Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Email account has been hijacked


  • Please log in to reply

#1
mexonic

mexonic

    New Member

  • Member
  • Pip
  • 1 posts
My email account has been hijacked. Emails are going out to all of my contacts that I have not sent/authorized. Inside are links to other websites. I have run Ad-Aware and Hijack this. The Ad-Aware scan came up with nothing. I am not skilled enough to know what the Hijack This results determined. I have also run CCleaner.


OTL logfile created on: 5/23/2011 1:02:12 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Sheri Rugg\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

223.48 Mb Total Physical Memory | 69.88 Mb Available Physical Memory | 31.27% Memory free
545.63 Mb Paging File | 216.00 Mb Available in Paging File | 39.59% Paging File free
Paging file location(s): C:\pagefile.sys 336 672 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.56 Gb Total Space | 65.73 Gb Free Space | 88.15% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: YOUR-3WCKSA0CE2 | User Name: Sheri Rugg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/23 13:01:21 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sheri Rugg\Desktop\OTL.exe
PRC - [2011/05/16 05:58:36 | 002,151,128 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/05/13 02:11:03 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/09/02 23:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe
PRC - [2010/03/25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
PRC - [2008/11/04 12:09:58 | 000,615,696 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/16 18:40:00 | 001,197,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2003/03/02 09:09:32 | 000,110,592 | ---- | M] () -- C:\Program Files\Netropa\Multimedia Keyboard\Traymon.exe
PRC - [2002/07/10 10:49:18 | 000,167,936 | ---- | M] () -- C:\WINDOWS\system32\pctspk.exe
PRC - [2002/06/19 09:50:36 | 000,180,224 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
PRC - [2001/11/14 03:03:12 | 000,090,112 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Onscreen Display\osd.exe
PRC - [2001/08/06 05:41:48 | 000,028,672 | ---- | M] () -- C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe


========== Modules (SafeList) ==========

MOD - [2011/05/23 13:01:21 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sheri Rugg\Desktop\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2002/06/19 08:39:14 | 000,053,248 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Multimedia Keyboard\Nhkdll.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Auto | Stopped] -- -- (AVG Anti-Spyware Guard)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (ACS)
SRV - [2011/05/16 05:58:36 | 002,151,128 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/09/02 23:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
SRV - [2001/08/06 05:41:48 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe -- (nhksrv)


========== Driver Services (SafeList) ==========

DRV - [2011/04/25 17:00:19 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2007/01/11 13:30:16 | 000,015,890 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2005/09/13 06:48:46 | 000,358,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5513.sys -- (AR5513)
DRV - [2004/08/03 22:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)
DRV - [2004/07/16 14:19:52 | 000,070,400 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/03/02 14:02:30 | 000,167,040 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2003/02/26 16:04:00 | 000,370,048 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viaudios.sys -- (VIAudio) VIA AC'97 Audio Controller (WDM)
DRV - [2002/07/09 11:09:14 | 000,135,980 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptserial.sys -- (Ptserial)
DRV - [2002/07/09 11:08:30 | 000,065,343 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vvoice.sys -- (Vvoice)
DRV - [2002/07/09 11:08:06 | 000,695,981 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vmodem.sys -- (Vmodem)
DRV - [2002/07/09 11:07:12 | 000,546,027 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vpctcom.sys -- (Vpctcom)
DRV - [2001/12/20 08:02:12 | 000,006,656 | ---- | M] (Netropa Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Msikbd2k.sys -- (msikbd2k)
DRV - [2001/05/14 18:15:40 | 000,010,368 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie7&rlz=1I7SUNA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0

FF - HKLM\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/01/26 19:45:42 | 000,000,000 | ---D | M]

[2008/07/15 02:03:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sheri Rugg\Application Data\Mozilla\Extensions
[2006/08/29 11:55:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sheri Rugg\Application Data\Mozilla\Firefox\Profiles\ow3lyqoq.default\extensions
[2010/04/22 12:43:24 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/01/26 19:45:42 | 000,000,000 | ---D | M] ("Search Helper Extension") -- C:\PROGRAM FILES\MICROSOFT\SEARCH ENHANCEMENT PACK\SEARCH HELPER\FIREFOXEXTENSION\SEARCHHELPEREXTENSION

O1 HOSTS File: ([2011/05/23 01:50:41 | 000,027,456 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.entertaintool.com
O1 - Hosts: 127.0.0.1 www.thesecuritytool.com
O1 - Hosts: 127.0.0.1 www.mediapipe.tv
O1 - Hosts: 127.0.0.1 media.adrevolver.com
O1 - Hosts: 127.0.0.1 isg21.casalemedia.com
O1 - Hosts: 127.0.0.1 isg33.casalemedia.com
O1 - Hosts: 127.0.0.1 ad.yieldmanager.com
O1 - Hosts: 127.0.0.1 isg14.casalemedia.com
O1 - Hosts: 127.0.0.1 isg28.casalemedia.com
O1 - Hosts: 127.0.0.1 adopt.specificclick.net
O1 - Hosts: 127.0.0.1 cdn.specificmedia.com
O1 - Hosts: 127.0.0.1 ads.pointroll.com
O1 - Hosts: 127.0.0.1 mirror.pointroll.com
O1 - Hosts: 127.0.0.1 pointroll.com
O1 - Hosts: 127.0.0.1 red.as-us.falkag.net
O1 - Hosts: 127.0.0.1 media.travelzoo.com/
O1 - Hosts: 127.0.0.1 180solutions.com
O1 - Hosts: 127.0.0.1 bis.180solutions.com
O1 - Hosts: 127.0.0.1 www.wildtangent.com
O1 - Hosts: 127.0.0.1 clock-sync.com
O1 - Hosts: 127.0.0.1 www.clock-sync.com
O1 - Hosts: 127.0.0.1 web.whenu.com
O1 - Hosts: 127.0.0.1 whenu.com
O1 - Hosts: 127.0.0.1 save.com
O1 - Hosts: 888 more lines...
O3 - HKLM\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe (Netropa Corp.)
O4 - HKLM..\Run: [PCTVOICE] C:\WINDOWS\System32\pctspk.exe ()
O4 - HKLM..\Run: [VTPreset] C:\WINDOWS\System32\VTPreset.exe (S3 Graphics, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\D-Link REG Utility.lnk = C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\Reg.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DWL-G520M Wireless 108G MIMO PCI Adapter Utility.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: homepage.monitor.exe = C:\Program Files\Media-Codec\isamonitor.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://zone.msn.com/...ro.cab34246.cab (ZoneIntro Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/...aploader_v6.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O22 - SharedTaskScheduler: {A2D9D3F0-8C2A-2A1D-A376-1BECFB10AB72} - Reload Browse - Reg Error: Key error. File not found
O22 - SharedTaskScheduler: hubbsi - {7b1eeccd-0a6d-4ad5-8ac1-4af5722b3885} - Reg Error: Key error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Sheri Rugg\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sheri Rugg\Application Data\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/23 13:01:21 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sheri Rugg\Desktop\OTL.exe
[2011/05/23 02:07:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{91EC863D-D912-4466-91CC-9489A4A2ADD3}
[2011/05/23 02:06:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2011/05/23 01:33:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sheri Rugg\Start Menu\Programs\HiJackThis
[2011/05/23 01:05:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/05/23 01:04:39 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/05/23 01:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sheri Rugg\Local Settings\Application Data\Sunbelt Software
[2011/05/23 00:58:40 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/05/22 23:50:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sheri Rugg\Recent
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/23 13:01:21 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sheri Rugg\Desktop\OTL.exe
[2011/05/23 12:41:20 | 000,002,457 | ---- | M] () -- C:\Documents and Settings\Sheri Rugg\Desktop\HiJackThis.lnk
[2011/05/23 12:09:29 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/05/23 12:05:06 | 000,000,245 | ---- | M] () -- C:\WINDOWS\Msiosd.ini
[2011/05/23 12:04:47 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/23 12:03:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/23 12:03:18 | 234,409,984 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/23 02:32:40 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/23 02:32:40 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/05/23 02:07:31 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Sheri Rugg\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2011/05/23 02:07:31 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/05/23 01:50:41 | 000,027,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/05/23 01:04:36 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/04/25 17:00:19 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/04/25 14:58:37 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/23 12:30:30 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/05/23 02:32:40 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/23 02:32:40 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/05/23 02:32:32 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/05/23 02:07:31 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Sheri Rugg\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2011/05/23 02:07:31 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/04/07 18:45:00 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2008/11/26 17:39:22 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2008/07/14 18:31:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs(2).exe
[2008/07/14 18:31:18 | 000,002,655 | ---- | C] () -- C:\WINDOWS\System32\arccsel.dat
[2007/01/11 13:29:58 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2007/01/11 13:29:58 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2007/01/11 13:29:58 | 000,114,688 | R--- | C] () -- C:\WINDOWS\System32\AegisI2.exe
[2007/01/11 13:29:58 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2006/08/30 11:30:22 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2006/08/29 11:55:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/08/29 11:55:18 | 000,003,072 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/08/03 12:24:48 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/03 04:12:06 | 000,026,958 | ---- | C] () -- C:\Program Files\Movieland Terms.html
[2005/03/11 09:03:50 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/03/11 07:51:34 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/02/15 22:24:46 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/01/30 23:03:29 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS49.DLL
[2005/01/22 12:00:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/01/22 11:54:38 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/01/22 11:25:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/01/22 11:25:25 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll
[2005/01/22 11:25:25 | 000,000,245 | ---- | C] () -- C:\WINDOWS\Msiosd.ini
[2005/01/22 11:02:42 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/22 10:42:37 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\pctspk.exe
[2005/01/22 10:42:37 | 000,000,456 | ---- | C] () -- C:\WINDOWS\System32\pthsp.dat
[2005/01/22 10:41:59 | 000,000,304 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/22 10:40:27 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/01/22 10:40:27 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/01/22 10:40:27 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/01/22 10:40:27 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/01/22 10:40:23 | 000,004,516 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/01/22 10:40:19 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/01/22 10:40:14 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/01/22 10:39:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/01/22 10:39:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/01/22 10:39:37 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/01/22 10:39:09 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/01/22 03:49:26 | 000,001,536 | ---- | C] () -- C:\WINDOWS\System32\TrueSoft.dat
[2005/01/22 03:49:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\PTPTT.dat
[2005/01/22 03:47:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/01/22 03:46:40 | 000,134,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2007/05/02 04:23:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/09/10 14:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2005/02/06 23:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2011/05/23 02:07:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{91EC863D-D912-4466-91CC-9489A4A2ADD3}
[2005/12/03 04:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sheri Rugg\Application Data\DownloadManager
[2011/04/07 18:44:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sheri Rugg\Application Data\Research In Motion
[2006/12/14 13:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sheri Rugg\Application Data\Walgreens
[2011/05/23 12:09:29 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP