avast, spybot, trend micro, hitman, and MBAM. each found something, but after deleting or remedying the problem, my redirect problem still stays.
so what do i need to do? thanks
edit: managed to resolved my problem by trying combofix. can someone check if everything has been cleared? thanks
.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24
Run by Lea Hin PM at 15:44:14 on 2011-06-29
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.65.1033.18.4022.2174 [GMT 8:00]
.
AV: Trend Micro Internet Security *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Internet Security *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uInternet Settings,ProxyOverride = *.local
BHO: IE2EMBHO Class: {0a0ddbd3-6641-40b9-873f-bbdd26d6c14e} - C:\Program Files (x86)\easyMule2\modules\IE2EM.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [BitComet] "C:\Program Files (x86)\BitComet\BitComet.exe" /tray
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: Download by easyMule - C:\Program Files (x86)\easyMule2\IE2EM.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{DFCE220E-B7D2-4344-9609-FCCE311177AF} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{E184E69C-7B81-414D-975A-5DA5218EE7FC} : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: IE2EMBHO Class: {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} - C:\Program Files (x86)\easyMule2\modules\IE2EM.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO-X64: BitComet ClickCapture - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO-X64: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO-X64: Google Dictionary Compression sdch - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE-X64: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Lea Hin PM\AppData\Roaming\Mozilla\Firefox\Profiles\neqks6iz.default\
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Users\Lea Hin PM\AppData\Roaming\Mozilla\Firefox\Profiles\neqks6iz.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension3.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: BitComet Video Downloader: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB} - %profile%\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
============= SERVICES / DRIVERS ===============
.
R0 dcsnap;dcsnap;C:\Windows\system32\drivers\dcsnap.sys --> C:\Windows\system32\drivers\dcsnap.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 tmpreflt;tmpreflt;C:\Windows\system32\DRIVERS\tmpreflt.sys --> C:\Windows\system32\DRIVERS\tmpreflt.sys [?]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]
R3 TmProxy;Trend Micro Proxy Service;C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2010-10-26 917768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 FARMNTIO;FARMNTIO;\??\c:\windows\system32\drivers\farmntio.sys --> c:\windows\system32\drivers\farmntio.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 PsSdk41;PsSdk41;\??\C:\Windows\system32\Drivers\pssdk41.sys --> C:\Windows\system32\Drivers\pssdk41.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 ZD1211BU(PLANEX COMMUNICATIONS INC.);PCI GW-US54GXS 54Mbps WLAN USB Adapter Driver(PLANEX COMMUNICATIONS INC.);C:\Windows\system32\DRIVERS\zd1211Bu.sys --> C:\Windows\system32\DRIVERS\zd1211Bu.sys [?]
S3 ZDPSp50a64;ZDPSp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\ZDPSp50a64.sys [2011-6-6 31744]
S4 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
S4 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service --> C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service [?]
S4 DCScheduler;DCScheduler;C:\Program Files (x86)\FarStone\TotalRecovery\Client\CBP\DCSchdlerSRVC.exe [2011-6-21 104976]
S4 FBAgent;File Backup Agent;C:\Program Files (x86)\FarStone\TotalRecovery\Client\Efb\FBPAgent.exe [2011-6-21 86016]
S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-26 135664]
S4 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-26 135664]
S4 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-6-21 1153368]
S4 Tran_Process_Proc;DCNTranProc;C:\Program Files (x86)\FarStone\TotalRecovery\Client\DCNTranProc.exe [2009-11-26 77824]
S4 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-8-7 118672]
S4 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-26 2314240]
.
=============== Created Last 30 ================
.
2011-06-29 06:11:40 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{9F98D5DB-FB14-44D2-A298-C2C4B345FECC}
2011-06-29 05:57:28 -------- d-sh--w- C:\$RECYCLE.BIN
2011-06-29 05:48:21 98816 ----a-w- C:\Windows\sed.exe
2011-06-29 05:48:21 518144 ----a-w- C:\Windows\SWREG.exe
2011-06-29 05:48:21 256512 ----a-w- C:\Windows\PEV.exe
2011-06-29 05:48:21 208896 ----a-w- C:\Windows\MBR.exe
2011-06-29 00:30:10 -------- d-----w- C:\ProgramData\AVAST Software
2011-06-29 00:30:10 -------- d-----w- C:\Program Files\AVAST Software
2011-06-29 00:22:05 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{96BA81E3-C461-47F2-885E-BE7C569BE753}
2011-06-29 00:08:01 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{E55E91AC-1007-4BBE-B2CE-477954B94D34}
2011-06-29 00:06:09 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2011-06-28 09:37:25 23112 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys
2011-06-28 09:36:47 -------- d-----w- C:\ProgramData\Hitman Pro
2011-06-28 08:23:36 -------- d-----w- C:\Windows\pss
2011-06-28 07:54:47 -------- d-----w- C:\Users\Lea Hin PM\AppData\Roaming\Malwarebytes
2011-06-28 07:54:43 39984 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-28 07:54:42 -------- d-----w- C:\ProgramData\Malwarebytes
2011-06-28 07:54:38 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-06-28 07:54:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-28 01:14:16 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{A393771F-9BF7-4394-AC9B-E78AF3453BD9}
2011-06-27 23:58:55 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{97825FD6-EB2E-4008-9255-F53435E5F860}
2011-06-27 04:53:47 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{BCB4ECF4-4283-466B-BD8D-02AAEB904960}
2011-06-26 13:04:49 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{9DA1A8D5-6A6A-45D4-8893-A5B0C62FF2D8}
2011-06-26 01:04:27 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{931A2E49-0EF2-4291-8843-4871A4652FE9}
2011-06-25 06:38:50 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{A56182DE-3938-4471-B300-5A89853AA1B6}
2011-06-24 02:37:13 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{FA05E62C-1D34-4077-97C9-8E52C27CC8A4}
2011-06-23 15:27:27 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{F91E5213-DDA3-4BE4-A61E-51415FEFB336}
2011-06-22 23:11:56 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{AB86BEF4-9E0A-4F3D-8904-D5A17F59731B}
2011-06-22 11:11:08 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{5D0CB919-2C42-4527-ACF6-094E90870E5B}
2011-06-21 23:11:49 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{13D815ED-10ED-45F1-9A31-64029BE87268}
2011-06-21 11:11:08 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{50C76778-6A99-4135-B964-5C8B885D67D5}
2011-06-21 06:27:36 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6E3DD07C-C33C-4F9B-8E52-ED31D4D51EEF}\mpengine.dll
2011-06-21 05:55:44 -------- d-----w- C:\RITSoftwareProvider
2011-06-21 05:55:39 -------- d-----w- C:\ProgramData\Farstone
2011-06-21 05:55:38 -------- d-----w- C:\ProgramData\fscltdcn
2011-06-21 05:55:37 0 ---h--r- C:\logicinf.bin
2011-06-21 05:55:33 91152 ----a-w- C:\Windows\System32\drivers\dcsnap.sys
2011-06-21 05:55:33 512 ----a-w- C:\FARSBOOT.BIN
2011-06-21 05:53:27 -------- d-----w- C:\Program Files (x86)\FarStone
2011-06-21 05:49:45 23056 ----a-w- C:\Windows\System32\drivers\FarMntIo.sys
2011-06-20 23:53:13 -------- d-----w- C:\Program Files\CCleaner
2011-06-20 23:44:30 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-06-20 23:44:30 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-06-20 23:10:22 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{8F0540BA-F0AE-4CF0-8E0D-0644D42EE284}
2011-06-20 09:56:41 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{9874D405-2F3B-4DF2-A4CD-0553F2E8D0E3}
2011-06-19 05:32:40 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{782B2DC7-EF71-409D-8198-5AF7981C2AD4}
2011-06-18 02:51:51 -------- d-----w- C:\Program Files (x86)\D-Link
2011-06-18 02:48:27 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{E73025E4-C2F2-42C4-B371-B3DAFE3981CA}
2011-06-17 00:06:21 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{4A22D351-DF7F-4B1A-8AE5-FBA11A0292CD}
2011-06-15 23:49:58 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{4263AF29-F0E6-4C90-8A16-2CE756B1C947}
2011-06-15 00:14:36 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-06-15 00:14:36 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-06-15 00:14:31 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-06-15 00:14:31 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-06-15 00:14:30 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-06-15 00:14:27 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2011-06-15 00:14:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-06-15 00:14:15 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-06-15 00:14:14 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-06-15 00:02:13 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{4041B59A-2829-40D9-BAEC-FC6E8A20EA29}
2011-06-13 23:58:03 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{186ED4CB-0D64-4C2C-8CEB-C47BB7E200E9}
2011-06-12 23:54:43 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{D0A023E2-02E1-4C69-A1F7-6FD594009B5A}
2011-06-10 01:10:34 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{E41A18D0-E2A6-497F-9CD2-A2BE1EC3177B}
2011-06-08 23:49:47 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{FDFAB369-686B-4838-9A24-1BE45C8780FA}
2011-06-08 06:54:14 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-06-08 06:54:14 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2011-06-08 06:54:14 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2011-06-08 06:54:09 -------- d-----w- C:\Program Files\iTunes
2011-06-08 04:21:20 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\Macroplant
2011-06-08 04:18:07 -------- d-----w- C:\Program Files (x86)\iPhone Explorer
2011-06-08 04:07:22 -------- d-----w- C:\Users\Lea Hin PM\AppData\Roaming\WindSolutions
2011-06-08 04:07:21 -------- d-----w- C:\ProgramData\WindSolutions
2011-06-08 00:25:51 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-06-07 23:56:16 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{A767BC0B-451E-480C-959F-EA0EA84F8575}
2011-06-07 07:33:56 -------- d-----w- C:\Users\Lea Hin PM\AppData\Roaming\MobileSyncBrowser
2011-06-07 07:33:52 -------- d-----w- C:\Program Files (x86)\MobileSyncBrowser
2011-06-07 03:38:32 -------- d-----w- C:\Program Files (x86)\LibUSB-Win32
2011-06-07 02:31:33 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\Apple Computer
2011-06-07 02:29:42 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\Apple
2011-06-07 02:29:15 -------- d-----w- C:\Program Files\Bonjour
2011-06-07 02:29:15 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-06-06 23:53:04 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{4493283E-3E59-41F5-85D0-74BB548E4943}
2011-06-06 08:24:05 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\ElevatedDiagnostics
2011-06-06 08:20:14 51776 ----a-w- C:\Windows\System32\drivers\pssdk41.sys
2011-06-06 08:19:21 -------- d-----w- C:\Users\Lea Hin PM\AppData\Roaming\XLink Kai
2011-06-06 05:25:26 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-06-06 04:58:47 29184 ----a-w- C:\Windows\System32\drivers\BRGSp50a64.sys
2011-06-06 04:58:46 31744 ----a-w- C:\Windows\System32\drivers\ZDPSp50a64.sys
2011-06-06 04:58:45 15872 ----a-w- C:\Windows\System32\InsDrvZD64.dll
2011-06-06 04:58:39 545920 ----a-w- C:\Windows\System32\drivers\ZD1211BU.sys
2011-06-06 04:58:39 31744 ----a-w- C:\Windows\SysWow64\drivers\ZDPSp50a64.sys
2011-06-06 04:58:39 29184 ----a-w- C:\Windows\SysWow64\drivers\BRGSp50a64.sys
2011-06-06 04:58:39 20608 ----a-w- C:\Windows\SysWow64\drivers\BRGSp50.sys
2011-06-06 04:58:39 17664 ----a-w- C:\Windows\SysWow64\drivers\ZDPSp50.sys
2011-06-06 04:58:39 17151 ----a-w- C:\Windows\SysWow64\ZDPNDIS5.SYS
2011-06-06 04:58:38 -------- d-----w- C:\Program Files (x86)\bRoad Lanner Wave
2011-06-06 04:47:11 81920 ----a-w- C:\Windows\SysWow64\ZDPN50.DLL
2011-06-06 04:47:10 24576 ----a-w- C:\Windows\SysWow64\ZyDelReg.exe
2011-06-06 04:47:06 28672 ----a-w- C:\Windows\SysWow64\InsDrvZD.dll
2011-06-06 04:47:06 15872 ----a-w- C:\Windows\SysWow64\InsDrvZD64.DLL
2011-06-06 00:04:43 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-06-06 00:04:10 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-06-06 00:04:10 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-06-05 23:57:33 -------- d-----w- C:\Users\Lea Hin PM\AppData\Local\{31D57961-A1C6-411E-9F3B-49837057B4BD}
.
==================== Find3M ====================
.
2011-06-29 06:04:55 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2011-05-28 03:25:16 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-05-28 03:07:01 3133952 ----a-w- C:\Windows\System32\win32k.sys
2011-05-28 03:00:02 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-05-04 02:51:08 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-05-04 02:51:08 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-05-04 02:51:05 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-04-27 02:57:40 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys
2011-04-25 05:32:22 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-04-25 02:44:02 499712 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-04-22 20:18:28 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-04-22 20:14:08 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-04-22 19:31:50 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-04-22 19:31:26 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-04-22 18:49:57 482816 ----a-w- C:\Windows\System32\html.iec
2011-04-22 18:23:59 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-04-09 06:45:48 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-04-09 06:13:06 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13:06 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-04-06 08:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 08:26:58 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-04-06 08:26:58 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2011-04-06 08:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 08:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 08:20:16 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-04-06 08:20:16 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-04-06 08:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
.
============= FINISH: 15:45:12.53 ===============