Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop infected with PUM.DNS problem connect


  • Please log in to reply
1 reply to this topic

#1 creed101

creed101

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:18 AM

Posted 15 December 2015 - 05:25 AM

My laptop when connects is very slow,dns is changing any help would be most welcome..Thanks

 

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Danny (administrator) on 15-12-2015 at 18:13:11
Running from "C:\Users\Danny\Downloads"
Microsoft Windows 8.1 Single Language with Bing  (X64)
Model: Inspiron 3531 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Dell Wireless 1506 802.11b/g/n (2.4GHz) = Wi-Fi (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : roompc
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Local Area Connection* 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 16-29-AF-26-35-D4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Dell Wireless 1506 802.11b/g/n (2.4GHz)
   Physical Address. . . . . . . . . : 74-29-AF-26-35-D4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8b6:3d24:41b7:dc61%3(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.13(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, December 15, 2015 6:06:37 PM
   Lease Expires . . . . . . . . . . : Tuesday, December 15, 2015 7:06:42 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 57944495
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-0B-C6-41-00-90-9E-9A-A9-8C
   DNS Servers . . . . . . . . . . . : 114.108.193.201
                                       114.108.195.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{46A0F245-C4E0-4E53-A9FE-24728A7F0BC2}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:1810:cf9:3f57:fff2(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1810:cf9:3f57:fff2%8(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 285212672
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-0B-C6-41-00-90-9E-9A-A9-8C
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  114.108.193.201
 
Name:    google.com
Addresses:  2404:6800:4001:804::1005
 114.108.207.23
 114.108.207.27
 114.108.207.16
 114.108.207.29
 114.108.207.17
 114.108.207.24
 114.108.207.21
 114.108.207.20
 114.108.207.26
 114.108.207.18
 114.108.207.22
 114.108.207.28
 114.108.207.25
 114.108.207.15
 114.108.207.19
 
 
Pinging google.com [114.108.207.26] with 32 bytes of data:
Reply from 114.108.207.26: bytes=32 time=27ms TTL=58
Reply from 114.108.207.26: bytes=32 time=31ms TTL=58
 
Ping statistics for 114.108.207.26:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 31ms, Average = 29ms
Server:  UnKnown
Address:  114.108.193.201
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=243ms TTL=42
Reply from 206.190.36.45: bytes=32 time=214ms TTL=42
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 214ms, Maximum = 243ms, Average = 228ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  5...16 29 af 26 35 d4 ......Microsoft Wi-Fi Direct Virtual Adapter
  3...74 29 af 26 35 d4 ......Dell Wireless 1506 802.11b/g/n (2.4GHz)
  1...........................Software Loopback Interface 1
  6...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  8...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.13     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.13    281
     192.168.0.13  255.255.255.255         On-link      192.168.0.13    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.13    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.13    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.13    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  8    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  8    306 2001::/32                On-link
  8    306 2001:0:9d38:90d7:1810:cf9:3f57:fff2/128
                                    On-link
  3    281 fe80::/64                On-link
  8    306 fe80::/64                On-link
  3    281 fe80::8b6:3d24:41b7:dc61/128
                                    On-link
  8    306 fe80::1810:cf9:3f57:fff2/128
                                    On-link
  1    306 ff00::/8                 On-link
  3    281 ff00::/8                 On-link
  8    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/15/2015 05:21:44 PM) (Source: Application Hang) (User: )
Description: The program RogueKiller.exe version 11.0.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: bbc
 
Start Time: 01d1371854b03eac
 
Termination Time: 22
 
Application Path: C:\Users\Danny\Downloads\RogueKiller.exe
 
Report Id: 402ff354-a30d-11e5-8276-c2489adb8d98
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (12/15/2015 03:58:50 PM) (Source: Chrome) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=47.0.2526.80;lang=;guid=F0FAB637E8344602B3B9F8DA1A856AA9;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\d542082a-de54-4914-b0a1-77da6eb39533.dmp
 
Error: (12/15/2015 01:03:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: DBRUPD.EXE, version: 3.0.0.10, time stamp: 0x5385994f
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53648f36
Exception code: 0xc0000005
Fault offset: 0x000403c8
Faulting process id: 0x15d8
Faulting application start time: 0xDBRUPD.EXE0
Faulting application path: DBRUPD.EXE1
Faulting module path: DBRUPD.EXE2
Report Id: DBRUPD.EXE3
Faulting package full name: DBRUPD.EXE4
Faulting package-relative application ID: DBRUPD.EXE5
 
Error: (12/15/2015 01:03:21 PM) (Source: Application Error) (User: )
Description: Faulting application name: DBRUPD.EXE, version: 3.0.0.10, time stamp: 0x5385994f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0xc06d007e
Fault offset: 0x00011d4d
Faulting process id: 0x15d8
Faulting application start time: 0xDBRUPD.EXE0
Faulting application path: DBRUPD.EXE1
Faulting module path: DBRUPD.EXE2
Report Id: DBRUPD.EXE3
Faulting package full name: DBRUPD.EXE4
Faulting package-relative application ID: DBRUPD.EXE5
 
Error: (12/15/2015 12:36:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: DBRUPD.EXE, version: 3.0.0.10, time stamp: 0x5385994f
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53648f36
Exception code: 0xc0000005
Fault offset: 0x000403c8
Faulting process id: 0x138c
Faulting application start time: 0xDBRUPD.EXE0
Faulting application path: DBRUPD.EXE1
Faulting module path: DBRUPD.EXE2
Report Id: DBRUPD.EXE3
Faulting package full name: DBRUPD.EXE4
Faulting package-relative application ID: DBRUPD.EXE5
 
Error: (12/15/2015 12:36:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: DBRUPD.EXE, version: 3.0.0.10, time stamp: 0x5385994f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0xc06d007e
Fault offset: 0x00011d4d
Faulting process id: 0x138c
Faulting application start time: 0xDBRUPD.EXE0
Faulting application path: DBRUPD.EXE1
Faulting module path: DBRUPD.EXE2
Report Id: DBRUPD.EXE3
Faulting package full name: DBRUPD.EXE4
Faulting package-relative application ID: DBRUPD.EXE5
 
Error: (12/15/2015 12:36:14 PM) (Source: Application Hang) (User: )
Description: The program Spyhunter4.exe version 4.21.10.4585 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: cc0
 
Start Time: 01d136f114967146
 
Termination Time: 64
 
Application Path: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
 
Report Id: 5decbaa2-a2e5-11e5-8274-7429af2635d4
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (12/15/2015 07:47:54 AM) (Source: Application Error) (User: )
Description: Faulting application name: DBRUPD.EXE, version: 3.0.0.10, time stamp: 0x5385994f
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53648f36
Exception code: 0xc0000005
Fault offset: 0x000403c8
Faulting process id: 0x1100
Faulting application start time: 0xDBRUPD.EXE0
Faulting application path: DBRUPD.EXE1
Faulting module path: DBRUPD.EXE2
Report Id: DBRUPD.EXE3
Faulting package full name: DBRUPD.EXE4
Faulting package-relative application ID: DBRUPD.EXE5
 
Error: (12/15/2015 07:45:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: DBRUPD.EXE, version: 3.0.0.10, time stamp: 0x5385994f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0xc06d007e
Fault offset: 0x00011d4d
Faulting process id: 0x1100
Faulting application start time: 0xDBRUPD.EXE0
Faulting application path: DBRUPD.EXE1
Faulting module path: DBRUPD.EXE2
Report Id: DBRUPD.EXE3
Faulting package full name: DBRUPD.EXE4
Faulting package-relative application ID: DBRUPD.EXE5
 
Error: (12/14/2015 04:19:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: DBRUPD.EXE, version: 3.0.0.10, time stamp: 0x5385994f
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53648f36
Exception code: 0xc0000005
Fault offset: 0x000403c8
Faulting process id: 0x7c0
Faulting application start time: 0xDBRUPD.EXE0
Faulting application path: DBRUPD.EXE1
Faulting module path: DBRUPD.EXE2
Report Id: DBRUPD.EXE3
Faulting package full name: DBRUPD.EXE4
Faulting package-relative application ID: DBRUPD.EXE5
 
 
System errors:
=============
Error: (12/15/2015 05:48:16 PM) (Source: Service Control Manager) (User: )
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (12/15/2015 05:09:54 PM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys
 
Error: (12/15/2015 12:53:15 PM) (Source: Service Control Manager) (User: )
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (12/15/2015 12:27:28 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:16:34 PM on ‎12/‎15/‎2015 was unexpected.
 
Error: (12/15/2015 07:39:29 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys
 
Error: (12/15/2015 07:39:00 AM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
%%1053
 
Error: (12/15/2015 07:39:00 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (12/15/2015 07:38:30 AM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
%%1053
 
Error: (12/15/2015 07:38:30 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (12/15/2015 07:36:34 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:37:14 AM on ‎12/‎15/‎2015 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (12/15/2015 05:21:44 PM) (Source: Application Hang)(User: )
Description: RogueKiller.exe11.0.2.0bbc01d1371854b03eac22C:\Users\Danny\Downloads\RogueKiller.exe402ff354-a30d-11e5-8276-c2489adb8d98
 
Error: (12/15/2015 03:58:50 PM) (Source: Chrome)(User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=47.0.2526.80;lang=;guid=F0FAB637E8344602B3B9F8DA1A856AA9;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\d542082a-de54-4914-b0a1-77da6eb39533.dmp
 
Error: (12/15/2015 01:03:24 PM) (Source: Application Error)(User: )
Description: DBRUPD.EXE3.0.0.105385994fntdll.dll6.3.9600.1711453648f36c0000005000403c815d801d136f5ea518352C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXEC:\WINDOWS\SYSTEM32\ntdll.dll2ab38b52-a2e9-11e5-8275-dbbd3ad21b51
 
Error: (12/15/2015 01:03:21 PM) (Source: Application Error)(User: )
Description: DBRUPD.EXE3.0.0.105385994fKERNELBASE.dll6.3.9600.17055532943a3c06d007e00011d4d15d801d136f5ea518352C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXEC:\WINDOWS\SYSTEM32\KERNELBASE.dll28f6e27c-a2e9-11e5-8275-dbbd3ad21b51
 
Error: (12/15/2015 12:36:22 PM) (Source: Application Error)(User: )
Description: DBRUPD.EXE3.0.0.105385994fntdll.dll6.3.9600.1711453648f36c0000005000403c8138c01d136f222de84a7C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXEC:\WINDOWS\SYSTEM32\ntdll.dll642fecea-a2e5-11e5-8274-7429af2635d4
 
Error: (12/15/2015 12:36:18 PM) (Source: Application Error)(User: )
Description: DBRUPD.EXE3.0.0.105385994fKERNELBASE.dll6.3.9600.17055532943a3c06d007e00011d4d138c01d136f222de84a7C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXEC:\WINDOWS\SYSTEM32\KERNELBASE.dll619c058d-a2e5-11e5-8274-7429af2635d4
 
Error: (12/15/2015 12:36:14 PM) (Source: Application Hang)(User: )
Description: Spyhunter4.exe4.21.10.4585cc001d136f11496714664C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe5decbaa2-a2e5-11e5-8274-7429af2635d4
 
Error: (12/15/2015 07:47:54 AM) (Source: Application Error)(User: )
Description: DBRUPD.EXE3.0.0.105385994fntdll.dll6.3.9600.1711453648f36c0000005000403c8110001d136c98c97f42dC:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXEC:\WINDOWS\SYSTEM32\ntdll.dll17a36811-a2bd-11e5-8273-e3447c34473a
 
Error: (12/15/2015 07:45:57 AM) (Source: Application Error)(User: )
Description: DBRUPD.EXE3.0.0.105385994fKERNELBASE.dll6.3.9600.17055532943a3c06d007e00011d4d110001d136c98c97f42dC:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXEC:\WINDOWS\SYSTEM32\KERNELBASE.dlld1e9b11b-a2bc-11e5-8273-e3447c34473a
 
Error: (12/14/2015 04:19:08 PM) (Source: Application Error)(User: )
Description: DBRUPD.EXE3.0.0.105385994fntdll.dll6.3.9600.1711453648f36c0000005000403c87c001d1364816bf01b7C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXEC:\WINDOWS\SYSTEM32\ntdll.dll582d46f9-a23b-11e5-8272-a1b817cb72e6
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-12-15 15:47:58.552
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-12-15 15:47:57.563
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-12-15 15:47:56.598
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-12-15 15:47:55.592
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-12-15 15:47:54.626
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-12-15 15:47:53.643
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-12-15 15:47:52.645
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-12-15 15:22:05.702
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-12-15 13:22:01.200
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-12-15 12:55:33.188
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{243E6515-D9FC-4A52-80A8-64E286CCDDCD}) (Version: 3.0.900.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.93 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.2.1 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{D9D0E75C-F791-402A-98E2-A2F43E7B0CE3}) (Version: 1.1.1054.0 - Dell Inc.)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
GlassWire 1.1 (remove only) (HKLM-x32\...\GlassWire 1.1) (Version: 1.1.36 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2208 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.8.2.0 - QFX Software Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.005 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
RogueKiller version 11 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 11 - Adlice Software)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
UnHackMe 7.90 (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
X-Lite (HKLM-x32\...\{EB9EDE40-5F34-4D07-89ED-4F3CA30BEE13}) (Version: 49.7.8728 - CounterPath Corporation)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 48%
Total physical RAM: 3979.2 MB
Available physical RAM: 2065.65 MB
Total Virtual: 5387.2 MB
Available Virtual: 2992.36 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:115.32 GB) (Free:76.56 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:341.8 GB) (Free:341.18 GB) NTFS
3 Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
4 Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.44 GB) NTFS
5 Drive y: (PBR Image) (Fixed) (Total:6.8 GB) (Free:0.73 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ROOMPC
 
Administrator            Danny                    Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
11-12-2015 08:56:00 Windows Modules Installer
12-12-2015 10:35:24 AA11
13-12-2015 08:39:41 JRT Pre-Junkware Removal
15-12-2015 05:02:31 Removed Dell Product Registration.
 
**** End of log ****
 


BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:10:18 PM

Posted 18 December 2015 - 05:50 PM

Hi,

 

If you think your DNS issues are malware related you be better off posting in this forum;

 

http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/

 

Prep guide for forum:

 

http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users