Solved File recovery rogue scanner infection
- Thread starter CanHazTrojanz?
- Start date
CanHazTrojanz?
Posts: 106 +0
OK, TDSS found no threats. Here is the aswMBR log:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-07 20:33:46
-----------------------------
20:33:46.534 OS Version: Windows x64 6.1.7601 Service Pack 1
20:33:46.534 Number of processors: 2 586 0x602
20:33:46.534 ComputerName: IDHUSSEYS-PC UserName: IdHusseys
20:33:47.455 Initialize success
20:33:58.936 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:33:58.952 Disk 0 Vendor: WDC_WD2500BEKT-60V5T1 12.01A12 Size: 238475MB BusType: 11
20:33:58.952 Disk 0 MBR read successfully
20:33:58.952 Disk 0 MBR scan
20:33:58.952 Disk 0 Windows 7 default MBR code
20:33:58.967 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
20:33:58.967 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 224323 MB offset 409600
20:33:58.999 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13848 MB offset 459823104
20:33:59.014 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 488183808
20:33:59.045 Disk 0 scanning C:\Windows\system32\drivers
20:34:07.781 Service scanning
20:34:20.729 Modules scanning
20:34:20.729 Disk 0 trace - called modules:
20:34:20.761 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
20:34:20.776 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003126060]
20:34:20.776 3 CLASSPNP.SYS[fffff8800106e43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80030cb060]
20:34:20.776 Scan finished successfully
20:34:58.700 Disk 0 MBR has been saved successfully to "H:\MBR.dat"
20:34:58.715 The log file has been saved successfully to "H:\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-07 20:33:46
-----------------------------
20:33:46.534 OS Version: Windows x64 6.1.7601 Service Pack 1
20:33:46.534 Number of processors: 2 586 0x602
20:33:46.534 ComputerName: IDHUSSEYS-PC UserName: IdHusseys
20:33:47.455 Initialize success
20:33:58.936 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:33:58.952 Disk 0 Vendor: WDC_WD2500BEKT-60V5T1 12.01A12 Size: 238475MB BusType: 11
20:33:58.952 Disk 0 MBR read successfully
20:33:58.952 Disk 0 MBR scan
20:33:58.952 Disk 0 Windows 7 default MBR code
20:33:58.967 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
20:33:58.967 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 224323 MB offset 409600
20:33:58.999 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13848 MB offset 459823104
20:33:59.014 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 488183808
20:33:59.045 Disk 0 scanning C:\Windows\system32\drivers
20:34:07.781 Service scanning
20:34:20.729 Modules scanning
20:34:20.729 Disk 0 trace - called modules:
20:34:20.761 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
20:34:20.776 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003126060]
20:34:20.776 3 CLASSPNP.SYS[fffff8800106e43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80030cb060]
20:34:20.776 Scan finished successfully
20:34:58.700 Disk 0 MBR has been saved successfully to "H:\MBR.dat"
20:34:58.715 The log file has been saved successfully to "H:\aswMBR.txt"
Broni
Posts: 56,041 +516
Very good 
It looks like we fixed the main issue - infected MBR.
Let's see about your internet connection.
Please download Farbar Service Scanner Download Link and run it on the computer with the issue.
It looks like we fixed the main issue - infected MBR.
Let's see about your internet connection.
Please download Farbar Service Scanner Download Link and run it on the computer with the issue.
- Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center/Action Center
- Windows Update
- Windows Defender
- Press "Scan".
- It will create a log (FSS.txt) in the same directory the tool is run.
- Please copy and paste the log to your reply.
CanHazTrojanz?
Posts: 106 +0
Farbar Service Scanner Version: 06-08-2012
Ran by IdHusseys (administrator) on 07-09-2012 at 20:45:44
Running from "C:\Users\IdHusseys\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Attempt to access Google.com returned error: Other errors
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Other errors
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
Ran by IdHusseys (administrator) on 07-09-2012 at 20:45:44
Running from "C:\Users\IdHusseys\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Attempt to access Google.com returned error: Other errors
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Other errors
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
Broni
Posts: 56,041 +516
Please download MiniToolBox, save it to your desktop and run it.
Checkmark following boxes:
Checkmark following boxes:
- Report IE Proxy Settings
- Report FF Proxy Settings
- List content of Hosts
- List IP configuration
- List Winsock Entries
- List last 10 Event Viewer log
- List Devices (do NOT change any settings)
- List Users, Partitions and Memory size
CanHazTrojanz?
Posts: 106 +0
MiniToolBox by Farbar Version: 23-07-2012
Ran by IdHusseys (administrator) on 07-09-2012 at 20:53:30
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
========================= FF Proxy Settings: ==============================
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled metric=100 nud=enabled
set interface interface="Wireless Network Connection" forwarding=enabled advertise=enabled metric=100 nud=enabled
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : IdHusseys-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-6D-68-D9-29
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 90-4C-E5-47-C6-00
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::bc4f:c5c:6bf5:ad04%12(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.173.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 328223973
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-C0-E8-D9-00-26-9E-C3-6D-40
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-9E-C3-6D-40
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{CF0CB9F8-FA84-4B47-A1C1-735CF549A63D}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{6D68D929-6D09-4228-BF0D-F084C0AC3907}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 14:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: fec0:0:0:ffff::1
Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: fec0:0:0:ffff::1
Ping request could not find host yahoo.com. Please check the name and try again.
Server: UnKnown
Address: fec0:0:0:ffff::1
Ping request could not find host bleepingcomputer.com. Please check the name and try again.
Pinging with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for }‹ns_˜˜˜Iö :
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
20...00 ff 6d 68 d9 29 ......TAP-Win32 Adapter V9
12...90 4c e5 47 c6 00 ......Atheros AR9285 802.11b/g/n WiFi Adapter
10...00 26 9e c3 6d 40 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.173.4 356
169.254.173.4 255.255.255.255 On-link 169.254.173.4 356
169.254.255.255 255.255.255.255 On-link 169.254.173.4 356
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 169.254.173.4 356
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 169.254.173.4 356
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::bc4f:c5c:6bf5:ad04/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Catalog5 04 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 29 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
========================= Event log errors: ===============================
Application errors:
==================
Error: (09/07/2012 08:12:48 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/07/2012 08:08:37 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/07/2012 07:29:54 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:38:48 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:08:27 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:05:03 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:02:10 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:55:53 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:11:37 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:06:23 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
System errors:
=============
Error: (09/07/2012 08:28:29 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:28:23 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:28:21 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:27:38 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:27:22 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:26:20 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:26:14 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:26:14 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:26:12 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:24:54 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Microsoft Office Sessions:
=========================
Error: (09/07/2012 08:12:48 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/07/2012 08:08:37 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/07/2012 07:29:54 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:38:48 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:08:27 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:05:03 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:02:10 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:55:53 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:11:37 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:06:23 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
========================= Devices: ================================
========================= Memory info: ===================================
Percentage of memory in use: 36%
Total physical RAM: 2812.2 MB
Available physical RAM: 1773.73 MB
Total Pagefile: 5622.59 MB
Available Pagefile: 4450.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.65 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:219.07 GB) (Free:149.45 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:13.52 GB) (Free:2.24 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive h: () (Removable) (Total:7.45 GB) (Free:7.36 GB) FAT32
========================= Users: ========================================
User accounts for \\IDHUSSEYS-PC
Administrator Guest IdHusseys
**** End of log ****
Ran by IdHusseys (administrator) on 07-09-2012 at 20:53:30
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
========================= FF Proxy Settings: ==============================
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled metric=100 nud=enabled
set interface interface="Wireless Network Connection" forwarding=enabled advertise=enabled metric=100 nud=enabled
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : IdHusseys-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-6D-68-D9-29
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 90-4C-E5-47-C6-00
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::bc4f:c5c:6bf5:ad04%12(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.173.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 328223973
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-C0-E8-D9-00-26-9E-C3-6D-40
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-9E-C3-6D-40
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{CF0CB9F8-FA84-4B47-A1C1-735CF549A63D}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{6D68D929-6D09-4228-BF0D-F084C0AC3907}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 14:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: fec0:0:0:ffff::1
Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: fec0:0:0:ffff::1
Ping request could not find host yahoo.com. Please check the name and try again.
Server: UnKnown
Address: fec0:0:0:ffff::1
Ping request could not find host bleepingcomputer.com. Please check the name and try again.
Pinging with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for }‹ns_˜˜˜Iö :
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
20...00 ff 6d 68 d9 29 ......TAP-Win32 Adapter V9
12...90 4c e5 47 c6 00 ......Atheros AR9285 802.11b/g/n WiFi Adapter
10...00 26 9e c3 6d 40 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.173.4 356
169.254.173.4 255.255.255.255 On-link 169.254.173.4 356
169.254.255.255 255.255.255.255 On-link 169.254.173.4 356
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 169.254.173.4 356
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 169.254.173.4 356
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::bc4f:c5c:6bf5:ad04/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Catalog5 04 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 29 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
========================= Event log errors: ===============================
Application errors:
==================
Error: (09/07/2012 08:12:48 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/07/2012 08:08:37 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/07/2012 07:29:54 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:38:48 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:08:27 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:05:03 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:02:10 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:55:53 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:11:37 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:06:23 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out
System errors:
=============
Error: (09/07/2012 08:28:29 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:28:23 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:28:21 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:27:38 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:27:22 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:26:20 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:26:14 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:26:14 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:26:12 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Error: (09/07/2012 08:24:54 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044
Microsoft Office Sessions:
=========================
Error: (09/07/2012 08:12:48 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/07/2012 08:08:37 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/07/2012 07:29:54 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:38:48 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:08:27 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:05:03 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 11:02:10 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:55:53 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:11:37 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
Error: (09/06/2012 10:06:23 PM) (Source: Schedule)(User: )
Description: Schedule error: 10044Initialize call failed, bailing out
========================= Devices: ================================
========================= Memory info: ===================================
Percentage of memory in use: 36%
Total physical RAM: 2812.2 MB
Available physical RAM: 1773.73 MB
Total Pagefile: 5622.59 MB
Available Pagefile: 4450.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.65 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:219.07 GB) (Free:149.45 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:13.52 GB) (Free:2.24 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive h: () (Removable) (Total:7.45 GB) (Free:7.36 GB) FAT32
========================= Users: ========================================
User accounts for \\IDHUSSEYS-PC
Administrator Guest IdHusseys
**** End of log ****
Broni
Posts: 56,041 +516
Make sure, your settings are correct.
1. Go Start>Settings>Control Panel (Vista/7 users: Start>Control Panel)
2. Double click Network Connections (Vista/7 users: Network and Sharing Center)
3. Vista/7 users - From the list of tasks on the left, click Manage network connections.
4. For a wired network connection, right-click Local Area Connection, and then select Properties.
For a wireless network connection, right-click Wireless Network Connection, and then select Properties.
5. From the General tab (Vista/7 users: Networking tab), click Internet Protocol version 4 (TCP/IPv4), make sure it is checked, and then click Properties
6. Make sure Obtain an IP Address Automatically and Obtain DNS server address Automatically are checked.
7. Click on "Advanced" button and make sure "IP Settings" tab looks like this:
Make sure "DNS" tab looks like this:
Make sure "WINS" tab looks like this:
8. Still in Control Panel double click on "Internet options" then "Connections" tab then "LAN Settings" button. Make sure "Automatically detect settings" is checked.
If you made any changes OK your way out.
Restart computer.
If that doesn't work...
Turn off computer. Disconnect router, and modem from power source for 1 minute. At the same time disconnect ethernet cable as well.
Reconnect everything.
Restart computer.
If that doesn't work, bypass router, and connect computer straight to the modem.
If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).
In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"
Restart computer.
If that doesn't work...
Go Start>Run (Start search in Vista and 7), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).
At Command Prompt, type in:
netsh int ip reset reset.log
Hit Enter.
Type in:
netsh winsock reset catalog
Hit Enter.
Restart computer.
1. Go Start>Settings>Control Panel (Vista/7 users: Start>Control Panel)
2. Double click Network Connections (Vista/7 users: Network and Sharing Center)
3. Vista/7 users - From the list of tasks on the left, click Manage network connections.
4. For a wired network connection, right-click Local Area Connection, and then select Properties.
For a wireless network connection, right-click Wireless Network Connection, and then select Properties.
5. From the General tab (Vista/7 users: Networking tab), click Internet Protocol version 4 (TCP/IPv4), make sure it is checked, and then click Properties
6. Make sure Obtain an IP Address Automatically and Obtain DNS server address Automatically are checked.
7. Click on "Advanced" button and make sure "IP Settings" tab looks like this:
Make sure "DNS" tab looks like this:
Make sure "WINS" tab looks like this:
8. Still in Control Panel double click on "Internet options" then "Connections" tab then "LAN Settings" button. Make sure "Automatically detect settings" is checked.
If you made any changes OK your way out.
Restart computer.
If that doesn't work...
Turn off computer. Disconnect router, and modem from power source for 1 minute. At the same time disconnect ethernet cable as well.
Reconnect everything.
Restart computer.
If that doesn't work, bypass router, and connect computer straight to the modem.
If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).
In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"
Restart computer.
If that doesn't work...
Go Start>Run (Start search in Vista and 7), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).
At Command Prompt, type in:
netsh int ip reset reset.log
Hit Enter.
Type in:
netsh winsock reset catalog
Hit Enter.
Restart computer.
CanHazTrojanz?
Posts: 106 +0
Everything was fine except my LAN settings...so I checked that box. Then the troubleshooter for my WLAN (HP assistant) said:
"Problems found
Windows could not automatically detect this network's proxy settings."
Trying your other solutions.
"Problems found
Windows could not automatically detect this network's proxy settings."
Trying your other solutions.
CanHazTrojanz?
Posts: 106 +0
I skipped over the "directly connect to the internet/bypass modem" because my daughter is doing some college homework and gave me the evil eye last time I kicked her off, I'll come back to that if the rest doesn't work.
So I went ahead with the CMD window.
At the ipconfig /release the following error occurred:
Windows IP Configuration
No operation can be performed on Local Area Connection 2 while it has its media disconnected.
An error occurred while releasing interface Wireless Network Connection : An address has not yet been associated with the network endpoint.
No operation can be performed on Local Area Connection 2 while it has its media disconnected.
Similarly at the ipconfig /renew command:
Windows IP Configuration
No operation can be performed on Local Area Connection 2 while it has its media disconnected.
An error occurred while renewing interface Wireless Network Connection : The support for the specified socket type does not exist in this address family.
No operation can be performed on Local Area Connection 2 while it has its media disconnected.
Restarted and the WLAN troubleshooter says:
Problems found
Windows could not automatically detect this network's proxy settings.
So I went ahead with the CMD window.
At the ipconfig /release the following error occurred:
Windows IP Configuration
No operation can be performed on Local Area Connection 2 while it has its media disconnected.
An error occurred while releasing interface Wireless Network Connection : An address has not yet been associated with the network endpoint.
No operation can be performed on Local Area Connection 2 while it has its media disconnected.
Similarly at the ipconfig /renew command:
Windows IP Configuration
No operation can be performed on Local Area Connection 2 while it has its media disconnected.
An error occurred while renewing interface Wireless Network Connection : The support for the specified socket type does not exist in this address family.
No operation can be performed on Local Area Connection 2 while it has its media disconnected.
Restarted and the WLAN troubleshooter says:
Problems found
Windows could not automatically detect this network's proxy settings.
CanHazTrojanz?
Posts: 106 +0
So I still have to circle back to trying a direct connection to the internet, bypassing the modem, but the final solution had a funny error:
When I tried the "netsh int ip reset reset.log" it was "OK! OK! Restart the computer..."
Then (before resetting) I did the netsh winsock reset catalog, and:
Access is denied
So I restarted, checked to see if I had a connection and still don't. Then ran the troubleshooter and it's still saying "Windows could not automatically detect this network's proxy settings" - and I still have "ghost" files (they're transparent on the desktop, hidden).
Going to try a direct connection to the internet now, despite my daughter's evil eye.
When I tried the "netsh int ip reset reset.log" it was "OK! OK! Restart the computer..."
Then (before resetting) I did the netsh winsock reset catalog, and:
Access is denied
So I restarted, checked to see if I had a connection and still don't. Then ran the troubleshooter and it's still saying "Windows could not automatically detect this network's proxy settings" - and I still have "ghost" files (they're transparent on the desktop, hidden).
Going to try a direct connection to the internet now, despite my daughter's evil eye.
CanHazTrojanz?
Posts: 106 +0
I did connect directly to the internet via ethernet cable. Rebooted, re-ran troubleshooter since it didn't connect to the internet. Same error.
Also, earlier from the CMD window, the "log" said it would be ready in 15 minutes (error log). Not sure if you want that or how to fetch it?
Also, earlier from the CMD window, the "log" said it would be ready in 15 minutes (error log). Not sure if you want that or how to fetch it?
CanHazTrojanz?
Posts: 106 +0
I cannot connect either way.
CanHazTrojanz?
Posts: 106 +0
Would I simply go to the manufacturer's site and try to download the driver there, onto the thumb drive?
Broni
Posts: 56,041 +516
Download Windows Repair (all in one) from this site
Install the program then run it.
Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:
Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:
Go to Step 4 and under "System Restore" click on Create button:
Go to Start Repairs tab and click Start button.
Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default):
Click on box next to the Restart System when Finished. Then click on Start.
Install the program then run it.
Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:
Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:
Go to Step 4 and under "System Restore" click on Create button:
Go to Start Repairs tab and click Start button.
Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default):
Click on box next to the Restart System when Finished. Then click on Start.
CanHazTrojanz?
Posts: 106 +0
OK, onto step 3 and was told it would "take some time" by the program. Will post when I'm done. Thanks.
CanHazTrojanz?
Posts: 106 +0
On the final step, watching it work - a LOT of "Failed" warnings, am I supposed to upload a log or anything? (It's still working presently, repair job 2 of 12.)
CanHazTrojanz?
Posts: 106 +0
Ran it, and it couldn't fix a lot of errors from what I was watching when it was running. But it restarted, and I still can't connect to the internet, and still have "Access Denied" files on the C: drive (Config.Msi, Documents and Settings, Recovery, System Volume Information).
CanHazTrojanz?
Posts: 106 +0
OK not ideal, I'm assuming I'll lose my current files? Not that it's your fault, but that's months of work down the drain and all my backup files for my websites...
Would it help if I did the FRST scan using a 64-bit Windows 7 disc? I managed to get one from my brother.
Would it help if I did the FRST scan using a 64-bit Windows 7 disc? I managed to get one from my brother.
CanHazTrojanz?
Posts: 106 +0
Farbar Recovery Scan Tool (x64) Version: 05-09-2012
Ran by SYSTEM at 2012-09-08 14:02:21
Running from H:\
================== Search: "services.exe" ===================
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\ERDNT\cache64\services.exe
[2011-06-16 12:35] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
====== End Of Search ======
Scan result of Farbar Recovery Scan Tool (x64) Version: 05-09-2012
Ran by SYSTEM at 08-09-2012 14:00:35
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" [1860496 2011-04-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [SBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe" [3149704 2012-08-29] (GFI Software)
HKU\IdHusseys\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2010-03-19] (Hewlett-Packard Company)
HKU\IdHusseys\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17145992 2012-02-15] (Skype Technologies S.A.)
HKU\IdHusseys\...\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-17] (Alexander Nikiforov)
Startup: C:\Users\IdHusseys\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\IdHusseys\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Services ====================
2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
3 OpenVPNService; "C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe" [36352 2011-07-13] ()
2 SBAMSvc; "C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe" [3677000 2012-08-29] (GFI Software)
2 SBPIMSvc; "C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe" [175496 2012-08-29] (GFI Software)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [x]
==================== Drivers =================================
3 catchme; \??\C:\ComboFix\catchme.sys [x]
3 RtsUIR; C:\Windows\System32\DRIVERS\Rts516xIR.sys [x]
3 USBCCID; C:\Windows\System32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) =================
==================== One Month Created Files and Folders ======================
2012-09-07 21:52 - 2012-09-07 21:52 - 00092928 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2012-09-07 21:49 - 2012-09-08 11:57 - 00131072 ____A C:\Windows\System32\Ikeext.etl
2012-09-07 21:44 - 2008-05-07 21:03 - 00303616 ____A ( ) C:\SetACL.exe
2012-09-07 21:31 - 2004-06-11 15:33 - 00290304 ____A (Microsoft Corporation) C:\subinacl.exe
2012-09-07 21:04 - 2012-09-07 21:04 - 00003304 ____N C:\bootsqm.dat
2012-09-07 20:56 - 2012-09-07 21:48 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2012-09-07 20:55 - 2012-09-07 20:55 - 00002251 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2012-09-07 20:55 - 2012-09-07 20:55 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2012-09-07 20:55 - 2012-09-07 20:54 - 05313275 ____A C:\Users\IdHusseys\Desktop\tweaking.com_windows_repair_aio_setup.exe
2012-09-07 19:33 - 2012-09-08 14:00 - 00000000 ____D C:\FRST
2012-09-04 16:00 - 2012-09-04 16:02 - 00000000 ___SD C:\32788R22FWJFW
2012-09-03 23:10 - 2012-09-03 23:10 - 00021485 ____A C:\ComboFix.txt
2012-09-03 21:15 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-09-03 21:15 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-09-03 21:15 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-09-03 21:14 - 2012-09-03 23:10 - 00000000 ____D C:\ComboFix
2012-09-03 21:13 - 2012-09-03 23:10 - 00000000 ____D C:\Qoobox
2012-09-03 12:09 - 2012-09-03 12:09 - 02193345 ____A C:\Users\IdHusseys\Downloads\tdsskiller.zip
2012-09-02 12:16 - 2012-09-02 12:18 - 00000000 ____D C:\Users\IdHusseys\Desktop\RK_Quarantine
2012-09-01 17:49 - 2012-09-01 19:48 - 00607260 ____A (Swearware) C:\Users\IdHusseys\Desktop\dds.com
2012-09-01 04:26 - 2012-09-01 04:26 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-01 04:26 - 2012-09-01 04:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-31 23:27 - 2012-08-31 23:27 - 00001975 ____A C:\Users\Public\Desktop\VIPRE.lnk
2012-08-31 22:47 - 2012-08-31 22:47 - 00184231 ____A C:\Users\IdHusseys\Downloads\12-7-11_fakereanfix.zip
2012-08-31 16:19 - 2012-08-31 16:19 - 00000093 ____A C:\Users\IdHusseys\AppData\Roaming\netstat.bat
2012-08-31 13:57 - 2012-08-31 13:57 - 00058080 ____A C:\Users\IdHusseys\Desktop\Affmagic_08_29_2012.zip
2012-08-30 22:39 - 2012-08-30 22:38 - 00080549 ____A C:\Users\IdHusseys\Desktop\lv.htm
2012-08-30 20:12 - 2012-08-30 22:49 - 00001066 ____A C:\Users\IdHusseys\Desktop\Duct Tape SEO V2 2012 CopyCat SEO.txt
2012-08-29 15:41 - 2012-08-29 15:41 - 00047496 ____A (GFI Software) C:\Windows\SysWOW64\sbbd.exe
2012-08-29 14:28 - 2012-08-31 16:48 - 00000000 ____D C:\Users\IdHusseys\Downloads\www.curadebt.com (DTOX, 2012-08-29) - LinkResearchTools - OVERVIEW Percentages_files
2012-08-29 14:28 - 2012-08-29 14:28 - 00282691 ___AH C:\Users\IdHusseys\Downloads\www.curadebt.com (DTOX, 2012-08-29) - LinkResearchTools - OVERVIEW Percentages.htm
2012-08-27 20:46 - 2012-09-03 22:04 - 00000940 ____A C:\Windows\PFRO.log
2012-08-27 14:52 - 2012-08-27 14:52 - 00000915 ____A C:\Users\IdHusseys\Desktop\Xenu.lnk
2012-08-27 14:35 - 2012-08-27 14:36 - 00000308 ____A C:\Users\IdHusseys\Desktop\TO DO ON YOUR SITES.txt
2012-08-26 17:25 - 2012-08-27 19:34 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-08-26 11:26 - 2012-08-26 11:26 - 00086816 ____A (GFI Software) C:\Windows\System32\Drivers\sbwtis.sys
2012-08-25 02:21 - 2012-08-25 02:22 - 14690376 ____A (LastPass) C:\Users\IdHusseys\Downloads\lastpass_x64 (1).exe
2012-08-25 02:20 - 2012-08-25 02:20 - 00002392 ____A C:\Users\IdHusseys\Desktop\Google Chrome.lnk
2012-08-25 02:19 - 2012-09-03 17:44 - 00000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000UA.job
2012-08-25 02:19 - 2012-09-01 02:34 - 00000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000Core.job
2012-08-24 22:57 - 2012-08-30 03:28 - 00000000 ___HD C:\Users\IdHusseys\Documents\Magic Rank Tracker Reports
2012-08-23 21:34 - 2012-08-23 21:34 - 14790243 ____A (Jayson Yanuaria ) C:\Program Files (x86)\SERPAttacks_Video.exe
2012-08-23 21:22 - 2012-08-31 16:51 - 00000000 ____D C:\Program Files (x86)\Market Samurai
2012-08-23 21:22 - 2012-08-31 16:37 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-08-23 21:22 - 2012-08-31 16:37 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-08-23 19:36 - 2012-08-23 19:39 - 20348849 ____A C:\Program Files (x86)\Sun_ODF_Template_Pack2_en-US.oxt
2012-08-23 19:32 - 2012-08-23 19:38 - 135933721 ____A C:\Program Files (x86)\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_en-US.exe
2012-08-22 16:56 - 2012-08-22 16:56 - 00001948 ____A C:\Users\Public\Desktop\A1 Keyword Research 4.lnk
2012-08-22 01:05 - 2012-08-22 01:05 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-22 01:05 - 2012-08-22 01:05 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-08-22 00:09 - 2012-08-22 00:10 - 00000929 ____A C:\Users\IdHusseys\Desktop\LYNX.lnk
2012-08-22 00:08 - 2012-08-31 16:51 - 00000000 ____D C:\lynx_w32
2012-08-21 21:10 - 2012-08-31 16:52 - 00000000 ____D C:\Users\IdHusseys\Desktop\lynx2-8-7
2012-08-20 02:38 - 2012-09-08 11:56 - 00003874 ____A C:\Windows\setupact.log
2012-08-20 02:38 - 2012-08-20 02:38 - 00000000 ____A C:\Windows\setuperr.log
2012-08-16 11:13 - 2012-06-28 20:55 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-16 11:13 - 2012-06-28 20:09 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-16 11:13 - 2012-06-28 19:56 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-16 11:13 - 2012-06-28 19:49 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-16 11:13 - 2012-06-28 19:49 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-16 11:13 - 2012-06-28 19:48 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-16 11:13 - 2012-06-28 19:47 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-16 11:13 - 2012-06-28 19:45 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-16 11:13 - 2012-06-28 19:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-16 11:13 - 2012-06-28 19:43 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-16 11:13 - 2012-06-28 19:42 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-16 11:13 - 2012-06-28 19:40 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-16 11:13 - 2012-06-28 19:39 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-16 11:13 - 2012-06-28 19:35 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-16 11:13 - 2012-06-28 16:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-16 11:13 - 2012-06-28 16:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-16 11:13 - 2012-06-28 16:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-16 11:13 - 2012-06-28 16:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-16 11:13 - 2012-06-28 16:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-16 11:13 - 2012-06-28 16:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-16 11:13 - 2012-06-28 16:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-16 11:13 - 2012-06-28 16:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-16 11:13 - 2012-06-28 16:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-16 11:13 - 2012-06-28 16:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-16 11:13 - 2012-06-28 16:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-16 11:13 - 2012-06-28 16:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-16 11:13 - 2012-06-28 16:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-16 11:13 - 2012-06-28 15:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-15 10:28 - 2012-07-18 10:15 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-08-15 10:28 - 2012-07-04 14:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-15 10:28 - 2012-07-04 14:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-08-15 10:28 - 2012-07-04 14:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-08-15 10:28 - 2012-07-04 13:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-08-15 10:28 - 2012-07-04 13:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-08-15 10:28 - 2012-05-13 21:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-15 10:28 - 2012-05-05 00:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-08-15 10:28 - 2012-05-04 23:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2012-08-15 10:28 - 2012-02-10 22:43 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-08-15 10:28 - 2012-02-10 22:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-08-15 10:28 - 2012-02-10 22:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2012-08-15 10:28 - 2012-02-10 21:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2012-08-14 14:24 - 2012-08-23 13:23 - 15428440 ____A (Adobe Systems Inc.) C:\Program Files (x86)\AdobeAIRInstaller.exe
2012-08-14 13:49 - 2012-08-14 13:49 - 00000000 ___HD C:\Users\IdHusseys\AppData\Local\{136E17CE-9D8C-4576-B5FB-9FD9476CEE7D}
2012-08-13 11:53 - 2012-08-13 11:54 - 00000000 ___HD C:\Users\IdHusseys\AppData\Local\{22CFA543-8BC0-487D-B925-78E6564E6786}
2012-08-11 13:18 - 2012-08-31 16:39 - 00000000 ____D C:\Users\IdHusseys\Documents\Microsys
2012-08-11 13:18 - 2012-08-22 16:56 - 00000000 ___HD C:\Users\IdHusseys\AppData\Roaming\Microsys
2012-08-11 13:18 - 2012-08-11 13:18 - 00001957 ____A C:\Users\Public\Desktop\A1 Website Analyzer 4.lnk
2012-08-11 13:17 - 2012-08-31 16:33 - 00000000 ____D C:\Program Files\Microsys
2012-08-09 12:55 - 1997-06-06 13:52 - 00011264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
==================== 3 Months Modified Files ================================
2012-09-08 11:57 - 2012-09-07 21:49 - 00131072 ____A C:\Windows\System32\Ikeext.etl
2012-09-08 11:57 - 2009-07-13 21:08 - 00032582 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-09-08 11:57 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-09-08 11:57 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-09-08 11:57 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-09-08 11:56 - 2012-08-20 02:38 - 00003874 ____A C:\Windows\setupact.log
2012-09-08 11:56 - 2009-12-21 00:30 - 01827493 ____A C:\Windows\WindowsUpdate.log
2012-09-07 21:57 - 2009-07-13 21:13 - 00782480 ____A C:\Windows\System32\PerfStringBackup.INI
2012-09-07 21:52 - 2012-09-07 21:52 - 00092928 ____A C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2012-09-07 21:52 - 2012-09-07 21:52 - 00092928 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2012-09-07 21:49 - 2009-07-13 20:45 - 00377688 ____A C:\Windows\System32\FNTCACHE.DAT
2012-09-07 21:48 - 2012-09-07 20:56 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2012-09-07 21:46 - 2010-06-06 13:21 - 00782480 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-09-07 21:04 - 2012-09-07 21:04 - 00003304 ____N C:\bootsqm.dat
2012-09-07 20:55 - 2012-09-07 20:55 - 00002251 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2012-09-07 20:54 - 2012-09-07 20:55 - 05313275 ____A C:\Users\IdHusseys\Desktop\tweaking.com_windows_repair_aio_setup.exe
2012-09-03 23:10 - 2012-09-03 23:10 - 00021485 ____A C:\ComboFix.txt
2012-09-03 22:50 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini
2012-09-03 22:04 - 2012-08-27 20:46 - 00000940 ____A C:\Windows\PFRO.log
2012-09-03 17:44 - 2012-08-25 02:19 - 00000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000UA.job
2012-09-03 12:09 - 2012-09-03 12:09 - 02193345 ____A C:\Users\IdHusseys\Downloads\tdsskiller.zip
2012-09-01 19:48 - 2012-09-01 17:49 - 00607260 ____A (Swearware) C:\Users\IdHusseys\Desktop\dds.com
2012-09-01 04:26 - 2012-09-01 04:26 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-01 02:34 - 2012-08-25 02:19 - 00000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000Core.job
2012-08-31 23:27 - 2012-08-31 23:27 - 00001975 ____A C:\Users\Public\Desktop\VIPRE.lnk
2012-08-31 22:47 - 2012-08-31 22:47 - 00184231 ____A C:\Users\IdHusseys\Downloads\12-7-11_fakereanfix.zip
2012-08-31 16:19 - 2012-08-31 16:19 - 00000093 ____A C:\Users\IdHusseys\AppData\Roaming\netstat.bat
2012-08-31 13:57 - 2012-08-31 13:57 - 00058080 ____A C:\Users\IdHusseys\Desktop\Affmagic_08_29_2012.zip
2012-08-30 22:49 - 2012-08-30 20:12 - 00001066 ____A C:\Users\IdHusseys\Desktop\Duct Tape SEO V2 2012 CopyCat SEO.txt
2012-08-30 22:38 - 2012-08-30 22:39 - 00080549 ____A C:\Users\IdHusseys\Desktop\lv.htm
2012-08-29 15:41 - 2012-08-29 15:41 - 00047496 ____A (GFI Software) C:\Windows\SysWOW64\sbbd.exe
2012-08-29 15:41 - 2010-04-17 08:15 - 00047496 ____A (GFI Software) C:\Windows\System32\sbbd.exe
2012-08-29 14:28 - 2012-08-29 14:28 - 00282691 ___AH C:\Users\IdHusseys\Downloads\www.curadebt.com (DTOX, 2012-08-29) - LinkResearchTools - OVERVIEW Percentages.htm
2012-08-27 19:34 - 2012-08-26 17:25 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-08-27 19:34 - 2011-10-21 16:50 - 00916456 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-08-27 14:52 - 2012-08-27 14:52 - 00000915 ____A C:\Users\IdHusseys\Desktop\Xenu.lnk
2012-08-27 14:36 - 2012-08-27 14:35 - 00000308 ____A C:\Users\IdHusseys\Desktop\TO DO ON YOUR SITES.txt
2012-08-26 11:26 - 2012-08-26 11:26 - 00086816 ____A (GFI Software) C:\Windows\System32\Drivers\sbwtis.sys
2012-08-25 18:31 - 2010-07-15 11:12 - 00579257 ____A C:\Users\IdHusseys\.ranktracker.properties
2012-08-25 02:51 - 2011-07-06 11:37 - 00001192 ____A C:\Users\Public\Desktop\My LastPass Vault.lnk
2012-08-25 02:22 - 2012-08-25 02:21 - 14690376 ____A (LastPass) C:\Users\IdHusseys\Downloads\lastpass_x64 (1).exe
2012-08-25 02:20 - 2012-08-25 02:20 - 00002392 ____A C:\Users\IdHusseys\Desktop\Google Chrome.lnk
2012-08-24 14:38 - 2010-07-24 14:55 - 04159475 ____A C:\Users\IdHusseys\.websiteauditor.properties
2012-08-24 01:02 - 2012-06-17 17:22 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2012-08-24 01:02 - 2010-04-15 20:03 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-08-23 21:34 - 2012-08-23 21:34 - 14790243 ____A (Jayson Yanuaria ) C:\Program Files (x86)\SERPAttacks_Video.exe
2012-08-23 21:31 - 2010-04-10 12:39 - 00092928 ___AH C:\Users\IdHusseys\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-23 19:39 - 2012-08-23 19:36 - 20348849 ____A C:\Program Files (x86)\Sun_ODF_Template_Pack2_en-US.oxt
2012-08-23 19:38 - 2012-08-23 19:32 - 135933721 ____A C:\Program Files (x86)\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_en-US.exe
2012-08-23 15:24 - 2011-04-19 14:42 - 00165516 ___AH C:\Windows\SysWOW64\mlfcache.dat
2012-08-23 13:23 - 2012-08-14 14:24 - 15428440 ____A (Adobe Systems Inc.) C:\Program Files (x86)\AdobeAIRInstaller.exe
2012-08-22 16:56 - 2012-08-22 16:56 - 00001948 ____A C:\Users\Public\Desktop\A1 Keyword Research 4.lnk
2012-08-22 01:05 - 2012-08-22 01:05 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-22 01:05 - 2012-08-22 01:05 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-08-22 00:10 - 2012-08-22 00:09 - 00000929 ____A C:\Users\IdHusseys\Desktop\LYNX.lnk
2012-08-20 02:38 - 2012-08-20 02:38 - 00000000 ____A C:\Windows\setuperr.log
2012-08-20 02:37 - 2012-03-07 02:20 - 00000498 ____A C:\Windows\SysWOW64\CountScans.XML
2012-08-20 02:31 - 2011-01-17 23:49 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-08-16 14:46 - 2010-07-15 23:27 - 00532409 ____A C:\Users\IdHusseys\.linkassistant.properties
2012-08-16 11:07 - 2010-04-11 14:46 - 62134624 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-08-12 14:58 - 2010-10-12 08:19 - 00000348 ____A C:\Windows\Tasks\HPCeeScheduleForIdHusseys.job
2012-08-11 13:18 - 2012-08-11 13:18 - 00001957 ____A C:\Users\Public\Desktop\A1 Website Analyzer 4.lnk
2012-08-02 15:31 - 2010-07-25 23:05 - 00638358 ____A C:\Users\IdHusseys\.spyglass.properties
2012-08-01 18:33 - 2012-08-01 18:33 - 00005477 ___AH C:\Users\IdHusseys\.recently-used.xbel
2012-08-01 12:36 - 2012-08-01 12:36 - 00082872 ____A (GFI Software) C:\Windows\System32\Drivers\sbapifs.sys
2012-07-18 10:15 - 2012-08-15 10:28 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-09 18:15 - 2012-07-09 17:34 - 00000131 ____A C:\Users\IdHusseys\Desktop\Job Search Passwords.txt
2012-07-04 14:16 - 2012-08-15 10:28 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-04 14:13 - 2012-08-15 10:28 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-04 14:13 - 2012-08-15 10:28 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-07-04 13:16 - 2012-08-15 10:28 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-07-04 13:14 - 2012-08-15 10:28 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-06-28 20:55 - 2012-08-16 11:13 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-28 20:09 - 2012-08-16 11:13 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-28 19:56 - 2012-08-16 11:13 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-28 19:49 - 2012-08-16 11:13 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-28 19:49 - 2012-08-16 11:13 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-28 19:48 - 2012-08-16 11:13 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-28 19:47 - 2012-08-16 11:13 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-28 19:45 - 2012-08-16 11:13 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-28 19:44 - 2012-08-16 11:13 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-28 19:43 - 2012-08-16 11:13 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-28 19:42 - 2012-08-16 11:13 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-28 19:40 - 2012-08-16 11:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-28 19:39 - 2012-08-16 11:13 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-28 19:35 - 2012-08-16 11:13 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-28 16:52 - 2012-08-16 11:13 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-28 16:27 - 2012-08-16 11:13 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-28 16:16 - 2012-08-16 11:13 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-28 16:09 - 2012-08-16 11:13 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-28 16:09 - 2012-08-16 11:13 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-28 16:08 - 2012-08-16 11:13 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-28 16:07 - 2012-08-16 11:13 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-28 16:06 - 2012-08-16 11:13 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-28 16:04 - 2012-08-16 11:13 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-28 16:04 - 2012-08-16 11:13 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-28 16:01 - 2012-08-16 11:13 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-28 16:01 - 2012-08-16 11:13 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-28 16:00 - 2012-08-16 11:13 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-28 15:57 - 2012-08-16 11:13 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-26 11:53 - 2012-06-26 11:53 - 04518720 ____A (FileZilla Project) C:\Users\IdHusseys\Downloads\FileZilla_3.5.3_win32-setup.exe
2012-06-26 11:53 - 2012-06-26 11:53 - 00001964 ____A C:\Users\Public\Desktop\FileZilla Client.lnk
2012-06-22 21:16 - 2012-06-22 15:44 - 00011183 ____A C:\Users\IdHusseys\Desktop\Penguin Part 3 Post.txt
2012-06-20 22:49 - 2012-06-20 22:49 - 00003638 ____A C:\Users\IdHusseys\Desktop\object-cache.php
2012-06-20 22:48 - 2012-06-20 22:48 - 00001316 ____A C:\Users\IdHusseys\Desktop\db.php
2012-06-20 19:27 - 2012-06-20 16:51 - 00001023 ____A C:\Users\IdHusseys\Desktop\Flipping My Sites Evaluation.txt
2012-06-16 01:41 - 2012-06-16 01:41 - 00000088 ___AH C:\Users\IdHusseys\.95d691779473f3e03bc4b4e56319d74c.key
2012-06-16 01:32 - 2012-06-16 01:32 - 02271405 ___AH C:\Users\IdHusseys\Downloads\LongTailProTrial (1).zip
2012-06-16 01:28 - 2012-06-16 01:28 - 02271405 ___AH C:\Users\IdHusseys\Downloads\LongTailProTrial.zip
2012-06-15 22:45 - 2012-06-15 19:05 - 00012666 ____A C:\Users\IdHusseys\Desktop\Pand Recovery Part 2 Income Diversification.txt
2012-06-13 14:29 - 2012-06-13 14:29 - 00290432 ___AH C:\Users\IdHusseys\Downloads\cj_tactics-getresponse-3-16-12.csv
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-08-29 20:32:41
Restore point made on: 2012-08-30 11:31:10
Restore point made on: 2012-08-31 15:36:56
Restore point made on: 2012-08-31 17:32:35
Restore point made on: 2012-08-31 17:34:57
Restore point made on: 2012-08-31 17:44:11
Restore point made on: 2012-08-31 17:45:13
Restore point made on: 2012-08-31 17:46:07
Restore point made on: 2012-08-31 17:46:48
Restore point made on: 2012-08-31 17:51:44
Restore point made on: 2012-09-07 21:30:17
==================== Memory info ===========================
Percentage of memory in use: 20%
Total physical RAM: 2812.2 MB
Available physical RAM: 2243.97 MB
Total Pagefile: 2810.35 MB
Available Pagefile: 2239.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
==================== Partitions ============================
1 Drive c: () (Fixed) (Total:219.07 GB) (Free:154.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (RECOVERY) (Fixed) (Total:13.52 GB) (Free:2.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive h: () (Removable) (Total:7.45 GB) (Free:7.36 GB) FAT32
6 Drive I: (GRMCHPXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
8 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 Online 7633 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 219 GB 200 MB
Partition 3 Primary 13 GB 219 GB
Partition 4 Primary 103 MB 232 GB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Y SYSTEM NTFS Partition 199 MB Healthy
==================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C NTFS Partition 219 GB Healthy
==================================================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E RECOVERY NTFS Partition 13 GB Healthy
==================================================================================
Disk: 0
Partition 4
Type : 0C
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 F HP_TOOLS FAT32 Partition 103 MB Healthy
==================================================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7633 MB 16 KB
==================================================================================
Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 H FAT32 Removable 7633 MB Healthy
==================================================================================
Last Boot: 2012-08-27 07:39
==================== End Of Log =============================
Ran by SYSTEM at 2012-09-08 14:02:21
Running from H:\
================== Search: "services.exe" ===================
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\ERDNT\cache64\services.exe
[2011-06-16 12:35] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
====== End Of Search ======
Scan result of Farbar Recovery Scan Tool (x64) Version: 05-09-2012
Ran by SYSTEM at 08-09-2012 14:00:35
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" [1860496 2011-04-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [SBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe" [3149704 2012-08-29] (GFI Software)
HKU\IdHusseys\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2010-03-19] (Hewlett-Packard Company)
HKU\IdHusseys\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17145992 2012-02-15] (Skype Technologies S.A.)
HKU\IdHusseys\...\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-17] (Alexander Nikiforov)
Startup: C:\Users\IdHusseys\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\IdHusseys\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Services ====================
2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
3 OpenVPNService; "C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe" [36352 2011-07-13] ()
2 SBAMSvc; "C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe" [3677000 2012-08-29] (GFI Software)
2 SBPIMSvc; "C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe" [175496 2012-08-29] (GFI Software)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [x]
==================== Drivers =================================
3 catchme; \??\C:\ComboFix\catchme.sys [x]
3 RtsUIR; C:\Windows\System32\DRIVERS\Rts516xIR.sys [x]
3 USBCCID; C:\Windows\System32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) =================
==================== One Month Created Files and Folders ======================
2012-09-07 21:52 - 2012-09-07 21:52 - 00092928 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2012-09-07 21:49 - 2012-09-08 11:57 - 00131072 ____A C:\Windows\System32\Ikeext.etl
2012-09-07 21:44 - 2008-05-07 21:03 - 00303616 ____A ( ) C:\SetACL.exe
2012-09-07 21:31 - 2004-06-11 15:33 - 00290304 ____A (Microsoft Corporation) C:\subinacl.exe
2012-09-07 21:04 - 2012-09-07 21:04 - 00003304 ____N C:\bootsqm.dat
2012-09-07 20:56 - 2012-09-07 21:48 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2012-09-07 20:55 - 2012-09-07 20:55 - 00002251 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2012-09-07 20:55 - 2012-09-07 20:55 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2012-09-07 20:55 - 2012-09-07 20:54 - 05313275 ____A C:\Users\IdHusseys\Desktop\tweaking.com_windows_repair_aio_setup.exe
2012-09-07 19:33 - 2012-09-08 14:00 - 00000000 ____D C:\FRST
2012-09-04 16:00 - 2012-09-04 16:02 - 00000000 ___SD C:\32788R22FWJFW
2012-09-03 23:10 - 2012-09-03 23:10 - 00021485 ____A C:\ComboFix.txt
2012-09-03 21:15 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-09-03 21:15 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-09-03 21:15 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-09-03 21:14 - 2012-09-03 23:10 - 00000000 ____D C:\ComboFix
2012-09-03 21:13 - 2012-09-03 23:10 - 00000000 ____D C:\Qoobox
2012-09-03 12:09 - 2012-09-03 12:09 - 02193345 ____A C:\Users\IdHusseys\Downloads\tdsskiller.zip
2012-09-02 12:16 - 2012-09-02 12:18 - 00000000 ____D C:\Users\IdHusseys\Desktop\RK_Quarantine
2012-09-01 17:49 - 2012-09-01 19:48 - 00607260 ____A (Swearware) C:\Users\IdHusseys\Desktop\dds.com
2012-09-01 04:26 - 2012-09-01 04:26 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-01 04:26 - 2012-09-01 04:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-31 23:27 - 2012-08-31 23:27 - 00001975 ____A C:\Users\Public\Desktop\VIPRE.lnk
2012-08-31 22:47 - 2012-08-31 22:47 - 00184231 ____A C:\Users\IdHusseys\Downloads\12-7-11_fakereanfix.zip
2012-08-31 16:19 - 2012-08-31 16:19 - 00000093 ____A C:\Users\IdHusseys\AppData\Roaming\netstat.bat
2012-08-31 13:57 - 2012-08-31 13:57 - 00058080 ____A C:\Users\IdHusseys\Desktop\Affmagic_08_29_2012.zip
2012-08-30 22:39 - 2012-08-30 22:38 - 00080549 ____A C:\Users\IdHusseys\Desktop\lv.htm
2012-08-30 20:12 - 2012-08-30 22:49 - 00001066 ____A C:\Users\IdHusseys\Desktop\Duct Tape SEO V2 2012 CopyCat SEO.txt
2012-08-29 15:41 - 2012-08-29 15:41 - 00047496 ____A (GFI Software) C:\Windows\SysWOW64\sbbd.exe
2012-08-29 14:28 - 2012-08-31 16:48 - 00000000 ____D C:\Users\IdHusseys\Downloads\www.curadebt.com (DTOX, 2012-08-29) - LinkResearchTools - OVERVIEW Percentages_files
2012-08-29 14:28 - 2012-08-29 14:28 - 00282691 ___AH C:\Users\IdHusseys\Downloads\www.curadebt.com (DTOX, 2012-08-29) - LinkResearchTools - OVERVIEW Percentages.htm
2012-08-27 20:46 - 2012-09-03 22:04 - 00000940 ____A C:\Windows\PFRO.log
2012-08-27 14:52 - 2012-08-27 14:52 - 00000915 ____A C:\Users\IdHusseys\Desktop\Xenu.lnk
2012-08-27 14:35 - 2012-08-27 14:36 - 00000308 ____A C:\Users\IdHusseys\Desktop\TO DO ON YOUR SITES.txt
2012-08-26 17:25 - 2012-08-27 19:34 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-08-26 11:26 - 2012-08-26 11:26 - 00086816 ____A (GFI Software) C:\Windows\System32\Drivers\sbwtis.sys
2012-08-25 02:21 - 2012-08-25 02:22 - 14690376 ____A (LastPass) C:\Users\IdHusseys\Downloads\lastpass_x64 (1).exe
2012-08-25 02:20 - 2012-08-25 02:20 - 00002392 ____A C:\Users\IdHusseys\Desktop\Google Chrome.lnk
2012-08-25 02:19 - 2012-09-03 17:44 - 00000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000UA.job
2012-08-25 02:19 - 2012-09-01 02:34 - 00000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000Core.job
2012-08-24 22:57 - 2012-08-30 03:28 - 00000000 ___HD C:\Users\IdHusseys\Documents\Magic Rank Tracker Reports
2012-08-23 21:34 - 2012-08-23 21:34 - 14790243 ____A (Jayson Yanuaria ) C:\Program Files (x86)\SERPAttacks_Video.exe
2012-08-23 21:22 - 2012-08-31 16:51 - 00000000 ____D C:\Program Files (x86)\Market Samurai
2012-08-23 21:22 - 2012-08-31 16:37 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-08-23 21:22 - 2012-08-31 16:37 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-08-23 19:36 - 2012-08-23 19:39 - 20348849 ____A C:\Program Files (x86)\Sun_ODF_Template_Pack2_en-US.oxt
2012-08-23 19:32 - 2012-08-23 19:38 - 135933721 ____A C:\Program Files (x86)\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_en-US.exe
2012-08-22 16:56 - 2012-08-22 16:56 - 00001948 ____A C:\Users\Public\Desktop\A1 Keyword Research 4.lnk
2012-08-22 01:05 - 2012-08-22 01:05 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-22 01:05 - 2012-08-22 01:05 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-08-22 00:09 - 2012-08-22 00:10 - 00000929 ____A C:\Users\IdHusseys\Desktop\LYNX.lnk
2012-08-22 00:08 - 2012-08-31 16:51 - 00000000 ____D C:\lynx_w32
2012-08-21 21:10 - 2012-08-31 16:52 - 00000000 ____D C:\Users\IdHusseys\Desktop\lynx2-8-7
2012-08-20 02:38 - 2012-09-08 11:56 - 00003874 ____A C:\Windows\setupact.log
2012-08-20 02:38 - 2012-08-20 02:38 - 00000000 ____A C:\Windows\setuperr.log
2012-08-16 11:13 - 2012-06-28 20:55 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-16 11:13 - 2012-06-28 20:09 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-16 11:13 - 2012-06-28 19:56 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-16 11:13 - 2012-06-28 19:49 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-16 11:13 - 2012-06-28 19:49 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-16 11:13 - 2012-06-28 19:48 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-16 11:13 - 2012-06-28 19:47 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-16 11:13 - 2012-06-28 19:45 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-16 11:13 - 2012-06-28 19:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-16 11:13 - 2012-06-28 19:43 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-16 11:13 - 2012-06-28 19:42 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-16 11:13 - 2012-06-28 19:40 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-16 11:13 - 2012-06-28 19:39 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-16 11:13 - 2012-06-28 19:35 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-16 11:13 - 2012-06-28 16:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-16 11:13 - 2012-06-28 16:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-16 11:13 - 2012-06-28 16:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-16 11:13 - 2012-06-28 16:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-16 11:13 - 2012-06-28 16:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-16 11:13 - 2012-06-28 16:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-16 11:13 - 2012-06-28 16:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-16 11:13 - 2012-06-28 16:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-16 11:13 - 2012-06-28 16:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-16 11:13 - 2012-06-28 16:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-16 11:13 - 2012-06-28 16:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-16 11:13 - 2012-06-28 16:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-16 11:13 - 2012-06-28 16:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-16 11:13 - 2012-06-28 15:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-15 10:28 - 2012-07-18 10:15 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-08-15 10:28 - 2012-07-04 14:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-15 10:28 - 2012-07-04 14:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-08-15 10:28 - 2012-07-04 14:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-08-15 10:28 - 2012-07-04 13:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-08-15 10:28 - 2012-07-04 13:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-08-15 10:28 - 2012-05-13 21:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-15 10:28 - 2012-05-05 00:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-08-15 10:28 - 2012-05-04 23:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2012-08-15 10:28 - 2012-02-10 22:43 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-08-15 10:28 - 2012-02-10 22:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-08-15 10:28 - 2012-02-10 22:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2012-08-15 10:28 - 2012-02-10 21:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2012-08-14 14:24 - 2012-08-23 13:23 - 15428440 ____A (Adobe Systems Inc.) C:\Program Files (x86)\AdobeAIRInstaller.exe
2012-08-14 13:49 - 2012-08-14 13:49 - 00000000 ___HD C:\Users\IdHusseys\AppData\Local\{136E17CE-9D8C-4576-B5FB-9FD9476CEE7D}
2012-08-13 11:53 - 2012-08-13 11:54 - 00000000 ___HD C:\Users\IdHusseys\AppData\Local\{22CFA543-8BC0-487D-B925-78E6564E6786}
2012-08-11 13:18 - 2012-08-31 16:39 - 00000000 ____D C:\Users\IdHusseys\Documents\Microsys
2012-08-11 13:18 - 2012-08-22 16:56 - 00000000 ___HD C:\Users\IdHusseys\AppData\Roaming\Microsys
2012-08-11 13:18 - 2012-08-11 13:18 - 00001957 ____A C:\Users\Public\Desktop\A1 Website Analyzer 4.lnk
2012-08-11 13:17 - 2012-08-31 16:33 - 00000000 ____D C:\Program Files\Microsys
2012-08-09 12:55 - 1997-06-06 13:52 - 00011264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
==================== 3 Months Modified Files ================================
2012-09-08 11:57 - 2012-09-07 21:49 - 00131072 ____A C:\Windows\System32\Ikeext.etl
2012-09-08 11:57 - 2009-07-13 21:08 - 00032582 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-09-08 11:57 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-09-08 11:57 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-09-08 11:57 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-09-08 11:56 - 2012-08-20 02:38 - 00003874 ____A C:\Windows\setupact.log
2012-09-08 11:56 - 2009-12-21 00:30 - 01827493 ____A C:\Windows\WindowsUpdate.log
2012-09-07 21:57 - 2009-07-13 21:13 - 00782480 ____A C:\Windows\System32\PerfStringBackup.INI
2012-09-07 21:52 - 2012-09-07 21:52 - 00092928 ____A C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2012-09-07 21:52 - 2012-09-07 21:52 - 00092928 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2012-09-07 21:49 - 2009-07-13 20:45 - 00377688 ____A C:\Windows\System32\FNTCACHE.DAT
2012-09-07 21:48 - 2012-09-07 20:56 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2012-09-07 21:46 - 2010-06-06 13:21 - 00782480 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-09-07 21:04 - 2012-09-07 21:04 - 00003304 ____N C:\bootsqm.dat
2012-09-07 20:55 - 2012-09-07 20:55 - 00002251 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2012-09-07 20:54 - 2012-09-07 20:55 - 05313275 ____A C:\Users\IdHusseys\Desktop\tweaking.com_windows_repair_aio_setup.exe
2012-09-03 23:10 - 2012-09-03 23:10 - 00021485 ____A C:\ComboFix.txt
2012-09-03 22:50 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini
2012-09-03 22:04 - 2012-08-27 20:46 - 00000940 ____A C:\Windows\PFRO.log
2012-09-03 17:44 - 2012-08-25 02:19 - 00000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000UA.job
2012-09-03 12:09 - 2012-09-03 12:09 - 02193345 ____A C:\Users\IdHusseys\Downloads\tdsskiller.zip
2012-09-01 19:48 - 2012-09-01 17:49 - 00607260 ____A (Swearware) C:\Users\IdHusseys\Desktop\dds.com
2012-09-01 04:26 - 2012-09-01 04:26 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-01 02:34 - 2012-08-25 02:19 - 00000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000Core.job
2012-08-31 23:27 - 2012-08-31 23:27 - 00001975 ____A C:\Users\Public\Desktop\VIPRE.lnk
2012-08-31 22:47 - 2012-08-31 22:47 - 00184231 ____A C:\Users\IdHusseys\Downloads\12-7-11_fakereanfix.zip
2012-08-31 16:19 - 2012-08-31 16:19 - 00000093 ____A C:\Users\IdHusseys\AppData\Roaming\netstat.bat
2012-08-31 13:57 - 2012-08-31 13:57 - 00058080 ____A C:\Users\IdHusseys\Desktop\Affmagic_08_29_2012.zip
2012-08-30 22:49 - 2012-08-30 20:12 - 00001066 ____A C:\Users\IdHusseys\Desktop\Duct Tape SEO V2 2012 CopyCat SEO.txt
2012-08-30 22:38 - 2012-08-30 22:39 - 00080549 ____A C:\Users\IdHusseys\Desktop\lv.htm
2012-08-29 15:41 - 2012-08-29 15:41 - 00047496 ____A (GFI Software) C:\Windows\SysWOW64\sbbd.exe
2012-08-29 15:41 - 2010-04-17 08:15 - 00047496 ____A (GFI Software) C:\Windows\System32\sbbd.exe
2012-08-29 14:28 - 2012-08-29 14:28 - 00282691 ___AH C:\Users\IdHusseys\Downloads\www.curadebt.com (DTOX, 2012-08-29) - LinkResearchTools - OVERVIEW Percentages.htm
2012-08-27 19:34 - 2012-08-26 17:25 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-08-27 19:34 - 2011-10-21 16:50 - 00916456 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-08-27 14:52 - 2012-08-27 14:52 - 00000915 ____A C:\Users\IdHusseys\Desktop\Xenu.lnk
2012-08-27 14:36 - 2012-08-27 14:35 - 00000308 ____A C:\Users\IdHusseys\Desktop\TO DO ON YOUR SITES.txt
2012-08-26 11:26 - 2012-08-26 11:26 - 00086816 ____A (GFI Software) C:\Windows\System32\Drivers\sbwtis.sys
2012-08-25 18:31 - 2010-07-15 11:12 - 00579257 ____A C:\Users\IdHusseys\.ranktracker.properties
2012-08-25 02:51 - 2011-07-06 11:37 - 00001192 ____A C:\Users\Public\Desktop\My LastPass Vault.lnk
2012-08-25 02:22 - 2012-08-25 02:21 - 14690376 ____A (LastPass) C:\Users\IdHusseys\Downloads\lastpass_x64 (1).exe
2012-08-25 02:20 - 2012-08-25 02:20 - 00002392 ____A C:\Users\IdHusseys\Desktop\Google Chrome.lnk
2012-08-24 14:38 - 2010-07-24 14:55 - 04159475 ____A C:\Users\IdHusseys\.websiteauditor.properties
2012-08-24 01:02 - 2012-06-17 17:22 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2012-08-24 01:02 - 2010-04-15 20:03 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-08-23 21:34 - 2012-08-23 21:34 - 14790243 ____A (Jayson Yanuaria ) C:\Program Files (x86)\SERPAttacks_Video.exe
2012-08-23 21:31 - 2010-04-10 12:39 - 00092928 ___AH C:\Users\IdHusseys\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-23 19:39 - 2012-08-23 19:36 - 20348849 ____A C:\Program Files (x86)\Sun_ODF_Template_Pack2_en-US.oxt
2012-08-23 19:38 - 2012-08-23 19:32 - 135933721 ____A C:\Program Files (x86)\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_en-US.exe
2012-08-23 15:24 - 2011-04-19 14:42 - 00165516 ___AH C:\Windows\SysWOW64\mlfcache.dat
2012-08-23 13:23 - 2012-08-14 14:24 - 15428440 ____A (Adobe Systems Inc.) C:\Program Files (x86)\AdobeAIRInstaller.exe
2012-08-22 16:56 - 2012-08-22 16:56 - 00001948 ____A C:\Users\Public\Desktop\A1 Keyword Research 4.lnk
2012-08-22 01:05 - 2012-08-22 01:05 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-22 01:05 - 2012-08-22 01:05 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-08-22 00:10 - 2012-08-22 00:09 - 00000929 ____A C:\Users\IdHusseys\Desktop\LYNX.lnk
2012-08-20 02:38 - 2012-08-20 02:38 - 00000000 ____A C:\Windows\setuperr.log
2012-08-20 02:37 - 2012-03-07 02:20 - 00000498 ____A C:\Windows\SysWOW64\CountScans.XML
2012-08-20 02:31 - 2011-01-17 23:49 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-08-16 14:46 - 2010-07-15 23:27 - 00532409 ____A C:\Users\IdHusseys\.linkassistant.properties
2012-08-16 11:07 - 2010-04-11 14:46 - 62134624 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-08-12 14:58 - 2010-10-12 08:19 - 00000348 ____A C:\Windows\Tasks\HPCeeScheduleForIdHusseys.job
2012-08-11 13:18 - 2012-08-11 13:18 - 00001957 ____A C:\Users\Public\Desktop\A1 Website Analyzer 4.lnk
2012-08-02 15:31 - 2010-07-25 23:05 - 00638358 ____A C:\Users\IdHusseys\.spyglass.properties
2012-08-01 18:33 - 2012-08-01 18:33 - 00005477 ___AH C:\Users\IdHusseys\.recently-used.xbel
2012-08-01 12:36 - 2012-08-01 12:36 - 00082872 ____A (GFI Software) C:\Windows\System32\Drivers\sbapifs.sys
2012-07-18 10:15 - 2012-08-15 10:28 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-09 18:15 - 2012-07-09 17:34 - 00000131 ____A C:\Users\IdHusseys\Desktop\Job Search Passwords.txt
2012-07-04 14:16 - 2012-08-15 10:28 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-04 14:13 - 2012-08-15 10:28 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-04 14:13 - 2012-08-15 10:28 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-07-04 13:16 - 2012-08-15 10:28 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-07-04 13:14 - 2012-08-15 10:28 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-06-28 20:55 - 2012-08-16 11:13 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-28 20:09 - 2012-08-16 11:13 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-28 19:56 - 2012-08-16 11:13 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-28 19:49 - 2012-08-16 11:13 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-28 19:49 - 2012-08-16 11:13 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-28 19:48 - 2012-08-16 11:13 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-28 19:47 - 2012-08-16 11:13 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-28 19:45 - 2012-08-16 11:13 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-28 19:44 - 2012-08-16 11:13 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-28 19:43 - 2012-08-16 11:13 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-28 19:42 - 2012-08-16 11:13 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-28 19:40 - 2012-08-16 11:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-28 19:39 - 2012-08-16 11:13 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-28 19:35 - 2012-08-16 11:13 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-28 16:52 - 2012-08-16 11:13 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-28 16:27 - 2012-08-16 11:13 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-28 16:16 - 2012-08-16 11:13 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-28 16:09 - 2012-08-16 11:13 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-28 16:09 - 2012-08-16 11:13 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-28 16:08 - 2012-08-16 11:13 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-28 16:07 - 2012-08-16 11:13 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-28 16:06 - 2012-08-16 11:13 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-28 16:04 - 2012-08-16 11:13 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-28 16:04 - 2012-08-16 11:13 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-28 16:01 - 2012-08-16 11:13 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-28 16:01 - 2012-08-16 11:13 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-28 16:00 - 2012-08-16 11:13 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-28 15:57 - 2012-08-16 11:13 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-26 11:53 - 2012-06-26 11:53 - 04518720 ____A (FileZilla Project) C:\Users\IdHusseys\Downloads\FileZilla_3.5.3_win32-setup.exe
2012-06-26 11:53 - 2012-06-26 11:53 - 00001964 ____A C:\Users\Public\Desktop\FileZilla Client.lnk
2012-06-22 21:16 - 2012-06-22 15:44 - 00011183 ____A C:\Users\IdHusseys\Desktop\Penguin Part 3 Post.txt
2012-06-20 22:49 - 2012-06-20 22:49 - 00003638 ____A C:\Users\IdHusseys\Desktop\object-cache.php
2012-06-20 22:48 - 2012-06-20 22:48 - 00001316 ____A C:\Users\IdHusseys\Desktop\db.php
2012-06-20 19:27 - 2012-06-20 16:51 - 00001023 ____A C:\Users\IdHusseys\Desktop\Flipping My Sites Evaluation.txt
2012-06-16 01:41 - 2012-06-16 01:41 - 00000088 ___AH C:\Users\IdHusseys\.95d691779473f3e03bc4b4e56319d74c.key
2012-06-16 01:32 - 2012-06-16 01:32 - 02271405 ___AH C:\Users\IdHusseys\Downloads\LongTailProTrial (1).zip
2012-06-16 01:28 - 2012-06-16 01:28 - 02271405 ___AH C:\Users\IdHusseys\Downloads\LongTailProTrial.zip
2012-06-15 22:45 - 2012-06-15 19:05 - 00012666 ____A C:\Users\IdHusseys\Desktop\Pand Recovery Part 2 Income Diversification.txt
2012-06-13 14:29 - 2012-06-13 14:29 - 00290432 ___AH C:\Users\IdHusseys\Downloads\cj_tactics-getresponse-3-16-12.csv
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-08-29 20:32:41
Restore point made on: 2012-08-30 11:31:10
Restore point made on: 2012-08-31 15:36:56
Restore point made on: 2012-08-31 17:32:35
Restore point made on: 2012-08-31 17:34:57
Restore point made on: 2012-08-31 17:44:11
Restore point made on: 2012-08-31 17:45:13
Restore point made on: 2012-08-31 17:46:07
Restore point made on: 2012-08-31 17:46:48
Restore point made on: 2012-08-31 17:51:44
Restore point made on: 2012-09-07 21:30:17
==================== Memory info ===========================
Percentage of memory in use: 20%
Total physical RAM: 2812.2 MB
Available physical RAM: 2243.97 MB
Total Pagefile: 2810.35 MB
Available Pagefile: 2239.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
==================== Partitions ============================
1 Drive c: () (Fixed) (Total:219.07 GB) (Free:154.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (RECOVERY) (Fixed) (Total:13.52 GB) (Free:2.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive h: () (Removable) (Total:7.45 GB) (Free:7.36 GB) FAT32
6 Drive I: (GRMCHPXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
8 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 Online 7633 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 219 GB 200 MB
Partition 3 Primary 13 GB 219 GB
Partition 4 Primary 103 MB 232 GB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Y SYSTEM NTFS Partition 199 MB Healthy
==================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C NTFS Partition 219 GB Healthy
==================================================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E RECOVERY NTFS Partition 13 GB Healthy
==================================================================================
Disk: 0
Partition 4
Type : 0C
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 F HP_TOOLS FAT32 Partition 103 MB Healthy
==================================================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7633 MB 16 KB
==================================================================================
Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 H FAT32 Removable 7633 MB Healthy
==================================================================================
Last Boot: 2012-08-27 07:39
==================== End Of Log =============================
Broni
Posts: 56,041 +516
Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the UBCD.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
Restart normally and see if you have your connection back.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the UBCD.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
Restart normally and see if you have your connection back.
Similar threads
Latest posts
-
8BitDo updates gamepads with drift-proof hall-effect analog sticks- Daniel Sims replied
-
The Best Handheld Gaming Consoles- amghwk replied
-
Generative AI could soon decimate the call center industry, says CEO- wiyosaya replied