wtf right, where did that come from.
Right after I noticed this bad boy came up in my local disk C
3590F75ABA9E485486C100C1A9D4FF06Z.ZZZ.ZZ...Z.Z.Z
It's full of files with the name zzzzzzz and lots of it.
DDS log:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Esc at 0:05:46 on 2012-07-18
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1918.880 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TRENDnet\TEW-421PC_TEW-423PI\WlanCU.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mWinlogon: Userinit=userinit.exe
BHO: Coupon Companion: {11111111-1111-1111-1111-110011441193} - C:\Program Files (x86)\Coupon Companion\Coupon Companion.dll
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files\TRENDnet\TEW-421PC_TEW-423PI\WlanCU.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
TCP: DhcpNameServer = 192.168.0.1 216.165.129.158
TCP: Interfaces\{1EEDA798-E924-4A11-BB2F-A76B7ADF9AD1} : DhcpNameServer = 192.168.0.1 216.165.129.158
TCP: Interfaces\{2B34A124-1301-48A1-9D9D-472578B6EFCD} : DhcpNameServer = 192.168.0.1 216.165.129.158
BHO-X64: Coupon Companion: {11111111-1111-1111-1111-110011441193} - C:\Program Files (x86)\Coupon Companion\Coupon Companion.dll
BHO-X64: CrossriderApp0004493 - No File
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-11 655944]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-7-6 1262400]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;C:\Windows\system32\DRIVERS\RTL85n64.sys --> C:\Windows\system32\DRIVERS\RTL85n64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-29 250056]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-07-18 06:24:03 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06Z.ZZZ.ZZ...Z.Z.Z
2012-07-18 06:22:35 -------- d-----w- C:\Users\Esc\AppData\Local\Google
2012-07-18 06:22:33 -------- d-----w- C:\Users\Esc\AppData\Local\Coupon Companion
2012-07-17 18:49:25 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF574931-829D-4FDE-9E08-CD5E803E6395}\gapaengine.dll
2012-07-17 18:49:15 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63414C21-6835-45D0-A022-342A4251A06B}\mpengine.dll
2012-07-17 18:46:31 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-07-17 18:46:28 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-07-17 18:32:09 -------- d-----w- C:\Program Files\CCleaner
2012-07-17 18:27:40 202511 ----a-w- C:\ProgramData\1342549526.bdinstall.bin
2012-07-15 06:09:01 -------- d-----w- C:\ProgramData\BDLogging
2012-07-15 06:08:34 511328 ----a-w- C:\Windows\capicom.dll
2012-07-15 06:08:33 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2012-07-15 06:06:55 1700 ----a-w- C:\ProgramData\1342331698.3276.bin
2012-07-15 06:01:36 -------- d-----w- C:\Users\Esc\AppData\Roaming\QuickScan
2012-07-15 05:59:30 8546 ----a-w- C:\ProgramData\1342331698.2644.bin
2012-07-15 05:59:30 183054 ----a-w- C:\ProgramData\1342331698.432.bin
2012-07-15 05:59:29 7401 ----a-w- C:\ProgramData\1342331698.1644.bin
2012-07-15 05:59:29 13592 ----a-w- C:\ProgramData\1342331698.1036.bin
2012-07-15 05:59:29 1090 ----a-w- C:\ProgramData\1342331698.1792.bin
2012-07-15 05:59:29 1090 ----a-w- C:\ProgramData\1342331698.1068.bin
2012-07-15 05:59:15 3041 ----a-w- C:\ProgramData\1342331698.288.bin
2012-07-15 05:55:01 135546 ----a-w- C:\ProgramData\1342331698.2028.bin
2012-07-15 05:54:59 40588 ----a-w- C:\ProgramData\1342331698.2900.bin
2012-07-15 05:54:58 123487 ----a-w- C:\ProgramData\1342331698.1664.bin
2012-07-15 05:27:54 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-07-15 05:27:48 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{92F29626-458F-402F-9C8F-CE2FBEFB272E}\mpengine.dll
2012-07-12 02:25:55 -------- d-----w- C:\Users\Esc\AppData\Local\ElevatedDiagnostics
2012-07-12 02:07:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-12 01:45:55 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-07-06 13:47:50 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-07-06 13:45:37 68928 ----a-w- C:\Windows\System32\OpenCL.dll
2012-07-06 13:45:37 61248 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-07-06 13:45:36 1738048 ----a-w- C:\Windows\System32\nvdispco64.dll
2012-07-06 13:45:36 1468224 ----a-w- C:\Windows\System32\nvgenco64.dll
2012-07-06 13:32:39 506400 ----a-w- C:\Windows\System32\NVUNINST.EXE
2012-07-06 13:32:20 -------- d-----w- C:\NVIDIA
2012-07-05 23:06:59 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2012-07-05 22:57:19 -------- d--h--w- C:\Windows\msdownld.tmp
2012-07-05 22:57:19 -------- d-----w- C:\Windows\SysWow64\directx
2012-07-02 02:35:02 -------- d-----w- C:\Users\Esc\AppData\Local\Diagnostics
2012-07-01 21:05:30 2061928 ----a-w- C:\Windows\System32\drivers\RTL85n64.sys
2012-07-01 21:05:30 -------- d-----w- C:\Program Files\TRENDnet
2012-06-30 08:51:34 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2012-06-30 05:34:58 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2012-06-30 05:34:02 -------- d-----w- C:\ProgramData\Blizzard
2012-06-30 05:17:11 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-30 05:17:11 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-30 04:52:22 -------- d--h--w- C:\ProgramData\Common Files
2012-06-30 04:50:31 -------- d-----w- C:\Users\Esc\AppData\Roaming\Malwarebytes
2012-06-30 04:50:17 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-30 04:50:17 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-30 04:50:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-30 04:42:31 -------- d-----w- C:\ProgramData\MFAData
2012-06-30 03:59:59 -------- d-----w- C:\Windows\SysWow64\Wat
2012-06-30 03:59:58 -------- d-----w- C:\Windows\System32\Wat
2012-06-30 03:58:47 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2012-06-30 03:58:39 -------- d-----w- C:\Program Files\NVIDIA Corporation
2012-06-30 03:50:11 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-06-30 03:50:11 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-06-30 03:50:11 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2012-06-30 02:48:13 -------- d-----w- C:\Windows\Panther
2012-06-30 02:38:59 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-06-30 02:38:59 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-06-30 02:38:59 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-06-30 02:38:59 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-06-30 02:38:59 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-06-30 02:38:59 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-06-30 02:38:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-06-30 02:33:49 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-30 02:32:39 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-30 02:31:57 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-30 02:30:58 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-06-30 02:30:58 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-06-30 02:30:46 723456 ----a-w- C:\Windows\System32\EncDec.dll
2012-06-30 02:30:45 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2012-06-30 02:30:42 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2012-06-30 02:30:41 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-06-30 02:30:40 974336 ----a-w- C:\Windows\System32\WFS.exe
2012-06-30 02:30:40 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2012-06-30 02:30:39 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2012-06-30 02:30:39 31232 ----a-w- C:\Windows\System32\prevhost.exe
2012-06-30 02:29:06 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-06-30 02:29:06 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-06-30 02:26:49 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-06-30 02:26:49 2164224 ----a-w- C:\Program Files\Windows Journal\Journal.exe
2012-06-30 02:26:49 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-06-30 02:26:49 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-06-30 02:26:48 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-06-30 02:26:48 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-06-30 02:21:26 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-06-30 02:21:26 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-06-30 02:21:26 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-06-30 02:21:25 288640 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-06-30 02:20:26 77312 ----a-w- C:\Windows\System32\packager.dll
2012-06-30 02:20:25 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-06-30 02:19:16 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-06-30 02:19:16 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-06-30 02:19:16 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-06-30 02:15:25 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-30 02:15:19 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-30 02:15:13 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-30 02:15:13 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-30 02:10:12 -------- d-----w- C:\Program Files (x86)\TRENDnet
2012-06-30 02:09:42 -------- d-sh--w- C:\Windows\Installer
2012-06-29 16:24:40 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-06-29 16:24:40 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-06-29 15:47:09 -------- d-----w- C:\Windows\System32\SPReview
2012-06-29 15:43:58 98304 ----a-w- C:\Windows\SysWow64\nslookup.exe
2012-06-29 15:40:41 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2012-06-29 15:39:56 501248 ----a-w- C:\Windows\System32\WinSATAPI.dll
2012-06-29 15:38:59 156160 ----a-w- C:\Windows\System32\prntvpt.dll
2012-06-29 15:37:59 89088 ----a-w- C:\Windows\System32\amstream.dll
2012-06-29 14:11:26 -------- d-----w- C:\Windows\System32\EventProviders
2012-06-29 13:49:59 849920 ----a-w- C:\Windows\System32\qmgr.dll
2012-06-29 13:48:59 769536 ----a-w- C:\Windows\System32\sud.dll
2012-06-29 13:47:59 457216 ----a-w- C:\Windows\System32\imkr80.ime
2012-06-29 13:45:18 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2012-06-29 13:45:13 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2012-06-29 13:21:10 2565632 ----a-w- C:\Windows\System32\esent.dll
2012-06-29 13:21:10 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-06-29 13:21:09 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2012-06-29 13:21:08 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2012-06-29 13:21:08 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2012-06-29 13:21:07 96768 ----a-w- C:\Windows\System32\fsutil.exe
2012-06-29 13:21:07 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2012-06-29 13:21:07 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2012-06-29 13:21:07 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2012-06-29 13:21:07 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-06-29 13:21:07 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2012-06-29 13:12:52 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-06-29 13:12:51 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2012-06-29 13:12:51 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2012-06-29 13:12:51 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-06-29 13:12:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2012-06-29 13:12:51 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2012-06-29 13:12:51 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-06-21 21:38:57 -------- d-sh--w- C:\Recovery
2012-06-19 07:32:36 439672 ----a-w- C:\Windows\System32\drivers\b57nd60a.sys
.
==================== Find3M ====================
.
2012-06-29 15:54:41 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-06-29 15:54:40 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll
2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll
2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
.
============= FINISH: 0:06:45.89 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/29/2012 7:05:35 PM
System Uptime: 7/17/2012 9:57:20 PM (3 hours ago)
.
Motherboard: Dell Inc. | | 0YP696
Processor: AMD Athlon(tm) Processor 1640B | Socket M2 | 2705/1000mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 103.494 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Broadcom NetXtreme 57xx Gigabit Controller
Device ID: PCI\VEN_14E4&DEV_167A&SUBSYS_01EC1028&REV_02\4&1161B83A&0&0018
Manufacturer: Broadcom
Name: Broadcom NetXtreme 57xx Gigabit Controller
PNP Device ID: PCI\VEN_14E4&DEV_167A&SUBSYS_01EC1028&REV_02\4&1161B83A&0&0018
Service: b57nd60a
.
==== System Restore Points ===================
.
RP19: 7/11/2012 7:01:47 PM - Windows Update
RP20: 7/14/2012 10:21:45 PM - avast! Internet Security Setup
RP21: 7/14/2012 10:27:12 PM - Windows Update
RP22: 7/17/2012 12:01:11 PM - Windows Update
RP23: 7/17/2012 12:05:01 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Coupon Companion
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
TRENDnet 802.11g Wireless CardBus/PCI Adapter
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Visual Studio 2008 x64 Redistributables
World of Warcraft
.
==== Event Viewer Messages From Past Week ========
.
7/17/2012 9:57:49 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
7/17/2012 12:06:17 PM, Error: Service Control Manager [7038] - The lmhosts service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/17/2012 12:06:17 PM, Error: Service Control Manager [7000] - The TCP/IP NetBIOS Helper service failed to start due to the following error: The service did not start due to a logon failure.
7/17/2012 12:02:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2010 Service Pack 1 Redistributable Package (KB2565063).
7/17/2012 12:02:33 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect.
7/17/2012 12:02:33 PM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/17/2012 12:02:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
7/17/2012 11:26:02 AM, Error: Service Control Manager [7031] - The Bitdefender Desktop Parental Control service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/17/2012 11:16:50 AM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================