First, hello to everyone, I'm new here. Hope you can help me. My problem started last night after watching an online movie stream (for hundredth time), at least I think so. Almost every directory I go to I can't access because it is "corrupted and unreadable", and every program that I try to run I get the same pop-up message in my right corner of the task bar. The message is:The file or directory ..... is corrupt and unreadable. Please run Chkdsk utility. (only difference between the messages is the directory shown in place where the dots stand in the last sentence). I can't use some of my programs any more (for example: Google Chrome and Reason) - I'm using Opera now and usually. Also I can't start my AVG antivirus program any more to try to scan for viruses. And the Chkdsk wont start in Run neither after the restart where it actually does start but can't do the scan because of a "software that i have installed recently" as it says on the screen.
Oh and i have left my computer on last night when I woke up today there was the blue screen on my monitor with an error message. I'm not completely sure but I think it said also something about Google Chromes corrupted file.
So I'm not sure but, maybe, i have collected some malicious program on the movie streaming sites in Chrome over the pop up shits. In Opera i have pop-ups disabled but since it has problems with flash and java sometimes i watch the online movies with Google Chrome where pop-ups pop up like crazy on these kind of sites since i haven't disabled them. I think I have the Windows 7 CD somewhere if needed.
Also i have uploaded the two files that you request in the -Read First- post.
Hope you can help me. Thank you in advance!
Here the DDS file:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.9.2
Run by SaoLee at 16:35:09 on 2013-01-12
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.385.1033.18.2046.733 [GMT 1:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\System32\spoolsv.exe
c:\xampp\apache\bin\httpd.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\xampp\mysql\bin\mysqld.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} -
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg10\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - <orphaned>
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
BHO: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - <orphaned>
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
LSP: c:\windows\system32\EasyRedirect.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: NameServer = 192.168.5.1
TCP: Interfaces\{DBF64065-6337-4876-ACD2-772EB9BD6A89} : DHCPNameServer = 192.168.5.1
TCP: Interfaces\{DBF64065-6337-4876-ACD2-772EB9BD6A89}\8416D6A79636 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
Hosts: 127.94.0.1 client.openvpn.net
Hosts: 127.94.0.1 client.openvpn.net
Hosts: 127.94.0.2 openvpn-client.us.shieldexchange.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-2-4 242240]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2008-12-10 24636]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-4-26 24328]
R2 EasyRedirect;EasyRedirect;c:\program files\easy-hide-ip\rdr\EasyRedirect.exe [2012-1-29 3321672]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-12 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-12 682344]
R2 PdiService;Portrait Displays SDK Service;c:\program files\common files\portrait displays\drivers\pdisrvc.exe [2012-7-3 109168]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2011-11-2 1479488]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2012-1-24 1500160]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-12 21104]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\drivers\tapoas.sys [2011-8-19 26112]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-31 10064]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-11-12 255968]
S2 AVGIDSAgent;AVGIDSAgent;"c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe" --> c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [?]
S2 avgwd;AVG WatchDog;"c:\program files\avg\avg10\avgwdsvc.exe" --> c:\program files\avg\avg10\avgwdsvc.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-1-24 1343400]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys [2012-11-30 35088]
S4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files\abbyy finereader 9.0\NetworkLicenseServer.exe [2007-11-2 566560]
S4 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-10-9 799112]
S4 OpenVPNAccessClient;OpenVPN Access Client;c:\program files\openvpn technologies\openvpn client\core\capiws.exe [2011-12-27 24064]
S4 PRTGCoreService;PRTG Core Server Service;c:\program files\prtg network monitor\PRTG Server.exe [2012-4-22 4357904]
S4 PRTGProbeService;PRTG Probe Service;c:\program files\prtg network monitor\PRTG Probe.exe [2012-4-22 3839248]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S4 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2013-01-12 14:56:37 -------- d-----w- c:\users\saolee\appdata\roaming\Malwarebytes
2013-01-12 14:56:30 -------- d-----w- c:\programdata\Malwarebytes
2013-01-12 14:56:29 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-12 14:56:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-12 14:56:19 -------- d-----w- c:\users\saolee\appdata\local\Programs
2013-01-12 14:31:48 388096 ----a-r- c:\users\saolee\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2013-01-12 14:31:48 -------- d-----w- c:\program files\Trend Micro
2013-01-10 15:40:29 -------- d-----w- c:\program files\DVDVideoSoft
2013-01-10 15:40:29 -------- d-----w- c:\program files\common files\DVDVIDEOSOFT
2012-12-21 17:13:35 306272 ----a-w- c:\users\saolee\SaveAs.exe
2012-12-20 12:24:08 -------- d-----w- c:\program files\Optimizer Pro
2012-12-20 12:23:29 -------- d-----w- c:\programdata\SaveAs
2012-12-20 12:23:13 -------- d-----w- c:\programdata\InstallMate
.
==================== Find3M ====================
.
2012-11-30 13:05:37 35088 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2012-11-26 22:20:59 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-26 22:20:58 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-26 22:20:58 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-12 03:47:48 255968 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-10-22 09:41:19 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-22 09:41:19 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
============= FINISH: 16:35:18,66 ===============
Oh and i have left my computer on last night when I woke up today there was the blue screen on my monitor with an error message. I'm not completely sure but I think it said also something about Google Chromes corrupted file.
So I'm not sure but, maybe, i have collected some malicious program on the movie streaming sites in Chrome over the pop up shits. In Opera i have pop-ups disabled but since it has problems with flash and java sometimes i watch the online movies with Google Chrome where pop-ups pop up like crazy on these kind of sites since i haven't disabled them. I think I have the Windows 7 CD somewhere if needed.
Also i have uploaded the two files that you request in the -Read First- post.
Hope you can help me. Thank you in advance!
Here the DDS file:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.9.2
Run by SaoLee at 16:35:09 on 2013-01-12
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.385.1033.18.2046.733 [GMT 1:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\System32\spoolsv.exe
c:\xampp\apache\bin\httpd.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\xampp\mysql\bin\mysqld.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} -
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg10\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - <orphaned>
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
BHO: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - <orphaned>
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
LSP: c:\windows\system32\EasyRedirect.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: NameServer = 192.168.5.1
TCP: Interfaces\{DBF64065-6337-4876-ACD2-772EB9BD6A89} : DHCPNameServer = 192.168.5.1
TCP: Interfaces\{DBF64065-6337-4876-ACD2-772EB9BD6A89}\8416D6A79636 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
Hosts: 127.94.0.1 client.openvpn.net
Hosts: 127.94.0.1 client.openvpn.net
Hosts: 127.94.0.2 openvpn-client.us.shieldexchange.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-2-4 242240]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2008-12-10 24636]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-4-26 24328]
R2 EasyRedirect;EasyRedirect;c:\program files\easy-hide-ip\rdr\EasyRedirect.exe [2012-1-29 3321672]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-12 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-12 682344]
R2 PdiService;Portrait Displays SDK Service;c:\program files\common files\portrait displays\drivers\pdisrvc.exe [2012-7-3 109168]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2011-11-2 1479488]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2012-1-24 1500160]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-12 21104]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\drivers\tapoas.sys [2011-8-19 26112]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-31 10064]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-11-12 255968]
S2 AVGIDSAgent;AVGIDSAgent;"c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe" --> c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [?]
S2 avgwd;AVG WatchDog;"c:\program files\avg\avg10\avgwdsvc.exe" --> c:\program files\avg\avg10\avgwdsvc.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-1-24 1343400]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys [2012-11-30 35088]
S4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files\abbyy finereader 9.0\NetworkLicenseServer.exe [2007-11-2 566560]
S4 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-10-9 799112]
S4 OpenVPNAccessClient;OpenVPN Access Client;c:\program files\openvpn technologies\openvpn client\core\capiws.exe [2011-12-27 24064]
S4 PRTGCoreService;PRTG Core Server Service;c:\program files\prtg network monitor\PRTG Server.exe [2012-4-22 4357904]
S4 PRTGProbeService;PRTG Probe Service;c:\program files\prtg network monitor\PRTG Probe.exe [2012-4-22 3839248]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S4 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2013-01-12 14:56:37 -------- d-----w- c:\users\saolee\appdata\roaming\Malwarebytes
2013-01-12 14:56:30 -------- d-----w- c:\programdata\Malwarebytes
2013-01-12 14:56:29 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-12 14:56:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-12 14:56:19 -------- d-----w- c:\users\saolee\appdata\local\Programs
2013-01-12 14:31:48 388096 ----a-r- c:\users\saolee\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2013-01-12 14:31:48 -------- d-----w- c:\program files\Trend Micro
2013-01-10 15:40:29 -------- d-----w- c:\program files\DVDVideoSoft
2013-01-10 15:40:29 -------- d-----w- c:\program files\common files\DVDVIDEOSOFT
2012-12-21 17:13:35 306272 ----a-w- c:\users\saolee\SaveAs.exe
2012-12-20 12:24:08 -------- d-----w- c:\program files\Optimizer Pro
2012-12-20 12:23:29 -------- d-----w- c:\programdata\SaveAs
2012-12-20 12:23:13 -------- d-----w- c:\programdata\InstallMate
.
==================== Find3M ====================
.
2012-11-30 13:05:37 35088 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2012-11-26 22:20:59 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-26 22:20:58 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-26 22:20:58 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-12 03:47:48 255968 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-10-22 09:41:19 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-22 09:41:19 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
============= FINISH: 16:35:18,66 ===============