Jump to content

jbekhm

Members
  • Posts

    5
  • Joined

  • Last visited

Everything posted by jbekhm

  1. Worked perfectly, here is the combofix.txt file: ComboFix 13-11-12.01 - Jason 11/12/2013 16:13:42.1.2 - x64Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3838.2497 [GMT -8:00]Running from: c:\users\Jason\Desktop\ComboFix.exeAV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..C:\prefs.js..((((((((((((((((((((((((( Files Created from 2013-10-13 to 2013-11-13 )))))))))))))))))))))))))))))))..2013-11-13 00:26 . 2013-11-13 00:26 -------- d-----w- c:\users\Default\AppData\Local\temp2013-11-12 08:25 . 2013-11-13 00:12 -------- d-----w- c:\users\Jason\AppData\Local\CrashDumps2013-11-12 08:13 . 2013-11-12 08:13 -------- d-----w- c:\program files (x86)\ERUNT2013-11-12 01:50 . 2013-11-12 01:50 -------- d-----w- c:\users\Jason\AppData\Roaming\Malwarebytes2013-11-12 01:50 . 2013-11-12 01:50 -------- d-----w- c:\programdata\Malwarebytes2013-11-12 01:50 . 2013-11-12 01:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-11-12 01:50 . 2013-04-04 22:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-11-12 01:50 . 2013-11-12 01:50 -------- d-----w- c:\users\Jason\AppData\Local\Programs2013-11-11 16:07 . 2013-11-11 16:07 -------- d-----w- c:\program files (x86)\Common Files\Adobe2013-11-11 16:03 . 2013-11-11 16:03 -------- d-----w- c:\windows\CheckSur2013-11-09 01:35 . 2013-11-09 01:35 -------- d-----w- c:\users\Jason\AppData\Roaming\AVG20142013-11-09 01:34 . 2013-11-09 01:34 -------- d-----w- c:\users\Jason\AppData\Roaming\TuneUp Software2013-11-09 01:33 . 2013-11-09 01:35 -------- d-----w- c:\programdata\AVG20142013-11-09 01:33 . 2013-11-09 01:33 -------- d-----w- C:\$AVG2013-11-09 01:31 . 2013-11-09 01:31 -------- d-----w- c:\program files (x86)\AVG2013-11-09 01:17 . 2013-11-12 16:04 -------- d-----w- c:\programdata\MFAData2013-11-09 01:17 . 2013-11-09 01:55 -------- d-----w- c:\users\Jason\AppData\Local\Avg20142013-11-09 01:17 . 2013-11-09 01:17 -------- d--h--w- c:\programdata\Common Files2013-11-09 01:17 . 2013-11-09 01:17 -------- d-----w- c:\users\Jason\AppData\Local\MFAData2013-11-08 06:41 . 2013-11-08 06:41 -------- d-----w- c:\windows\system32\MRT2013-11-08 06:40 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys2013-11-08 06:40 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll2013-11-08 06:40 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll2013-11-08 06:40 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll2013-11-08 06:40 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll2013-11-08 06:40 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll2013-11-08 06:40 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll2013-11-08 06:35 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll2013-11-08 06:35 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe2013-11-08 06:35 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll2013-11-08 06:35 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll2013-11-08 06:35 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll2013-11-08 06:35 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll2013-11-08 06:35 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll2013-11-08 06:35 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll2013-11-08 06:35 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe2013-11-08 06:35 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll2013-11-08 06:25 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll2013-11-08 06:25 . 2012-06-06 06:05 61440 ----a-w- c:\program files\Common Files\System\ado\msador15.dll2013-11-08 06:25 . 2012-06-06 06:05 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll2013-11-08 06:25 . 2012-06-06 06:05 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll2013-11-08 06:25 . 2012-06-06 06:05 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll2013-11-08 06:25 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll2013-11-08 06:25 . 2012-06-06 05:05 143360 ----a-w- c:\program files (x86)\Common Files\System\ado\msjro.dll2013-11-08 06:25 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll2013-11-08 06:25 . 2012-06-06 05:05 57344 ----a-w- c:\program files (x86)\Common Files\System\ado\msador15.dll2013-11-08 06:25 . 2012-06-06 05:05 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll2013-11-08 06:25 . 2012-06-06 05:05 212992 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll2013-11-08 06:25 . 2012-06-06 05:05 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll2013-11-08 06:25 . 2012-06-06 05:03 805376 ----a-w- c:\windows\SysWow64\cdosys.dll2013-11-08 06:20 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll2013-11-08 06:20 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll2013-11-08 06:15 . 2013-10-16 08:20 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9ACCA77A-3FEA-4D91-B5C4-002C47482AB8}\mpengine.dll2013-11-08 03:34 . 2013-11-08 03:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll2013-11-08 03:34 . 2013-11-08 03:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll2013-11-08 03:34 . 2013-11-08 03:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll2013-11-08 03:34 . 2013-11-08 03:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll2013-11-08 03:34 . 2013-11-08 03:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll2013-11-08 03:28 . 2013-11-08 06:40 -------- d-----w- c:\programdata\Oracle2013-11-08 03:21 . 2013-11-08 04:00 -------- d-----w- c:\program files (x86)\McAfee Security Scan2013-11-08 03:01 . 2013-11-08 03:25 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll2013-11-08 03:01 . 2013-11-08 03:01 189352 ----a-w- c:\windows\system32\javaw.exe2013-11-08 03:01 . 2013-11-08 03:01 189352 ----a-w- c:\windows\system32\java.exe2013-11-08 02:41 . 2013-11-08 02:41 -------- d-----w- c:\users\Jason\AppData\Local\Macromedia2013-11-08 02:38 . 2013-11-08 02:38 -------- d-----w- c:\users\Jason\AppData\Local\Mozilla2013-10-31 03:04 . 2013-10-31 06:05 -------- d-----w- c:\users\Jason\AppData\Roaming\Bitcoin2013-10-31 03:03 . 2013-10-31 03:04 -------- d-----w- c:\program files (x86)\Bitcoin2013-10-15 02:05 . 2013-11-12 02:06 -------- d-----w- c:\programdata\DSearchLink...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-10-11 01:19 . 2013-10-11 01:19 5 ----a-w- c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp2013-09-26 05:07 . 2013-09-26 05:07 148792 ----a-w- c:\windows\system32\drivers\avgdiska.sys2013-09-09 06:11 . 2013-09-09 06:11 31544 ----a-w- c:\windows\system32\drivers\avgrkx64.sys2013-09-03 21:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe2013-09-02 18:59 . 2013-09-02 18:59 212280 ----a-w- c:\windows\system32\drivers\avgldx64.sys2013-09-02 18:29 . 2013-09-02 18:29 294712 ----a-w- c:\windows\system32\drivers\avgloga.sys2013-09-02 18:26 . 2013-09-02 18:26 192824 ----a-w- c:\windows\system32\drivers\avgidsha.sys2013-09-02 18:26 . 2013-09-02 18:26 241464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys2013-08-21 06:53 . 2013-08-21 06:53 123704 ----a-w- c:\windows\system32\drivers\avgmfx64.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-10-08 4908592]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-09-05 958576].c:\users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow [2005-10-20 38912].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]R3 NTPASp50a64;NTPASp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\NTPASp50a64.sys;c:\windows\SYSNATIVE\Drivers\NTPASp50a64.sys [x]R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [x]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]S2 nlsx86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe;c:\windows\SysWOW64\nlssrv32.exe [x]S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]..Contents of the 'Scheduled Tasks' folder.2013-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2413823669-334487975-3479585294-1001Core.job- c:\users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15 06:15].2013-11-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2413823669-334487975-3479585294-1001UA.job- c:\users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15 06:15]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.local;192.168.*.*IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12.- - - - ORPHANS REMOVED - - - -.Wow6432Node-HKLM-Run-<NO NAME> - (no file)...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-11-12 16:38:48ComboFix-quarantined-files.txt 2013-11-13 00:38.Pre-Run: 14,080,991,232 bytes freePost-Run: 14,022,094,848 bytes free.- - End Of File - - ECD8CA74BAB42A93EC50DBD7FBAD5D67A36C5E4F47E84449FF07ED3517B43A31
  2. Also, the failed windows update codes that I looked up after seeing them in the dds log correlate to: Error code 0x800706BA may be generated when a client computer makes a request to a remote COM+ object Error code 0x800706BA indicates that the remote procedure call (RPC) server is unavailable. This problem relates to the "Com.surrogate has stopped working" issue that is caused by dllhost.exe and turned into the issue I have now with malwarebytes blocking the site. However, at around 11 AM Pacific time, the Com.surragate issue began again even though malwarebytes is running and I noticed this in the malwarebytes log : 2013/11/12 10:32:08 -0800 JB-LAPTOP Jason IP-BLOCK 88.214.193.54 (Type: outgoing, Port: 56855, Process: dllhost.exe) 2013/11/12 10:32:08 -0800 JB-LAPTOP Jason IP-BLOCK 88.214.193.54 (Type: outgoing, Port: 56858, Process: dllhost.exe)2013/11/12 10:44:58 -0800 JB-LAPTOP Jason IP-BLOCK 66.45.56.109 (Type: outgoing, Port: 57648, Process: dllhost.exe)2013/11/12 10:47:22 -0800 JB-LAPTOP Jason IP-BLOCK 66.45.56.109 (Type: outgoing, Port: 57768, Process: dllhost.exe)2013/11/12 10:50:16 -0800 JB-LAPTOP Jason MESSAGE Starting database refresh2013/11/12 10:50:16 -0800 JB-LAPTOP Jason MESSAGE Stopping IP protection2013/11/12 10:50:17 -0800 JB-LAPTOP Jason MESSAGE IP Protection stopped successfully2013/11/12 10:50:21 -0800 JB-LAPTOP Jason MESSAGE Database refreshed successfully2013/11/12 10:50:21 -0800 JB-LAPTOP Jason MESSAGE Starting IP protection2013/11/12 10:50:32 -0800 JB-LAPTOP Jason MESSAGE IP Protection started successfully2013/11/12 10:58:58 -0800 JB-LAPTOP Jason MESSAGE Stopping IP protection2013/11/12 10:58:59 -0800 JB-LAPTOP Jason MESSAGE IP Protection stopped successfully2013/11/12 10:59:03 -0800 JB-LAPTOP Jason MESSAGE Starting IP protection2013/11/12 10:59:13 -0800 JB-LAPTOP Jason MESSAGE IP Protection started successfully2013/11/12 11:09:04 -0800 JB-LAPTOP (null) MESSAGE Starting protection2013/11/12 11:09:04 -0800 JB-LAPTOP (null) MESSAGE Protection started successfully2013/11/12 11:09:04 -0800 JB-LAPTOP (null) MESSAGE Starting IP protection2013/11/12 11:09:16 -0800 JB-LAPTOP (null) MESSAGE IP Protection started successfully Hope this is of any help. I really do appreciate your time in helping the internet become a safer place!
  3. First off, thank you for your help. much appreciated. I have attached the new logs after deleting utorrent. I completed step 0 and 1 easily, however when running rougekiller 64-bit, the program hangs up on the Registry Tab, with the status description: "Searching for Policy Hijacks -> (HJ INPROC)" I've tried this about 3 times and each time had to restart my computer after waiting 30 or more minutes with the status bar stuck at this position. Thanks again for your help attach.txt dds.txt
  4. Successfully blocked access to a potentially malicious website: 88.214.193.54 Type: outgoing port xxxxx, Process dllhost.exe This error has continued about every 2-3 minutes. Since 11/7/13 I have had dllhost.exe task stop working and it takes up a lot of memory. I have searched the web to find out what "com surrogate has stopped working" means and it is related to the dllhost. After installing malwarebytes, the dllhost.exe task doesn't stop working, but i keep getting this popup from malwarebytes, which is associated with the problem. Any help is much appreciated! DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 9/13/2011 9:40:11 PM System Uptime: 11/11/2013 6:07:55 PM (1 hours ago) . Motherboard: Compal | | 30FC Processor: AMD Turion X2 Dual-Core Mobile RM-72 | Socket M2/S1G1 | 2100/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 452 GiB total, 14.254 GiB free. D: is FIXED (NTFS) - 14 GiB total, 2.123 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Device ID: ACPI\ENE0100\3&2411E6FE&2 Manufacturer: Name: PNP Device ID: ACPI\ENE0100\3&2411E6FE&2 Service: . Class GUID: Description: Device ID: ACPI\HPQ0004\3&2411E6FE&2 Manufacturer: Name: PNP Device ID: ACPI\HPQ0004\3&2411E6FE&2 Service: . ==== System Restore Points =================== . RP122: 11/11/2013 7:56:53 AM - Removed Java 7 Update 45 RP123: 11/11/2013 7:57:26 AM - Removed Java 7 Update 45 RP124: 11/11/2013 8:02:45 AM - Windows Update . ==== Installed Programs ====================== . µTorrent 64 Bit HP CIO Components Installer Adobe AIR Adobe Reader XI (11.0.04) Alarm AMD USB Filter Driver Apple Mobile Device Support Apple Software Update ATI Catalyst Install Manager AVG 2014 Bitcoin Bonjour Broadcom 802.11 Wireless LAN Adapter Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Citrix Online Launcher DAEMON Tools Lite Dropbox GMATPrep Google Chrome Google Earth GoToMeeting 5.4.0.1082 HP Update HTC Driver Installer I.R.I.S. OCR iCloud IDT Audio IPTInstaller iTunes JMicron Flash Media Controller Driver K-Lite Codec Pack 7.7.0 (Full) Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 MotoHelper MergeModules Realtek 8136 8168 8169 Ethernet Driver Rosetta Stone Version 3 Skype Click to Call Skype™ 6.3 Spotify Synaptics Pointing Device Driver Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables WinRAR 4.01 (64-bit) . ==== Event Viewer Messages From Past Week ======== . 11/7/2013 10:42:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2552343). 11/7/2013 10:42:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2864058). 11/7/2013 10:42:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2560656). 11/7/2013 10:42:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2789645). 11/7/2013 10:42:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2756921). 11/7/2013 10:42:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2863058). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2798162). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2718704). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2533552). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2884256). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2872339). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2862966). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2847927). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2847311). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2840149). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2813347). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2807986). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2803821). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2691442). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2676562). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2667402). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2655992). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2631813). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2620704). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2585542). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2570947). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2536276). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2506212). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2479943). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2844286). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2840631). 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Internet Explorer 10 for Windows 7 for x64-based Systems. 11/7/2013 10:42:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2618451). 11/7/2013 10:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Windows Internet Explorer 9 for Windows 7 for x64-based Systems. 11/7/2013 10:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2868038). 11/7/2013 10:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2864202). 11/7/2013 10:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2862335). 11/7/2013 10:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2849470). 11/7/2013 10:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2845187). 11/7/2013 10:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2770660). 11/7/2013 10:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2758857). 11/7/2013 10:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2757638). 11/7/2013 10:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2509553). 11/7/2013 10:42:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2883150). 11/7/2013 10:42:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2861855). 11/7/2013 10:42:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2785220). 11/7/2013 10:42:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2685939). 11/7/2013 10:42:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2645640). 11/7/2013 10:42:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2579686). 11/7/2013 10:42:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2536275). 11/7/2013 10:42:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2729452). 11/7/2013 10:42:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2604115). 11/7/2013 10:42:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2879017). 11/7/2013 10:42:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706be: Update for Windows 7 for x64-based Systems (KB2868116). 11/7/2013 10:42:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2506014). 11/7/2013 10:42:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2743555). 11/7/2013 10:42:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2727528). 11/7/2013 10:42:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2706045). 11/7/2013 10:42:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2690533). 11/7/2013 10:42:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2621440). 11/7/2013 10:42:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240). 11/7/2013 10:42:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2833946). 11/7/2013 10:42:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2742599). 11/11/2013 6:08:32 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail. . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 Run by Jason at 19:37:57 on 2013-11-11 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3838.2106 [GMT -8:00] . AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2014\avgrsa.exe C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\nlssrv32.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe C:\Program Files (x86)\AVG\AVG2014\avgemca.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wuauclt.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{A17CBCCE-06F7-478C-9D3D-DD9EBE008C51} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{F0C19ACE-D927-4670-8B1D-AC1027272185} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{F0C19ACE-D927-4670-8B1D-AC1027272185}\051405143502620224552574542535 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{F0C19ACE-D927-4670-8B1D-AC1027272185}\245636B68616D6 : DHCPNameServer = 10.0.1.1 TCP: Interfaces\{F0C19ACE-D927-4670-8B1D-AC1027272185}\24967664963786 : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{F0C19ACE-D927-4670-8B1D-AC1027272185}\64D257E69647 : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{F0C19ACE-D927-4670-8B1D-AC1027272185}\C696E6B6379737 : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{F0C19ACE-D927-4670-8B1D-AC1027272185}\F42424573796E656373456E6475627 : DHCPNameServer = 10.0.0.1 192.168.1.254 TCP: Interfaces\{FB1C4992-5BFC-4206-98FB-F495C2E742CE} : DHCPNameServer = 192.168.42.129 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-9-2 192824] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-9-2 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-8 31544] R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-9-25 148792] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-9-2 241464] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-9-2 212280] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-9-14 270912] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2011-9-14 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-7-22 203264] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-3 3538480] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-25 301152] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-11 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-11 701512] R2 nlsx86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2013-4-28 71280] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-7 167424] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-11 25928] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-9-14 215040] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-9-14 34872] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-20 71168] S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2013-8-15 33736] S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-7-29 140128] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992] S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-20 88960] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-20 34816] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-20 117248] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] . =============== Created Last 30 ================ . 2013-11-12 01:50:52 -------- d-----w- C:\Users\Jason\AppData\Roaming\Malwarebytes 2013-11-12 01:50:37 -------- d-----w- C:\ProgramData\Malwarebytes 2013-11-12 01:50:36 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-11-12 01:50:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-12 01:50:22 -------- d-----w- C:\Users\Jason\AppData\Local\Programs 2013-11-11 16:03:04 -------- d-----w- C:\Windows\CheckSur 2013-11-09 01:35:39 -------- d-----w- C:\Users\Jason\AppData\Roaming\AVG2014 2013-11-09 01:34:38 -------- d-----w- C:\Users\Jason\AppData\Roaming\TuneUp Software 2013-11-09 01:33:05 -------- d--h--w- C:\$AVG 2013-11-09 01:33:05 -------- d-----w- C:\ProgramData\AVG2014 2013-11-09 01:31:19 -------- d-----w- C:\Program Files (x86)\AVG 2013-11-09 01:17:38 -------- d--h--w- C:\ProgramData\Common Files 2013-11-09 01:17:38 -------- d-----w- C:\Users\Jason\AppData\Local\MFAData 2013-11-09 01:17:38 -------- d-----w- C:\Users\Jason\AppData\Local\Avg2014 2013-11-09 01:17:38 -------- d-----w- C:\ProgramData\MFAData 2013-11-08 06:41:37 -------- d-----w- C:\Windows\System32\MRT 2013-11-08 06:40:30 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-11-08 06:40:30 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2013-11-08 06:40:30 5120 ----a-w- C:\Windows\System32\wmi.dll 2013-11-08 06:40:30 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2013-11-08 06:40:30 220672 ----a-w- C:\Windows\System32\wintrust.dll 2013-11-08 06:40:30 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-11-08 06:40:30 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-11-08 06:35:56 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-11-08 06:35:56 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-11-08 06:35:55 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-11-08 06:35:55 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-11-08 06:35:55 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-11-08 06:35:55 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-11-08 06:35:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-11-08 06:35:55 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-11-08 06:35:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-11-08 06:35:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-11-08 06:25:40 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2013-11-08 06:25:40 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll 2013-11-08 06:25:40 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll 2013-11-08 06:25:40 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2013-11-08 06:25:40 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2013-11-08 06:25:40 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2013-11-08 06:25:40 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2013-11-08 06:25:40 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2013-11-08 06:25:40 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2013-11-08 06:25:40 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2013-11-08 06:25:40 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2013-11-08 06:25:40 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2013-11-08 06:25:40 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2013-11-08 06:20:45 77312 ----a-w- C:\Windows\System32\packager.dll 2013-11-08 06:20:45 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2013-11-08 06:15:39 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9ACCA77A-3FEA-4D91-B5C4-002C47482AB8}\mpengine.dll 2013-11-08 03:34:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2013-11-08 03:34:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2013-11-08 03:34:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2013-11-08 03:34:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2013-11-08 03:34:29 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2013-11-08 03:28:07 -------- d-----w- C:\ProgramData\Oracle 2013-11-08 03:21:58 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan 2013-11-08 03:01:34 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2013-11-08 02:41:35 -------- d-----w- C:\Users\Jason\AppData\Local\Macromedia 2013-11-08 02:38:17 -------- d-----w- C:\Users\Jason\AppData\Local\Mozilla 2013-10-31 03:04:12 -------- d-----w- C:\Users\Jason\AppData\Roaming\Bitcoin 2013-10-31 03:03:56 -------- d-----w- C:\Program Files (x86)\Bitcoin 2013-10-15 02:05:10 -------- d-----w- C:\ProgramData\DSearchLink . ==================== Find3M ==================== . 2013-10-11 01:19:45 5 ----a-w- C:\Windows\SysWow64\lMMLDeleteUserData42107612FX.tmp 2013-09-26 05:07:30 148792 ----a-w- C:\Windows\System32\drivers\avgdiska.sys 2013-09-09 06:11:42 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys 2013-09-03 21:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-09-02 18:59:14 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys 2013-09-02 18:29:18 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys 2013-09-02 18:26:50 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys 2013-09-02 18:26:42 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys 2013-08-27 09:01:59 1143296 ----a-w- C:\Windows\System32\FntCache.dll 2013-08-27 09:01:47 1545728 ----a-w- C:\Windows\System32\DWrite.dll 2013-08-27 08:21:36 1077760 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-08-21 06:53:58 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys . ============= FINISH: 19:38:49.23 ===============
  5. I am having the same exact problem with the same IP address(88.214.193.54) sited. Started on about 4 days ago and is causing lots of dllhost.exe tasks to fail. Any help is appreciated. Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.