Antiphishing\IE\BGAntiphishingIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: C:\Windows\system32\BGLsp.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{D8EDE661-A234-4F39-8C52-9B7A9C8DC7D9} : DhcpNameServer = 192.168.2.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: BgGamingMonitor.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Claro LTD Helper Object: {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll
BHO-X64: Claro LTD Helper Object - No File
BHO-X64: Giant Savings: {11111111-1111-1111-1111-110011441179} - C:\Program Files (x86)\Giant Savings\Giant Savings.dll
BHO-X64: CrossriderApp0004479 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll"
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: Claro LTD Toolbar: {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll
mRun-x64: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun-x64: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun-x64: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
AppInit_DLLs-X64: BgGamingMonitor.dll
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\system32\drivers\asahci64.sys --> C:\Windows\system32\drivers\asahci64.sys [?]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\system32\drivers\iusb3hcs.sys --> C:\Windows\system32\drivers\iusb3hcs.sys [?]
R1 AFW;Agnitum Firewall Driver;C:\Windows\system32\DRIVERS\afw.sys --> C:\Windows\system32\DRIVERS\afw.sys [?]
R1 BdSpy;BdSpy;C:\Windows\system32\DRIVERS\BdSpy.sys --> C:\Windows\system32\DRIVERS\BdSpy.sys [?]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;C:\Windows\system32\DRIVERS\NSKernel.sys --> C:\Windows\system32\DRIVERS\NSKernel.sys [?]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;C:\Windows\system32\DRIVERS\NSNetmon.sys --> C:\Windows\system32\DRIVERS\NSNetmon.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 BsBackup;BullGuard backup service;C:\Windows\System32\SvcHost.exe -k BullGuard_Backup [2009-7-14 20992]
R2 BsBhvScan;BullGuard Behavioural Detection;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2012-7-13 368480]
R2 BsFileScan;BullGuard on-access service;C:\Windows\System32\SvcHost.exe -k BullGuard [2009-7-14 20992]
R2 BsFire;BullGuard firewall service;C:\Windows\System32\SvcHost.exe -k BullGuard [2009-7-14 20992]
R2 BsMailProxy;BullGuard e-mail monitoring service;C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy [2009-7-14 20992]
R2 BsMain;BullGuard main service;C:\Windows\System32\SvcHost.exe -k BullGuard_Main [2009-7-14 20992]
R2 BsScanner;BullGuard scanning service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2012-7-13 199520]
R2 BsUpdate;BullGuard update service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2012-7-13 379744]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-7-12 225280]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-12 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-7-12 1262400]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-7-5 3048136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R3 afwcore;afwcore;C:\Windows\system32\DRIVERS\afwcore.sys --> C:\Windows\system32\DRIVERS\afwcore.sys [?]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\drivers\asmthub3.sys --> C:\Windows\system32\drivers\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\drivers\asmtxhci.sys --> C:\Windows\system32\drivers\asmtxhci.sys [?]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\system32\drivers\iusb3hub.sys --> C:\Windows\system32\drivers\iusb3hub.sys [?]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\drivers\iusb3xhc.sys --> C:\Windows\system32\drivers\iusb3xhc.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/07/18 19:56:41;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 CompFilter64;UVCCompositeFilter;C:\Windows\system32\DRIVERS\lvbflt64.sys --> C:\Windows\system32\DRIVERS\lvbflt64.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 IAMTVE;Driver for Intel(R) Active Management Technology - KCS;C:\Windows\system32\drivers\IAMTVE.sys --> C:\Windows\system32\drivers\IAMTVE.sys [?]
S3 IAMTXPE;Driver for Intel(R) Active Management Technology - KCS;C:\Windows\system32\drivers\IAMTXPE.sys --> C:\Windows\system32\drivers\IAMTXPE.sys [?]
S3 ioatdma1;ioatdma1;C:\Windows\system32\Drivers\qd162x64.sys --> C:\Windows\system32\Drivers\qd162x64.sys [?]
S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\system32\Drivers\qd262x64.sys --> C:\Windows\system32\Drivers\qd262x64.sys [?]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 LVUVC64;Logitech HD Webcam C525(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\drivers\nvstusb.sys --> C:\Windows\system32\drivers\nvstusb.sys [?]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-08-10 21:29:50 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{385732B5-85D8-4B04-858A-3C14E039267E}\offreg.dll
2012-08-10 21:20:24 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-08-10 21:20:24 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-08-10 18:42:59 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{385732B5-85D8-4B04-858A-3C14E039267E}\mpengine.dll
2012-08-09 23:36:28 -------- d-----w- C:\Program Files (x86)\Claro LTD
2012-08-09 23:35:39 -------- d-----w- C:\Program Files (x86)\JDownloader
2012-08-09 23:35:23 -------- d-----w- C:\Users\Darryl\AppData\Local\Giant Savings
2012-08-09 23:35:22 -------- d-----w- C:\Program Files (x86)\Giant Savings
2012-08-09 23:35:11 -------- d-----w- C:\ProgramData\Babylon
2012-08-08 22:55:23 -------- d-----w- C:\Users\Darryl\AppData\Roaming\Xilisoft
2012-08-08 10:11:59 -------- d-----w- C:\Users\Darryl\AppData\Roaming\HandBrake
2012-08-08 10:09:19 -------- d-----w- C:\Program Files\Handbrake
2012-08-08 10:06:28 -------- d-----w- C:\Program Files (x86)\MKVcleaver
2012-08-08 09:52:24 -------- d-----w- C:\Users\Darryl\AppData\Local\Sony
2012-08-08 09:13:33 -------- d-----w- C:\Users\Darryl\AppData\Roaming\mkvtoolnix
2012-08-07 08:23:11 -------- d-----w- C:\Program Files (x86)\MKVtoolnix
2012-08-07 08:23:03 -------- d-----w- C:\Program Files (x86)\Haali
2012-08-07 08:22:28 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-08-07 08:22:11 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
2012-08-07 08:21:58 -------- d-----w- C:\Program Files (x86)\AVStoDVD
2012-08-03 15:54:58 -------- d-----w- C:\Direct X
2012-08-03 15:50:34 204800 ----a-w- C:\Windows\System32\unrar64.dll
2012-08-03 15:50:33 -------- d-----w- C:\Program Files\MPC-HC
2012-07-31 18:52:20 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-07-31 18:52:20 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-07-31 18:52:20 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2012-07-30 15:51:54 -------- d-----w- C:\Users\Darryl\AppData\Local\Downloaded Installations
2012-07-30 15:51:37 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-07-30 15:13:00 -------- d-----w- C:\Users\Darryl\AppData\Local\Apple Computer
2012-07-30 15:10:19 -------- d-----w- C:\Users\Darryl\MSYNC
2012-07-30 15:09:53 -------- d-----w- C:\Program Files (x86)\Media Mushroom Limited
2012-07-27 12:43:07 -------- d-----w- C:\Users\Darryl\AppData\Local\Western Digital
2012-07-25 20:47:12 -------- d-----w- C:\Users\Darryl\AppData\Local\Adobe
2012-07-24 12:17:40 -------- d-----w- C:\Users\Darryl\AppData\Roaming\OpenOffice.org
2012-07-24 12:17:22 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3
2012-07-24 09:10:49 -------- d-----w- C:\Users\Darryl\AppData\Roaming\dBpoweramp
2012-07-24 09:08:23 6908648 ----a-w- C:\Windows\SysWow64\SpoonUninstall.exe
2012-07-24 09:08:23 -------- d-----w- C:\Users\Darryl\AppData\Roaming\AccurateRip
2012-07-24 09:08:20 -------- d-----w- C:\Program Files (x86)\Illustrate
2012-07-24 08:08:44 -------- d-----w- C:\Users\Darryl\AppData\Local\WinZip
2012-07-24 08:08:31 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2012-07-24 08:07:38 -------- d-----w- C:\Users\Darryl\.swt
2012-07-24 08:07:37 -------- d-----w- C:\Users\Darryl\AppData\Roaming\Azureus
2012-07-24 08:06:40 -------- d-----w- C:\Program Files (x86)\Vuze
2012-07-23 01:00:42 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2012-07-22 17:34:04 -------- d-----w- C:\Users\Darryl\AppData\Local\Logitech® Webcam Software
2012-07-22 17:32:05 -------- d-----w- C:\Users\Darryl\AppData\Local\LogiShrd
2012-07-21 19:44:58 53248 ----a-r- C:\Users\Darryl\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-07-21 19:43:41 -------- d-----w- C:\Program Files (x86)\Common Files\LWS
2012-07-21 19:04:22 -------- d-----w- C:\Program Files (x86)\Microsoft
2012-07-21 19:03:54 -------- d-----r- C:\Program Files (x86)\Skype
2012-07-20 15:36:41 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-20 15:36:41 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-20 15:33:13 -------- d-----w- C:\Users\Darryl\AppData\Local\twitter
2012-07-20 15:32:51 788536 ----a-r- C:\Users\Darryl\AppData\Roaming\Microsoft\Installer\{B2F34D92-C5CF-4801-90CB-D04A5634B334}\TweetDeck.exe
2012-07-20 15:32:51 -------- d-----w- C:\Program Files (x86)\Twitter
2012-07-18 21:36:53 -------- d-----w- C:\Windows\Downloaded Installations
2012-07-18 21:36:47 14 ----a-w- C:\Windows\SysWow64\systni.dll
2012-07-18 21:36:44 -------- d-----w- C:\ProgramData\BlazeVideo
2012-07-18 21:36:35 18432 ----a-w- C:\Windows\System32\drivers\NTIDrvr.sys
2012-07-18 21:36:35 17408 ----a-w- C:\Windows\System32\drivers\UBHelper.sys
2012-07-18 21:36:30 -------- d-----w- C:\ProgramData\NTI Launcher
2012-07-18 21:36:05 -------- d-----w- C:\Program Files (x86)\Common Files\muvee Technologies
2012-07-18 21:36:03 -------- d-----w- C:\Program Files (x86)\NTI
2012-07-18 21:34:07 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2012-07-18 21:25:45 -------- d-----w- C:\Program Files (x86)\Downloaded Installations
2012-07-18 20:30:17 -------- d-----w- C:\Program Files (x86)\DVD Shrink
2012-07-18 20:17:05 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-07-18 19:52:45 -------- d-----w- C:\Users\Darryl\AppData\Local\Power2Go
2012-07-18 19:33:58 -------- d-----w- C:\Program Files (x86)\DVD Decrypter
2012-07-18 19:21:43 59904 ----a-w- C:\Windows\SysWow64\wbemdisp.tlb
2012-07-18 19:21:43 16384 ----a-w- C:\Windows\SysWow64\lgfwunis.exe
2012-07-18 19:21:43 115016 ----a-w- C:\Windows\SysWow64\MSINET.OCX
2012-07-18 19:21:43 102912 ----a-w- C:\Windows\SysWow64\Vb6stkit.dll
2012-07-18 19:21:43 102160 ----a-w- C:\Windows\SysWow64\VB6KO.DLL
2012-07-18 19:21:42 -------- d-----w- C:\Program Files (x86)\lg_fwupdate
2012-07-18 18:55:57 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-07-18 18:55:57 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-07-18 18:55:57 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-07-18 18:54:09 -------- d-----w- C:\Users\Darryl\AppData\Local\Cyberlink
2012-07-18 18:52:11 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-07-18 18:52:11 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-07-18 18:52:11 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-07-18 18:52:11 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-07-18 18:04:51 -------- d-----w- C:\Users\Darryl\AppData\Local\Google
2012-07-18 18:04:30 -------- d-----w- C:\Users\Darryl\AppData\Local\Deployment
2012-07-18 18:04:30 -------- d-----w- C:\Users\Darryl\AppData\Local\Apps
2012-07-18 18:01:55 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2012-07-18 18:00:57 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-07-18 17:53:38 -------- d-----w- C:\Windows\SysWow64\Wat
2012-07-18 17:53:38 -------- d-----w- C:\Windows\System32\Wat
2012-07-18 17:36:19 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-18 17:30:01 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2012-07-18 17:27:21 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-07-18 17:27:21 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-07-18 17:27:21 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-07-18 17:27:21 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-07-18 17:27:21 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-07-18 17:27:21 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-07-18 17:27:21 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-07-13 08:29:06 -------- d-----w- C:\Users\Darryl\AppData\Roaming\NVIDIA
2012-07-13 08:06:24 62816 ----a-w- C:\Windows\System32\BGLsp.dll
2012-07-13 08:06:24 53088 ----a-w- C:\Windows\SysWow64\BGLsp.dll
2012-07-13 08:06:24 111064 ----a-w- C:\Windows\System32\BgGamingMonitor.dll
2012-07-13 08:06:24 100216 ----a-w- C:\Windows\SysWow64\BgGamingMonitor.dll
2012-07-13 07:59:33 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-07-13 07:59:33 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-07-13 07:59:33 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-07-12 15:37:52 -------- d-----w- C:\Windows\Panther
2012-07-12 15:37:14 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2012-07-12 15:34:43 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2012-07-12 15:29:36 568600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-07-12 15:29:00 2791424 ----a-w- C:\Windows\System32\drivers\athrx.sys
2012-07-12 15:29:00 2791424 ----a-w- C:\Windows\System32\athrx.sys
2012-07-12 15:29:00 -------- d-----w- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
2012-07-12 15:28:37 -------- d-----w- C:\ProgramData\Qualcomm Atheros
2012-07-12 15:28:20 178344 ----a-w- C:\Windows\System32\IPROSetMonitor.exe
2012-07-12 15:28:13 42192 ----a-w- C:\Windows\System32\drivers\qd262x64.sys
2012-07-12 15:28:12 40144 ----a-w- C:\Windows\System32\drivers\qd162x64.sys
2012-07-12 15:28:12 318152 ----a-w- C:\Windows\System32\ioatco.dll
2012-07-12 15:28:09 51096 ----a-w- C:\Windows\System32\drivers\IAMTXPE.sys
2012-07-12 15:28:08 43416 ----a-w- C:\Windows\System32\drivers\IAMTVE.sys
2012-07-12 15:27:09 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2012-07-12 15:26:53 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2012-07-12 15:26:47 355096 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2012-07-12 15:26:46 786200 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2012-07-12 15:26:14 -------- d-----w- C:\Program Files (x86)\ASM106xSATA
2012-07-12 15:18:09 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2012-07-12 15:18:06 60184 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2012-07-12 15:15:35 -------- d-----w- C:\Windows\SysWow64\RTCOM
2012-07-12 15:15:35 -------- d-----w- C:\Program Files\Realtek
2012-07-12 15:12:02 -------- d-----w- C:\Windows\AsusInstAll
2012-07-12 15:12:01 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2012-07-12 14:56:59 26604032 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\SingleImage.WW\SingleImageWW.msi
2012-07-12 14:55:56 949056 ----a-w- C:\Windows\System32\nvumdshimx.dll
2012-07-12 14:40:35 355016 ----a-r- C:\Windows\System32\PROUnstl.exe
.
==================== Find3M ====================
.
2012-07-13 08:06:22 25160 ----a-w- C:\Windows\System32\drivers\NSNetmon.sys
2012-07-13 08:06:21 38528 ----a-r- C:\Windows\System32\drivers\Afw.sys
2012-07-13 08:05:51 256072 ----a-w- C:\Windows\System32\drivers\NSKernel.sys
2012-07-13 08:05:42 290376 ----a-w- C:\Windows\System32\drivers\Trufos.sys
2012-07-13 08:05:17 445568 ----a-r- C:\Windows\System32\drivers\AfwCore.sys
2012-06-25 15:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 14:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 14:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-31 11:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-05-15 12:55:40 398656 ----a-w- C:\Windows\System32\drivers\nvstusb.sys
2012-05-15 12:55:38 1468224 ----a-w- C:\Windows\System32\nvir3dgenco6420142.dll
2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll
2012-05-15 09:29:46 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll
2012-05-15 09:29:45 2621723 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll
2012-05-15 09:21:50 423744 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
============= FINISH: 7:07:55.67 ===============
Also I tried a spypot scan and it couldn't remove Babylon toolbar