Malware or Rootkit infection?

MiniToolBox by Farbar Version:05-03-2013
Ran by Newter (administrator) on 19-04-2013 at 22:37:13
Running from "C:\Users\Newter\Downloads"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection 2 (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Hardware not present)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Hardware not present)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Upstairs
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : insight.rr.com

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : insight.rr.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : BC-5F-F4-57-31-31
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, April 19, 2013 10:27:25 PM
Lease Expires . . . . . . . . . . : Saturday, April 20, 2013 10:27:25 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.insight.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : insight.rr.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:8e2:10e6:bee7:2b8a(Preferred)
Link-local IPv6 Address . . . . . : fe80::8e2:10e6:bee7:2b8a%22(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2001:4860:400a:800::1008
74.125.225.65
74.125.225.66
74.125.225.67
74.125.225.68
74.125.225.69
74.125.225.70
74.125.225.71
74.125.225.72
74.125.225.73
74.125.225.78
74.125.225.64


Pinging google.com [173.194.46.35] with 32 bytes of data:
Reply from 173.194.46.35: bytes=32 time=32ms TTL=54
Reply from 173.194.46.35: bytes=32 time=31ms TTL=54

Ping statistics for 173.194.46.35:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 32ms, Average = 31ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=88ms TTL=49
Reply from 98.139.183.24: bytes=32 time=69ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 69ms, Maximum = 88ms, Average = 78ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
19...bc 5f f4 57 31 31 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
22...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
22 58 ::/0 On-link
1 306 ::1/128 On-link
22 58 2001::/32 On-link
22 306 2001:0:9d38:6ab8:8e2:10e6:bee7:2b8a/128
On-link
22 306 fe80::/64 On-link
22 306 fe80::8e2:10e6:bee7:2b8a/128
On-link
1 306 ff00::/8 On-link
22 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

**** End of log ****

This time I just did winsock and installed. I didn't see you write that... Its probably in one of your posts but I didn't see it and this should be the right log for CIntRep