1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Redirect problem and IE not working

Discussion in 'Virus & Other Malware Removal' started by melestealer, Oct 29, 2011.

Thread Status:
Not open for further replies.
  1. melestealer

    melestealer Thread Starter

    Joined:
    Oct 29, 2011
    Messages:
    1
    Can someone help me with my redirect issue. I get redirected with all search engines. My internet explorer also shuts down immediately with error message. here is my OTL...


    OTL logfile created on: 10/28/2011 7:09:15 PM - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mark Kitagawa\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.67 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 36.32% Memory free
    7.34 Gb Paging File | 4.38 Gb Available in Paging File | 59.68% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 455.34 Gb Total Space | 228.42 Gb Free Space | 50.16% Space Free | Partition Type: NTFS

    Computer Name: KITAGAWA-HOME | User Name: Mark Kitagawa | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Mark Kitagawa\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.1.0.29\ccsvchst.exe (Symantec Corporation)
    PRC - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe ()
    PRC - C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe (Sling Media Inc.)
    PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
    PRC - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
    PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
    PRC - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    PRC - C:\Program Files\Sony\VAIO Care\VCSpt.exe (Sony Corporation)
    PRC - C:\Program Files\Sony\VAIO Care\listener.exe (Sony of America Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
    PRC - C:\Windows\SysWOW64\PING.EXE (Microsoft Corporation)
    PRC - C:\Program Files\20-20 Technologies\2020Design\Mswin\60\SCBar.Exe (MKS Informatique)
    PRC - C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
    PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    PRC - C:\Program Files (x86)\Lexmark 7100 Series\ezprint.exe (Lexmark International Inc.)
    PRC - C:\Program Files (x86)\Lexmark 7100 Series\lxbxmon.exe (Lexmark International, Inc.)


    ========== Modules (No Company Name) ==========

    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()
    MOD - C:\Program Files (x86)\Mozilla Firefox\js3250.dll ()
    MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    MOD - C:\Program Files (x86)\Java\jre6\bin\jp2native.dll ()
    MOD - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn\components\WCFirefoxExtn.dll ()
    MOD - \\?\globalroot\systemroot\syswow64\mswsock.DLL ()
    MOD - \\.\globalroot\systemroot\syswow64\mswsock.dll ()
    MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL ()
    MOD - C:\Program Files (x86)\Lexmark 7100 Series\lxbxdrec.dll ()
    MOD - C:\Program Files (x86)\Lexmark 7100 Series\iptk.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
    SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
    SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
    SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
    SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
    SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
    SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
    SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
    SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
    SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
    SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
    SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV:64bit: - (lxbx_device) -- C:\Windows\SysNative\lxbxcoms.exe ( )
    SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (N360) -- C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.1.0.29\ccSvcHst.exe (Symantec Corporation)
    SRV - (Oasis2Service) -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe ()
    SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
    SRV - (SlingAgentService) -- C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe (Sling Media Inc.)
    SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
    SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
    SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
    SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
    SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
    SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
    SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
    SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
    SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
    SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    SRV - (lxbx_device) -- C:\Windows\SysWow64\lxbxcoms.exe ( )
    SRV - (IIs5Recycle) -- C:\Users\Mark Kitagawa\Desktop\AVI\IIs5Recycle.exe (Microsoft Corporation)
    SRV - (KMService) -- C:\Windows\SysWOW64\srvany.exe ()


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
    DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
    DRV:64bit: - (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM) -- C:\Windows\SysNative\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
    DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys (Symantec Corporation)
    DRV:64bit: - (XLRNBO) -- C:\Windows\SysNative\drivers\XLRNBO.sys ()
    DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys (Symantec Corporation)
    DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys (Symantec Corporation)
    DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.sys (Symantec Corporation)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.sys (Symantec Corporation)
    DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\ironx64.sys (Symantec Corporation)
    DRV:64bit: - (pbfilter) -- C:\Program Files\PeerBlock\pbfilter.sys ()
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
    DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
    DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
    DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
    DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
    DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
    DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
    DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
    DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
    DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
    DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
    DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
    DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
    DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
    DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
    DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
    DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
    DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
    DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
    DRV:64bit: - (Sentinel64) -- C:\Windows\SysNative\drivers\sentinel64.sys (SafeNet, Inc.)
    DRV:64bit: - (SNTUSB64) -- C:\Windows\SysNative\drivers\SNTUSB64.SYS (SafeNet, Inc.)
    DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\ManyCam_x64.sys (ManyCam LLC.)
    DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111028.020\EX64.SYS (Symantec Corporation)
    DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111028.020\ENG64.SYS (Symantec Corporation)
    DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111028.030\IDSviA64.sys (Symantec Corporation)
    DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111014.001_d84\BHDrvx64.sys (Symantec Corporation)
    DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
    DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
    DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
    IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5C 50 D5 01 67 1F 99 46 89 8C 81 C6 C4 E9 5A 7B [binary data]
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Ask.com"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "www.google.com"
    FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.3.3.2
    FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
    FF - prefs.js..extensions.enabledItems: [email protected]otcom:1.0
    FF - prefs.js..extensions.enabledItems: {59c6f12b-f004-43e5-9997-08f2123119b6}:2.5.0.3
    FF - prefs.js..extensions.enabledItems: [email protected]:3.13.1.18107
    FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
    FF - prefs.js..extensions.enabledItems: [email protected]:3.0.1
    FF - prefs.js..extensions.enabledItems: {9EB34849-81D3-4841-939D-666D522B889A}:1.5.2.125
    FF - prefs.js..extensions.enabledItems: [email protected]:2.2
    FF - prefs.js..extensions.enabledItems: {ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}:0.3.8.1
    FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2
    FF - prefs.js..extensions.enabledItems: [email protected]:1.4.1
    FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.6
    FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=MYC-ST&o=102868&locale=en_US&apn_uid=e2b928d2-7bc9-4c9c-b821-ed32b998a6f3&apn_ptnrs=5I&apn_sauid=7E4D9C62-7901-444A-9788-9E847D3BAC75&apn_dtid=YYYYYYYYUS&&q="
    FF - prefs.js..network.proxy.type: 0


    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
    FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
    FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Mark Kitagawa\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011/03/04 15:44:39 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/03/04 16:19:32 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/04/04 19:27:06 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/10/23 21:02:06 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn\ [2011/10/23 23:10:54 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/28 22:09:56 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/28 22:09:56 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
    FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Mark Kitagawa\AppData\Roaming\IDM\idmmzcc3 [2011/10/23 21:02:09 | 000,000,000 | ---D | M]

    [2011/03/03 19:40:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Extensions
    [2011/10/27 19:46:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\extensions
    [2011/03/06 22:54:49 | 000,000,000 | ---D | M] (ooVoo Toolbar) -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\extensions\{59c6f12b-f004-43e5-9997-08f2123119b6}
    [2011/08/09 21:41:33 | 000,000,000 | ---D | M] (WebSlingPlayer) -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\extensions\{9EB34849-81D3-4841-939D-666D522B889A}
    [2011/06/23 19:17:59 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
    [2011/09/01 21:09:29 | 000,000,000 | ---D | M] (Edit Cookies) -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}
    [2011/08/02 21:53:14 | 000,000,000 | ---D | M] ("Cookie Manager") -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\extensions\[email protected]
    [2011/10/23 21:01:59 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\extensions\[email protected]
    [2011/06/23 19:17:57 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\extensions\[email protected]
    [2011/09/14 22:05:13 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\extensions\[email protected]
    [2011/10/28 18:48:54 | 000,002,577 | ---- | M] () -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\searchplugins\askcom.xml
    [2011/10/07 17:45:37 | 000,001,945 | ---- | M] () -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\searchplugins\bing-zugo.xml
    [2011/07/11 08:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Mark Kitagawa\AppData\Roaming\Mozilla\Firefox\Profiles\ppjv8nz0.default\searchplugins\startsear.xml
    [2011/03/03 19:40:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2011/03/04 16:19:32 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C:\PROGRAM FILES (X86)\ADOBE\ACROBAT 10.0\ACROBAT\BROWSER\WCFIREFOXEXTN
    [2011/03/04 15:44:39 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES (X86)\ADOBE\ADOBE CONTRIBUTE CS5\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9}
    [2011/10/23 23:10:54 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN
    [2011/10/23 21:02:06 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
    [2011/04/04 19:27:06 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
    [2010/03/27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll
    [2011/03/18 07:33:21 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
    [2011/03/18 07:33:22 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
    [2011/08/31 00:38:58 | 000,082,944 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
    [2011/10/14 20:21:33 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml

    Hosts file not found
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll (Google Inc.)
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (ooVoo Toolbar) - {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll ()
    O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
    O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll File not found
    O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
    O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
    O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
    O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll File not found
    O3 - HKLM\..\Toolbar: (ooVoo Toolbar) - {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll ()
    O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
    O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 7100 Series\ezprint.exe (Lexmark International Inc.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
    O4:64bit: - HKLM..\Run: [LXBXCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXBXtime.DLL ()
    O4:64bit: - HKLM..\Run: [lxbxmon.exe] C:\Program Files (x86)\Lexmark 7100 Series\lxbxmon.exe (Lexmark International, Inc.)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
    O4 - Startup: C:\Users\Mark Kitagawa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
    O4 - Startup: C:\Users\Mark Kitagawa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MUTE.lnk = File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
    O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
    O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
    O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
    O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {9B479D7B-916A-45B0-B042-D42865A60E21} http://bigislandgraniteco.dyndns.info:145/DvrOcx.cab (DvrOcx Control)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.25.227.55 209.18.47.61 24.25.227.53
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{289F4837-677D-414C-9CD9-34DDC0BE1C6C}: DhcpNameServer = 24.25.227.55 209.18.47.61 24.25.227.53
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 211.156.177.83 192.168.168.238
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKCU Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*


    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32:64bit: vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
    Drivers32:64bit: vidc.XVID - xvidvfw.dll ()
    Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()
    Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
    Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
    Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
    Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)
    Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    File not found -- C:\Windows\SysNative\drivers\mshcmd.sys.
    [2011/10/28 19:02:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
    [2011/10/28 19:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
    [2011/10/26 22:15:16 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{55B7B645-CAD0-405A-B145-D3E8743DF2B5}
    [2011/10/26 22:15:05 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{D53B3116-5F60-4386-9F95-BBDC7DC31B5E}
    [2011/10/25 22:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
    [2011/10/25 22:08:08 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\Documents\Simply Super Software
    [2011/10/25 22:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
    [2011/10/25 22:07:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
    [2011/10/25 22:07:59 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Roaming\Simply Super Software
    [2011/10/25 22:07:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
    [2011/10/24 22:17:42 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2011/10/15 22:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Messenger
    [2011/10/15 22:43:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CC6525B7-42F2-42DB-BF33-445E26F52EC1}
    [2011/10/14 23:48:57 | 000,043,640 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys
    [2011/10/14 20:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\facemoods.com
    [2011/10/14 20:09:11 | 000,000,000 | ---D | C] -- C:\Downloads
    [2011/10/14 20:02:39 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Roaming\FlashGet
    [2011/10/14 20:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashGet
    [2011/10/12 13:57:17 | 000,386,168 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys
    [2011/10/12 13:57:16 | 000,912,504 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.sys
    [2011/10/12 13:56:59 | 000,450,680 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.sys
    [2011/10/12 13:56:51 | 000,040,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys
    [2011/10/12 13:56:43 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys
    [2011/10/12 13:56:14 | 000,171,128 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\ironx64.sys
    [2011/10/12 13:32:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D
    [2011/10/12 13:15:53 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2011/10/12 13:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
    [2011/10/12 13:14:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
    [2011/10/12 03:03:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2011/10/10 23:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    [2011/10/10 22:53:14 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{87D5D6C7-ED3A-4147-8FD3-7D979013ABAE}
    [2011/10/10 22:53:03 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{7774A3E8-49E5-482A-8780-4A8DB883F2BF}
    [2011/10/10 22:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
    [2011/10/10 22:01:58 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{884F4D8A-507F-4065-82E4-437D3A53954D}
    [2011/10/10 22:01:45 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{4298BD5D-2A70-4CB5-9D5A-5EC5C5504F66}
    [2011/10/10 22:01:16 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
    [2011/10/10 21:56:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/10/10 21:56:46 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2011/10/10 21:47:28 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{B9D35B74-8A7F-440A-A9A7-79EAF2FC0A12}
    [2011/10/10 21:47:22 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{3B8852AC-38F6-4B23-99D9-B6ED4AA4BD55}
    [2011/10/10 21:45:32 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Roaming\6E160
    [2011/10/09 10:12:22 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Roaming\Malwarebytes
    [2011/10/09 10:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2011/10/09 10:12:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/10/09 10:06:55 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{20B4B125-7A88-4E72-96F0-E34CDE17F683}
    [2011/10/09 10:06:47 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{2B083DB9-D568-4FEE-93D2-F21531609160}
    [2011/10/09 09:55:30 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{1D812056-1411-4961-A369-C2AF254A7532}
    [2011/10/09 09:55:23 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{0A42C999-6AE1-4C04-BB9D-AF95F55AED9F}
    [2011/10/09 09:21:28 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{4B342B5B-5C03-48DE-8EAA-603A2498A231}
    [2011/10/09 09:21:17 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{A2713DC4-06AD-4023-87F8-518358ACD470}
    [2011/10/08 22:12:43 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\CrashDumps
    [2011/10/08 19:24:50 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{F997F93E-DB6E-417F-BD31-417586664592}
    [2011/10/08 19:24:32 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{9C0234E7-B4EB-479F-A7C9-62B9549DA7FF}
    [2011/10/08 19:13:47 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{4B712606-ACD5-4851-A8BB-3DD59EDF7DF1}
    [2011/10/08 19:13:45 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{AE2A1096-E470-43E2-9726-AEE5FF01D63F}
    [2011/10/08 18:49:16 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Roaming\Tific
    [2011/10/08 18:49:14 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\Symantec
    [2011/10/08 18:40:35 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{614F7B02-5041-4F90-83EA-0BEFC5C4344D}
    [2011/10/08 18:40:31 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{5CF3C506-0FB9-4832-AC70-449561313D02}
    [2011/10/08 18:33:33 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{91BE07E6-F73C-4AF2-BE36-D2AB4F76906C}
    [2011/10/08 18:33:31 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{2284704E-E6D4-429C-8AF6-630475014945}
    [2011/10/08 18:20:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
    [2011/10/08 18:16:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
    [2011/10/08 18:16:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
    [2011/10/08 15:06:54 | 000,000,000 | ---D | C] -- C:\Windows\system64
    [2011/10/08 14:35:12 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{39FF6421-A330-42DB-A937-CA16E4206E05}
    [2011/10/08 14:35:09 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Local\{7E6D5C4B-4EF9-4481-AF2E-0F4ACF4CDB58}
    [2011/10/08 12:30:22 | 000,057,344 | RHS- | C] ( ) -- C:\Users\Mark Kitagawa\AppData\Roaming\MSNMessengerAPI.dll
    [2011/10/08 11:47:16 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Roaming\ztdirgfo
    [2011/10/08 10:20:29 | 000,000,000 | ---D | C] -- C:\Users\Mark Kitagawa\AppData\Roaming\update
    [2011/10/08 09:34:26 | 000,000,000 | -HSD | C] -- C:\driver
    [2011/10/07 17:44:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
    [2011/04/20 18:26:45 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxserv.dll
    [2011/04/20 18:26:45 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxusb1.dll
    [2011/04/20 18:26:45 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxhbn3.dll
    [2011/04/20 18:26:45 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxcomc.dll
    [2011/04/20 18:26:45 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxpmui.dll
    [2011/04/20 18:26:45 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxlmpm.dll
    [2011/04/20 18:26:45 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxcoms.exe
    [2011/04/20 18:26:45 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxcomm.dll
    [2011/04/20 18:26:45 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxinpa.dll
    [2011/04/20 18:26:45 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxiesc.dll
    [2011/04/20 18:26:45 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxih.exe
    [2011/04/20 18:26:45 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxcfg.exe
    [2011/04/20 18:26:45 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxppls.exe
    [2011/04/20 18:26:45 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxprox.dll
    [2011/04/20 18:26:45 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxpplc.dll

    ========== Files - Modified Within 30 Days ==========

    File not found -- C:\Windows\SysNative\drivers\mshcmd.sys.
    [2011/10/28 19:02:40 | 000,002,053 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\HijackThis.lnk
    [2011/10/28 18:45:27 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/10/28 18:45:27 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/10/28 18:45:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/10/27 20:19:31 | 000,002,832 | ---- | M] () -- C:\{D8EE640B-0E24-4C54-82AD-39CF5A08052E}
    [2011/10/27 20:16:21 | 000,002,232 | ---- | M] () -- C:\{AC7AB9F8-6012-4E84-8182-19003EA9269C}
    [2011/10/27 20:04:18 | 000,002,832 | ---- | M] () -- C:\{7BF52100-B321-4CAF-8117-49F9A8423E65}
    [2011/10/27 20:02:04 | 000,002,832 | ---- | M] () -- C:\{DE124AC8-95A2-4CAA-96AD-0E07700EDCCD}
    [2011/10/27 19:57:49 | 000,002,376 | ---- | M] () -- C:\{26AA0F01-92B2-430B-A05D-D7CC1B7E6E1D}
    [2011/10/27 19:49:49 | 000,002,376 | ---- | M] () -- C:\{128BC6FC-DE7D-463E-BD04-316D9D142F40}
    [2011/10/27 19:45:18 | 000,002,408 | ---- | M] () -- C:\{69C5E6C4-DFEB-41EF-8578-838AE8D0E67A}
    [2011/10/26 19:27:00 | 000,149,037 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\historyofcrime.pdf
    [2011/10/26 19:23:05 | 000,001,397 | ---- | M] () -- C:\Users\Mark Kitagawa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2011/10/26 03:30:42 | 000,804,432 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011/10/26 03:30:42 | 000,671,768 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2011/10/26 03:30:42 | 000,121,858 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2011/10/26 03:22:20 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/10/26 03:22:20 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/10/26 03:14:50 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
    [2011/10/26 03:14:06 | 005,083,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2011/10/26 03:13:33 | 2955,485,184 | -HS- | M] () -- C:\hiberfil.sys
    [2011/10/26 03:03:55 | 000,801,216 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2011/10/25 22:54:33 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
    [2011/10/25 22:54:33 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
    [2011/10/25 22:54:32 | 001,536,916 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Cat.DB
    [2011/10/25 22:29:18 | 000,006,216 | ---- | M] () -- C:\{25E1AB88-22C1-4A70-9B3E-9FD2DC475E53}
    [2011/10/25 22:29:18 | 000,002,832 | ---- | M] () -- C:\{FAC366EA-9665-463B-BA10-4E98FD989338}
    [2011/10/24 18:58:05 | 000,003,040 | ---- | M] () -- C:\{7D1DA557-D8A7-4A48-B1B9-9B7F75F37116}
    [2011/10/22 15:38:33 | 000,002,832 | ---- | M] () -- C:\{C06DCC28-3049-474B-AD22-603BDED9B6A9}
    [2011/10/22 14:12:07 | 384,368,640 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\capture-5.camrec
    [2011/10/21 20:28:46 | 002,199,928 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\pub_aaapss_1995.pdf
    [2011/10/21 20:28:28 | 000,247,651 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\201629.pdf
    [2011/10/19 20:37:19 | 000,002,832 | ---- | M] () -- C:\{961AE3B6-BE19-4991-BF0D-2CA4EDC1549C}
    [2011/10/19 20:20:47 | 000,002,832 | ---- | M] () -- C:\{FCD07BED-CD0F-4799-8A15-4CD8085E0012}
    [2011/10/19 20:14:17 | 000,001,816 | ---- | M] () -- C:\{A79556E6-FC13-49FE-94DF-7F029EA2031A}
    [2011/10/19 20:11:28 | 000,001,808 | ---- | M] () -- C:\{44E6DCCC-D95C-4ECB-B21C-5866A647A19B}
    [2011/10/19 20:08:21 | 000,002,832 | ---- | M] () -- C:\{D454E40B-6677-4576-8647-DA4655E676C1}
    [2011/10/19 20:08:19 | 000,006,208 | ---- | M] () -- C:\{57BADD53-1F80-45C1-8934-6E7E49321B62}
    [2011/10/18 21:20:09 | 245,972,992 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\capture-4.camrec
    [2011/10/15 14:33:59 | 000,133,137 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\307523_10150332983707263_502687262_8317291_244068439_n.jpg
    [2011/10/15 04:14:31 | 2012,352,513 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\Captain_America_The_First_Avenger_2011_BRRiP_XViD_AC3-FLAWL3SS.avi
    [2011/10/13 22:55:33 | 000,000,600 | ---- | M] () -- C:\Users\Mark Kitagawa\AppData\Roaming\winscp.rnd
    [2011/10/13 22:48:44 | 501,157,888 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\capture-3.camrec
    [2011/10/12 23:57:16 | 000,066,492 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\solar.dwg
    [2011/10/12 16:02:40 | 000,002,537 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
    [2011/10/12 15:56:20 | 000,002,792 | ---- | M] () -- C:\{0E3DDC7A-7D3E-4848-AF9F-1CEC23E21153}
    [2011/10/12 14:00:53 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2011/10/12 14:00:53 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2011/10/12 14:00:53 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2011/10/12 13:16:17 | 000,000,790 | ---- | M] () -- C:\Users\Mark Kitagawa\AppData\Roaming\Keylogger
    [2011/10/10 21:56:50 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/10/08 19:27:59 | 000,004,836 | ---- | M] () -- C:\Users\Mark Kitagawa\AppData\Roaming\0022.E16
    [2011/10/08 12:30:22 | 000,057,344 | RHS- | M] ( ) -- C:\Users\Mark Kitagawa\AppData\Roaming\MSNMessengerAPI.dll
    [2011/10/08 11:03:50 | 000,000,000 | ---- | M] () -- C:\Users\Mark Kitagawa\AppData\Roaming\chrtmp
    [2011/10/08 09:49:07 | 000,000,908 | ---- | M] () -- C:\Users\Mark Kitagawa\AppData\Roaming\temp
    [2011/10/08 09:48:42 | 000,001,056 | ---- | M] () -- C:\Users\Mark Kitagawa\AppData\Roaming\8NB1FI.dll
    [2011/10/08 09:34:26 | 000,000,000 | -H-- | M] () -- C:\Users\Mark Kitagawa\AppData\Roaming\ehEH01lihg7k
    [2011/10/07 20:12:51 | 1476,957,810 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\Cars.2.2011.FULL.DvDRip.avi
    [2011/09/30 03:32:19 | 1472,322,132 | ---- | M] () -- C:\Users\Mark Kitagawa\Desktop\Transformers.Dark.of.the.Moon.2011.BRRip.1.37GB.avi

    ========== Files Created - No Company Name ==========

    [2011/10/28 19:02:40 | 000,002,053 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\HijackThis.lnk
    [2011/10/27 20:19:29 | 000,002,832 | ---- | C] () -- C:\{D8EE640B-0E24-4C54-82AD-39CF5A08052E}
    [2011/10/27 20:16:15 | 000,002,232 | ---- | C] () -- C:\{AC7AB9F8-6012-4E84-8182-19003EA9269C}
    [2011/10/27 20:04:15 | 000,002,832 | ---- | C] () -- C:\{7BF52100-B321-4CAF-8117-49F9A8423E65}
    [2011/10/27 20:02:00 | 000,002,832 | ---- | C] () -- C:\{DE124AC8-95A2-4CAA-96AD-0E07700EDCCD}
    [2011/10/27 19:57:47 | 000,002,376 | ---- | C] () -- C:\{26AA0F01-92B2-430B-A05D-D7CC1B7E6E1D}
    [2011/10/27 19:49:47 | 000,002,376 | ---- | C] () -- C:\{128BC6FC-DE7D-463E-BD04-316D9D142F40}
    [2011/10/27 19:45:17 | 000,002,408 | ---- | C] () -- C:\{69C5E6C4-DFEB-41EF-8578-838AE8D0E67A}
    [2011/10/26 19:27:00 | 000,149,037 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\historyofcrime.pdf
    [2011/10/25 22:54:33 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
    [2011/10/25 22:54:33 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
    [2011/10/25 22:29:18 | 000,006,216 | ---- | C] () -- C:\{25E1AB88-22C1-4A70-9B3E-9FD2DC475E53}
    [2011/10/25 22:29:18 | 000,002,832 | ---- | C] () -- C:\{FAC366EA-9665-463B-BA10-4E98FD989338}
    [2011/10/25 22:08:00 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
    [2011/10/25 22:08:00 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
    [2011/10/25 22:08:00 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
    [2011/10/25 22:08:00 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
    [2011/10/24 18:58:05 | 000,003,040 | ---- | C] () -- C:\{7D1DA557-D8A7-4A48-B1B9-9B7F75F37116}
    [2011/10/22 15:38:31 | 000,002,832 | ---- | C] () -- C:\{C06DCC28-3049-474B-AD22-603BDED9B6A9}
    [2011/10/22 14:11:51 | 384,368,640 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\capture-5.camrec
    [2011/10/21 20:28:28 | 002,199,928 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\pub_aaapss_1995.pdf
    [2011/10/21 20:28:25 | 000,247,651 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\201629.pdf
    [2011/10/19 20:37:17 | 000,002,832 | ---- | C] () -- C:\{961AE3B6-BE19-4991-BF0D-2CA4EDC1549C}
    [2011/10/19 20:20:46 | 000,002,832 | ---- | C] () -- C:\{FCD07BED-CD0F-4799-8A15-4CD8085E0012}
    [2011/10/19 20:14:16 | 000,001,816 | ---- | C] () -- C:\{A79556E6-FC13-49FE-94DF-7F029EA2031A}
    [2011/10/19 20:11:27 | 000,001,808 | ---- | C] () -- C:\{44E6DCCC-D95C-4ECB-B21C-5866A647A19B}
    [2011/10/19 20:08:19 | 000,006,208 | ---- | C] () -- C:\{57BADD53-1F80-45C1-8934-6E7E49321B62}
    [2011/10/19 20:08:19 | 000,002,832 | ---- | C] () -- C:\{D454E40B-6677-4576-8647-DA4655E676C1}
    [2011/10/18 21:19:21 | 245,972,992 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\capture-4.camrec
    [2011/10/15 14:33:59 | 000,133,137 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\307523_10150332983707263_502687262_8317291_244068439_n.jpg
    [2011/10/15 00:48:39 | 2012,352,513 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\Captain_America_The_First_Avenger_2011_BRRiP_XViD_AC3-FLAWL3SS.avi
    [2011/10/13 22:47:35 | 501,157,888 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\capture-3.camrec
    [2011/10/12 23:57:16 | 000,066,492 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\solar.dwg
    [2011/10/12 16:01:37 | 001,536,916 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Cat.DB
    [2011/10/12 15:56:16 | 000,002,792 | ---- | C] () -- C:\{0E3DDC7A-7D3E-4848-AF9F-1CEC23E21153}
    [2011/10/12 13:57:17 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnet64.cat
    [2011/10/12 13:57:16 | 000,001,446 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnet.inf
    [2011/10/12 13:57:15 | 000,007,460 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.cat
    [2011/10/12 13:57:07 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa.inf
    [2011/10/12 13:56:51 | 000,007,462 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.cat
    [2011/10/12 13:56:51 | 000,002,792 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds.inf
    [2011/10/12 13:56:51 | 000,001,422 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.inf
    [2011/10/12 13:56:34 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.inf
    [2011/10/12 13:56:14 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.cat
    [2011/10/12 13:56:13 | 000,007,492 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\iron.cat
    [2011/10/12 13:56:13 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\iron.inf
    [2011/10/12 13:32:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.cat
    [2011/10/12 13:32:53 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\isolate.ini
    [2011/10/12 13:15:53 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2011/10/12 13:15:53 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2011/10/12 13:15:48 | 000,002,537 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
    [2011/10/10 21:56:50 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/10/08 17:57:11 | 000,000,790 | ---- | C] () -- C:\Users\Mark Kitagawa\AppData\Roaming\Keylogger
    [2011/10/08 14:25:17 | 1472,322,132 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\Transformers.Dark.of.the.Moon.2011.BRRip.1.37GB.avi
    [2011/10/08 12:11:24 | 000,004,836 | ---- | C] () -- C:\Users\Mark Kitagawa\AppData\Roaming\0022.E16
    [2011/10/08 11:03:50 | 000,000,000 | ---- | C] () -- C:\Users\Mark Kitagawa\AppData\Roaming\chrtmp
    [2011/10/08 09:34:26 | 000,000,000 | -H-- | C] () -- C:\Users\Mark Kitagawa\AppData\Roaming\ehEH01lihg7k
    [2011/10/08 09:16:06 | 000,000,908 | ---- | C] () -- C:\Users\Mark Kitagawa\AppData\Roaming\temp
    [2011/10/08 08:40:40 | 000,001,056 | ---- | C] () -- C:\Users\Mark Kitagawa\AppData\Roaming\8NB1FI.dll
    [2011/10/07 21:42:53 | 1776,316,416 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\excess-xvid-gl.avi
    [2011/10/07 19:49:18 | 1476,957,810 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\Cars.2.2011.FULL.DvDRip.avi
    [2011/10/07 17:45:13 | 000,001,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
    [2011/10/07 17:45:13 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
    [2011/10/07 17:45:13 | 000,001,884 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
    [2011/10/07 17:11:42 | 260,175,580 | ---- | C] () -- C:\Users\Mark Kitagawa\Desktop\Downloaded.rawr
    [2011/09/25 20:47:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2011/09/25 20:47:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2011/09/25 20:47:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2011/09/25 20:47:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2011/09/25 20:47:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2011/08/09 21:34:04 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
    [2011/08/08 19:20:09 | 000,007,168 | ---- | C] () -- C:\Users\Mark Kitagawa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/06/16 22:03:49 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
    [2011/06/16 22:03:49 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
    [2011/06/13 21:24:01 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
    [2011/05/19 16:59:37 | 000,000,600 | ---- | C] () -- C:\Users\Mark Kitagawa\AppData\Roaming\winscp.rnd
    [2011/05/11 23:49:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2011/04/22 00:06:02 | 000,000,101 | ---- | C] () -- C:\Users\Mark Kitagawa\AppData\Local\fusioncache.dat
    [2011/04/21 23:56:07 | 000,000,141 | ---- | C] () -- C:\Windows\rprtvwr.ini
    [2011/04/21 23:53:44 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\SmaRTEng.dll
    [2011/04/21 23:45:28 | 000,804,432 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011/04/20 18:26:45 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxbxcomx.dll
    [2011/04/20 18:26:45 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\lxbxinst.dll
    [2011/04/02 17:59:09 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
    [2010/07/12 12:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2010/07/12 10:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
    [2010/07/12 10:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
    [2010/07/12 10:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
    [2010/07/12 10:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
    [2010/07/12 10:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
    [2010/07/12 10:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat
    [2010/07/12 10:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat
    [2010/01/21 01:00:02 | 000,667,136 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.dll
    [2009/11/05 10:41:16 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\DvrOcxRUS.dll
    [2009/11/05 10:40:54 | 000,209,408 | ---- | C] () -- C:\Windows\SysWow64\DvrOcxCHS.dll
    [2009/11/05 10:40:54 | 000,074,240 | ---- | C] () -- C:\Windows\SysWow64\CovH264ToAvi.dll
    [2009/10/22 16:19:18 | 000,667,754 | ---- | C] () -- C:\Windows\SysWow64\RM_DVRNET_DLL.dll
    [2009/07/23 18:51:26 | 000,229,442 | ---- | C] () -- C:\Windows\SysWow64\winpubf.dll
    [2009/07/23 18:51:26 | 000,196,608 | ---- | C] () -- C:\Windows\SysWow64\nvrfs.dll
    [2009/07/13 19:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/13 16:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2009/07/13 16:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2009/07/13 14:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/13 13:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 11:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/06/10 11:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

    ========== LOP Check ==========

    [2011/10/12 16:04:23 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\6E160
    [2011/06/26 13:17:29 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Audacity
    [2011/03/05 10:59:55 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Autodesk
    [2011/05/27 19:53:52 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\calibre
    [2011/08/13 00:18:37 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Camfrog
    [2011/06/16 18:51:13 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Digiarty
    [2011/10/23 22:47:50 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\DMCache
    [2011/10/21 20:29:09 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\FileZilla
    [2011/10/14 20:02:39 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\FlashGet
    [2011/05/27 23:52:58 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\GetRightToGo
    [2011/07/12 23:17:16 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Hafia
    [2011/07/16 23:14:57 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Hobbyist Software
    [2011/10/23 21:02:09 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\IDM
    [2011/10/25 22:43:28 | 000,000,000 | RHSD | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\install
    [2011/07/08 06:56:14 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Jubler
    [2011/03/09 00:12:37 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\ManyCam
    [2011/10/12 13:13:42 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Octoshape
    [2011/03/06 22:55:03 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\ooVoo Details
    [2011/10/25 22:07:59 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Simply Super Software
    [2011/05/21 01:09:30 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Sling Media
    [2011/09/24 18:17:06 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\StreamTorrent
    [2011/10/08 18:49:16 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Tific
    [2011/10/08 14:34:02 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\update
    [2011/10/25 22:14:32 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\uTorrent
    [2011/07/25 22:07:59 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\VOWSoft
    [2011/07/12 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\Yxsejo
    [2011/10/12 01:37:23 | 000,000,000 | ---D | M] -- C:\Users\Mark Kitagawa\AppData\Roaming\ztdirgfo
    [2009/07/13 19:08:49 | 000,017,392 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.* >
    [2011/10/26 03:13:33 | 2955,485,184 | -HS- | M] () -- C:\hiberfil.sys
    [2011/03/03 16:05:07 | 000,316,446 | ---- | M] () -- C:\lv.log
    [2011/10/26 03:13:38 | 3940,651,008 | -HS- | M] () -- C:\pagefile.sys
    [2011/03/03 14:57:18 | 000,002,253 | ---- | M] () -- C:\RHDSetup.log
    [2011/03/03 16:04:58 | 000,000,073 | -H-- | M] () -- C:\splash.idx
    [2011/10/10 21:49:49 | 000,085,444 | ---- | M] () -- C:\TDSSKiller.2.6.0.0_10.10.2011_21.48.26_log.txt
    [2011/10/12 16:16:52 | 000,093,892 | ---- | M] () -- C:\TDSSKiller.2.6.0.0_12.10.2011_16.16.02_log.txt
    [2011/10/24 21:28:51 | 000,085,776 | ---- | M] () -- C:\TDSSKiller.2.6.0.0_24.10.2011_21.28.05_log.txt
    [2010/06/22 22:14:20 | 000,004,112 | -H-- | M] () -- C:\version
    [2011/10/12 15:56:20 | 000,002,792 | ---- | M] () -- C:\{0E3DDC7A-7D3E-4848-AF9F-1CEC23E21153}
    [2011/10/27 19:49:49 | 000,002,376 | ---- | M] () -- C:\{128BC6FC-DE7D-463E-BD04-316D9D142F40}
    [2011/10/25 22:29:18 | 000,006,216 | ---- | M] () -- C:\{25E1AB88-22C1-4A70-9B3E-9FD2DC475E53}
    [2011/10/27 19:57:49 | 000,002,376 | ---- | M] () -- C:\{26AA0F01-92B2-430B-A05D-D7CC1B7E6E1D}
    [2011/10/19 20:11:28 | 000,001,808 | ---- | M] () -- C:\{44E6DCCC-D95C-4ECB-B21C-5866A647A19B}
    [2011/10/19 20:08:19 | 000,006,208 | ---- | M] () -- C:\{57BADD53-1F80-45C1-8934-6E7E49321B62}
    [2011/10/27 19:45:18 | 000,002,408 | ---- | M] () -- C:\{69C5E6C4-DFEB-41EF-8578-838AE8D0E67A}
    [2011/10/27 20:04:18 | 000,002,832 | ---- | M] () -- C:\{7BF52100-B321-4CAF-8117-49F9A8423E65}
    [2011/10/24 18:58:05 | 000,003,040 | ---- | M] () -- C:\{7D1DA557-D8A7-4A48-B1B9-9B7F75F37116}
    [2011/10/19 20:37:19 | 000,002,832 | ---- | M] () -- C:\{961AE3B6-BE19-4991-BF0D-2CA4EDC1549C}
    [2011/10/19 20:14:17 | 000,001,816 | ---- | M] () -- C:\{A79556E6-FC13-49FE-94DF-7F029EA2031A}
    [2011/10/27 20:16:21 | 000,002,232 | ---- | M] () -- C:\{AC7AB9F8-6012-4E84-8182-19003EA9269C}
    [2011/10/22 15:38:33 | 000,002,832 | ---- | M] () -- C:\{C06DCC28-3049-474B-AD22-603BDED9B6A9}
    [2011/10/19 20:08:21 | 000,002,832 | ---- | M] () -- C:\{D454E40B-6677-4576-8647-DA4655E676C1}
    [2011/10/27 20:19:31 | 000,002,832 | ---- | M] () -- C:\{D8EE640B-0E24-4C54-82AD-39CF5A08052E}
    [2011/10/27 20:02:04 | 000,002,832 | ---- | M] () -- C:\{DE124AC8-95A2-4CAA-96AD-0E07700EDCCD}
    [2011/10/25 22:29:18 | 000,002,832 | ---- | M] () -- C:\{FAC366EA-9665-463B-BA10-4E98FD989338}
    [2011/10/19 20:20:47 | 000,002,832 | ---- | M] () -- C:\{FCD07BED-CD0F-4799-8A15-4CD8085E0012}

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    ========== Files - Unicode (All) ==========
    [2011/06/12 08:51:22 | 003,694,014 | ---- | C] ()(C:\Users\Mark Kitagawa\Desktop\(????)????-????? 1.aif) -- C:\Users\Mark Kitagawa\Desktop\(&#25163;&#27231;&#37428;&#32882;)&#34847;&#31558;&#23567;&#26032;-&#21345;&#21152;&#24067;&#21015;&#23798; 1.aif
    [2011/06/12 08:51:06 | 003,694,014 | ---- | M] ()(C:\Users\Mark Kitagawa\Desktop\(????)????-????? 1.aif) -- C:\Users\Mark Kitagawa\Desktop\(&#25163;&#27231;&#37428;&#32882;)&#34847;&#31558;&#23567;&#26032;-&#21345;&#21152;&#24067;&#21015;&#23798; 1.aif
    [2011/06/11 22:29:24 | 002,537,142 | ---- | M] ()(C:\Users\Mark Kitagawa\Desktop\?????????-?????.MP3) -- C:\Users\Mark Kitagawa\Desktop\&#34847;&#31558;&#23567;&#26032;&#38651;&#24433;&#20027;&#38988;&#26354;-&#21345;&#21152;&#24067;&#21015;&#23798;.MP3
    [2011/05/27 23:32:46 | 002,537,142 | ---- | C] ()(C:\Users\Mark Kitagawa\Desktop\?????????-?????.MP3) -- C:\Users\Mark Kitagawa\Desktop\&#34847;&#31558;&#23567;&#26032;&#38651;&#24433;&#20027;&#38988;&#26354;-&#21345;&#21152;&#24067;&#21015;&#23798;.MP3
    [2011/05/27 23:22:33 | 000,351,503 | ---- | M] ()(C:\Users\Mark Kitagawa\Desktop\(????)????-?????.mp3) -- C:\Users\Mark Kitagawa\Desktop\(&#25163;&#27231;&#37428;&#32882;)&#34847;&#31558;&#23567;&#26032;-&#21345;&#21152;&#24067;&#21015;&#23798;.mp3
    [2011/05/27 23:22:31 | 000,351,503 | ---- | C] ()(C:\Users\Mark Kitagawa\Desktop\(????)????-?????.mp3) -- C:\Users\Mark Kitagawa\Desktop\(&#25163;&#27231;&#37428;&#32882;)&#34847;&#31558;&#23567;&#26032;-&#21345;&#21152;&#24067;&#21015;&#23798;.mp3

    ========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
    [C:\Windows\system64] -> \systemroot\system32 -> Mount Point

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:CB0AACC9

    < End of report >
     
  2. Blade81

    Blade81 Malware Specialist

    Joined:
    Oct 27, 2006
    Messages:
    924
    Hi,

    Download DDS and save it to your desktop from here or here or here.
    Disable any script blocker, and then double click dds file to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop. Post them back to your topic.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1024504

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice