Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Email Hijacked

Started by stroslose , Jan 30 2011 07:56 AM

  • Please log in to reply

#1
stroslose
Posted 30 January 2011 - 07:56 AM

stroslose

    Member

  • Member
  • PipPip
  • 32 posts
Thank you for your time. I have a email account that is sending out emails to everyone in my address book with links to scam sites. I have run AVG, Malwarebytes, and Ad-aware. All 3 show a clean computer, but this happened again last night. I have also changed my password to my email account after last nights event. Here is my OTL log:

OTL logfile created on: 1/30/2011 8:41:38 AM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Breitzig Family\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 70.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.54 Gb Total Space | 511.11 Gb Free Space | 55.70% Space Free | Partition Type: NTFS
Drive D: | 13.97 Gb Total Space | 1.66 Gb Free Space | 11.88% Space Free | Partition Type: NTFS

Computer Name: BREITZIGFAM-PC | User Name: Breitzig Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Breitzig Family\Downloads\OTL.com (OldTimer Tools)
PRC - C:\Users\Breitzig Family\Downloads\VundoFix.exe (Atribune.org)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Norton Security Suite\AddOns\Norton AddOn Pack\Engine\4.7.0.10\ccproxy.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe (Symantec Corporation)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe ()
PRC - C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe (SupportSoft, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\Breitzig Family\Downloads\OTL.com (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ccProxy) -- C:\Program Files (x86)\Norton Security Suite\AddOns\Norton AddOn Pack\Engine\4.7.0.10\ccProxy.exe (Symantec Corporation)
SRV - (N360) -- C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe (Symantec Corporation)
SRV - (IntuitUpdateService) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (DAUpdaterSvc) -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (nmservice) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (HPBtnSrv) -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe ()
SRV - (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2) -- C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SYMTDIv) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symtdiv.sys (Symantec Corporation)
DRV:64bit: - (SymIM) -- C:\Windows\SysNative\drivers\SymIMV.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\ironx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (ccHP) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.sys (Symantec Corporation)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (purendis) -- C:\Windows\SysNative\drivers\purendis.sys (Cisco Systems, Inc.)
DRV:64bit: - (pnarp) -- C:\Windows\SysNative\drivers\pnarp.sys (Cisco Systems, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110129.003\EX64.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110129.003\ENG64.SYS (Symantec Corporation)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys ()
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110114.001\BHDrvx64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110128.003\IDSviA64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (cpuz134) -- C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys (Windows ® Win 7 DDK provider)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (AFS) -- C:\Windows\SysWow64\drivers\AFS.SYS (Oak Technology Inc.)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows ® Server 2003 DDK provider)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.comcast.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-US.start3....en-US:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {e283c447-b10b-4344-e22d-37d65dc1a78d}:4.6.6.4
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.9
FF - prefs.js..extensions.enabledItems: [email protected]:3.0a4
FF - prefs.js..extensions.enabledItems: {6614d11d-d21d-b211-ae23-815234e1ebb5}:1.0.23
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.52
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178


FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/06/13 09:48:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/06/11 15:02:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2011/01/29 20:17:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/08 08:33:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/01/12 12:30:20 | 000,000,000 | ---D | M]

[2010/10/01 10:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\Extensions
[2010/10/01 10:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2011/01/29 20:20:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\Firefox\Profiles\pi8q43dt.default\extensions
[2010/04/27 15:40:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\Firefox\Profiles\pi8q43dt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/01 12:08:11 | 000,000,000 | ---D | M] (Dr.Web anti-virus link checker) -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\Firefox\Profiles\pi8q43dt.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}
[2010/10/10 16:57:12 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\Firefox\Profiles\pi8q43dt.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/12/25 14:49:39 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\Firefox\Profiles\pi8q43dt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/01/20 14:42:20 | 000,000,000 | ---D | M] ("BitDefender QuickScan") -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\Firefox\Profiles\pi8q43dt.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010/05/30 20:33:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\Firefox\Profiles\pi8q43dt.default\extensions\[email protected]
[2010/10/24 09:51:09 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\Firefox\Profiles\pi8q43dt.default\extensions\[email protected]
[2010/07/10 13:49:18 | 000,000,000 | ---D | M] (Zotero WinWord Integration) -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\Firefox\Profiles\pi8q43dt.default\extensions\[email protected]
[2010/10/01 10:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Breitzig Family\AppData\Roaming\Mozilla\SeaMonkey\Profiles\rcra5u2t.default\extensions
[2011/01/03 14:18:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/13 15:11:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/03 14:18:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/02/21 22:12:21 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{e283c447-b10b-4344-e22d-37d65dc1a78d}
[2011/01/29 20:17:16 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX
[2010/06/11 15:02:23 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN
[2010/06/13 09:48:44 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN
[2011/01/07 19:23:51 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\BREITZIG FAMILY\APPDATA\ROAMING\MOVE NETWORKS
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/07/18 12:19:40 | 002,998,784 | ---- | M] (Tamarack Software, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nptgeqplugin.dll

O1 HOSTS File: ([2011/01/20 15:10:44 | 000,428,711 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14759 more lines...
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4:64bit: - HKLM..\RunOnce: [PCDrProfiler] C:\Program Files\PC-Doctor for Windows\RunProfiler.exe (PC-Doctor, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {559E87DD-406C-43C9-BE70-3C902331CA6B} http://windybeta.xcd...46/WZMngrAx.cab (WZIFLauncher Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\Windows\SysWow64\acaptuser32.dll (Adobe Systems Incorporated)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/30 08:30:13 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2011/01/29 22:28:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2011/01/29 22:24:08 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\AppData\Roaming\AVG
[2011/01/29 20:19:50 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\AppData\Roaming\AVG10
[2011/01/29 20:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/01/29 20:18:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2011/01/29 20:17:02 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/01/29 20:17:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2011/01/29 20:15:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2011/01/27 21:33:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/01/27 21:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/01/27 21:32:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/01/27 21:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/01/20 15:56:33 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2011/01/20 15:56:30 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/01/20 15:49:23 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\AppData\Local\Sunbelt Software
[2011/01/20 15:39:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2011/01/20 15:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2011/01/20 15:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/01/20 15:39:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2011/01/20 15:07:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/01/20 15:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/01/20 15:07:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/01/20 14:42:38 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\AppData\Roaming\QuickScan
[2011/01/19 17:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2011/01/19 17:00:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2011/01/19 14:43:05 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\AppData\Roaming\SanDisk
[2011/01/18 16:08:49 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2011/01/17 16:05:46 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\Documents\My Kindle Content
[2011/01/17 16:05:39 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2011/01/17 16:05:39 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\AppData\Local\Amazon
[2011/01/13 11:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011/01/13 11:26:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/01/12 12:28:16 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TestGen
[2011/01/12 12:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TestGen
[2011/01/10 19:49:35 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\AppData\Roaming\Registry Mechanic
[2011/01/08 08:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2011/01/08 08:33:28 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2011/01/08 08:33:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2011/01/08 08:33:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\real
[2011/01/08 08:18:42 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\AppData\Local\Secunia PSI
[2011/01/08 08:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2011/01/07 19:23:50 | 000,000,000 | ---D | C] -- C:\Users\Breitzig Family\AppData\Roaming\Move Networks

========== Files - Modified Within 30 Days ==========

[2011/01/30 08:32:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/30 08:18:03 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/30 08:18:03 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/30 08:10:41 | 105,035,900 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/01/30 08:06:30 | 000,000,440 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011/01/30 08:05:39 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/30 08:05:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/30 08:04:35 | 2146,869,247 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/29 20:18:29 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/01/29 20:18:24 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/01/29 20:18:24 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/01/29 20:05:22 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/01/28 15:54:25 | 000,739,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/01/28 15:54:25 | 000,632,708 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/01/28 15:54:25 | 000,110,342 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/01/28 09:55:00 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForBreitzig Family.job
[2011/01/27 21:33:33 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/01/21 13:28:04 | 000,017,536 | ---- | M] () -- C:\Users\Breitzig Family\Documents\Portfolio of Glenn Scott Breitzig.pfl
[2011/01/20 15:56:29 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/01/20 15:56:21 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
[2011/01/20 15:39:22 | 000,001,168 | ---- | M] () -- C:\Users\Breitzig Family\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2011/01/20 15:39:22 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011/01/20 15:10:44 | 000,428,711 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/01/20 15:07:21 | 000,001,260 | ---- | M] () -- C:\Users\Breitzig Family\Desktop\Spybot - Search & Destroy.lnk
[2011/01/19 17:00:52 | 000,001,005 | ---- | M] () -- C:\Users\Breitzig Family\Desktop\SpywareBlaster.lnk
[2011/01/17 16:05:42 | 000,002,373 | ---- | M] () -- C:\Users\Breitzig Family\Desktop\Kindle For PC.lnk
[2011/01/13 11:26:52 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/01/08 08:33:28 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2010/12/31 10:29:31 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job

========== Files Created - No Company Name ==========

[2011/01/30 08:10:41 | 105,035,900 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/01/29 20:21:05 | 000,000,040 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\xobni_installer_updater.log
[2011/01/29 20:18:29 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/01/29 20:18:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/01/29 20:18:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/01/27 21:33:32 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/01/20 16:20:53 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2011/01/20 15:39:22 | 000,001,168 | ---- | C] () -- C:\Users\Breitzig Family\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2011/01/20 15:39:22 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011/01/20 15:07:20 | 000,001,260 | ---- | C] () -- C:\Users\Breitzig Family\Desktop\Spybot - Search & Destroy.lnk
[2011/01/19 17:00:51 | 000,001,005 | ---- | C] () -- C:\Users\Breitzig Family\Desktop\SpywareBlaster.lnk
[2011/01/17 16:05:41 | 000,002,373 | ---- | C] () -- C:\Users\Breitzig Family\Desktop\Kindle For PC.lnk
[2011/01/08 08:18:36 | 000,001,071 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2010/11/29 15:50:25 | 001,495,406 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmpIMG_0798.JPG
[2010/11/29 15:50:24 | 003,361,281 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmpIMG_0798.0
[2010/11/29 15:49:59 | 001,483,215 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmpIMG_0797.JPG
[2010/11/29 15:49:58 | 003,256,711 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmpIMG_0797.0
[2010/10/08 12:31:41 | 000,000,036 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\housecall.guid.cache
[2010/08/06 13:36:43 | 000,000,026 | ---- | C] () -- C:\Windows\dvdSanta.INI
[2010/08/05 20:16:38 | 001,216,512 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/08/05 20:16:38 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll
[2010/08/05 20:16:38 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/08/05 20:16:38 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll
[2010/08/05 20:16:38 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2010/08/05 20:16:38 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2010/07/28 09:18:25 | 000,007,607 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\Resmon.ResmonCfg
[2010/06/29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/06/02 07:56:47 | 001,039,031 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmpIMG_0291.JPG
[2010/05/13 19:36:38 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/05/05 12:13:13 | 000,427,369 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp031.JPG
[2010/05/05 12:13:12 | 000,415,984 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp031.0
[2010/05/05 12:09:52 | 001,030,264 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmpIMG_4660.JPG
[2010/04/17 20:46:56 | 000,518,702 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp049.3
[2010/04/17 20:46:54 | 000,518,771 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp049.2
[2010/04/17 20:46:49 | 000,518,866 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp049.1
[2010/04/17 20:46:46 | 001,258,543 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp049.0
[2010/04/17 20:46:46 | 000,518,710 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp049.JPG
[2010/04/17 20:46:41 | 000,015,888 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp049_navi.JPG
[2010/04/17 20:46:12 | 001,099,042 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp042.0
[2010/04/17 20:46:12 | 000,431,782 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp042.JPG
[2010/04/17 20:46:04 | 000,008,118 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp042_navi.JPG
[2010/04/17 20:45:15 | 001,678,713 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp040.JPG
[2010/04/17 20:45:08 | 000,008,009 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp040_navi.JPG
[2010/04/17 20:37:17 | 001,750,738 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp010.JPG
[2010/04/17 20:36:44 | 001,634,013 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp012.JPG
[2010/04/17 20:35:37 | 000,485,483 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp030.1
[2010/04/17 20:35:29 | 001,141,213 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp030.0
[2010/04/17 20:35:29 | 000,485,463 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp030.JPG
[2010/04/17 20:35:02 | 000,432,279 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp029.1
[2010/04/17 20:35:00 | 001,006,098 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp029.0
[2010/04/17 20:35:00 | 000,432,197 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp029.JPG
[2010/04/13 19:54:43 | 000,000,103 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\fusioncache.dat
[2010/04/09 23:14:07 | 000,000,686 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Roaming\myMPQ.ini
[2010/03/14 12:05:22 | 000,743,126 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/02/23 23:47:01 | 000,028,741 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp23931_1358382162687_1325510717_1010520_112559_N.JPG
[2010/01/24 11:46:57 | 000,000,082 | ---- | C] () -- C:\Windows\MPLAYER.INI
[2009/12/07 22:06:12 | 001,173,662 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp712.JPG
[2009/12/07 21:55:08 | 001,799,469 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp144.JPG
[2009/12/07 21:50:59 | 001,377,017 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp086.0
[2009/12/07 21:50:59 | 000,596,942 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\tmp086.JPG
[2009/12/01 18:08:20 | 000,005,632 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/21 09:11:59 | 000,000,076 | ---- | C] () -- C:\Windows\chemlab.ini
[2009/09/07 13:56:35 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini
[2009/09/07 13:56:34 | 000,000,453 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009/09/07 13:56:34 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009/09/07 07:39:01 | 000,042,320 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Roaming\wklnhst.dat
[2009/09/06 22:54:36 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/17 10:54:04 | 000,224,696 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_engine.dll
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/03/24 08:47:02 | 000,000,012 | ---- | C] () -- C:\Users\Breitzig Family\AppData\Roaming\userdic.tlx

========== LOP Check ==========

[2010/01/17 01:01:48 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\2K Sports
[2010/12/08 17:21:54 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Amazon
[2009/11/05 20:29:23 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Ashampoo
[2011/01/29 22:24:08 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\AVG
[2011/01/29 20:19:50 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\AVG10
[2010/09/03 09:59:26 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Canon
[2010/06/11 14:52:00 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/11/05 20:29:24 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\DAEMON Tools Lite
[2009/12/11 14:02:09 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Elluminate
[2010/03/31 16:24:00 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Facebook
[2010/04/21 17:27:42 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Hoyle
[2010/11/02 16:16:29 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Hoyle FaceCreator
[2010/12/26 09:34:52 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Hoyle Puzzle and Board Games
[2009/12/31 10:36:55 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Leadertech
[2010/05/01 09:53:15 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\LEGO Company
[2009/11/05 20:29:35 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\PictureMover
[2010/01/14 10:47:38 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Quicken WillMaker
[2011/01/29 09:00:40 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\QuickScan
[2011/01/10 19:49:35 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Registry Mechanic
[2011/01/19 14:43:05 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\SanDisk
[2010/09/21 12:09:14 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\SmartDraw
[2010/01/22 18:19:40 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\SolSuite
[2010/04/21 16:19:59 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\SPORE
[2010/05/14 21:29:21 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Steinberg
[2009/11/05 20:30:28 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Template
[2010/06/14 13:18:40 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Tific
[2009/11/05 20:30:28 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\TuneUp Software
[2010/11/18 07:09:08 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\uTorrent
[2009/11/05 20:30:28 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\WinBatch
[2010/10/12 22:24:51 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\Windows Live Writer
[2010/07/21 19:30:38 | 000,000,000 | ---D | M] -- C:\Users\Breitzig Family\AppData\Roaming\WinPatrol
[2010/12/31 10:29:31 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2010/09/13 06:40:24 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(33).TXT
[2010/12/23 06:37:36 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >


Thanks for your help.
  • 0

Advertisements

#2
stroslose
Posted 31 January 2011 - 01:19 PM

stroslose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Please close and disregard. Thanks.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP