Thread: IE6 Hijacked
View Single Post
Old 04-28-2007, 03:53 PM   #6 (permalink)
underc
Registered User
 
Join Date: Apr 2007
Posts: 8
OS: WinXP


Re: IE6 Hijacked
Volume in drive C has no label.
Volume Serial Number is 606A-3C2C

Directory of C:\Documents and Settings\All Users\Application Data

2006/08/26 07:59 PM <DIR> Adobe
2006/08/26 08:01 PM <DIR> Adobe Systems
2006/07/24 07:57 PM <DIR> Apple Computer
2006/12/26 03:59 PM <DIR> CyberLink
2006/07/20 08:37 PM <DIR> Kaspersky Lab
2006/10/21 04:01 PM <DIR> Logitech
2006/08/30 05:07 PM <DIR> Messenger Plus!
2007/01/29 05:51 PM <DIR> Microsoft Corporation
2007/03/12 09:09 PM <DIR> Microsoft Help
2007/04/22 03:20 PM <DIR> PopUploadInfoMath
2007/01/29 03:28 PM 1,747 QTSBandwidthCache
2006/08/06 10:41 AM <DIR> ScanSoft
2006/07/22 03:32 PM <DIR> Skype
2007/01/30 06:08 AM <DIR> Spybot - Search & Destroy
2006/08/06 10:31 AM <DIR> SSScanAppDataDir
2006/08/06 10:31 AM <DIR> SSScanWizard
2007/01/29 09:14 PM <DIR> TEMP
2006/07/21 08:58 PM <DIR> Windows Genuine Advantage
2006/08/25 05:30 PM <DIR> Windows Live Toolbar
1 File(s) 1,747 bytes
18 Dir(s) 13,462,147,072 bytes free
Volume in drive C has no label.
Volume Serial Number is 606A-3C2C

Directory of C:\Documents and Settings\asvv000\Application Data

2007/04/04 08:55 PM <DIR> Identities
0 File(s) 0 bytes
1 Dir(s) 13,462,147,072 bytes free
Volume in drive C has no label.
Volume Serial Number is 606A-3C2C

Directory of C:\Documents and Settings\Pravin\Application Data

2006/12/11 04:48 PM <DIR> Adobe
2006/07/21 06:42 PM <DIR> AdobeUM
2006/07/24 08:02 PM <DIR> Apple Computer
2006/07/23 03:36 PM <DIR> ArcSoft
2007/04/04 08:08 AM <DIR> Canon
2006/08/26 07:56 PM <DIR> Corel
2006/12/26 04:00 PM <DIR> CyberLink
2007/03/31 06:16 PM <DIR> dvdcss
2006/07/23 10:31 AM <DIR> Help
2006/07/20 06:34 PM <DIR> Identities
2006/07/21 01:35 PM <DIR> Macromedia
2007/04/22 01:42 PM <DIR> Mozilla
2006/07/22 03:13 PM <DIR> ScanSoft
2007/04/29 12:00 AM <DIR> Skype
2007/02/27 06:43 PM <DIR> Sun
2006/08/26 08:07 PM <DIR> vlc
0 File(s) 0 bytes
16 Dir(s) 13,462,147,072 bytes free
Volume in drive C has no label.
Volume Serial Number is 606A-3C2C

Directory of C:\Documents and Settings\Default User\Application Data

2006/07/20 08:12 PM <DIR> .
2006/07/20 08:12 PM <DIR> ..
2006/07/20 08:12 PM 62 desktop.ini
1 File(s) 62 bytes
2 Dir(s) 13,462,147,072 bytes free
Volume in drive C has no label.
Volume Serial Number is 606A-3C2C

Directory of C:\Documents and Settings\LocalService\Application Data

Volume in drive C has no label.
Volume Serial Number is 606A-3C2C

Directory of C:\Documents and Settings\NetworkService\Application Data

[TRACE] Enumerating jobs and queues
[TRACE] Activating job 'AAAB5DFF906CDD17.job'
[TRACE] Printing all job properties

ApplicationName: 'c:\docume~1\pravin\applic~1\baitba~1\dent bone mail.exe'
Parameters: ''
WorkingDirectory: ''
Comment: ''
Creator: 'Pravin'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 04/22/2007 12:00:00
NextRun: 04/29/2007 1:00:00
StartError: 0x80070003
ExitCode: 0
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 1
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Daily
DaysInterval: 1
StartDate: 02/07/1998
EndDate: 00/00/0000
StartTime: 00:00
MinutesDuration: 1440
MinutesInterval: 60
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
underc is offline