DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by friar tuck at 16:23:40 on 2012-04-11
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.1844 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\splwow64.exe
C:\Windows\splwow64.exe
C:\Windows\system32\PrintIsolationHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{D9C96042-DD0D-487E-BD8D-5F9A2069DCA6} : DhcpNameServer = 192.168.1.254
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-10 654408]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
.
=============== Created Last 30 ================
.
2012-04-11 22:47:41 -------- d-----w- C:\Users\friar tuck\AppData\Local\Diagnostics
2012-04-11 22:37:52 388096 ----a-r- C:\Users\friar tuck\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-11 22:37:51 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-04-11 22:29:08 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F469164C-2DAE-4B04-B064-5F24BB9AC936}\gapaengine.dll
2012-04-11 22:28:45 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04D677ED-EE41-49C1-A0DB-B6D680B14DF6}\mpengine.dll
2012-04-11 22:03:44 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-04-11 22:03:17 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-04-11 22:02:50 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-04-11 22:02:50 1898376 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-04-10 22:32:37 139264 ----a-w- C:\Windows\System32\cabview.dll
2012-04-10 22:32:37 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2012-04-10 22:32:36 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-10 22:32:36 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-10 22:32:36 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-10 22:32:34 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-04-10 22:32:34 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-04-10 22:32:34 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-10 22:32:34 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-04-10 21:53:14 -------- d-----w- C:\Users\friar tuck\AppData\Roaming\SpeedMaxPc
2012-04-10 21:53:08 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedMaxPc
2012-04-10 21:53:07 -------- d-----w- C:\ProgramData\SpeedMaxPc
2012-04-10 21:43:43 -------- d-----w- C:\Users\friar tuck\AppData\Roaming\Malwarebytes
2012-04-10 21:43:39 -------- d-----w- C:\ProgramData\Malwarebytes
2012-04-10 21:43:38 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-04-10 21:43:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-10 19:06:07 -------- d-----w- C:\Users\friar tuck\AppData\Roaming\PC Unleashed Online
2012-04-10 19:06:07 -------- d-----w- C:\Users\friar tuck\AppData\Roaming\DriverCure
2012-04-10 19:05:59 -------- d-----w- C:\ProgramData\PC Unleashed Online
2012-04-10 19:05:59 -------- d-----w- C:\Program Files (x86)\Common Files\PC Unleashed Online
2012-04-10 18:55:49 -------- d-----w- C:\ProgramData\Uniblue
2012-04-10 18:18:28 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll
2012-04-10 18:04:34 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
2012-04-10 17:51:26 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{297C5F9B-C921-4896-947D-7B2BD43A2F71}\mpengine.dll
2012-04-10 17:51:25 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-04-10 17:05:59 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-04-08 04:09:06 -------- d-----w- C:\Windows\Panther
2012-04-08 04:00:14 -------- d-----w- C:\Users\friar tuck\AppData\Local\Privatefirewall
2012-04-08 03:57:21 -------- d-----w- C:\ProgramData\Privacyware
2012-04-08 03:42:08 -------- d-sh--w- C:\Windows\Installer
2012-04-08 03:41:49 -------- d-----w- C:\ProgramData\AVAST Software
2012-04-08 03:41:49 -------- d-----w- C:\Program Files\AVAST Software
.
==================== Find3M ====================
..
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 4/7/2012 8:26:45 PM
System Uptime: 4/11/2012 3:05:35 PM (1 hours ago)
.
Motherboard: Hewlett-Packard | | 1484
Processor: Intel(R) Celeron(R) CPU 900 @ 2.20GHz | CPU | 2194/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 280.012 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Network Controller
Device ID: PCI\VEN_10EC&DEV_8171&SUBSYS_1467103C&REV_10\4&28FAE2AB&0&00E0
Manufacturer:
Name: Network Controller
PNP Device ID: PCI\VEN_10EC&DEV_8171&SUBSYS_1467103C&REV_10\4&28FAE2AB&0&00E0
Service:
.
==== System Restore Points ===================
.
RP1: 4/7/2012 8:41:38 PM - avast! Internet Security Setup
RP2: 4/7/2012 8:57:03 PM - Installed Privatefirewall 7.0
RP3: 4/10/2012 10:06:35 AM - Revo Uninstaller's restore point - HijackThis 2.0.2
RP4: 4/10/2012 10:09:42 AM - Revo Uninstaller's restore point - Privatefirewall 7.0
RP5: 4/10/2012 10:09:56 AM - Removed Privatefirewall 7.0
RP6: 4/10/2012 10:51:09 AM - Windows Update
RP7: 4/10/2012 3:27:25 PM - Revo Uninstaller's restore point - SpeedMaxPc
RP8: 4/10/2012 3:31:31 PM - Revo Uninstaller's restore point - Uniblue DriverScanner
RP9: 4/10/2012 3:34:19 PM - Revo Uninstaller's restore point - PC Unleashed Online PC Unleashed
RP10: 4/10/2012 3:36:22 PM - Revo Uninstaller's restore point - Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP11: 4/10/2012 3:36:51 PM - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP12: 4/11/2012 2:17:08 PM - Windows Update
RP13: 4/11/2012 2:59:58 PM - avast! Internet Security Setup
RP14: 4/11/2012 3:02:36 PM - Windows Update
RP15: 4/11/2012 3:26:24 PM - Revo Uninstaller's restore point - HijackThis 2.0.2
RP16: 4/11/2012 3:37:13 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
HiJackThis
Malwarebytes Anti-Malware version 1.61.0.1400
Revo Uninstaller 1.92
.
==== Event Viewer Messages From Past Week ========
.
4/11/2012 3:38:19 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.1566.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
4/11/2012 3:38:19 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.1566.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
4/11/2012 3:05:00 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
4/11/2012 3:04:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
4/11/2012 3:04:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
4/11/2012 3:04:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
4/11/2012 3:04:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
4/11/2012 3:04:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
4/11/2012 3:04:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
4/11/2012 3:04:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
4/11/2012 3:04:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
4/11/2012 3:04:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
4/11/2012 3:04:58 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
4/11/2012 3:04:57 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
4/10/2012 3:23:48 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/10/2012 3:22:41 PM, Error: Service Control Manager [7031] - The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
.
==== End Of File ===========================
.
============= FINISH: 16:24:19.00 ===============
d I am locked out of settings.