Jump to content

Possible Rootkit


Recommended Posts

I thought I'd get my pc checked out to be safe safe since I got a couple strange ip blocks with no process name from MBAM Pro.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Jordan Bottoms at 11:01:52 on 2012-07-30

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8086.4844 [GMT -5:00]

.

AV: Returnil System Safe 2011 *Enabled/Updated* {3122A3B8-E886-7A48-3B9B-5036AA6C651A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files (x86)\Returnil\RSS\rvsmon.exe

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\taskhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\ubuntuone\dist\ubuntuone-syncdaemon.exe

C:\Program Files (x86)\ubuntuone\dist\ubuntuone-control-panel-qt.exe

C:\Program Files (x86)\Returnil\RSS\rvsgui.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe

C:\Program Files (x86)\ubuntuone\dist\ubuntuone-proxy-tunnel.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\ubuntuone\dist\ubuntu-sso-login.exe

C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

C:\Windows\SysWOW64\vmnat.exe

C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe

C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe

C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

C:\Windows\SysWOW64\vmnetdhcp.exe

C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

C:\Windows\system32\SearchIndexer.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Jordan Bottoms\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.randommiscfoundation.org/

uDefault_Page_URL = hxxp://www.dell.com

mWinlogon: Userinit=userinit.exe

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

uRun: [Google Update] "C:\Users\Jordan Bottoms\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [ubuntu One] "C:\Program Files (x86)\ubuntuone\dist\ubuntuone-syncdaemon.exe"

uRun: [ubuntu One Icon] "C:\Program Files (x86)\ubuntuone\dist\ubuntuone-control-panel-qt.exe" --minimized --with-icon

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RSS.lnk - C:\Program Files (x86)\Returnil\RSS\rvsgui.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

LSP: %SystemRoot%\system32\vsocklib.dll

TCP: DhcpNameServer = 192.168.1.44

TCP: Interfaces\{615EAF7B-3F50-4F25-ADF8-30F726C335EB} : DhcpNameServer = 192.168.1.44

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun-x64: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"

AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Jordan Bottoms\AppData\Roaming\Mozilla\Firefox\Profiles\6l4l3zv7.default\

FF - prefs.js: browser.startup.homepage - www.randommiscfoundation.org

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Jordan Bottoms\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

.

============= SERVICES / DRIVERS ===============

.

R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]

R0 rvsystem;rvsystem;C:\Windows\system32\drivers\rvsystem.sys --> C:\Windows\system32\drivers\rvsystem.sys [?]

R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]

R1 rvsmon;rvsmon;C:\Windows\system32\drivers\rvsmon.sys --> C:\Windows\system32\drivers\rvsmon.sys [?]

R1 rvsmonf;rvsmonf;C:\Windows\system32\drivers\rvsmonf.sys --> C:\Windows\system32\drivers\rvsmonf.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-7-25 98208]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-20 135440]

R2 DirMngr;DirMngr;C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [2012-5-2 221696]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-25 655944]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-7-25 1999168]

R2 RVSMONBL;Returnil System Safe Core Service;C:\Program Files (x86)\Returnil\RSS\rvsmon.exe [2011-7-1 1801504]

R2 rvsmonn;rvsmonn;C:\Windows\system32\drivers\rvsmonn2.sys --> C:\Windows\system32\drivers\rvsmonn2.sys [?]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-17 380224]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-7-25 2656280]

R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448]

R2 vmware-converter-agent;VMware vCenter Converter Standalone Agent;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [2011-8-19 423536]

R2 vmware-converter-server;VMware vCenter Converter Standalone Server;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-8-19 423536]

R2 vmware-converter-worker;VMware vCenter Converter Standalone Worker;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-8-19 423536]

R2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-6-9 11839488]

R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]

R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 rvseng;rvseng;C:\Windows\system32\drivers\rvseng.sys --> C:\Windows\system32\drivers\rvseng.sys [?]

R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-6-17 166576]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?]

S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]

S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]

S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]

S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]

S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-25 113120]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?]

S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]

S4 RsFx0105;RsFx0105 Driver;C:\Windows\system32\DRIVERS\RsFx0105.sys --> C:\Windows\system32\DRIVERS\RsFx0105.sys [?]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]

.

=============== Created Last 30 ================

.

2012-07-30 04:18:38 -------- d-----w- C:\Users\Jordan Bottoms\.local

2012-07-30 04:16:59 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\.kde

2012-07-30 04:05:07 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\KDE

2012-07-30 04:05:00 -------- d-----w- C:\Program Files (x86)\KDE

2012-07-29 22:06:03 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\Greenshot

2012-07-29 22:05:57 -------- d-----w- C:\Program Files (x86)\Greenshot

2012-07-29 02:55:08 63128 ----a-w- C:\Windows\System32\drivers\vmx86.sys

2012-07-29 02:53:21 354456 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe

2012-07-29 02:53:18 433816 ----a-w- C:\Windows\SysWow64\vmnat.exe

2012-07-29 02:53:10 30360 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys

2012-07-29 02:52:57 942744 ----a-w- C:\Windows\System32\vnetlib64.dll

2012-07-29 02:52:53 32920 ----a-w- C:\Windows\System32\drivers\VMkbd.sys

2012-07-29 02:52:46 39024 ----a-w- C:\Windows\System32\drivers\hcmon.sys

2012-07-29 02:50:57 -------- d-----w- C:\Program Files (x86)\Common Files\VMware

2012-07-29 02:49:28 -------- d-----w- C:\Program Files\Common Files\VMware

2012-07-29 00:37:11 -------- d-----w- C:\ProgramData\WinZipEC

2012-07-29 00:37:00 -------- d-----w- C:\Windows\CD95F661A5C411AFB2CCABCD21A325B5.TMP

2012-07-29 00:36:54 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\WinZip

2012-07-29 00:00:46 -------- d-----w- C:\Windows\System32\appmgmt

2012-07-28 21:55:49 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\VMware

2012-07-28 21:50:12 -------- d-----w- C:\Program Files (x86)\VMware

2012-07-28 16:25:00 -------- d-----w- C:\TOOLS

2012-07-28 15:38:08 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\Scribus

2012-07-27 16:36:02 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\{BAD4BF9B-542F-4332-955B-6C9A1292536A}

2012-07-27 16:35:51 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\{92F7C9CC-DCB2-4AAA-B8C1-77C136FE9680}

2012-07-27 16:32:15 -------- d-----w- C:\Windows\en

2012-07-27 16:28:59 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll

2012-07-27 16:28:59 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll

2012-07-27 16:28:59 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll

2012-07-27 16:28:59 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll

2012-07-27 16:06:11 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll

2012-07-27 16:06:11 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll

2012-07-27 16:04:24 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7d1064161cd6c1108\DSETUP.dll

2012-07-27 16:04:24 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7d1064161cd6c1108\DXSETUP.exe

2012-07-27 16:04:24 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7d1064161cd6c1108\dsetup32.dll

2012-07-27 16:04:19 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\795acad01cd6c1107\DSETUP.dll

2012-07-27 16:04:19 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\795acad01cd6c1107\DXSETUP.exe

2012-07-27 16:04:19 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\795acad01cd6c1107\dsetup32.dll

2012-07-27 16:03:22 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\Windows Live

2012-07-27 16:03:21 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

2012-07-27 15:18:51 49664 ----a-w- C:\Windows\System32\CamCodec.dll

2012-07-27 15:18:50 -------- d-----w- C:\Program Files (x86)\CamStudio 2.6b

2012-07-27 02:26:37 -------- d-----w- C:\FreeBasic

2012-07-26 19:06:02 -------- d-----w- C:\Users\Jordan Bottoms\VMSHARED

2012-07-26 18:33:20 -------- d-----r- C:\Program Files (x86)\Skype

2012-07-26 17:55:57 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\geany

2012-07-26 17:55:34 -------- d-----w- C:\Program Files (x86)\Geany

2012-07-26 14:15:21 -------- d-----w- C:\Program Files\CCleaner

2012-07-26 14:14:54 231376 ----a-w- C:\Windows\System32\drivers\truecrypt.sys

2012-07-26 14:14:24 -------- d-----w- C:\Program Files\TrueCrypt

2012-07-26 13:44:56 993 ----a-w- C:\Windows\gvimdiff.bat

2012-07-26 13:44:56 993 ----a-w- C:\Windows\gview.bat

2012-07-26 13:44:56 993 ----a-w- C:\Windows\evim.bat

2012-07-26 13:44:56 985 ----a-w- C:\Windows\gvim.bat

2012-07-26 13:44:56 694 ----a-w- C:\Windows\vimtutor.bat

2012-07-26 13:44:56 668 ----a-w- C:\Windows\vimdiff.bat

2012-07-26 13:44:56 668 ----a-w- C:\Windows\view.bat

2012-07-26 13:44:56 664 ----a-w- C:\Windows\vim.bat

2012-07-26 13:44:16 -------- d-----w- C:\Program Files (x86)\Vim

2012-07-26 13:20:29 -------- d-----w- C:\ProgramData\PreEmptive Solutions

2012-07-26 12:59:12 -------- d-----w- C:\ProgramData\VS

2012-07-26 12:16:54 73064 ----a-w- C:\Windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll

2012-07-26 12:16:54 109416 ----a-w- C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll

2012-07-26 12:16:54 105832 ----a-w- C:\Windows\System32\SQSRVRES.DLL

2012-07-26 11:55:59 -------- d-----w- C:\Users\Jordan Bottoms\Ubuntu One

2012-07-26 11:55:56 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\ubuntuone

2012-07-26 02:28:07 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\pdfforge

2012-07-26 02:28:03 95744 ----a-w- C:\Windows\System32\pdfcmon.dll

2012-07-26 02:28:03 662288 ----a-w- C:\Windows\SysWow64\MSCOMCT2.OCX

2012-07-26 02:28:03 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX

2012-07-26 02:28:03 1071088 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX

2012-07-26 02:28:02 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL

2012-07-26 02:28:02 -------- d-----w- C:\Program Files (x86)\PDFCreator

2012-07-26 02:24:31 78872 ----a-w- C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll

2012-07-26 02:24:31 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll

2012-07-26 02:22:38 -------- d-----w- C:\Windows\System32\RsFx

2012-07-26 02:18:12 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\enchant

2012-07-26 02:10:58 -------- d-----w- C:\Program Files\Microsoft SQL Server

2012-07-26 02:10:10 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server

2012-07-26 02:08:35 -------- d-----w- C:\Program Files\Microsoft Synchronization Services

2012-07-26 02:08:35 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition

2012-07-26 02:08:01 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services

2012-07-26 02:08:01 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2012-07-26 01:57:47 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET

2012-07-26 01:57:30 -------- d-----w- C:\Program Files\IIS

2012-07-26 01:57:29 -------- d-----w- C:\Program Files (x86)\IIS

2012-07-26 01:55:44 2379552 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll

2012-07-26 01:51:15 -------- d-----w- C:\Windows\SysWow64\1033

2012-07-26 01:51:05 -------- d-----w- C:\Program Files (x86)\Microsoft F#

2012-07-26 01:51:05 -------- d-----w- C:\Program Files (x86)\HTML Help Workshop

2012-07-26 01:51:05 -------- d-----w- C:\Program Files (x86)\Common Files\Merge Modules

2012-07-26 01:40:06 -------- d-----w- C:\Windows\System32\1033

2012-07-26 01:40:06 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0

2012-07-26 01:39:12 -------- d-----w- C:\Windows\PCHEALTH

2012-07-26 01:03:35 -------- d-----w- C:\Users\Jordan Bottoms\VirtualBox VMs

2012-07-26 00:57:21 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\gnupg

2012-07-26 00:57:16 -------- d-----w- C:\ProgramData\GNU

2012-07-26 00:57:08 -------- d-----w- C:\Program Files (x86)\GNU

2012-07-26 00:56:34 -------- d-----w- C:\Program Files (x86)\Debugging Tools for Windows (x86)

2012-07-26 00:53:55 -------- d-----w- C:\Users\Jordan Bottoms\.VirtualBox

2012-07-26 00:52:51 224088 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys

2012-07-26 00:52:34 130904 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys

2012-07-26 00:52:27 -------- d-----w- C:\Program Files\Oracle

2012-07-26 00:50:41 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\xdg

2012-07-26 00:50:36 -------- d-----w- C:\ProgramData\ubuntuone-storageprotocol

2012-07-26 00:50:36 -------- d-----w- C:\ProgramData\ubuntuone

2012-07-26 00:50:18 -------- d-----w- C:\Program Files (x86)\ubuntuone

2012-07-26 00:50:02 -------- d-----w- C:\Program Files\InfraRecorder

2012-07-26 00:47:57 -------- d-----w- C:\Program Files\Wireshark

2012-07-26 00:45:13 -------- d-----w- C:\Program Files (x86)\Nmap

2012-07-26 00:41:34 -------- d-----w- C:\Program Files\Sandboxie

2012-07-26 00:40:57 -------- d-----w- C:\Program Files\Microsoft Windows Performance Toolkit

2012-07-26 00:40:23 -------- d-----w- C:\Program Files\Microsoft Help Viewer

2012-07-26 00:36:50 -------- d-----w- C:\Program Files\Debugging Tools for Windows (x64)

2012-07-26 00:36:23 -------- d-----w- C:\Program Files\Application Verifier (x64)

2012-07-26 00:36:23 -------- d-----w- C:\Program Files (x86)\Application Verifier

2012-07-26 00:33:22 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0

2012-07-26 00:27:20 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\KeePass

2012-07-26 00:23:36 -------- d-----w- C:\Program Files (x86)\WinPcap

2012-07-26 00:19:13 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\Malwarebytes

2012-07-26 00:18:52 -------- d-----w- C:\ProgramData\Malwarebytes

2012-07-26 00:18:50 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-07-26 00:18:49 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-07-26 00:06:47 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\Returnil

2012-07-26 00:06:28 -------- d-----w- C:\Program Files (x86)\Returnil

2012-07-26 00:06:10 -------- d-----w- C:\ProgramData\Returnil

2012-07-26 00:05:01 388096 ----a-r- C:\Users\Jordan Bottoms\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-07-26 00:05:01 -------- d-----w- C:\Program Files (x86)\Trend Micro

2012-07-26 00:03:19 -------- d-----w- C:\Windows\System32\EventProviders

2012-07-25 23:59:36 -------- d-----w- C:\Windows\Panther

2012-07-25 23:58:54 -------- d-----w- C:\Windows\System32\OEM

2012-07-25 23:58:54 -------- d-----w- C:\Hotfix

2012-07-25 23:58:54 -------- d-----w- C:\Drivers

2012-07-25 23:40:05 -------- d-----w- C:\Program Files (x86)\VideoLAN

2012-07-25 23:23:38 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-07-25 23:23:38 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-07-25 23:17:48 -------- d-----w- C:\Windows\SysWow64\Wat

2012-07-25 23:17:48 -------- d-----w- C:\Windows\System32\Wat

2012-07-25 22:59:08 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-07-25 22:49:11 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2012-07-25 22:49:11 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-07-25 22:49:11 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-07-25 22:49:11 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-07-25 22:49:11 220672 ----a-w- C:\Windows\System32\wintrust.dll

2012-07-25 22:49:11 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-07-25 22:49:11 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-07-25 22:46:58 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe

2012-07-25 22:45:22 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-07-25 22:45:22 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2012-07-25 22:39:49 -------- d-----w- C:\Program Files (x86)\KeePass Password Safe 2

2012-07-25 22:39:06 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Roaming\SumatraPDF

2012-07-25 22:39:03 -------- d-----w- C:\Program Files (x86)\SumatraPDF

2012-07-25 22:37:40 1731920 ----a-w- C:\Windows\System32\ntdll.dll

2012-07-25 22:37:40 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll

2012-07-25 22:37:39 77312 ----a-w- C:\Windows\System32\packager.dll

2012-07-25 22:37:39 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2012-07-25 22:35:21 -------- d-----w- C:\Program Files\GIMP 2

2012-07-25 22:33:59 -------- d-----w- C:\Program Files (x86)\Scribus 1.4.1

2012-07-25 22:33:39 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\Mozilla

2012-07-25 22:32:12 -------- d-----w- C:\Program Files (x86)\gs

2012-07-25 22:30:45 -------- d-----w- C:\Users\Jordan Bottoms\AbiSuite

2012-07-25 22:30:21 -------- d-----w- C:\Program Files (x86)\Dia

2012-07-25 22:29:38 -------- d-----w- C:\Program Files (x86)\Gnumeric

2012-07-25 22:26:35 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\Google

2012-07-25 22:26:23 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\Deployment

2012-07-25 22:26:23 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\Apps

2012-07-25 22:25:20 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-07-25 22:25:20 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-07-25 22:25:20 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-07-25 22:19:15 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\WindowsUpdate

2012-07-25 22:18:17 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-07-25 22:18:03 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-07-25 22:12:49 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-07-25 22:12:49 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-07-25 22:08:13 -------- d-----w- C:\Windows\SysWow64\NV

2012-07-25 22:08:13 -------- d-----w- C:\Windows\System32\NV

2012-07-25 22:06:04 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2012-07-25 22:06:03 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation

2012-07-25 22:01:47 -------- d-----w- C:\Program Files\Common Files\Intel

2012-07-25 22:00:48 9014784 ----a-w- C:\Windows\System32\igfxress.dll

2012-07-25 21:58:18 -------- d-----w- C:\Windows\System32\2C0A

2012-07-25 21:53:34 21616 ----a-w- C:\Windows\System32\drivers\stdcfltn.sys

2012-07-25 21:53:29 -------- d-----w- C:\Program Files\STMicroelectronics

2012-07-25 21:53:24 81008 ----a-w- C:\Windows\System32\accelernco01.dll

2012-07-25 21:53:24 27760 ----a-w- C:\Windows\System32\drivers\Accelern.sys

2012-07-25 21:53:24 -------- d-----w- C:\Program Files (x86)\STMicroelectronics

2012-07-25 21:52:49 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll

2012-07-25 21:52:43 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent

2012-07-25 21:52:37 56344 ----a-w- C:\Windows\System32\drivers\HECIx64.sys

2012-07-25 21:50:07 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll

2012-07-25 21:49:59 -------- d-----w- C:\Intel

2012-07-25 21:49:49 29288 ----a-w- C:\Windows\System32\drivers\qicflt.sys

2012-07-25 21:49:48 -------- d-----w- C:\Program Files (x86)\QCM20QDriver

2012-07-25 21:47:29 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll

2012-07-25 21:47:29 565352 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys

2012-07-25 21:47:29 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll

2012-07-25 21:45:23 -------- d-----w- C:\Program Files\Synaptics

2012-07-25 21:45:06 66856 ----a-w- C:\Windows\SysWow64\SynTPEnhPS.dll

2012-07-25 21:45:06 390704 ----a-w- C:\Windows\System32\drivers\SynTP.sys

2012-07-25 21:45:06 276776 ----a-w- C:\Windows\System32\SynCtrl.dll

2012-07-25 21:45:06 262080 ----a-w- C:\Windows\System32\SynPS2.bin

2012-07-25 21:45:06 226600 ----a-w- C:\Windows\System32\SynTPAPI.dll

2012-07-25 21:45:06 222504 ----a-w- C:\Windows\SysWow64\SynCtrl.dll

2012-07-25 21:45:06 148264 ----a-w- C:\Windows\System32\SynTPCo9.dll

2012-07-25 21:45:06 107816 ----a-w- C:\Windows\SysWow64\SynTPCOM.dll

2012-07-25 21:45:05 411432 ----a-w- C:\Windows\System32\SynCOM.dll

2012-07-25 21:45:05 177448 ----a-w- C:\Windows\SysWow64\SynCOM.dll

2012-07-25 21:44:51 -------- d-----w- C:\Program Files (x86)\JMicron

2012-07-25 21:44:49 -------- d-----w- C:\Windows\SysWow64\SDA

2012-07-25 21:44:46 203352 ----a-w- C:\Windows\SysWow64\jmcricon.dll

2012-07-25 21:44:46 203352 ----a-w- C:\Windows\System32\jmcricon.dll

2012-07-25 21:44:46 173656 ----a-w- C:\Windows\System32\drivers\jmcr.sys

2012-07-25 21:42:12 -------- d-----w- C:\Windows\System32\SRSLabs

2012-07-25 21:42:08 -------- d-----w- C:\Windows\SysWow64\RTCOM

2012-07-25 21:42:08 -------- d-----w- C:\Program Files\Realtek

2012-07-25 21:40:58 -------- d--h--w- C:\Program Files (x86)\Temp

2012-07-25 21:39:30 -------- d-sh--w- C:\Windows\Installer

2012-07-25 21:39:24 -------- d-----w- C:\Dell

2012-07-25 21:30:04 -------- d-----w- C:\Users\Jordan Bottoms\AppData\Local\VirtualStore

.

==================== Find3M ====================

.

2012-06-09 05:29:42 252056 ----a-w- C:\Windows\SysWow64\vmnc.dll

2012-06-09 04:52:20 62064 ----a-w- C:\Windows\System32\vmnetbridge.dll

2012-06-09 04:52:20 48752 ----a-w- C:\Windows\System32\vnetinst.dll

2012-06-09 04:52:20 45680 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys

2012-06-09 04:52:20 24176 ----a-w- C:\Windows\System32\drivers\vmnet.sys

2012-06-09 04:52:20 20080 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys

2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll

2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll

2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2012-06-05 21:03:52 147288 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys

2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

.

============= FINISH: 11:05:46.13 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 7/25/2012 4:29:47 PM

System Uptime: 7/30/2012 10:41:21 AM (1 hours ago)

.

Motherboard: Dell Inc. | | 0K4H3G

Processor: Intel® Core™ i7-2760QM CPU @ 2.40GHz | CPU | 2401/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 664 GiB total, 310.391 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 34 GiB total, 4.11 GiB free.

F: is Removable

G: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Description: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Adapter

Device ID: USB\VID_8086&PID_0189\6&8057EBE&0&5

Manufacturer: Intel Corporation

Name: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Adapter

PNP Device ID: USB\VID_8086&PID_0189\6&8057EBE&0&5

Service: BTHUSB

.

==== System Restore Points ===================

.

RP39: 7/29/2012 7:46:56 PM - Removed Oracle VM VirtualBox 4.1.18

RP40: 7/29/2012 8:00:31 PM - Removed WinZip Courier

.

==== Installed Programs ======================

.

AbiWord 2.8.6

AccelerometerP11

Aspell English Dictionary-0.50-2

CamStudio OSS Desktop Recorder

Crystal Reports for Visual Studio

D3DX10

Debugging Tools for Windows (x86)

Dia (remove only)

Dotfuscator Software Services - Community Edition

FBIde 0.4.4r4 + FreeBASIC 0.23

FileZilla Client 3.5.3

Geany 1.22

GNU Aspell 0.50-3

Gnumeric Spreadsheet 1.10.16-20110616

Google Chrome

Gpg4win (2.1.1-34299-beta)

GPL Ghostscript

Greenshot

HiJackThis

Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2522890)

Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927)

Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)

Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139)

Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864)

Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)

Intel PROSet Wireless

Intel® Management Engine Components

Intel® Processor Graphics

JMicron Flash Media Controller Driver

KeePass Password Safe 2.19

Kubuntu

Malwarebytes Anti-Malware version 1.62.0.1300

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft ASP.NET MVC 2

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools

Microsoft Silverlight 3 SDK

Microsoft Silverlight 4 SDK

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 R2 Data-Tier Application Framework

Microsoft SQL Server 2008 R2 Data-Tier Application Project

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server 2008 R2 Transact-SQL Language Service

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Database Publishing Wizard 1.4

Microsoft SQL Server System CLR Types

Microsoft Sync Framework SDK v1.0 SP1

Microsoft Visual C++ Compilers 2010 Standard - enu - x86

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219

Microsoft Visual F# 2.0 Runtime

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

Microsoft Visual Studio 2010 Professional - ENU

Microsoft Visual Studio 2010 Service Pack 1

Microsoft Visual Studio 2010 SharePoint Developer Tools

Microsoft Visual Studio Macro Tools

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

Nmap 6.01

Notepad++

NVIDIA Stereoscopic 3D Driver

PDFCreator

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Renesas Electronics USB 3.0 Host Controller Driver

Returnil System Safe 2011

Scribus 1.4.1

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980)

Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410)

Security Update for Microsoft Visual Studio Macro Tools (KB2669970)

Skype™ 5.10

SumatraPDF

tools-freebsd

tools-linux

tools-netware

tools-solaris

tools-windows

tools-winPre2k

TrueCrypt

Ubuntu One

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

VLC media player 2.0.3

VMware vCenter Converter Standalone

VMware Workstation

WCF RIA Services V1.0 SP1

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows SDK IntellisenseNFX

WinPcap 4.1.2

WinZip 15.5

Wireshark 1.8.1 (64-bit)

.

==== Event Viewer Messages From Past Week ========

.

7/29/2012 2:37:08 PM, Error: Service Control Manager [7034] - The VMware NAT Service service terminated unexpectedly. It has done this 3 time(s).

7/29/2012 2:37:07 PM, Error: Service Control Manager [7031] - The VMware NAT Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

7/29/2012 2:37:06 PM, Error: Service Control Manager [7031] - The VMware NAT Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

7/28/2012 9:54:51 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{02FD7060-3459-4BE3-83F1-9CC2E485A182} because another computer on the network has the same name. The server could not start.

7/28/2012 9:53:57 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{81473791-55D6-4EB2-AF23-C3C6FC0BB330} because another computer on the network has the same name. The server could not start.

7/28/2012 9:45:18 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Image Acquisition (WIA) service to connect.

7/28/2012 9:45:18 PM, Error: Service Control Manager [7000] - The Windows Image Acquisition (WIA) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

7/27/2012 4:52:13 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

7/27/2012 11:11:49 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

7/27/2012 11:11:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

7/27/2012 11:11:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

7/27/2012 11:11:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

7/27/2012 11:11:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

7/27/2012 11:11:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

7/27/2012 11:11:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

7/27/2012 11:11:34 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss rvsmonf spldr tdx truecrypt VBoxDrv VBoxUSBMon vwififlt Wanarpv6 WfpLwf

7/27/2012 11:11:34 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

7/27/2012 11:11:34 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

7/27/2012 11:11:34 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

7/27/2012 11:11:34 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

7/27/2012 11:11:34 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

7/27/2012 11:11:34 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

7/27/2012 11:11:34 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

7/27/2012 11:11:34 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

7/27/2012 11:11:34 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

7/27/2012 11:11:34 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

7/26/2012 5:59:43 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

7/26/2012 3:15:59 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

7/26/2012 3:06:19 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

7/26/2012 3:06:19 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

7/26/2012 3:06:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

7/26/2012 10:10:23 PM, Error: Ntfs [137] - The default transaction resource manager on volume Z: encountered a non-retryable error and could not start. The data contains the error code.

7/25/2012 7:03:25 PM, Error: Microsoft-Windows-Service Pack Installer [8] - Service Pack installation failed with error code 0x800f0a03.

7/25/2012 6:20:35 PM, Error: Service Control Manager [7023] -

7/25/2012 6:18:39 PM, Error: Service Control Manager [7000] - The Intel® Management and Security Application Local Management Service service failed to start due to the following error: The system cannot find the path specified.

7/25/2012 6:18:29 PM, Error: Service Control Manager [7034] - The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).

7/25/2012 6:18:29 PM, Error: Service Control Manager [7034] - The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

7/25/2012 6:18:27 PM, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).

7/25/2012 6:18:27 PM, Error: Service Control Manager [7034] - The Bluetooth OBEX Service service terminated unexpectedly. It has done this 1 time(s).

7/25/2012 6:18:27 PM, Error: Service Control Manager [7034] - The Bluetooth Media Service service terminated unexpectedly. It has done this 1 time(s).

7/25/2012 6:18:27 PM, Error: Service Control Manager [7031] - The Intel® Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

.

==== End Of File ===========================

Link to post
Share on other sites

Hi,

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

Edited by Maurice Naggar
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.