Jump to content

COM Surrogate - dllhost.exe -- Multiple instances


Recommended Posts

I have multiple instances of this running on my computer and hogging up resources. They seem to be trying to launch IE browser sites.

 

I ran Malware Bytes Scan but it says everythign is clean. These dll processes come on at startup even before i launch anything. Malware Bytes says its blocking the website and i exclude it but the multiple processes still show up. My computer is very slow.

 

I also ran Trend Micro Office Scan Antiviurs and it found and quarnatied three files but the processes still keep showing up.

 

 

Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
     
    
Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
 

Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

Hello

 

Thank you for assisting me with this issue.

Below is the text from the requested log files:

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014
Ran by hhakim (administrator) on LP-HHAKIM-W7 on 06-10-2014 09:35:19
Running from C:\Users\hhakim\Downloads
Loaded Profiles: hhakim &  (Available profiles: hhakim & jscheufele & klanier & cweller & mwojcik & tkurdt & Service Desk & Administrator)
Platform: Microsoft Windows 7 Enterprise  (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.wireshark.org)
X1 Professional Client (HKLM\...\{39842CE7-1462-4A95-B0EF-6EFF94495A8A}) (Version: 6.7 - X1 Technologies, Inc.)
XML Notepad 2007 (HKLM\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\hhakim\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{1A2A78F4-B5A4-4208-B520-BDDA0A7EC5CB}\InprocServer32 -> C:\Users\hhakim\AppData\Roaming\Google\Google Web Toolkit\Developer Plugin\IE\Win32\oophm.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{1D6156B6-002B-49E7-B5CA-C138FB843B4E}\InprocServer32 -> C:\Users\hhakim\AppData\Roaming\Google\Google Web Toolkit\Developer Plugin\IE\Win32\oophm.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{644FD769-8B9D-4AC4-A79E-AAAF5CD751C1}\InprocServer32 -> C:\Users\hhakim\AppData\Roaming\Google\Google Web Toolkit\Developer Plugin\IE\Win32\oophm.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1475062817-1407861736-3805098287-11539_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\hhakim\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
 
==================== Restore Points  =========================
 
05-10-2014 14:54:47 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:04 - 2014-10-05 19:06 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0B1EDF49-427C-4F6A-BA13-FAB30B2C511F} - System32\Tasks\hhakim NBAgent 5 4 => C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-04-08] (Nero AG)
Task: {0B28176B-5695-4761-9CDB-4DD0C0E6E56A} - System32\Tasks\{F5FFF2D7-EC19-41DE-9079-D2D66C1465B7} => C:\Program Files\Skype\Phone\Skype.exe
Task: {1CCED367-D97E-40D4-A3F2-AFF8094429AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
Task: {65303847-2DB4-4AAD-9B35-B6CA42C205AA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1475062817-1407861736-3805098287-11539UA => C:\Users\hhakim\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-22] (Google Inc.)
Task: {873B8744-B310-4AB6-AE59-58C15EEFA05B} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {AF5E7CE2-20DC-40D6-A43E-9DE2CF1E137E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1475062817-1407861736-3805098287-11539Core => C:\Users\hhakim\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-22] (Google Inc.)
Task: {B78E74F5-1A1E-43EF-8728-1127AB3F39A5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BA9BD6CD-BFFA-452F-8DE6-49D7FC090BB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
Task: {C5B0F52E-7106-4C51-A18D-257ABB378BBB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-02] (Adobe Systems Incorporated)
Task: {E6610171-6136-4AF6-913A-FDC48E2CAF7E} - System32\Tasks\hhakim Local Autobackup 5 4 => C:\Program Files\Nero\Nero 10\Nero BackItUp\NBCore.exe [2011-04-08] (Nero AG)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1475062817-1407861736-3805098287-11539Core.job => C:\Users\hhakim\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1475062817-1407861736-3805098287-11539UA.job => C:\Users\hhakim\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2009-09-04 03:38 - 2009-09-04 03:38 - 00020594 _____ () C:\Windows\System32\DELS3L3.DLL
2008-04-17 09:08 - 2008-04-17 09:08 - 00197408 _____ () C:\Windows\system32\vpnapi.dll
2009-05-05 16:06 - 2009-05-05 16:06 - 00231424 _____ () C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe
2009-05-05 16:06 - 2009-05-05 16:06 - 00155648 _____ () C:\Program Files\McAfee\SiteAdvisor Enterprise\saUpKeep.dll
2009-05-05 16:06 - 2009-05-05 16:06 - 00556032 _____ () C:\Program Files\McAfee\SiteAdvisor Enterprise\SACore.dll
2009-05-05 16:06 - 2009-05-05 16:06 - 00303616 _____ () C:\Program Files\McAfee\SiteAdvisor Enterprise\SASet.dll
2011-04-01 13:53 - 2011-04-01 13:53 - 00499712 _____ () C:\Program Files\Trend Micro\OfficeScan Client\sqlite3.dll
2010-06-28 12:44 - 2009-12-10 14:11 - 00449024 ____R () C:\Program Files\Dell\Dell WWAN\WMCore\mini_WMCore.exe
2010-06-28 12:44 - 2009-03-25 23:08 - 00058880 ____R () C:\Program Files\Dell\Dell WWAN\WMCore\MBMDebug.dll
2010-06-28 12:45 - 2010-01-15 15:35 - 00058880 _____ () C:\Program Files\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2008-02-02 02:09 - 2008-02-02 02:09 - 02560000 _____ () C:\Program Files\Nuance\PDF Professional 5\cnvres_eng.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-09-15 16:41 - 2014-09-03 23:01 - 01098056 _____ () C:\Users\hhakim\AppData\Local\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-15 16:41 - 2014-09-03 23:01 - 00174408 _____ () C:\Users\hhakim\AppData\Local\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-15 16:41 - 2014-09-03 23:01 - 08577864 _____ () C:\Users\hhakim\AppData\Local\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-15 16:41 - 2014-09-03 23:01 - 00331592 _____ () C:\Users\hhakim\AppData\Local\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-15 16:41 - 2014-09-03 23:01 - 01660232 _____ () C:\Users\hhakim\AppData\Local\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IMSS => "C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: iPassConnect => "C:\Program Files\iPass\iPassConnect Corporate\iPassConnectGUI.exe" /S
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: nwiz => nwiz.exe /installquiet
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WirelessManager => C:\Program Files\Dell\Dell Mobile Broadband Manager\WirelessManager.exe
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-455503000-2729057706-1161461007-500 - Administrator - Disabled) => C:\Users\Administrator
ASPNET (S-1-5-21-455503000-2729057706-1161461007-1003 - Limited - Enabled)
Guest (S-1-5-21-455503000-2729057706-1161461007-501 - Limited - Disabled)
localadmin (S-1-5-21-455503000-2729057706-1161461007-1007 - Administrator - Enabled)
local_admin (S-1-5-21-455503000-2729057706-1161461007-1010 - Administrator - Enabled)
Service Desk (S-1-5-21-455503000-2729057706-1161461007-1004 - Administrator - Enabled) => C:\Users\Service Desk
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/05/2014 05:01:31 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (10/05/2014 04:50:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/05/2014 11:00:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (10/05/2014 10:49:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/05/2014 08:15:06 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: VIASAT\hhakim0x8007003aThe specified server cannot perform the requested operation.
 
Error: (10/05/2014 00:15:04 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: VIASAT\hhakim0x8007003aThe specified server cannot perform the requested operation.
 
Error: (10/04/2014 04:15:03 PM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: VIASAT\hhakim0x8007003aThe specified server cannot perform the requested operation.
 
Error: (10/04/2014 08:15:02 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: VIASAT\hhakim0x8007003aThe specified server cannot perform the requested operation.
 
Error: (10/04/2014 00:15:01 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: VIASAT\hhakim0x8007003aThe specified server cannot perform the requested operation.
 
Error: (10/03/2014 08:14:59 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: VIASAT\hhakim0x8007003aThe specified server cannot perform the requested operation.
 
 
System errors:
=============
Error: (10/06/2014 09:16:11 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}
 
Error: (10/06/2014 09:14:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (10/06/2014 09:13:27 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (10/06/2014 09:13:27 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: VIASAT)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
 
Microsoft Office Sessions:
=========================
Error: (10/06/2014 09:48:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.164764a5bc6b7MSHTML.dll9.0.8112.164765126ee6cc000000500262cd491001cfe16c1259b251C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll6e88396b-4d5f-11e4-8321-5cac4cfac4d0
 
Error: (10/05/2014 05:01:31 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (10/05/2014 04:50:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator64.exe
 
Error: (10/05/2014 11:00:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (10/05/2014 10:49:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator64.exe
 
Error: (10/05/2014 08:15:06 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: VIASAT\hhakim0x8007003aThe specified server cannot perform the requested operation.
 
Error: (10/05/2014 00:15:04 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: VIASAT\hhakim0x8007003aThe specified server cannot perform the requested operation.
 
Error: (10/04/2014 04:15:03 PM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: VIASAT\hhakim0x8007003aThe specified server cannot perform the requested operation.
 
Error: (10/04/2014 08:15:02 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: VIASAT\hhakim0x8007003aThe specified server cannot perform the requested operation.
 
Error: (10/04/2014 00:15:01 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: VIASAT\hhakim0x8007003aThe specified server cannot perform the requested operation.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 84%
Total physical RAM: 3317.83 MB
Available physical RAM: 503.29 MB
Total Pagefile: 6633.94 MB
Available Pagefile: 1137.18 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.3 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:230.85 GB) (Free:35.16 GB) NTFS
Drive d: (READER) (Fixed) (Total:1.99 GB) (Free:1.9 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: D04027B3)
Partition 1: (Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=230.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=OF Extended)
 
==================== End Of Log ============================
 
Please let me know what i need to do next
Link to post
Share on other sites

FRST.gif Fix with Farbar Recovery Scan Tool
 


icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

 

 

 

 

How is your PC now?

fixlist.txt

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.