Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

SUSP_IRP_MJ_CREATE

Started by kko7373 , Dec 13 2010 07:40 PM

  • Please log in to reply

#1
kko7373
Posted 13 December 2010 - 07:40 PM

kko7373

    New Member

  • Member
  • Pip
  • 1 posts
The trojan SUSP_IRP_MJ_CREATE has infected my computer. McAfee will not remove the virus. I have also installed TDSKiller and it does not find any infected files. I ran the OTL and this is what I received:

OTL logfile created on: 12/13/2010 7:31:05 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Kate\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.00 Mb Total Physical Memory | 85.00 Mb Available Physical Memory | 17.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 14.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 16.00 Gb Free Space | 21.47% Space Free | Partition Type: NTFS
Drive D: | 225.70 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: KATIE | User Name: Kate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/13 19:29:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kate\Desktop\OTL.exe
PRC - [2010/06/10 05:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2010/02/23 15:09:00 | 000,079,872 | ---- | M] (SanDisk Corporation) -- C:\Documents and Settings\Kate\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
PRC - [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/11/04 16:53:34 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/11/04 15:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/10/29 06:54:44 | 001,497,704 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcshell.exe
PRC - [2009/10/29 06:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/28 11:50:32 | 000,365,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe
PRC - [2009/10/28 11:50:32 | 000,262,160 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\VirusScan\mcvsshld.exe
PRC - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/10/11 04:17:45 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2009/10/11 04:17:31 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\java.exe
PRC - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/06/30 15:45:56 | 000,423,016 | ---- | M] (Altnet Inc.) -- C:\Program Files\Altnet Music Plugin\AMPMDM.exe
PRC - [2009/06/04 16:41:22 | 000,451,904 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/27 18:13:44 | 000,385,024 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
PRC - [2006/09/19 13:37:46 | 000,303,104 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
PRC - [2006/06/29 17:55:44 | 000,707,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX3000.exe
PRC - [2006/06/29 17:54:23 | 000,187,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
PRC - [2003/09/17 10:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe


========== Modules (SafeList) ==========

MOD - [2010/12/13 19:29:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kate\Desktop\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/06/10 05:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/11/04 16:53:34 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/11/04 15:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/10/28 11:50:32 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/06/04 16:41:22 | 000,451,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/06/29 17:54:23 | 000,187,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamSvc.exe -- (MSCamSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Kate\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - [2010/07/15 14:18:22 | 000,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2009/11/04 16:54:12 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/11/04 16:54:12 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/11/04 16:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/11/04 16:54:12 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/11/04 16:53:40 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008/04/13 12:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 12:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 12:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2006/06/29 17:55:56 | 001,966,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX3000.sys -- (VX3000)
DRV - [2005/09/20 16:27:20 | 000,010,368 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2004/08/13 02:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/08/13 01:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/08/13 01:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/08/13 01:05:00 | 000,086,202 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/08/13 01:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/08/13 01:05:00 | 000,025,723 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/08/13 01:05:00 | 000,014,715 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/08/13 01:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/08/13 01:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/08/13 01:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/08/12 08:02:46 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/12 08:02:46 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/04 03:21:00 | 000,087,136 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/07/14 11:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 11:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/06/09 11:16:44 | 000,840,960 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2004/03/22 11:24:00 | 000,004,272 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2003/11/17 14:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 14:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 14:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/09/22 07:48:06 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 07:47:38 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003/03/05 12:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PfModNT.sys -- (PfModNT)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/12/08 18:32:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/04 22:44:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{8AFD0316-E5E5-4D9D-87F6-95E685BD98E2}: C:\Documents and Settings\Kate\Local Settings\Application Data\{8AFD0316-E5E5-4D9D-87F6-95E685BD98E2} [2010/10/10 21:05:36 | 000,000,000 | ---D | M]

[2010/02/05 14:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kate\Application Data\Mozilla\Extensions
[2010/02/05 14:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kate\Application Data\Mozilla\Extensions\[email protected]
[2010/12/13 16:02:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/13 16:02:41 | 000,000,000 | ---D | M] (Firefox security) -- C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}

O1 HOSTS File: ([2004/08/12 07:57:47 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Browser Helper Object) - {AFD4AD01-58C1-47DB-A404-FBE00A6C5486} - C:\Program Files\Shared\lib.dll ()
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [tmwrxxuq] C:\Documents and Settings\Kate\Local Settings\Application Data\gwuqicueh\whbyftqtssd.exe File not found
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VX3000] C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ampmdm] C:\Program Files\Altnet Music Plugin\AMPMDM.exe (Altnet Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SansaDispatch] C:\Documents and Settings\Kate\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKCU..\Run: [tmwrxxuq] C:\Documents and Settings\Kate\Local Settings\Application Data\gwuqicueh\whbyftqtssd.exe File not found
O4 - HKCU..\Run: [Yquyamo] C:\WINDOWS\lpehtoer.DLL File not found
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\Kate\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: ccccd.edu ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: collin.edu ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\Kate\Application Data\hotfix.exe) - C:\Documents and Settings\Kate\Application Data\hotfix.exe File not found
O24 - Desktop Components:0 () - http://mail.yimg.com..._0_5/js/msgr.js
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Kate\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kate\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/02/07 16:50:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/04/14 20:30:35 | 000,000,045 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{2b3fdbc1-4890-11df-9b20-001111c5c425}\Shell\AutoRun\command - "" = F:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{2b3fdbc1-4890-11df-9b20-001111c5c425}\Shell\Setup FlipShare\command - "" = F:\Setup_FlipShare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/13 19:29:04 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kate\Desktop\OTL.exe
[2010/12/13 17:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kate\Desktop\123
[2010/12/13 16:02:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Kate\Application Data\SystemProc
[2010/12/13 16:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/12/10 17:25:42 | 000,000,000 | ---D | C] -- C:\rei
[2010/12/10 17:25:34 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2010/12/10 14:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kate\Local Settings\Application Data\PhotoChannel
[2010/11/21 11:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kate\My Documents\LifeCam Files
[2010/01/19 20:20:21 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/13 19:29:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kate\Desktop\OTL.exe
[2010/12/13 19:18:01 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/12/13 19:03:11 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/13 18:18:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/12/13 17:51:07 | 001,230,779 | ---- | M] () -- C:\Documents and Settings\Kate\Desktop\tdsskiller.zip
[2010/12/13 17:27:31 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\Reimage Reminder.job
[2010/12/13 17:18:02 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/12/13 16:18:01 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/12/13 15:18:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/12/13 14:54:51 | 000,020,989 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2010/12/13 14:54:06 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/12/13 14:54:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/13 13:23:40 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/12/13 13:23:40 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/12/13 12:09:58 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/12/13 08:48:21 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/12/12 13:19:57 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\Kate\webct_upload_applet.properties
[2010/12/12 13:18:30 | 000,120,212 | ---- | M] () -- C:\Documents and Settings\Kate\Desktop\team sutton.pdf
[2010/12/12 13:06:13 | 000,022,963 | ---- | M] () -- C:\Documents and Settings\Kate\Desktop\eval.docx
[2010/12/12 05:32:54 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/12/12 05:32:50 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/12/12 04:14:52 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/12/12 04:14:52 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/12/12 04:14:52 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/12/12 04:14:52 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/12/12 04:14:52 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/12/12 04:14:52 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/12/12 04:14:52 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/12/12 04:14:52 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/12/11 13:51:41 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/12/11 13:51:41 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/12/11 10:10:14 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/12/11 09:15:13 | 000,000,273 | ---- | M] () -- C:\Documents and Settings\Kate\Desktop\CougarWeb Login.url
[2010/12/11 07:06:13 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/12/11 07:06:13 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/12/11 03:18:05 | 000,014,739 | ---- | M] () -- C:\WINDOWS\System32\12543.js
[2010/12/10 17:26:42 | 000,000,286 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2010/12/10 17:25:45 | 000,001,755 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PC Scan & Repair by Reimage.lnk
[2010/12/09 23:03:36 | 000,121,856 | ---- | M] () -- C:\Documents and Settings\Kate\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/09 08:18:14 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/12/08 15:01:27 | 000,079,208 | ---- | M] () -- C:\Documents and Settings\Kate\Desktop\brown.pdf
[2010/12/08 14:46:09 | 000,078,382 | ---- | M] () -- C:\Documents and Settings\Kate\Desktop\ash.pdf
[2010/12/06 14:39:02 | 000,014,202 | ---- | M] () -- C:\Documents and Settings\Kate\Desktop\ortho plus Douthit[1].docx
[2010/12/02 18:41:44 | 000,014,230 | ---- | M] () -- C:\Documents and Settings\Kate\My Documents\Ben's work payment sheet.xlsx
[2010/12/02 14:30:04 | 000,357,501 | ---- | M] () -- C:\Documents and Settings\Kate\My Documents\12-2-10.pdf
[2010/12/01 01:00:13 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/11/28 14:09:03 | 002,514,252 | ---- | M] () -- C:\Documents and Settings\Kate\My Documents\Clark My Personal Favorite.pptx
[2010/11/28 13:12:41 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kate\My Documents\audit.docx
[2010/11/27 17:49:46 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Kate\Application Data\install
[2010/11/24 10:59:23 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Kate\Desktop\~$tho plus Douthit[1].docx
[2010/11/23 12:48:47 | 002,509,650 | ---- | M] () -- C:\Documents and Settings\Kate\My Documents\The Clark Kids.pptx
[2010/11/22 15:34:20 | 000,220,275 | ---- | M] () -- C:\Documents and Settings\Kate\Desktop\sharron hale bledsoe.pdf
[2010/11/21 12:05:49 | 000,921,624 | ---- | M] () -- C:\img2-001.raw
[2010/11/21 12:02:00 | 000,001,886 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Microsoft LifeCam.lnk
[2010/11/21 12:02:00 | 000,001,864 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Windows Live Call.lnk
[2010/11/16 16:05:14 | 000,438,272 | ---- | M] () -- C:\Documents and Settings\Kate\My Documents\Clark Medical.accdb
[2010/11/16 12:46:27 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/16 12:46:27 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/15 01:20:25 | 000,000,338 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/13 17:50:59 | 001,230,779 | ---- | C] () -- C:\Documents and Settings\Kate\Desktop\tdsskiller.zip
[2010/12/12 13:18:30 | 000,120,212 | ---- | C] () -- C:\Documents and Settings\Kate\Desktop\team sutton.pdf
[2010/12/12 13:06:12 | 000,022,963 | ---- | C] () -- C:\Documents and Settings\Kate\Desktop\eval.docx
[2010/12/11 07:06:13 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/12/11 07:06:13 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/12/10 17:26:18 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\Reimage Reminder.job
[2010/12/10 17:26:14 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2010/12/10 17:25:45 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PC Scan & Repair by Reimage.lnk
[2010/12/09 06:18:03 | 000,014,739 | ---- | C] () -- C:\WINDOWS\System32\12543.js
[2010/12/08 15:01:26 | 000,079,208 | ---- | C] () -- C:\Documents and Settings\Kate\Desktop\brown.pdf
[2010/12/08 14:46:09 | 000,078,382 | ---- | C] () -- C:\Documents and Settings\Kate\Desktop\ash.pdf
[2010/12/02 14:30:02 | 000,357,501 | ---- | C] () -- C:\Documents and Settings\Kate\My Documents\12-2-10.pdf
[2010/11/28 14:09:02 | 002,514,252 | ---- | C] () -- C:\Documents and Settings\Kate\My Documents\Clark My Personal Favorite.pptx
[2010/11/28 13:12:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kate\My Documents\audit.docx
[2010/11/27 17:49:46 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Kate\Application Data\install
[2010/11/27 17:48:26 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010/11/27 17:48:26 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010/11/27 17:48:26 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010/11/27 17:48:26 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010/11/27 17:48:25 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010/11/27 17:48:25 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010/11/27 17:48:25 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010/11/27 17:48:25 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010/11/27 17:48:25 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010/11/27 17:48:25 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010/11/27 17:48:25 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010/11/27 17:48:24 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010/11/27 17:48:24 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010/11/27 17:48:24 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010/11/27 17:48:23 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010/11/27 17:48:23 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010/11/27 17:48:22 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010/11/27 17:48:22 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010/11/27 17:48:20 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010/11/27 17:48:19 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010/11/27 17:48:19 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010/11/27 17:48:17 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010/11/27 17:48:15 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010/11/27 17:48:14 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/11/24 10:59:23 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Kate\Desktop\~$tho plus Douthit[1].docx
[2010/11/23 12:33:42 | 002,509,650 | ---- | C] () -- C:\Documents and Settings\Kate\My Documents\The Clark Kids.pptx
[2010/11/22 15:34:20 | 000,220,275 | ---- | C] () -- C:\Documents and Settings\Kate\Desktop\sharron hale bledsoe.pdf
[2010/11/21 12:02:00 | 000,001,886 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Microsoft LifeCam.lnk
[2010/11/21 12:02:00 | 000,001,864 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Windows Live Call.lnk
[2010/11/16 15:54:37 | 000,438,272 | ---- | C] () -- C:\Documents and Settings\Kate\My Documents\Clark Medical.accdb
[2010/01/22 19:17:45 | 000,121,856 | ---- | C] () -- C:\Documents and Settings\Kate\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/19 22:27:51 | 000,004,272 | R--- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/19 20:20:58 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2010/01/19 20:20:23 | 000,003,278 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2010/01/19 20:20:23 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/01/19 20:20:20 | 000,060,928 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2010/01/19 20:20:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2010/01/19 20:20:01 | 000,000,072 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2010/01/19 20:12:10 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/01/19 19:43:42 | 000,003,822 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\hpzinstall.log
[2010/01/19 19:18:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2010/01/19 12:45:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/02/19 00:33:34 | 000,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2008/02/05 13:28:20 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\Kate\Local Settings\Application Data\setup.txt
[2006/04/14 20:30:47 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX3000.ini
[2004/09/22 12:47:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

< End of report >

Your help is appreciated!

Thanks!
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP