Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Issues with google redirects

Started by xamius , Dec 23 2010 12:06 PM

  • Please log in to reply

#1
xamius
Posted 23 December 2010 - 12:06 PM

xamius

    New Member

  • Member
  • Pip
  • 2 posts
Yes, I have tried the directions in the topic about the issue.

Specifically, I will click on results and it will take me to ad sites, porn sites, etc. I press back and it wont take me back to Google, it will take me back like 2 or 3 sites.

Windos 7 64 bit home premium

Here is my log:

OTL logfile created on: 12/23/2010 10:56:44 AM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\bball3212\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 38.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): c:\pagefile.sys 4096 6114 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 119.74 Gb Free Space | 25.71% Space Free | Partition Type: NTFS
Drive D: | 7.66 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 465.76 Gb Total Space | 330.11 Gb Free Space | 70.88% Space Free | Partition Type: NTFS

Computer Name: BBALL3212-PC | User Name: bball3212 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/23 10:56:00 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\bball3212\Downloads\OTL.exe
PRC - [2010/12/19 23:18:49 | 000,215,128 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010/12/19 23:05:19 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/12/19 17:05:50 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010/12/16 13:45:38 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugin-container.exe
PRC - [2010/12/16 13:45:26 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe
PRC - [2010/11/24 12:37:01 | 002,069,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2010/11/11 01:59:22 | 010,720,048 | ---- | M] (www.BitComet.com) -- C:\Program Files (x86)\BitComet\BitComet.exe
PRC - [2010/10/20 14:19:13 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\bball3212\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/07/15 08:39:03 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/03 14:45:50 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/05/03 14:41:46 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/02/04 14:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/01/11 14:21:52 | 000,490,216 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/01/09 17:08:50 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/12/14 22:57:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\R\R-2.10.1\bin\Rgui.exe
PRC - [2009/09/24 14:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/18 16:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2008/05/16 22:12:54 | 000,290,816 | ---- | M] (Pharos Systems International) -- C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
PRC - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe


========== Modules (SafeList) ==========

MOD - [2010/12/23 10:56:00 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\bball3212\Downloads\OTL.exe
MOD - [2009/07/13 18:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB)
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/12/19 23:18:49 | 000,215,128 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010/12/19 23:05:19 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/10/08 08:05:10 | 000,061,720 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\QueryExplorer\queryexplorer117.exe -- (QueryExplorer Service)
SRV - [2010/07/15 08:39:03 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/01/07 19:44:02 | 001,143,032 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\COMODO\COMODO BackUp\SynchronizationService.exe -- (SynchronizationService.exe)
SRV - [2009/12/15 14:07:17 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/16 16:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/16 22:12:54 | 000,290,816 | ---- | M] (Pharos Systems International) [Auto | Running] -- C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe -- (Pharos Systems ComTaskMaster)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SysInfo.sys -- (SysInfo)
DRV:64bit: - [2010/11/22 15:16:10 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/09/07 13:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/07/15 08:39:11 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2010/07/15 08:37:55 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2010/06/02 07:10:54 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2010/04/19 19:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/01/21 01:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2010/01/21 01:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2010/01/21 01:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2009/12/17 15:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009/11/13 08:47:38 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/08/09 14:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/08/06 14:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/28 13:05:52 | 007,345,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/20 02:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan)
DRV:64bit: - [2009/07/08 14:55:50 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/12 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/05/08 12:06:14 | 000,116,224 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2008/05/23 18:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/01/07 19:42:20 | 000,074,328 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\bdisk.sys -- (bdisk)
DRV - [2010/01/07 19:41:34 | 000,140,760 | ---- | M] (COMODO Security Solutions Inc.) [File_System | Boot | Running] -- C:\Windows\sysWOW64\DRIVERS\CBUFS.sys -- (CBUfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 29 8B FD D0 BB 0C CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = actsvr.comcastonline.com;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = actsvr.comcastonline.com:8100

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.daemon-se....com/startpage"
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.1
FF - prefs.js..extensions.enabledItems: {1ced4832-f06e-413f-aa14-9eb63ad40ace}:1.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: {DD43485F-44CC-4452-A6C6-69356A7E33DA}:1.8.2
FF - prefs.js..extensions.enabledItems: {e8f509f0-b677-11de-8a39-0800200c9a66}:1.8
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.23
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {27E679CC-6AAB-4B2A-BB87-096FE4178464}:1.0
FF - prefs.js..keyword.URL: "http://search.yahoo....-8&fr=ytff-&p="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2010/11/24 12:40:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\ShopperReports3\bin\3.0.497.0\firefox\firefoxtoolbar\extensions
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/01 10:31:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/01 10:31:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 6\components [2010/11/18 22:12:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 6\plugins [2010/10/26 23:10:21 | 000,066,520 | ---- | M] (mozilla.org)
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\components [2010/11/21 11:38:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\components [2010/12/22 21:44:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins

[2010/01/09 18:39:37 | 000,000,000 | ---D | M] -- C:\Users\bball3212\AppData\Roaming\Mozilla\Extensions
[2010/11/28 20:58:50 | 000,000,000 | ---D | M] -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\5m91aj48.default\extensions
[2010/12/21 15:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\5m91aj48.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/02/17 23:03:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\5m91aj48.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/12/21 16:34:54 | 000,000,000 | ---D | M] -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\l8uvi3oi.Default User\extensions
[2010/05/30 15:30:04 | 000,000,000 | ---D | M] (Nuke Anything Enhanced) -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\l8uvi3oi.Default User\extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}
[2010/10/14 06:16:55 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\l8uvi3oi.Default User\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010/02/02 19:09:43 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\l8uvi3oi.Default User\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2010/07/18 19:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\l8uvi3oi.Default User\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/09/27 10:52:27 | 000,000,000 | ---D | M] (Web2PDF converter) -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\l8uvi3oi.Default User\extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}
[2010/10/06 17:41:12 | 000,000,000 | ---D | M] -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\l8uvi3oi.Default User\extensions\nostmp
[2010/08/04 09:36:04 | 000,000,000 | ---D | M] -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\l8uvi3oi.Default User\extensions\[email protected]
[2010/06/19 11:33:57 | 000,002,059 | ---- | M] () -- C:\Users\bball3212\AppData\Roaming\Mozilla\Firefox\Profiles\l8uvi3oi.Default User\searchplugins\daemon-search.xml
[2010/12/01 10:32:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/01/12 14:06:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
[2008/08/16 17:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\CgpCore.dll
[2008/08/16 17:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\plugins\confmgr.dll
[2008/08/16 17:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\plugins\ctxlogging.dll
[2008/05/21 08:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\msvcm80.dll
[2008/05/21 08:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\msvcp80.dll
[2008/05/21 08:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\msvcr80.dll
[2010/02/17 23:03:30 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2008/08/16 17:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
[2008/08/16 17:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\TcpPServ.dll

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.11.9.dll (BitComet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKCU..\Run: [acxMouseusb] C:\Users\bball3212\AppData\Local\wmiobjCres\acxMouseusb.DLL ()
O4 - HKCU..\Run: [DirectAuthenticationTray] C:\Users\bball3212\AppData\Local\DRMHelpUsb\DirectAuthenticationTray.DLL ()
O4 - HKCU..\Run: [SysMap.NET] C:\Users\bball3212\AppData\Local\Wdcfg3xx\SysMap.NET.DLL ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWow64\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.11.9.dll (BitComet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} https://nac2.app.byu.../auth/taweb.cab (Cisco NAC Web Agent Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/27 10:26:18 | 000,000,000 | -H-D | M] - G:\autorun -- [ NTFS ]
O32 - AutoRun File - [2009/10/23 11:37:48 | 000,000,120 | -H-- | M] () - G:\autorun.bak -- [ NTFS ]
O32 - AutoRun File - [2009/10/23 11:37:48 | 000,000,139 | -H-- | M] () - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/04/28 09:57:38 | 000,000,137 | -H-- | M] () - G:\autorun.new -- [ NTFS ]
O33 - MountPoints2\{059caa38-3888-11df-a920-000000841500}\Shell - "" = AutoRun
O33 - MountPoints2\{059caa38-3888-11df-a920-000000841500}\Shell\AutoRun\command - "" = E:\_AUTORUN\AUTORUN.EXE -- File not found
O33 - MountPoints2\{059caa38-3888-11df-a920-000000841500}\Shell\instDX\command - "" = E:\directX\dxsetup.exe -- File not found
O33 - MountPoints2\{059caa38-3888-11df-a920-000000841500}\Shell\readme\command - "" = notepad readme.txt
O33 - MountPoints2\{b7fa6a84-e1eb-11df-921a-991fa80c76aa}\Shell - "" = AutoRun
O33 - MountPoints2\{b7fa6a84-e1eb-11df-921a-991fa80c76aa}\Shell\AutoRun\command - "" = F:\_AUTORUN\AUTORUN.EXE -- File not found
O33 - MountPoints2\{b7fa6a84-e1eb-11df-921a-991fa80c76aa}\Shell\instDX\command - "" = F:\directX\dxsetup.exe -- File not found
O33 - MountPoints2\{b7fa6a84-e1eb-11df-921a-991fa80c76aa}\Shell\readme\command - "" = notepad readme.txt
O33 - MountPoints2\{c7b8177e-7bd1-11df-8c9f-87baa74081ac}\Shell - "" = AutoRun
O33 - MountPoints2\{c7b8177e-7bd1-11df-8c9f-87baa74081ac}\Shell\AutoRun\command - "" = F:\_AUTORUN\AUTORUN.EXE -- File not found
O33 - MountPoints2\{c7b8177e-7bd1-11df-8c9f-87baa74081ac}\Shell\instDX\command - "" = F:\directX\dxsetup.exe -- File not found
O33 - MountPoints2\{c7b8177e-7bd1-11df-8c9f-87baa74081ac}\Shell\readme\command - "" = notepad readme.txt
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/23 10:52:47 | 000,092,248 | ---- | C] (Kaspersky Lab, SLA) -- C:\Windows\SysNative\drivers\klmdb.sys
[2010/12/23 10:41:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hijack
[2010/12/22 21:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8
[2010/12/20 18:49:42 | 000,000,000 | ---D | C] -- C:\Users\bball3212\Documents\BioWare
[2010/12/20 13:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dragon Age
[2010/12/20 13:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2010/12/19 23:06:05 | 000,000,000 | ---D | C] -- C:\Users\bball3212\AppData\Local\PunkBuster
[2010/12/19 23:06:02 | 000,000,000 | ---D | C] -- C:\Users\bball3212\Documents\BFBC2
[2010/12/19 22:17:31 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010/12/19 22:17:31 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010/12/19 22:17:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010/12/19 22:17:31 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010/12/19 22:17:30 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010/12/19 22:17:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010/12/19 22:17:27 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010/12/19 22:17:27 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010/12/19 22:17:27 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010/12/19 22:17:27 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010/12/19 22:17:26 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010/12/19 22:17:26 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010/12/19 22:17:25 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010/12/19 22:17:25 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010/12/19 22:17:23 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010/12/19 22:17:23 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010/12/19 22:17:23 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010/12/19 22:17:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010/12/19 22:17:21 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010/12/19 22:17:21 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010/12/19 22:17:21 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010/12/19 22:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010/12/19 22:17:21 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010/12/19 22:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010/12/19 22:17:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010/12/19 22:17:20 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010/12/19 22:17:19 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010/12/19 22:17:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010/12/19 22:17:18 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010/12/19 22:17:18 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010/12/19 22:17:18 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010/12/19 22:17:18 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010/12/19 22:17:16 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010/12/19 22:17:16 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010/12/19 22:17:15 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010/12/19 22:17:15 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010/12/19 22:17:15 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010/12/19 22:17:15 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010/12/19 22:17:14 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010/12/19 22:17:14 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010/12/19 22:17:14 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010/12/19 22:17:14 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010/12/19 22:17:12 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010/12/19 22:17:12 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010/12/19 22:17:12 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010/12/19 22:17:12 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010/12/19 22:17:12 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010/12/19 22:17:12 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010/12/19 22:17:09 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010/12/19 22:17:09 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010/12/19 22:17:09 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010/12/19 22:17:09 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010/12/19 22:17:08 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010/12/19 22:17:08 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010/12/19 22:17:07 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010/12/19 22:17:07 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010/12/19 22:17:06 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010/12/19 22:17:06 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010/12/19 22:17:06 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010/12/19 22:17:06 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010/12/19 22:17:05 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010/12/19 22:17:05 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010/12/19 22:17:04 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010/12/19 22:17:04 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010/12/19 22:17:03 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010/12/19 22:17:03 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010/12/19 22:17:03 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010/12/19 22:17:03 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010/12/19 22:17:02 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010/12/19 22:17:02 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010/12/19 22:17:02 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010/12/19 22:17:02 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010/12/19 22:16:59 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010/12/19 22:16:59 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010/12/18 20:10:16 | 000,000,000 | ---D | C] -- C:\Users\bball3212\AppData\Roaming\runic games
[2010/12/18 20:07:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Runic Games
[2010/12/18 20:07:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Runic
[2010/12/13 18:20:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010/12/13 18:18:36 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/12/13 18:17:33 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2010/12/13 18:17:32 | 018,597,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2010/12/13 18:17:32 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2010/12/13 18:17:32 | 002,934,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2010/12/13 18:17:32 | 001,500,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642050.dll
[2010/12/13 18:17:32 | 001,308,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642030.dll
[2010/12/13 18:17:32 | 001,308,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2010/12/13 18:17:32 | 000,155,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2010/12/13 18:17:32 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/12/13 18:17:32 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/12/13 18:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/12/13 18:16:30 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/12/13 15:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2010/12/13 15:33:33 | 000,000,000 | ---D | C] -- C:\Users\bball3212\AppData\Roaming\SystemRequirementsLab
[2010/12/12 19:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TVersity
[2010/12/08 19:16:50 | 000,000,000 | ---D | C] -- C:\Users\bball3212\AppData\Roaming\HP
[2010/12/06 19:54:08 | 000,000,000 | ---D | C] -- C:\Users\bball3212\AppData\Local\wmiobjCres
[2010/12/05 11:50:14 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/12/05 11:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/12/05 09:46:21 | 000,000,000 | ---D | C] -- C:\Users\bball3212\AppData\Local\Wdcfg3xx
[2010/12/03 17:51:03 | 000,000,000 | ---D | C] -- C:\Users\bball3212\AppData\Local\DRMHelpUsb
[2010/12/02 08:52:21 | 000,000,000 | ---D | C] -- C:\Users\bball3212\Documents\Red-R
[2010/12/01 15:55:32 | 000,000,000 | ---D | C] -- C:\Users\bball3212\SasLibrary
[2010/12/01 10:21:41 | 000,000,000 | ---D | C] -- C:\Users\bball3212\Desktop\Hum 242
[2010/12/01 10:21:29 | 000,000,000 | ---D | C] -- C:\Users\bball3212\Desktop\Washington seminar
[2010/11/30 22:02:27 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wing32.dll
[2010/11/30 22:02:22 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/11/30 22:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/11/30 21:54:40 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/11/30 21:52:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2010/11/28 21:02:49 | 000,000,000 | ---D | C] -- C:\Users\bball3212\Documents\Vuze Downloads
[2010/11/28 21:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUpMedia
[2010/11/28 21:02:15 | 000,000,000 | ---D | C] -- C:\Users\bball3212\AppData\Roaming\TuneUpMedia
[2010/11/28 21:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUpMedia
[2010/11/28 20:59:47 | 000,000,000 | ---D | C] -- C:\Users\bball3212\AppData\Roaming\Azureus
[2010/11/28 20:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010/11/28 20:58:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine
[2010/11/28 20:58:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote
[2010/11/25 20:01:43 | 000,000,000 | ---D | C] -- C:\Users\bball3212\Desktop\151 project data
[2010/11/25 19:46:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\directx
[2010/11/23 20:32:12 | 000,000,000 | ---D | C] -- C:\Users\bball3212\Desktop\Resume
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Users\bball3212\Desktop\*.tmp files -> C:\Users\bball3212\Desktop\*.tmp -> ]
[1 C:\Users\bball3212\Application Data\Microsoft\Internet Explorer\Quick Launch\*.tmp files -> C:\Users\bball3212\Application Data\Microsoft\Internet Explorer\Quick Launch\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/23 10:54:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/23 10:52:47 | 000,092,248 | ---- | M] (Kaspersky Lab, SLA) -- C:\Windows\SysNative\drivers\klmdb.sys
[2010/12/23 10:41:59 | 000,003,009 | ---- | M] () -- C:\Users\bball3212\Desktop\HiJackThis.lnk
[2010/12/23 10:24:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2803273358-1620702345-2488196770-1001UA.job
[2010/12/23 10:10:59 | 069,250,529 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/12/23 10:07:40 | 000,720,590 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/23 10:07:40 | 000,620,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/23 10:07:40 | 000,105,122 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/22 21:44:51 | 000,002,161 | ---- | M] () -- C:\Users\bball3212\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 8.lnk
[2010/12/22 21:44:51 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox 4.0 Beta 8.lnk
[2010/12/22 15:24:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2803273358-1620702345-2488196770-1001Core.job
[2010/12/21 16:24:43 | 009,708,460 | ---- | M] () -- C:\Users\bball3212\Desktop\ATKPackage_WIN7_32_WIN7_64_z100004.zip
[2010/12/21 16:12:26 | 000,015,456 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/21 16:12:26 | 000,015,456 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/21 16:04:49 | 3193,716,736 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/21 13:39:10 | 000,000,162 | -H-- | M] () -- C:\Users\bball3212\Documents\~$2SYL.FALL.10.doc
[2010/12/20 13:10:43 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/12/19 23:18:49 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/12/19 23:18:49 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/12/19 23:05:19 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/12/17 16:56:55 | 000,013,452 | ---- | M] () -- C:\Users\bball3212\Desktop\HSAC revised statement Adam Sanders.docx
[2010/12/17 16:42:28 | 000,013,448 | ---- | M] () -- C:\Users\bball3212\Desktop\HSAC statement.docx
[2010/12/17 16:34:59 | 000,012,257 | ---- | M] () -- C:\Users\bball3212\Desktop\HSAC cover statement.docx
[2010/12/17 16:34:50 | 000,012,259 | ---- | M] () -- C:\Users\bball3212\Documents\Doc1.docx
[2010/12/15 12:24:11 | 000,012,724 | ---- | M] () -- C:\Users\bball3212\Desktop\hum 242 notes.docx
[2010/12/15 12:24:11 | 000,000,162 | -H-- | M] () -- C:\Users\bball3212\Desktop\~$m 242 notes.docx
[2010/12/15 11:42:47 | 000,307,328 | ---- | M] () -- C:\Users\bball3212\Desktop\Oud.mp3
[2010/12/15 11:21:47 | 007,847,437 | ---- | M] () -- C:\Users\bball3212\Desktop\Islamic instruments.Bb.pptx
[2010/12/15 11:15:16 | 000,715,872 | ---- | M] () -- C:\Users\bball3212\Desktop\music and dance.pdf
[2010/12/15 11:02:08 | 000,015,696 | ---- | M] () -- C:\Users\bball3212\Desktop\Raise Evaluation Form.docx
[2010/12/15 10:59:25 | 000,000,162 | -H-- | M] () -- C:\Users\bball3212\Desktop\~$ise Evaluation Form.docx
[2010/12/14 21:37:03 | 000,279,256 | ---- | M] () -- C:\Users\bball3212\Desktop\downloadimages.pdf
[2010/12/14 21:34:57 | 000,062,071 | ---- | M] () -- C:\Users\bball3212\Desktop\coursepage.aspx
[2010/12/14 21:32:40 | 000,001,078 | ---- | M] () -- C:\Users\bball3212\Desktop\final script
[2010/12/14 16:09:29 | 000,027,148 | ---- | M] () -- C:\Users\bball3212\Desktop\final test 151.docx
[2010/12/14 16:09:29 | 000,000,162 | -H-- | M] () -- C:\Users\bball3212\Desktop\~$nal test 151.docx
[2010/12/14 15:17:10 | 000,000,359 | ---- | M] () -- C:\Users\bball3212\Desktop\fin.dat
[2010/12/13 13:36:26 | 000,279,256 | ---- | M] () -- C:\Users\bball3212\Desktop\images of cinema.pdf
[2010/12/09 12:23:48 | 000,011,713 | ---- | M] () -- C:\Users\bball3212\Desktop\Khan paper.docx
[2010/12/09 12:13:36 | 000,011,131 | ---- | M] () -- C:\Users\bball3212\Desktop\muscript
[2010/12/09 12:13:29 | 000,001,859 | ---- | M] () -- C:\Users\bball3212\Desktop\project script
[2010/12/08 21:37:31 | 000,030,680 | ---- | M] () -- C:\Users\bball3212\Report4.htm
[2010/12/08 21:32:57 | 000,030,443 | ---- | M] () -- C:\Users\bball3212\Report3.htm
[2010/12/08 21:32:38 | 000,764,696 | ---- | M] () -- C:\Users\bball3212\Report2.htm
[2010/12/08 21:32:33 | 000,005,380 | ---- | M] () -- C:\Users\bball3212\Desktop\report2real.sas
[2010/12/08 21:29:18 | 001,353,436 | ---- | M] () -- C:\Users\bball3212\Report1.htm
[2010/12/08 21:15:26 | 000,001,525 | ---- | M] () -- C:\Users\bball3212\Desktop\report4real.sas
[2010/12/08 21:11:31 | 000,004,848 | ---- | M] () -- C:\Users\bball3212\Desktop\report1real.sas
[2010/12/08 21:05:52 | 000,002,024 | ---- | M] () -- C:\Users\bball3212\Desktop\report3real.sas
[2010/12/08 20:15:56 | 000,004,592 | ---- | M] () -- C:\Users\bball3212\Desktop\report1.sas
[2010/12/07 21:50:30 | 000,021,552 | ---- | M] () -- C:\Users\bball3212\Desktop\writeup group.docx
[2010/12/07 15:28:22 | 000,020,162 | ---- | M] () -- C:\Users\bball3212\Desktop\writeup(1).docx
[2010/12/07 08:06:24 | 000,006,325 | ---- | M] () -- C:\Users\bball3212\Desktop\take home test 2
[2010/12/05 11:51:34 | 000,219,484 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/12/03 15:38:06 | 000,729,514 | ---- | M] () -- C:\Users\bball3212\Desktop\Predicting with Santa.pptx
[2010/12/01 22:15:45 | 000,023,474 | ---- | M] () -- C:\Users\bball3212\Documents\cover letters (1).docx
[2010/12/01 10:31:26 | 000,001,969 | ---- | M] () -- C:\Users\bball3212\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/01 10:16:42 | 000,004,363 | ---- | M] () -- C:\Users\bball3212\Documents\svy.do
[2010/12/01 10:10:05 | 001,035,894 | ---- | M] () -- C:\Users\bball3212\Documents\UCEP Presentation.pptx
[2010/11/30 21:59:21 | 000,025,600 | ---- | M] () -- C:\Users\bball3212\Documents\Svy.doc
[2010/11/30 21:52:31 | 002,409,944 | ---- | M] () -- C:\Users\bball3212\Desktop\revosetup.exe
[2010/11/30 16:38:22 | 000,022,494 | ---- | M] () -- C:\Users\bball3212\Documents\final cover letters.docx
[2010/11/30 12:38:01 | 000,075,264 | ---- | M] () -- C:\Users\bball3212\Documents\242SYL.FALL.10.doc
[2010/11/29 21:32:05 | 000,012,696 | ---- | M] () -- C:\Users\bball3212\Documents\Number.docx
[2010/11/29 21:23:37 | 003,008,940 | ---- | M] () -- C:\Users\bball3212\Documents\Placement Orientation SS 11-11-10.pptx
[2010/11/29 21:17:41 | 000,018,867 | ---- | M] () -- C:\Users\bball3212\Documents\NDU.docx
[2010/11/29 13:27:26 | 000,029,269 | ---- | M] () -- C:\Users\bball3212\Documents\Do file including early voters (2).do
[2010/11/25 20:00:57 | 000,016,295 | ---- | M] () -- C:\Users\bball3212\Desktop\151 project data.zip
[2010/11/25 20:00:12 | 000,009,123 | ---- | M] () -- C:\Users\bball3212\Desktop\Chris Paul1.xlsx
[2010/11/25 19:46:51 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Heroes II Gold.lnk
[2010/11/23 20:31:49 | 000,059,392 | ---- | M] () -- C:\Users\bball3212\Desktop\Mcom Ashley Banta-Resume.doc
[2010/11/23 20:23:51 | 000,019,948 | ---- | M] () -- C:\Users\bball3212\Desktop\Resume.docx
[2010/11/23 12:20:13 | 000,013,210 | ---- | M] () -- C:\Users\bball3212\Desktop\problem 11.xlsx
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Users\bball3212\Desktop\*.tmp files -> C:\Users\bball3212\Desktop\*.tmp -> ]
[1 C:\Users\bball3212\Application Data\Microsoft\Internet Explorer\Quick Launch\*.tmp files -> C:\Users\bball3212\Application Data\Microsoft\Internet Explorer\Quick Launch\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/23 10:41:59 | 000,003,009 | ---- | C] () -- C:\Users\bball3212\Desktop\HiJackThis.lnk
[2010/12/22 21:44:51 | 000,002,161 | ---- | C] () -- C:\Users\bball3212\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 8.lnk
[2010/12/22 21:44:51 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox 4.0 Beta 8.lnk
[2010/12/21 16:24:31 | 009,708,460 | ---- | C] () -- C:\Users\bball3212\Desktop\ATKPackage_WIN7_32_WIN7_64_z100004.zip
[2010/12/21 13:39:10 | 000,000,162 | -H-- | C] () -- C:\Users\bball3212\Documents\~$2SYL.FALL.10.doc
[2010/12/19 23:06:09 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/12/19 23:05:21 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/12/19 23:05:19 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/12/19 23:05:19 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/12/17 16:43:28 | 000,013,452 | ---- | C] () -- C:\Users\bball3212\Desktop\HSAC revised statement Adam Sanders.docx
[2010/12/17 16:42:27 | 000,013,448 | ---- | C] () -- C:\Users\bball3212\Desktop\HSAC statement.docx
[2010/12/17 16:34:59 | 000,012,257 | ---- | C] () -- C:\Users\bball3212\Desktop\HSAC cover statement.docx
[2010/12/16 17:45:15 | 000,012,259 | ---- | C] () -- C:\Users\bball3212\Documents\Doc1.docx
[2010/12/15 12:24:11 | 000,000,162 | -H-- | C] () -- C:\Users\bball3212\Desktop\~$m 242 notes.docx
[2010/12/15 12:24:10 | 000,012,724 | ---- | C] () -- C:\Users\bball3212\Desktop\hum 242 notes.docx
[2010/12/15 11:42:35 | 000,307,328 | ---- | C] () -- C:\Users\bball3212\Desktop\Oud.mp3
[2010/12/15 11:21:46 | 007,847,437 | ---- | C] () -- C:\Users\bball3212\Desktop\Islamic instruments.Bb.pptx
[2010/12/15 11:15:16 | 000,715,872 | ---- | C] () -- C:\Users\bball3212\Desktop\music and dance.pdf
[2010/12/15 10:59:25 | 000,000,162 | -H-- | C] () -- C:\Users\bball3212\Desktop\~$ise Evaluation Form.docx
[2010/12/15 10:59:24 | 000,015,696 | ---- | C] () -- C:\Users\bball3212\Desktop\Raise Evaluation Form.docx
[2010/12/14 21:37:03 | 000,279,256 | ---- | C] () -- C:\Users\bball3212\Desktop\downloadimages.pdf
[2010/12/14 21:34:57 | 000,062,071 | ---- | C] () -- C:\Users\bball3212\Desktop\coursepage.aspx
[2010/12/14 16:09:29 | 000,000,162 | -H-- | C] () -- C:\Users\bball3212\Desktop\~$nal test 151.docx
[2010/12/14 16:09:28 | 000,027,148 | ---- | C] () -- C:\Users\bball3212\Desktop\final test 151.docx
[2010/12/14 15:50:38 | 000,001,078 | ---- | C] () -- C:\Users\bball3212\Desktop\final script
[2010/12/14 15:17:26 | 000,000,359 | ---- | C] () -- C:\Users\bball3212\Desktop\fin.dat
[2010/12/13 18:17:32 | 000,007,877 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010/12/13 13:36:26 | 000,279,256 | ---- | C] () -- C:\Users\bball3212\Desktop\images of cinema.pdf
[2010/12/08 21:06:02 | 000,001,525 | ---- | C] () -- C:\Users\bball3212\Desktop\report4real.sas
[2010/12/08 21:05:52 | 000,002,024 | ---- | C] () -- C:\Users\bball3212\Desktop\report3real.sas
[2010/12/08 21:05:44 | 000,005,380 | ---- | C] () -- C:\Users\bball3212\Desktop\report2real.sas
[2010/12/08 20:19:08 | 000,004,848 | ---- | C] () -- C:\Users\bball3212\Desktop\report1real.sas
[2010/12/08 20:15:55 | 000,004,592 | ---- | C] () -- C:\Users\bball3212\Desktop\report1.sas
[2010/12/07 21:50:29 | 000,021,552 | ---- | C] () -- C:\Users\bball3212\Desktop\writeup group.docx
[2010/12/07 16:33:12 | 000,030,680 | ---- | C] () -- C:\Users\bball3212\Report4.htm
[2010/12/06 21:15:24 | 000,001,859 | ---- | C] () -- C:\Users\bball3212\Desktop\project script
[2010/12/06 11:24:48 | 000,011,713 | ---- | C] () -- C:\Users\bball3212\Desktop\Khan paper.docx
[2010/12/05 22:00:20 | 000,020,162 | ---- | C] () -- C:\Users\bball3212\Desktop\writeup(1).docx
[2010/12/03 15:15:09 | 000,729,514 | ---- | C] () -- C:\Users\bball3212\Desktop\Predicting with Santa.pptx
[2010/12/02 19:25:48 | 000,006,325 | ---- | C] () -- C:\Users\bball3212\Desktop\take home test 2
[2010/12/01 16:52:22 | 000,030,443 | ---- | C] () -- C:\Users\bball3212\Report3.htm
[2010/12/01 10:10:07 | 001,035,894 | ---- | C] () -- C:\Users\bball3212\Documents\UCEP Presentation.pptx
[2010/11/30 22:04:36 | 000,004,363 | ---- | C] () -- C:\Users\bball3212\Documents\svy.do
[2010/11/30 21:59:25 | 000,025,600 | ---- | C] () -- C:\Users\bball3212\Documents\Svy.doc
[2010/11/30 21:52:32 | 002,409,944 | ---- | C] () -- C:\Users\bball3212\Desktop\revosetup.exe
[2010/11/30 16:38:21 | 000,022,494 | ---- | C] () -- C:\Users\bball3212\Documents\final cover letters.docx
[2010/11/30 12:38:03 | 000,075,264 | ---- | C] () -- C:\Users\bball3212\Documents\242SYL.FALL.10.doc
[2010/11/29 21:32:08 | 000,012,696 | ---- | C] () -- C:\Users\bball3212\Documents\Number.docx
[2010/11/29 21:23:28 | 003,008,940 | ---- | C] () -- C:\Users\bball3212\Documents\Placement Orientation SS 11-11-10.pptx
[2010/11/29 21:17:44 | 000,018,867 | ---- | C] () -- C:\Users\bball3212\Documents\NDU.docx
[2010/11/29 21:07:56 | 000,023,474 | ---- | C] () -- C:\Users\bball3212\Documents\cover letters (1).docx
[2010/11/29 13:27:36 | 000,029,269 | ---- | C] () -- C:\Users\bball3212\Documents\Do file including early voters (2).do
[2010/11/29 12:32:25 | 000,764,696 | ---- | C] () -- C:\Users\bball3212\Report2.htm
[2010/11/29 12:15:49 | 001,353,436 | ---- | C] () -- C:\Users\bball3212\Report1.htm
[2010/11/25 20:01:07 | 000,016,295 | ---- | C] () -- C:\Users\bball3212\Desktop\151 project data.zip
[2010/11/25 20:00:11 | 000,009,123 | ---- | C] () -- C:\Users\bball3212\Desktop\Chris Paul1.xlsx
[2010/11/23 20:23:56 | 000,019,948 | ---- | C] () -- C:\Users\bball3212\Desktop\Resume.docx
[2010/11/23 20:17:02 | 000,059,392 | ---- | C] () -- C:\Users\bball3212\Desktop\Mcom Ashley Banta-Resume.doc
[2010/11/23 12:20:12 | 000,013,210 | ---- | C] () -- C:\Users\bball3212\Desktop\problem 11.xlsx
[2010/08/17 18:36:20 | 000,000,600 | ---- | C] () -- C:\Users\bball3212\AppData\Roaming\winscp.rnd
[2010/03/05 12:13:47 | 000,000,027 | ---- | C] () -- C:\Windows\ecowin.ini
[2010/02/28 22:34:06 | 000,000,293 | ---- | C] () -- C:\ProgramData\LastUpdate.xml
[2010/02/28 22:34:05 | 000,000,031 | ---- | C] () -- C:\Windows\WebUpdateSvc4.INI
[2010/01/20 18:12:10 | 000,003,584 | ---- | C] () -- C:\Users\bball3212\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/12 14:42:36 | 000,000,837 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/01/12 14:42:34 | 000,001,462 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010/01/12 14:31:22 | 000,737,808 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/01/12 14:16:02 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\sasperf.dll
[2010/01/11 22:11:22 | 000,000,035 | ---- | C] () -- C:\Windows\A6W.INI
[2010/01/11 17:56:59 | 000,007,595 | ---- | C] () -- C:\Users\bball3212\AppData\Local\Resmon.ResmonCfg
[2010/01/10 22:38:47 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/01/09 17:08:43 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010/01/07 19:42:20 | 000,074,328 | ---- | C] () -- C:\Windows\SysWow64\drivers\bdisk.sys
[2009/07/28 22:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/12/01 19:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/10/28 16:40:48 | 000,173,552 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== Alternate Data Streams ==========

@Alternate Data Stream - 85 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:1AE68282

< End of report >
  • 0

Advertisements

#2
xamius
Posted 23 December 2010 - 07:15 PM

xamius

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I think I solved it up combofix and superantispyware.

Thanks.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP