|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| General Computer Security Get Help With System Security - This forum is not for malware removal assistance. For malware removal assistance, read the sticky topic at the top of the Virus/Trojan/Spyware Help forum, or the "First Steps" link at the top right of each page. |
 |
|
|
LinkBack | Thread Tools |
01-03-2009, 11:12 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jan 2009
Posts: 1
OS: windows vista
|
browser redirected to ecata.info
Hi I have seen this problem for quite a few days. Whenever I type something in my firefox search window and hit enter, my browser will first be directed to a www.ecata.info, and then proceed.
I run DDS and the log is as below. ark.txt and attach.txt are in the zip file attached. Thank you so much in advance.  DDS (Version 1.1.0) - NTFSx86 Run by Li at 21:42:43.41 on 03/01/2009 Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11 AV: 金山毒霸文件实时防毒 *On-access scanning enabled* (Updated) FW: 金山网镖个人防火墙 *enabled* ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\program files\quartus\quartus\bin\jtagserver.exe C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailMon.EXE C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe C:\Windows\system32\taskeng.exe c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Google\Google Pinyin\GooglePinyinDaemon.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kavstart.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kpfw32.exe C:\Users\Li\AppData\Roaming\Google\Google Talk\googletalk.exe C:\Windows\System32\rundll32.exe C:\Program Files\PPLiveVA\PPLiveVA.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Kingsoft\PowerWord Lite\XDict.exe C:\Program Files\Tudou\飞速Tudou\TudouVa.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\PPLiveVA\PPLiveVAMonitor.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\Li\Desktop\dds.com C:\Windows\system32\conime.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\taskeng.exe C:\Windows\system32\RacAgent.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Li\Desktop\dds.com ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.ca/ uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=81&bd=Pavilion&pf=laptop uInternet Settings,ProxyOverride = local uSearchURL,(Default) = hxxp://ca.search.yahoo.com/search?fr=mcafee&p=%s BHO: ThunderAtOnce Class: {01443aec-0fd1-40fd-9c87-e93d1494c233} - c:\program files\thunder network\thunder\comdlls\TDAtOnce_Now.dll BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: NoExplorer - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.2.2.28.dll BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: Thunder Browser Helper: {889d2feb-5411-4565-8998-1dd2c5261283} - c:\program files\thunder network\thunder\comdlls\xunleiBHO_Now.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Download_Bho Class: {a986e409-30cc-4185-89bb-ab212c104524} - c:\program files\ppliveva\DownloaderManager.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\programdata\flashgetbho\FlashGetBHO.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: kingsoft browser shield: {d963be1a-6b35-47db-b002-49fae71d85cc} - c:\program files\kingsoft\kingsoft internet security 2008\KASBrowserShield.DLL BHO: IEBuddy - No File BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll uRun: [Sidebar] ; c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background uRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe uRun: [KavPFW] "c:\program files\kingsoft\kingsoft internet security 2008\kpfw32.exe" -startup uRun: [googletalk] c:\users\li\appdata\roaming\google\google talk\googletalk.exe /autostart uRun: [PPLiveVA] c:\program files\ppliveva\PPLiveVA.exe /LoadModule PPVA.DLL /M REAL /S 0 /T 0 uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [eMuleAutoStart] c:\program files\emule\emule.exe -AutoStart mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe" mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [OnScreenDisplay] c:\program files\hewlett-packard\hp quicktouch\HPKBDAPP.exe mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\1.0" mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [Google IME Autoupdater] "c:\program files\google\google pinyin\GooglePinyinDaemon.exe" mRun: [Microsoft Pinyin IME Migration] c:\progra~1\common~1\micros~1\ime12\imesc\IMSCMIG.EXE /INSTALL mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [KavStart] "c:\program files\kingsoft\kingsoft internet security 2008\KAVStart.exe" -startup mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" dRun: [KavPFW] "c:\program files\kingsoft\kingsoft internet security 2008\kpfw32.exe" -startup StartupFolder: c:\users\li\appdata\roaming\micros~1\windows\startm~1\programs\startup\pps.lnk - c:\program files\ppstream\PPStream.exe StartupFolder: c:\users\li\appdata\roaming\micros~1\windows\startm~1\programs\startup\骠动烽~1.lnk - c:\program files\tudou\烽膣tudou\TudouVa.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\硅歌金~1.lnk - c:\program files\kingsoft\powerword lite\XDict.exe mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: 使用快车(Flas&hGet)下载 - c:\program files\flashget\GetUrl.htm IE: 使用快车(Flash&Get)下载全部链接 - c:\program files\flashget\GetAllUrl.htm IE: 使用快车(FlashGet)下载该网页FLV - c:\program files\flashget\FlvDetector.htm IE: 使用迅雷下载 - c:\program files\thunder network\thunder\program\geturl.htm IE: 使用迅雷下载全部链接 - c:\program files\thunder network\thunder\program\getallurl.htm IE: {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - c:\program files\thunder network\thunder\Thunder.exe IE: {95B3F550-91C4-4627-BCC4-521288C52977} - c:\program files\pplive\PPLive.exe IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.2.2.28.dll/206 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {3AECD3C1-7085-4731-96DC-47B6CF7EF749} - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} - c:\program files\kingsoft\kingsoft internet security 2008\IEBuddyExt.DLL IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL Filter: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - c:\program files\design science\mathplayer\MathMLMimer.dll Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - c:\program files\design science\mathplayer\MathMLMimer.dll Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - c:\program files\design science\mathplayer\MathMLMimer.dll Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - c:\program files\design science\mathplayer\MathMLMimer.dll Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - c:\program files\design science\mathplayer\MathMLMimer.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\li\appdata\roaming\mozilla\firefox\profiles\eip90oci.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/ FF - prefs.js: network.proxy.type - 2 FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll FF - component: c:\program files\mozilla firefox\components\CheckTudouVa.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll ============= SERVICES / DRIVERS =============== R0 KAVBootC;KAVBootC;c:\windows\system32\drivers\KAVBootC.sys [2008-7-3 34856] R1 KNetWch;KNetWch;c:\program files\kingsoft\kingsoft internet security 2008\knetwch.sys [2008-11-7 40000] R1 KNetWchV;Kingsoft Firewall NDIS Filter;c:\windows\system32\drivers\KNetWchV.sys [2008-4-21 15400] R4 KAVBase;KAVBase;c:\windows\system32\drivers\KAVBase.sys [2008-7-3 75840] R4 KAVSafe;KAVSafe;c:\windows\system32\drivers\KAVSafe.sys [2008-7-3 51240] R4 KISSvc;Kingsoft Internet Security Common Service;c:\program files\kingsoft\kingsoft internet security 2008\kissvc.exe [2008-4-21 31576] R4 KWatch3;KWatch3;c:\windows\system32\drivers\KWatch3.sys [2008-7-3 62528] R4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-1-3 206096] R4 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064] S3 ATSpy;ATSpy;c:\windows\system32\ATSpy.sys [2009-1-1 17920] =============== Created Last 30 ================ 2009-01-03 20:24 <DIR> --d----- C:\ComboFix 2009-01-03 20:18 161,792 a------- c:\windows\SWREG.exe 2009-01-03 20:18 98,816 a------- c:\windows\sed.exe 2009-01-03 20:07 <DIR> --d----- c:\program files\Trend Micro 2009-01-03 19:57 <DIR> --d----- c:\programdata\SiteAdvisor 2009-01-03 19:54 <DIR> --d----- c:\program files\common files\McAfee 2009-01-03 19:54 <DIR> --d----- c:\programdata\McAfee 2009-01-03 19:54 <DIR> --d----- c:\program files\McAfee 2009-01-01 22:07 17,920 a------- c:\windows\system32\ATSpy.sys 2008-12-25 23:00 410,984 a------- c:\windows\system32\deploytk.dll 2008-12-24 23:35 <DIR> --d----- c:\program files\Xiph.Org 2008-12-19 20:00 <DIR> --d----- c:\program files\Bonjour 2008-12-12 20:09 2,048 a------- c:\windows\system32\tzres.dll 2008-12-12 11:18 87,336 a------- c:\windows\system32\dns-sd.exe 2008-12-12 11:11 61,440 a------- c:\windows\system32\dnssd.dll 2008-12-11 21:12 296,960 a------- c:\windows\system32\gdi32.dll 2008-12-11 21:11 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll 2008-12-11 21:11 28,672 a------- c:\windows\system32\Apphlpdm.dll 2008-12-11 21:09 2,927,104 a------- c:\windows\explorer.exe 2008-12-11 21:08 827,392 a------- c:\windows\system32\wininet.dll 2008-12-11 21:08 2,868,736 a------- c:\windows\system32\mf.dll 2008-12-11 21:08 996,352 a------- c:\windows\system32\WMNetMgr.dll 2008-12-11 21:08 94,720 a------- c:\windows\system32\logagent.exe ==================== Find3M ==================== 2008-12-28 16:28 659,180 a------- c:\windows\system32\perfh00C.dat 2008-12-28 16:28 122,976 a------- c:\windows\system32\perfc00C.dat 2008-12-27 13:45 40,000 a------- c:\windows\system32\drivers\knetwch.sys 2008-11-16 21:46 75,840 a------- c:\windows\system32\drivers\KAVBase.sys 2008-11-08 17:32 143,360 a------- c:\windows\inf\infstrng.dat 2008-11-08 17:32 86,016 a------- c:\windows\inf\infstor.dat 2008-11-08 17:32 51,200 a------- c:\windows\inf\infpub.dat 2008-10-31 19:44 52,736 a------- c:\windows\apppatch\iebrshim.dll 2008-10-31 19:44 2,154,496 a------- c:\windows\apppatch\AcGenral.dll 2008-10-31 19:44 541,696 a------- c:\windows\apppatch\AcLayers.dll 2008-10-31 19:44 460,288 a------- c:\windows\apppatch\AcSpecfc.dll 2008-10-31 19:44 173,056 a------- c:\windows\apppatch\AcXtrnal.dll 2008-10-21 19:57 241,152 a------- c:\windows\system32\PortableDeviceApi.dll 2008-10-20 21:25 1,645,568 a------- c:\windows\system32\connect.dll 2008-10-16 14:08 162,064 a------- c:\windows\system32\wuwebv.dll 2008-10-16 13:56 31,232 a------- c:\windows\system32\wuapp.exe 2008-10-16 12:56 1,524,736 a------- c:\windows\system32\wucltux.dll 2008-10-16 12:55 83,456 a------- c:\windows\system32\wudriver.dll 2008-06-12 08:04 665,600 a------- c:\windows\inf\drvindex.dat 2008-06-01 23:20 27,050 a------- c:\users\li\appdata\roaming\nvModes.dat 2008-05-10 18:46 56 a---h--- c:\programdata\ezsidmv.dat 2008-05-10 18:46 56 a---h--- c:\progra~2\ezsidmv.dat 2008-05-09 13:41 612 a------- c:\users\li\license.dat 2008-02-23 04:31 340,236 a------- c:\windows\inf\perflib\040c\perfi.dat 2008-02-23 04:31 340,236 a------- c:\windows\inf\perflib\040c\perfh.dat 2008-02-23 04:31 37,390 a------- c:\windows\inf\perflib\040c\perfd.dat 2008-02-23 04:31 37,390 a------- c:\windows\inf\perflib\040c\perfc.dat 2008-01-20 18:43 174 a--sh--- c:\program files\desktop.ini 2007-07-02 00:31 1,220,956 a------- c:\users\li\wrar370-chn.exe 2006-11-02 04:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 04:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 04:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 04:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 01:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 01:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 01:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 01:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat 2008-05-08 18:52 22 a--sh--- c:\windows\sminst\HPCD.sys ============= FINISH: 21:43:03.13 =============== |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
| Thread Tools | |
|
|
