Farbar Recovery Scan Tool (x64) Version: 05-09-2012
Ran by SYSTEM at 2012-09-08 14:02:21
Running from H:\
================== Search: "services.exe" ===================
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\ERDNT\cache64\services.exe
[2011-06-16 12:35] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
====== End Of Search ======
Scan result of Farbar Recovery Scan Tool (x64) Version: 05-09-2012
Ran by SYSTEM at 08-09-2012 14:00:35
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" [1860496 2011-04-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [SBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe" [3149704 2012-08-29] (GFI Software)
HKU\IdHusseys\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2010-03-19] (Hewlett-Packard Company)
HKU\IdHusseys\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17145992 2012-02-15] (Skype Technologies S.A.)
HKU\IdHusseys\...\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-17] (Alexander Nikiforov)
Startup: C:\Users\IdHusseys\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\IdHusseys\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Services ====================
2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
3 OpenVPNService; "C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe" [36352 2011-07-13] ()
2 SBAMSvc; "C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe" [3677000 2012-08-29] (GFI Software)
2 SBPIMSvc; "C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe" [175496 2012-08-29] (GFI Software)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [x]
==================== Drivers =================================
3 catchme; \??\C:\ComboFix\catchme.sys [x]
3 RtsUIR; C:\Windows\System32\DRIVERS\Rts516xIR.sys [x]
3 USBCCID; C:\Windows\System32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) =================
==================== One Month Created Files and Folders ======================
2012-09-07 21:52 - 2012-09-07 21:52 - 00092928 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2012-09-07 21:49 - 2012-09-08 11:57 - 00131072 ____A C:\Windows\System32\Ikeext.etl
2012-09-07 21:44 - 2008-05-07 21:03 - 00303616 ____A ( ) C:\SetACL.exe
2012-09-07 21:31 - 2004-06-11 15:33 - 00290304 ____A (Microsoft Corporation) C:\subinacl.exe
2012-09-07 21:04 - 2012-09-07 21:04 - 00003304 ____N C:\bootsqm.dat
2012-09-07 20:56 - 2012-09-07 21:48 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2012-09-07 20:55 - 2012-09-07 20:55 - 00002251 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2012-09-07 20:55 - 2012-09-07 20:55 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2012-09-07 20:55 - 2012-09-07 20:54 - 05313275 ____A C:\Users\IdHusseys\Desktop\tweaking.com_windows_repair_aio_setup.exe
2012-09-07 19:33 - 2012-09-08 14:00 - 00000000 ____D C:\FRST
2012-09-04 16:00 - 2012-09-04 16:02 - 00000000 ___SD C:\32788R22FWJFW
2012-09-03 23:10 - 2012-09-03 23:10 - 00021485 ____A C:\ComboFix.txt
2012-09-03 21:15 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-09-03 21:15 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-09-03 21:15 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-09-03 21:15 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-09-03 21:14 - 2012-09-03 23:10 - 00000000 ____D C:\ComboFix
2012-09-03 21:13 - 2012-09-03 23:10 - 00000000 ____D C:\Qoobox
2012-09-03 12:09 - 2012-09-03 12:09 - 02193345 ____A C:\Users\IdHusseys\Downloads\tdsskiller.zip
2012-09-02 12:16 - 2012-09-02 12:18 - 00000000 ____D C:\Users\IdHusseys\Desktop\RK_Quarantine
2012-09-01 17:49 - 2012-09-01 19:48 - 00607260 ____A (Swearware) C:\Users\IdHusseys\Desktop\dds.com
2012-09-01 04:26 - 2012-09-01 04:26 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-01 04:26 - 2012-09-01 04:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-31 23:27 - 2012-08-31 23:27 - 00001975 ____A C:\Users\Public\Desktop\VIPRE.lnk
2012-08-31 22:47 - 2012-08-31 22:47 - 00184231 ____A C:\Users\IdHusseys\Downloads\12-7-11_fakereanfix.zip
2012-08-31 16:19 - 2012-08-31 16:19 - 00000093 ____A C:\Users\IdHusseys\AppData\Roaming\netstat.bat
2012-08-31 13:57 - 2012-08-31 13:57 - 00058080 ____A C:\Users\IdHusseys\Desktop\Affmagic_08_29_2012.zip
2012-08-30 22:39 - 2012-08-30 22:38 - 00080549 ____A C:\Users\IdHusseys\Desktop\lv.htm
2012-08-30 20:12 - 2012-08-30 22:49 - 00001066 ____A C:\Users\IdHusseys\Desktop\Duct Tape SEO V2 2012 CopyCat SEO.txt
2012-08-29 15:41 - 2012-08-29 15:41 - 00047496 ____A (GFI Software) C:\Windows\SysWOW64\sbbd.exe
2012-08-29 14:28 - 2012-08-31 16:48 - 00000000 ____D C:\Users\IdHusseys\Downloads\
www.curadebt.com (DTOX, 2012-08-29) - LinkResearchTools - OVERVIEW Percentages_files
2012-08-29 14:28 - 2012-08-29 14:28 - 00282691 ___AH C:\Users\IdHusseys\Downloads\
www.curadebt.com (DTOX, 2012-08-29) - LinkResearchTools - OVERVIEW Percentages.htm
2012-08-27 20:46 - 2012-09-03 22:04 - 00000940 ____A C:\Windows\PFRO.log
2012-08-27 14:52 - 2012-08-27 14:52 - 00000915 ____A C:\Users\IdHusseys\Desktop\Xenu.lnk
2012-08-27 14:35 - 2012-08-27 14:36 - 00000308 ____A C:\Users\IdHusseys\Desktop\TO DO ON YOUR SITES.txt
2012-08-26 17:25 - 2012-08-27 19:34 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-08-26 11:26 - 2012-08-26 11:26 - 00086816 ____A (GFI Software) C:\Windows\System32\Drivers\sbwtis.sys
2012-08-25 02:21 - 2012-08-25 02:22 - 14690376 ____A (LastPass) C:\Users\IdHusseys\Downloads\lastpass_x64 (1).exe
2012-08-25 02:20 - 2012-08-25 02:20 - 00002392 ____A C:\Users\IdHusseys\Desktop\Google Chrome.lnk
2012-08-25 02:19 - 2012-09-03 17:44 - 00000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000UA.job
2012-08-25 02:19 - 2012-09-01 02:34 - 00000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000Core.job
2012-08-24 22:57 - 2012-08-30 03:28 - 00000000 ___HD C:\Users\IdHusseys\Documents\Magic Rank Tracker Reports
2012-08-23 21:34 - 2012-08-23 21:34 - 14790243 ____A (Jayson Yanuaria ) C:\Program Files (x86)\SERPAttacks_Video.exe
2012-08-23 21:22 - 2012-08-31 16:51 - 00000000 ____D C:\Program Files (x86)\Market Samurai
2012-08-23 21:22 - 2012-08-31 16:37 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-08-23 21:22 - 2012-08-31 16:37 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-08-23 19:36 - 2012-08-23 19:39 - 20348849 ____A C:\Program Files (x86)\Sun_ODF_Template_Pack2_en-US.oxt
2012-08-23 19:32 - 2012-08-23 19:38 - 135933721 ____A C:\Program Files (x86)\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_en-US.exe
2012-08-22 16:56 - 2012-08-22 16:56 - 00001948 ____A C:\Users\Public\Desktop\A1 Keyword Research 4.lnk
2012-08-22 01:05 - 2012-08-22 01:05 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-22 01:05 - 2012-08-22 01:05 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-08-22 00:09 - 2012-08-22 00:10 - 00000929 ____A C:\Users\IdHusseys\Desktop\LYNX.lnk
2012-08-22 00:08 - 2012-08-31 16:51 - 00000000 ____D C:\lynx_w32
2012-08-21 21:10 - 2012-08-31 16:52 - 00000000 ____D C:\Users\IdHusseys\Desktop\lynx2-8-7
2012-08-20 02:38 - 2012-09-08 11:56 - 00003874 ____A C:\Windows\setupact.log
2012-08-20 02:38 - 2012-08-20 02:38 - 00000000 ____A C:\Windows\setuperr.log
2012-08-16 11:13 - 2012-06-28 20:55 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-16 11:13 - 2012-06-28 20:09 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-16 11:13 - 2012-06-28 19:56 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-16 11:13 - 2012-06-28 19:49 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-16 11:13 - 2012-06-28 19:49 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-16 11:13 - 2012-06-28 19:48 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-16 11:13 - 2012-06-28 19:47 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-16 11:13 - 2012-06-28 19:45 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-16 11:13 - 2012-06-28 19:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-16 11:13 - 2012-06-28 19:43 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-16 11:13 - 2012-06-28 19:42 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-16 11:13 - 2012-06-28 19:40 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-16 11:13 - 2012-06-28 19:39 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-16 11:13 - 2012-06-28 19:35 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-16 11:13 - 2012-06-28 16:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-16 11:13 - 2012-06-28 16:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-16 11:13 - 2012-06-28 16:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-16 11:13 - 2012-06-28 16:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-16 11:13 - 2012-06-28 16:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-16 11:13 - 2012-06-28 16:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-16 11:13 - 2012-06-28 16:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-16 11:13 - 2012-06-28 16:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-16 11:13 - 2012-06-28 16:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-16 11:13 - 2012-06-28 16:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-16 11:13 - 2012-06-28 16:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-16 11:13 - 2012-06-28 16:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-16 11:13 - 2012-06-28 16:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-16 11:13 - 2012-06-28 15:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-15 10:28 - 2012-07-18 10:15 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-08-15 10:28 - 2012-07-04 14:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-15 10:28 - 2012-07-04 14:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-08-15 10:28 - 2012-07-04 14:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-08-15 10:28 - 2012-07-04 13:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-08-15 10:28 - 2012-07-04 13:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-08-15 10:28 - 2012-05-13 21:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-15 10:28 - 2012-05-05 00:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-08-15 10:28 - 2012-05-04 23:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2012-08-15 10:28 - 2012-02-10 22:43 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-08-15 10:28 - 2012-02-10 22:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-08-15 10:28 - 2012-02-10 22:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2012-08-15 10:28 - 2012-02-10 21:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2012-08-14 14:24 - 2012-08-23 13:23 - 15428440 ____A (Adobe Systems Inc.) C:\Program Files (x86)\AdobeAIRInstaller.exe
2012-08-14 13:49 - 2012-08-14 13:49 - 00000000 ___HD C:\Users\IdHusseys\AppData\Local\{136E17CE-9D8C-4576-B5FB-9FD9476CEE7D}
2012-08-13 11:53 - 2012-08-13 11:54 - 00000000 ___HD C:\Users\IdHusseys\AppData\Local\{22CFA543-8BC0-487D-B925-78E6564E6786}
2012-08-11 13:18 - 2012-08-31 16:39 - 00000000 ____D C:\Users\IdHusseys\Documents\Microsys
2012-08-11 13:18 - 2012-08-22 16:56 - 00000000 ___HD C:\Users\IdHusseys\AppData\Roaming\Microsys
2012-08-11 13:18 - 2012-08-11 13:18 - 00001957 ____A C:\Users\Public\Desktop\A1 Website Analyzer 4.lnk
2012-08-11 13:17 - 2012-08-31 16:33 - 00000000 ____D C:\Program Files\Microsys
2012-08-09 12:55 - 1997-06-06 13:52 - 00011264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
==================== 3 Months Modified Files ================================
2012-09-08 11:57 - 2012-09-07 21:49 - 00131072 ____A C:\Windows\System32\Ikeext.etl
2012-09-08 11:57 - 2009-07-13 21:08 - 00032582 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-09-08 11:57 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-09-08 11:57 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-09-08 11:57 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-09-08 11:56 - 2012-08-20 02:38 - 00003874 ____A C:\Windows\setupact.log
2012-09-08 11:56 - 2009-12-21 00:30 - 01827493 ____A C:\Windows\WindowsUpdate.log
2012-09-07 21:57 - 2009-07-13 21:13 - 00782480 ____A C:\Windows\System32\PerfStringBackup.INI
2012-09-07 21:52 - 2012-09-07 21:52 - 00092928 ____A C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2012-09-07 21:52 - 2012-09-07 21:52 - 00092928 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2012-09-07 21:49 - 2009-07-13 20:45 - 00377688 ____A C:\Windows\System32\FNTCACHE.DAT
2012-09-07 21:48 - 2012-09-07 20:56 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2012-09-07 21:46 - 2010-06-06 13:21 - 00782480 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-09-07 21:04 - 2012-09-07 21:04 - 00003304 ____N C:\bootsqm.dat
2012-09-07 20:55 - 2012-09-07 20:55 - 00002251 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2012-09-07 20:54 - 2012-09-07 20:55 - 05313275 ____A C:\Users\IdHusseys\Desktop\tweaking.com_windows_repair_aio_setup.exe
2012-09-03 23:10 - 2012-09-03 23:10 - 00021485 ____A C:\ComboFix.txt
2012-09-03 22:50 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini
2012-09-03 22:04 - 2012-08-27 20:46 - 00000940 ____A C:\Windows\PFRO.log
2012-09-03 17:44 - 2012-08-25 02:19 - 00000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000UA.job
2012-09-03 12:09 - 2012-09-03 12:09 - 02193345 ____A C:\Users\IdHusseys\Downloads\tdsskiller.zip
2012-09-01 19:48 - 2012-09-01 17:49 - 00607260 ____A (Swearware) C:\Users\IdHusseys\Desktop\dds.com
2012-09-01 04:26 - 2012-09-01 04:26 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-01 02:34 - 2012-08-25 02:19 - 00000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3455346300-1148100813-3106168065-1000Core.job
2012-08-31 23:27 - 2012-08-31 23:27 - 00001975 ____A C:\Users\Public\Desktop\VIPRE.lnk
2012-08-31 22:47 - 2012-08-31 22:47 - 00184231 ____A C:\Users\IdHusseys\Downloads\12-7-11_fakereanfix.zip
2012-08-31 16:19 - 2012-08-31 16:19 - 00000093 ____A C:\Users\IdHusseys\AppData\Roaming\netstat.bat
2012-08-31 13:57 - 2012-08-31 13:57 - 00058080 ____A C:\Users\IdHusseys\Desktop\Affmagic_08_29_2012.zip
2012-08-30 22:49 - 2012-08-30 20:12 - 00001066 ____A C:\Users\IdHusseys\Desktop\Duct Tape SEO V2 2012 CopyCat SEO.txt
2012-08-30 22:38 - 2012-08-30 22:39 - 00080549 ____A C:\Users\IdHusseys\Desktop\lv.htm
2012-08-29 15:41 - 2012-08-29 15:41 - 00047496 ____A (GFI Software) C:\Windows\SysWOW64\sbbd.exe
2012-08-29 15:41 - 2010-04-17 08:15 - 00047496 ____A (GFI Software) C:\Windows\System32\sbbd.exe
2012-08-29 14:28 - 2012-08-29 14:28 - 00282691 ___AH C:\Users\IdHusseys\Downloads\
www.curadebt.com (DTOX, 2012-08-29) - LinkResearchTools - OVERVIEW Percentages.htm
2012-08-27 19:34 - 2012-08-26 17:25 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-08-27 19:34 - 2011-10-21 16:50 - 00916456 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-08-27 14:52 - 2012-08-27 14:52 - 00000915 ____A C:\Users\IdHusseys\Desktop\Xenu.lnk
2012-08-27 14:36 - 2012-08-27 14:35 - 00000308 ____A C:\Users\IdHusseys\Desktop\TO DO ON YOUR SITES.txt
2012-08-26 11:26 - 2012-08-26 11:26 - 00086816 ____A (GFI Software) C:\Windows\System32\Drivers\sbwtis.sys
2012-08-25 18:31 - 2010-07-15 11:12 - 00579257 ____A C:\Users\IdHusseys\.ranktracker.properties
2012-08-25 02:51 - 2011-07-06 11:37 - 00001192 ____A C:\Users\Public\Desktop\My LastPass Vault.lnk
2012-08-25 02:22 - 2012-08-25 02:21 - 14690376 ____A (LastPass) C:\Users\IdHusseys\Downloads\lastpass_x64 (1).exe
2012-08-25 02:20 - 2012-08-25 02:20 - 00002392 ____A C:\Users\IdHusseys\Desktop\Google Chrome.lnk
2012-08-24 14:38 - 2010-07-24 14:55 - 04159475 ____A C:\Users\IdHusseys\.websiteauditor.properties
2012-08-24 01:02 - 2012-06-17 17:22 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2012-08-24 01:02 - 2010-04-15 20:03 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-08-23 21:34 - 2012-08-23 21:34 - 14790243 ____A (Jayson Yanuaria ) C:\Program Files (x86)\SERPAttacks_Video.exe
2012-08-23 21:31 - 2010-04-10 12:39 - 00092928 ___AH C:\Users\IdHusseys\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-23 19:39 - 2012-08-23 19:36 - 20348849 ____A C:\Program Files (x86)\Sun_ODF_Template_Pack2_en-US.oxt
2012-08-23 19:38 - 2012-08-23 19:32 - 135933721 ____A C:\Program Files (x86)\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_en-US.exe
2012-08-23 15:24 - 2011-04-19 14:42 - 00165516 ___AH C:\Windows\SysWOW64\mlfcache.dat
2012-08-23 13:23 - 2012-08-14 14:24 - 15428440 ____A (Adobe Systems Inc.) C:\Program Files (x86)\AdobeAIRInstaller.exe
2012-08-22 16:56 - 2012-08-22 16:56 - 00001948 ____A C:\Users\Public\Desktop\A1 Keyword Research 4.lnk
2012-08-22 01:05 - 2012-08-22 01:05 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-22 01:05 - 2012-08-22 01:05 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-08-22 00:10 - 2012-08-22 00:09 - 00000929 ____A C:\Users\IdHusseys\Desktop\LYNX.lnk
2012-08-20 02:38 - 2012-08-20 02:38 - 00000000 ____A C:\Windows\setuperr.log
2012-08-20 02:37 - 2012-03-07 02:20 - 00000498 ____A C:\Windows\SysWOW64\CountScans.XML
2012-08-20 02:31 - 2011-01-17 23:49 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-08-16 14:46 - 2010-07-15 23:27 - 00532409 ____A C:\Users\IdHusseys\.linkassistant.properties
2012-08-16 11:07 - 2010-04-11 14:46 - 62134624 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-08-12 14:58 - 2010-10-12 08:19 - 00000348 ____A C:\Windows\Tasks\HPCeeScheduleForIdHusseys.job
2012-08-11 13:18 - 2012-08-11 13:18 - 00001957 ____A C:\Users\Public\Desktop\A1 Website Analyzer 4.lnk
2012-08-02 15:31 - 2010-07-25 23:05 - 00638358 ____A C:\Users\IdHusseys\.spyglass.properties
2012-08-01 18:33 - 2012-08-01 18:33 - 00005477 ___AH C:\Users\IdHusseys\.recently-used.xbel
2012-08-01 12:36 - 2012-08-01 12:36 - 00082872 ____A (GFI Software) C:\Windows\System32\Drivers\sbapifs.sys
2012-07-18 10:15 - 2012-08-15 10:28 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-09 18:15 - 2012-07-09 17:34 - 00000131 ____A C:\Users\IdHusseys\Desktop\Job Search Passwords.txt
2012-07-04 14:16 - 2012-08-15 10:28 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-04 14:13 - 2012-08-15 10:28 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-04 14:13 - 2012-08-15 10:28 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-07-04 13:16 - 2012-08-15 10:28 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-07-04 13:14 - 2012-08-15 10:28 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-06-28 20:55 - 2012-08-16 11:13 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-28 20:09 - 2012-08-16 11:13 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-28 19:56 - 2012-08-16 11:13 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-28 19:49 - 2012-08-16 11:13 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-28 19:49 - 2012-08-16 11:13 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-28 19:48 - 2012-08-16 11:13 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-28 19:47 - 2012-08-16 11:13 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-28 19:45 - 2012-08-16 11:13 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-28 19:44 - 2012-08-16 11:13 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-28 19:43 - 2012-08-16 11:13 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-28 19:42 - 2012-08-16 11:13 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-28 19:40 - 2012-08-16 11:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-28 19:39 - 2012-08-16 11:13 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-28 19:35 - 2012-08-16 11:13 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-28 16:52 - 2012-08-16 11:13 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-28 16:27 - 2012-08-16 11:13 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-28 16:16 - 2012-08-16 11:13 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-28 16:09 - 2012-08-16 11:13 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-28 16:09 - 2012-08-16 11:13 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-28 16:08 - 2012-08-16 11:13 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-28 16:07 - 2012-08-16 11:13 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-28 16:06 - 2012-08-16 11:13 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-28 16:04 - 2012-08-16 11:13 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-28 16:04 - 2012-08-16 11:13 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-28 16:01 - 2012-08-16 11:13 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-28 16:01 - 2012-08-16 11:13 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-28 16:00 - 2012-08-16 11:13 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-28 15:57 - 2012-08-16 11:13 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-26 11:53 - 2012-06-26 11:53 - 04518720 ____A (FileZilla Project) C:\Users\IdHusseys\Downloads\FileZilla_3.5.3_win32-setup.exe
2012-06-26 11:53 - 2012-06-26 11:53 - 00001964 ____A C:\Users\Public\Desktop\FileZilla Client.lnk
2012-06-22 21:16 - 2012-06-22 15:44 - 00011183 ____A C:\Users\IdHusseys\Desktop\Penguin Part 3 Post.txt
2012-06-20 22:49 - 2012-06-20 22:49 - 00003638 ____A C:\Users\IdHusseys\Desktop\object-cache.php
2012-06-20 22:48 - 2012-06-20 22:48 - 00001316 ____A C:\Users\IdHusseys\Desktop\db.php
2012-06-20 19:27 - 2012-06-20 16:51 - 00001023 ____A C:\Users\IdHusseys\Desktop\Flipping My Sites Evaluation.txt
2012-06-16 01:41 - 2012-06-16 01:41 - 00000088 ___AH C:\Users\IdHusseys\.95d691779473f3e03bc4b4e56319d74c.key
2012-06-16 01:32 - 2012-06-16 01:32 - 02271405 ___AH C:\Users\IdHusseys\Downloads\LongTailProTrial (1).zip
2012-06-16 01:28 - 2012-06-16 01:28 - 02271405 ___AH C:\Users\IdHusseys\Downloads\LongTailProTrial.zip
2012-06-15 22:45 - 2012-06-15 19:05 - 00012666 ____A C:\Users\IdHusseys\Desktop\Pand Recovery Part 2 Income Diversification.txt
2012-06-13 14:29 - 2012-06-13 14:29 - 00290432 ___AH C:\Users\IdHusseys\Downloads\cj_tactics-getresponse-3-16-12.csv
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-08-29 20:32:41
Restore point made on: 2012-08-30 11:31:10
Restore point made on: 2012-08-31 15:36:56
Restore point made on: 2012-08-31 17:32:35
Restore point made on: 2012-08-31 17:34:57
Restore point made on: 2012-08-31 17:44:11
Restore point made on: 2012-08-31 17:45:13
Restore point made on: 2012-08-31 17:46:07
Restore point made on: 2012-08-31 17:46:48
Restore point made on: 2012-08-31 17:51:44
Restore point made on: 2012-09-07 21:30:17
==================== Memory info ===========================
Percentage of memory in use: 20%
Total physical RAM: 2812.2 MB
Available physical RAM: 2243.97 MB
Total Pagefile: 2810.35 MB
Available Pagefile: 2239.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
==================== Partitions ============================
1 Drive c: () (Fixed) (Total:219.07 GB) (Free:154.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (RECOVERY) (Fixed) (Total:13.52 GB) (Free:2.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive h: () (Removable) (Total:7.45 GB) (Free:7.36 GB) FAT32
6 Drive I: (GRMCHPXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
8 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 Online 7633 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 219 GB 200 MB
Partition 3 Primary 13 GB 219 GB
Partition 4 Primary 103 MB 232 GB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Y SYSTEM NTFS Partition 199 MB Healthy
==================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C NTFS Partition 219 GB Healthy
==================================================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E RECOVERY NTFS Partition 13 GB Healthy
==================================================================================
Disk: 0
Partition 4
Type : 0C
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 F HP_TOOLS FAT32 Partition 103 MB Healthy
==================================================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7633 MB 16 KB
==================================================================================
Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 H FAT32 Removable 7633 MB Healthy
==================================================================================
Last Boot: 2012-08-27 07:39
==================== End Of Log =============================