RkUnhooker report generator v0.6 ============================================== Rootkit Unhooker kernel version: 3.31.150.420 ============================================== Windows Major Version: 5 Windows Minor Version: 1 Windows Build Number: 2600 ============================================== >Processes Process: System Process Id: 4 EPROCESS Address: 0x825C8830 Process: C:\WINDOWS\system32\rsvp.exe Process Id: 240 EPROCESS Address: 0xF91FADA0 Process: C:\WINDOWS\system32\svchost.exe Process Id: 324 EPROCESS Address: 0x817C3530 Process: C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE Process Id: 444 EPROCESS Address: 0x817E56B8 Process: C:\WINDOWS\system32\smss.exe Process Id: 500 EPROCESS Address: 0x821BA348 Process: C:\WINDOWS\system32\csrss.exe Process Id: 548 EPROCESS Address: 0x8201F270 Process: C:\WINDOWS\system32\winlogon.exe Process Id: 572 EPROCESS Address: 0x81FFF8D8 Process: C:\WINDOWS\system32\services.exe Process Id: 616 EPROCESS Address: 0x81FD7D50 Process: C:\WINDOWS\system32\lsass.exe Process Id: 628 EPROCESS Address: 0x81FCEDA0 Process: C:\WINDOWS\system32\ati2evxx.exe Process Id: 796 EPROCESS Address: 0x8216BB28 Process: C:\WINDOWS\system32\svchost.exe Process Id: 812 EPROCESS Address: 0x821D9DA0 Process: C:\WINDOWS\system32\svchost.exe Process Id: 872 EPROCESS Address: 0x81FD12A0 Process: C:\WINDOWS\system32\svchost.exe Process Id: 940 EPROCESS Address: 0x81FFA398 Process: C:\WINDOWS\system32\svchost.exe Process Id: 1048 EPROCESS Address: 0x81FEB438 Process: C:\WINDOWS\system32\svchost.exe Process Id: 1100 EPROCESS Address: 0x81FF6460 Process: C:\WINDOWS\system32\spoolsv.exe Process Id: 1248 EPROCESS Address: 0x82182B08 Process: C:\WINDOWS\system32\ati2evxx.exe Process Id: 1528 EPROCESS Address: 0x8200FDA0 Process: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe Process Id: 1556 EPROCESS Address: 0x817AEDA0 Process: C:\WINDOWS\explorer.exe Process Id: 1644 EPROCESS Address: 0x82197970 Process: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe Process Id: 1748 EPROCESS Address: 0x821656A8 Process: C:\WINDOWS\VM303_STI.exe Process Id: 1764 EPROCESS Address: 0x821D9608 Process: C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe Process Id: 1812 EPROCESS Address: 0x821D5380 Process: C:\WINDOWS\SOUNDMAN.EXE Process Id: 1844 EPROCESS Address: 0x82190988 Process: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe Process Id: 1852 EPROCESS Address: 0x821D2300 Process: C:\Program Files\iTunes\iTunesHelper.exe Process Id: 1860 EPROCESS Address: 0x81FCABE0 Process: C:\Program Files\Alwil Software\Avast4\ashServ.exe Process Id: 1968 EPROCESS Address: 0x81846618 Process: C:\Program Files\MSN Messenger\msnmsgr.exe Process Id: 1976 EPROCESS Address: 0x82195DA0 Process: C:\WINDOWS\system32\ctfmon.exe Process Id: 2000 EPROCESS Address: 0x821D1C68 Process: C:\Program Files\Common Files\Real\Update_OB\realsched.exe Process Id: 2084 EPROCESS Address: 0xFAACB390 Process: C:\Program Files\Internet Explorer\IEXPLORE.EXE Process Id: 2188 EPROCESS Address: 0x81819DA0 Process: C:\Program Files\iPod\bin\iPodService.exe Process Id: 2216 EPROCESS Address: 0x8221AB38 Process: C:\Program Files\Internet Explorer\IEXPLORE.EXE Process Id: 2312 EPROCESS Address: 0x815A5DA0 Process: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe Process Id: 2436 EPROCESS Address: 0x817C05B0 Process: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe Process Id: 2452 EPROCESS Address: 0x817CBB28 Process: C:\Program Files\Internet Explorer\IEXPLORE.EXE Process Id: 2488 EPROCESS Address: 0x81FF8AA8 Process: C:\Program Files\BitComet\BitComet.exe Process Id: 3316 EPROCESS Address: 0x8185EDA0 Process: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe Process Id: 3392 EPROCESS Address: 0xF906FDA0 Process: C:\Program Files\MSN Messenger\usnsvc.exe Process Id: 3512 EPROCESS Address: 0x81785DA0 Process: F:\emul 0.47a\eMule.exe Process Id: 41512 EPROCESS Address: 0xFA440358 Process: C:\PROGRA~1\MOZILL~1\firefox.exe Process Id: 43084 EPROCESS Address: 0xFAF65280 Process: C:\RkUnhooker\q071SmI6pWgR.exe Process Id: 44836 EPROCESS Address: 0xFAF0F020 ============================================== >Drivers Driver: C:\WINDOWS\System32\ati3duag.dll Address: 0xBFA77000 Size: 2363392 bytes Driver: C:\WINDOWS\system32\ntkrnlpa.exe Address: 0x804D7000 Size: 2142208 bytes Driver: PnpManager Address: 0x804D7000 Size: 2142208 bytes Driver: RAW Address: 0x804D7000 Size: 2142208 bytes Driver: WMIxWDM Address: 0x804D7000 Size: 2142208 bytes Driver: Win32k Address: 0xBF800000 Size: 1839104 bytes Driver: C:\WINDOWS\System32\win32k.sys Address: 0xBF800000 Size: 1839104 bytes Driver: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys Address: 0xF7C38000 Size: 1310720 bytes Driver: 00000099 Address: 0xF8453000 Size: 856064 bytes Driver: sptd.sys Address: 0xF8453000 Size: 856064 bytes Driver: C:\WINDOWS\System32\ativvaxx.dll Address: 0xBFCB8000 Size: 651264 bytes Driver: C:\WINDOWS\system32\drivers\ALCXWDM.SYS Address: 0xF7B6A000 Size: 618496 bytes Driver: Ntfs.sys Address: 0xF82E4000 Size: 577536 bytes Driver: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys Address: 0xEF2D4000 Size: 454656 bytes Driver: C:\WINDOWS\system32\drivers\ALCXSENS.SYS Address: 0xF7AC1000 Size: 401408 bytes Driver: C:\WINDOWS\system32\DRIVERS\tcpip.sys Address: 0xEF49E000 Size: 360448 bytes Driver: C:\WINDOWS\system32\DRIVERS\srv.sys Address: 0xEC3E8000 Size: 339968 bytes Driver: C:\WINDOWS\System32\ATMFD.DLL Address: 0xBFFA0000 Size: 286720 bytes Driver: C:\WINDOWS\System32\Drivers\HTTP.sys Address: 0xEBEAB000 Size: 266240 bytes Driver: C:\WINDOWS\System32\ati2dvag.dll Address: 0xBF9D3000 Size: 249856 bytes Driver: C:\WINDOWS\System32\atikvmag.dll Address: 0xBFA43000 Size: 212992 bytes Driver: C:\WINDOWS\system32\DRIVERS\update.sys Address: 0xF7A20000 Size: 212992 bytes Driver: C:\WINDOWS\System32\ati2cqag.dll Address: 0xBFA10000 Size: 208896 bytes Driver: C:\WINDOWS\system32\DRIVERS\rdpdr.sys Address: 0xF7A54000 Size: 200704 bytes Driver: ACPI.sys Address: 0xF8535000 Size: 188416 bytes Driver: C:\WINDOWS\system32\DRIVERS\mrxdav.sys Address: 0xECC46000 Size: 184320 bytes Driver: NDIS.sys Address: 0xF82B7000 Size: 184320 bytes Driver: C:\WINDOWS\system32\DRIVERS\rdbss.sys Address: 0xEF36A000 Size: 180224 bytes Driver: C:\WINDOWS\system32\drivers\kmixer.sys Address: 0xEB8DC000 Size: 172032 bytes Driver: C:\WINDOWS\system32\DRIVERS\netbt.sys Address: 0xEF3D6000 Size: 163840 bytes Driver: C:\WINDOWS\system32\DRIVERS\nwrdr.sys Address: 0xECC9B000 Size: 163840 bytes Driver: dmio.sys Address: 0xF83F6000 Size: 155648 bytes Driver: tffsport.sys Address: 0xF83B9000 Size: 151552 bytes Driver: C:\WINDOWS\system32\drivers\portcls.sys Address: 0xF7B46000 Size: 147456 bytes Driver: C:\WINDOWS\System32\Drivers\Fastfat.SYS Address: 0xEEE31000 Size: 143360 bytes Driver: C:\WINDOWS\system32\drivers\ks.sys Address: 0xF7B23000 Size: 143360 bytes Driver: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS Address: 0xF7C01000 Size: 143360 bytes Driver: C:\WINDOWS\System32\drivers\afd.sys Address: 0xEF396000 Size: 139264 bytes Driver: ACPI_HAL Address: 0x806E2000 Size: 134400 bytes Driver: C:\WINDOWS\system32\hal.dll Address: 0x806E2000 Size: 134400 bytes Driver: fltMgr.sys Address: 0xF839A000 Size: 126976 bytes Driver: ftdisk.sys Address: 0xF841C000 Size: 126976 bytes Driver: Mup.sys Address: 0xF829C000 Size: 110592 bytes Driver: atapi.sys Address: 0xF83DE000 Size: 98304 bytes Driver: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xEEE19000 Size: 98304 bytes Driver: C:\WINDOWS\System32\Drivers\SPTD9437.SYS Address: 0xF843B000 Size: 98304 bytes Driver: KSecDD.sys Address: 0xF8371000 Size: 94208 bytes Driver: C:\WINDOWS\system32\DRIVERS\ndiswan.sys Address: 0xF7A96000 Size: 94208 bytes Driver: C:\WINDOWS\System32\Drivers\aswMon2.SYS Address: 0xEC48B000 Size: 90112 bytes Driver: C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys Address: 0xECD63000 Size: 90112 bytes Driver: C:\WINDOWS\system32\drivers\wdmaud.sys Address: 0xECC09000 Size: 86016 bytes Driver: C:\WINDOWS\system32\DRIVERS\parport.sys Address: 0xF7AAD000 Size: 81920 bytes Driver: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS Address: 0xF7C24000 Size: 81920 bytes Driver: C:\WINDOWS\system32\DRIVERS\ipsec.sys Address: 0xEF4F6000 Size: 77824 bytes Driver: C:\WINDOWS\System32\drivers\dxg.sys Address: 0xBF9C1000 Size: 73728 bytes Driver: sr.sys Address: 0xF8388000 Size: 73728 bytes Driver: pci.sys Address: 0xF8524000 Size: 69632 bytes Driver: C:\WINDOWS\system32\DRIVERS\psched.sys Address: 0xF7A85000 Size: 69632 bytes Driver: C:\WINDOWS\System32\Drivers\Udfs.SYS Address: 0xEB92E000 Size: 69632 bytes Driver: C:\WINDOWS\System32\Drivers\Cdfs.SYS Address: 0xEC9D2000 Size: 65536 bytes Driver: C:\WINDOWS\system32\DRIVERS\nwlnknb.sys Address: 0xF7953000 Size: 65536 bytes Driver: C:\WINDOWS\system32\DRIVERS\serial.sys Address: 0xF8824000 Size: 65536 bytes Driver: C:\WINDOWS\system32\drivers\drmk.sys Address: 0xF8814000 Size: 61440 bytes Driver: C:\WINDOWS\system32\DRIVERS\redbook.sys Address: 0xF8864000 Size: 61440 bytes Driver: C:\WINDOWS\system32\drivers\sysaudio.sys Address: 0xEF47E000 Size: 61440 bytes Driver: C:\WINDOWS\system32\DRIVERS\usbhub.sys Address: 0xF8724000 Size: 61440 bytes Driver: C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys Address: 0xEC7DB000 Size: 57344 bytes Driver: C:\WINDOWS\system32\DRIVERS\cdrom.sys Address: 0xF8854000 Size: 53248 bytes Driver: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS Address: 0xF86A4000 Size: 53248 bytes Driver: C:\WINDOWS\system32\DRIVERS\i8042prt.sys Address: 0xF8834000 Size: 53248 bytes Driver: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys Address: 0xF88A4000 Size: 53248 bytes Driver: VolSnap.sys Address: 0xF8684000 Size: 53248 bytes Driver: C:\WINDOWS\system32\DRIVERS\raspptp.sys Address: 0xF88C4000 Size: 49152 bytes Driver: C:\WINDOWS\system32\DRIVERS\imapi.sys Address: 0xF8844000 Size: 45056 bytes Driver: MountMgr.sys Address: 0xF8674000 Size: 45056 bytes Driver: C:\WINDOWS\system32\DRIVERS\raspppoe.sys Address: 0xF88B4000 Size: 45056 bytes Driver: C:\WINDOWS\System32\Drivers\NDProxy.SYS Address: 0xF86F4000 Size: 40960 bytes Driver: C:\WINDOWS\system32\DRIVERS\termdd.sys Address: 0xF86E4000 Size: 40960 bytes Driver: C:\WINDOWS\System32\Drivers\aswTdi.SYS Address: 0xF8794000 Size: 36864 bytes Driver: disk.sys Address: 0xF8694000 Size: 36864 bytes Driver: C:\WINDOWS\System32\Drivers\Fips.SYS Address: 0xF87C4000 Size: 36864 bytes Driver: C:\WINDOWS\system32\DRIVERS\intelppm.sys Address: 0xF8804000 Size: 36864 bytes Driver: isapnp.sys Address: 0xF8664000 Size: 36864 bytes Driver: C:\WINDOWS\system32\DRIVERS\msgpc.sys Address: 0xF88D4000 Size: 36864 bytes Driver: C:\WINDOWS\system32\DRIVERS\netbios.sys Address: 0xF87B4000 Size: 36864 bytes Driver: PxHelp20.sys Address: 0xF86B4000 Size: 36864 bytes Driver: C:\WINDOWS\system32\DRIVERS\wanarp.sys Address: 0xF87A4000 Size: 36864 bytes Driver: C:\WINDOWS\System32\Drivers\Npfs.SYS Address: 0xF8A24000 Size: 32768 bytes Driver: C:\WINDOWS\system32\DRIVERS\fdc.sys Address: 0xF89A4000 Size: 28672 bytes Driver: C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys Address: 0xF89BC000 Size: 28672 bytes Driver: C:\WINDOWS\System32\Drivers\PCIIDEX.SYS Address: 0xF88E4000 Size: 28672 bytes Driver: C:\WINDOWS\system32\DRIVERS\usbehci.sys Address: 0xF8994000 Size: 28672 bytes Driver: C:\WINDOWS\System32\Drivers\Aavmker4.SYS Address: 0xF8A3C000 Size: 24576 bytes Driver: C:\WINDOWS\system32\DRIVERS\kbdclass.sys Address: 0xF89B4000 Size: 24576 bytes Driver: C:\WINDOWS\system32\DRIVERS\mouclass.sys Address: 0xF89AC000 Size: 24576 bytes Driver: C:\WINDOWS\system32\DRIVERS\RTL8139.SYS Address: 0xF899C000 Size: 24576 bytes Driver: C:\WINDOWS\System32\drivers\vga.sys Address: 0xF8A14000 Size: 24576 bytes Driver: C:\WINDOWS\System32\Drivers\Msfs.SYS Address: 0xF8A1C000 Size: 20480 bytes Driver: PartMgr.sys Address: 0xF88EC000 Size: 20480 bytes Driver: C:\WINDOWS\system32\DRIVERS\ptilink.sys Address: 0xF89E4000 Size: 20480 bytes Driver: C:\WINDOWS\system32\DRIVERS\raspti.sys Address: 0xF89EC000 Size: 20480 bytes Driver: C:\WINDOWS\System32\Drivers\rkhdrv31.SYS Address: 0xF891C000 Size: 20480 bytes Driver: C:\WINDOWS\system32\DRIVERS\TDI.SYS Address: 0xF89C4000 Size: 20480 bytes Driver: C:\WINDOWS\system32\DRIVERS\usbuhci.sys Address: 0xF898C000 Size: 20480 bytes Driver: C:\WINDOWS\System32\watchdog.sys Address: 0xF8974000 Size: 20480 bytes Driver: C:\WINDOWS\System32\Drivers\aswRdr.SYS Address: 0xEC250000 Size: 16384 bytes Driver: C:\WINDOWS\system32\DRIVERS\mssmbios.sys Address: 0xF8254000 Size: 16384 bytes Driver: C:\WINDOWS\system32\DRIVERS\ndisuio.sys Address: 0xECDE9000 Size: 16384 bytes Driver: C:\WINDOWS\system32\DRIVERS\serenum.sys Address: 0xF8B54000 Size: 16384 bytes Driver: C:\WINDOWS\system32\BOOTVID.dll Address: 0xF8A74000 Size: 12288 bytes Driver: C:\WINDOWS\System32\drivers\Dxapi.sys Address: 0xF7D84000 Size: 12288 bytes Driver: C:\WINDOWS\system32\DRIVERS\fsvga.sys Address: 0xF8B5C000 Size: 12288 bytes Driver: C:\WINDOWS\system32\DRIVERS\ndistapi.sys Address: 0xF8278000 Size: 12288 bytes Driver: C:\WINDOWS\system32\DRIVERS\rasacd.sys Address: 0xF7D80000 Size: 12288 bytes Driver: C:\WINDOWS\System32\Drivers\Beep.SYS Address: 0xF8B94000 Size: 8192 bytes Driver: dmload.sys Address: 0xF8B6A000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xF8BBE000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS Address: 0xF8B92000 Size: 8192 bytes Driver: intelide.sys Address: 0xF8B68000 Size: 8192 bytes Driver: C:\WINDOWS\system32\KDCOM.DLL Address: 0xF8B64000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\mnmdd.SYS Address: 0xF8B96000 Size: 8192 bytes Driver: C:\WINDOWS\System32\Drivers\ParVdm.SYS Address: 0xF8B70000 Size: 8192 bytes Driver: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys Address: 0xF8B98000 Size: 8192 bytes Driver: C:\WINDOWS\system32\drivers\splitter.sys Address: 0xF8C26000 Size: 8192 bytes Driver: C:\WINDOWS\system32\DRIVERS\swenum.sys Address: 0xF8B7A000 Size: 8192 bytes Driver: C:\WINDOWS\system32\DRIVERS\USBD.SYS Address: 0xF8B7C000 Size: 8192 bytes Driver: C:\WINDOWS\system32\Drivers\Vcs.sys Address: 0xF8BD0000 Size: 8192 bytes Driver: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS Address: 0xF8B66000 Size: 8192 bytes Driver: C:\WINDOWS\system32\DRIVERS\audstub.sys Address: 0xF8D6C000 Size: 4096 bytes Driver: C:\WINDOWS\System32\drivers\dxgthk.sys Address: 0xF8DAB000 Size: 4096 bytes Driver: C:\WINDOWS\System32\Drivers\Null.SYS Address: 0xF8CF7000 Size: 4096 bytes Driver: PCIIde.sys Address: 0xF8C2C000 Size: 4096 bytes Driver: ?_unknown_code_page_? Address: 0x825740E8 Size: 3864 bytes Driver: ?_unknown_code_page_? Address: 0x8253F7C8 Size: 2104 bytes Driver: ?_unknown_code_page_? Address: 0x82574C78 Size: 904 bytes ============================================== >Files Suspect File: C:\$Extend\$UsnJrnl:$J:$DATA Status: Opened for exclusive access by other app or by System Suspect File: C:\$Extend\$UsnJrnl:$Max:$DATA Status: Opened for exclusive access by other app or by System Suspect File: C:\Documents and Settings\sd\Cookies\sd@fenopy[2].txt Status: Hidden Suspect File: C:\Documents and Settings\sd\Cookies\sd@mb[1].txt Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Application Data\Microsoft\Messenger\karmouch8@hotmail.com\SharingMetadata\Working\database_DEC8_C9FA_C8C9_D0C7\fsr00132.log Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Application Data\Mozilla\Firefox\Profiles\4tmpffrv.default\Cache\12CB7423d01 Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Application Data\Mozilla\Firefox\Profiles\4tmpffrv.default\Cache\D60E6ECDd01 Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\2VMRATMZ\main.v3[2].css Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\3N151TPE\eminimall.v3[2].js Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\4BKFDUBM\minimall[1].htm Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\4BKFDUBM\minimall[1].y%3D11&query=tv&defaultcat=1701&cb=385 Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\4HQJ23C5\imp[1].html%26session%3D1176489311&r=0 Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\6XGNSBQN\330106892639[1].jpg Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\8L8PAZSX\clogo[1].gif Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\8VUVM40U\CAHGCRTT.htm Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\D4PX3PT3\index[1].htm Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\E5K9ITS1\290102609931[1].jpg Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\EDVR8MWG\index[1].htm Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\FZICEZ25\st[1] Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\GDYVKHIR\36741324[1].jpg Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\IDMRMZ8D\imp[1].y%3D11&r=0&y=29 Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\IJE3IDYZ\inline_process_server[1].htm Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\ODCNK3SF\[1].htm Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\OFO3Y34Z\mm[1].js Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\PXI7W5IJ\eminimall.v3[2].js Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\QT2P6TS3\230116690658[1].jpg Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\U707IDCJ\10099155184329e1c42fe77[1].jpg Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\U707IDCJ\ads[1].htm Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\U707IDCJ\CA2NO16Z.htm Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\UEEDTHC2\index[1].htm Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temporary Internet Files\Content.IE5\WZ2J2PE9\inline_process_client[1].htm Status: Hidden Suspect File: C:\Documents and Settings\sd\Local Settings\Temp\plugtmp\script_1000-2.php Status: Hidden ============================================== >Hooks [1976]msnmsgr.exe-->kernel32.dll-->SetUnhandledExceptionFilter, Type: Inline - RelativeJump at address 0x7C810386 hook handler located in [msnmsgr.exe]