C:\windows\syswow64\dllhost.exe

[REDACTED]

My computer started slowing down and freezing recently. I had MSE running, but have since switched to Avast. I ran MWB and removed everything it found, ran the Avast boot scan and cleaned those files as well.

I still get this error/warning frequently:

avast web shield has blocked a harmful webpage or file
Object: http://31.184.192.177 ...
Infection: URL:Mal
Process: C:\windows\syswow64\dllhost.exe

Any help is appreciated.

- Brian

[essexboy]

Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  
• Select  additions at the bottom
• Press Scan button.
  
  
• It will produce a log called FRST.txt in the same directory the tool is run from. 
  
• Please attach both logs generated.

[REDACTED]

Thanks - I attached the FRST.txt and Addition.TXT files.

[essexboy]

I am afraid you also have an encryptor malware.  At this stage the ability to decrypt them is lacking.  It affects pictures and documents, do you have backups ?

 CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKU\S-1-5-21-703966476-2288818501-2186851463-1104\...\Run: [acikmao] => rundll32 "C:\Users\New Account\AppData\Local\acikmao.dll",acikmao <===== ATTENTION
HKU\S-1-5-21-703966476-2288818501-2186851463-1104\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\New Account\Documents\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\New Account\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\New Account\AppData\Roaming\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\New Account\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\New Account\AppData\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:35 - 2014-11-09 11:35 - 00000000 ___HD () C:\6c90536
2014-11-09 08:39 - 2014-11-09 08:39 - 00000000 ____D () C:\ProgramData\RusfEsge
2014-11-09 08:39 - 2014-11-09 08:39 - 00000000 ____D () C:\ProgramData\OiqiKebra
2014-11-08 21:25 - 2014-11-09 11:36 - 00000424 _____ () C:\ProgramData\@system.temp
2014-11-08 21:25 - 2014-11-09 09:53 - 00000160 ____H () C:\ProgramData\@system3.att
2014-11-08 21:24 - 2014-11-09 16:02 - 00000000 ____D () C:\Users\New Account\AppData\Roaming\FrameworkUpdate7
2014-11-08 21:23 - 2014-11-09 12:51 - 00000000 ____D () C:\ProgramData\ZavkEwurv
2014-11-08 21:23 - 2014-11-09 12:51 - 00000000 ____D () C:\ProgramData\SophuWogew
2014-11-07 23:19 - 2014-11-09 12:51 - 00000000 ____D () C:\Users\New Account\AppData\Local\Edmvtion
2014-11-07 23:02 - 2014-11-09 12:51 - 00000000 ____D () C:\Users\New Account\AppData\Local\Elthtion
2014-11-07 23:01 - 2014-11-09 12:51 - 00000000 ____D () C:\ProgramData\WincArxe
2014-11-07 20:48 - 2014-11-07 22:30 - 00000000 ____D () C:\Users\New Account\AppData\Roaming\deluge
2014-11-07 19:59 - 2014-11-07 19:59 - 00000000 ____D () C:\ProgramData\APN
2014-11-07 19:54 - 2014-11-07 19:54 - 00003162 _____ () C:\windows\System32\Tasks\{1E5C3023-DAD5-4891-832B-BEBEFC9D13B6}
2014-11-09 12:51 - 2013-01-01 12:11 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
CustomCLSID: HKU\S-1-5-21-703966476-2288818501-2186851463-1104_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
C:\Users\New Account\AppData\Local\acikmao.dll
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Scan.
  
• After the scan is complete click on "Clean"
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.
  

FINALLY

Download and run farbar service scanner



Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

[REDACTED]

Thanks. ADWCleaner Log Contents
# AdwCleaner v4.101 - Report created 09/11/2014 at 17:02:52
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : New Account - MOJOMAINGEAR
# Running from : C:\Users\New Account\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Caramava
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\New Account\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16584


-\\ Mozilla Firefox v


-\\ Google Chrome v38.0.2125.111


*************************

AdwCleaner[R0].txt - [1721 octets] - [09/11/2014 17:00:30]
AdwCleaner[S0].txt - [1610 octets] - [09/11/2014 17:02:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1670 octets] ##########


FSS.txt Contents:
Farbar Service Scanner Version: 21-07-2014
Ran by New Account (administrator) on 09-11-2014 at 17:04:59
Running from "C:\Users\New Account\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Disabled. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Disabled. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

[REDACTED]

Forgot the Fixlog.txt. Here are those results:


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01
Ran by New Account at 2014-11-09 16:43:32 Run:1
Running from C:\Users\New Account\Desktop
Loaded Profile: New Account (Available profiles: mojo & New Account)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKU\S-1-5-21-703966476-2288818501-2186851463-1104\...\Run: [acikmao] => rundll32 "C:\Users\New Account\AppData\Local\acikmao.dll",acikmao <===== ATTENTION
HKU\S-1-5-21-703966476-2288818501-2186851463-1104\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\New Account\Documents\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\New Account\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\New Account\AppData\Roaming\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\New Account\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\New Account\AppData\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\Users\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:39 - 2014-11-09 11:39 - 00004200 _____ () C:\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:35 - 2014-11-09 11:35 - 00000000 ___HD () C:\6c90536
2014-11-09 08:39 - 2014-11-09 08:39 - 00000000 ____D () C:\ProgramData\RusfEsge
2014-11-09 08:39 - 2014-11-09 08:39 - 00000000 ____D () C:\ProgramData\OiqiKebra
2014-11-08 21:25 - 2014-11-09 11:36 - 00000424 _____ () C:\ProgramData\@system.temp
2014-11-08 21:25 - 2014-11-09 09:53 - 00000160 ____H () C:\ProgramData\@system3.att
2014-11-08 21:24 - 2014-11-09 16:02 - 00000000 ____D () C:\Users\New Account\AppData\Roaming\FrameworkUpdate7
2014-11-08 21:23 - 2014-11-09 12:51 - 00000000 ____D () C:\ProgramData\ZavkEwurv
2014-11-08 21:23 - 2014-11-09 12:51 - 00000000 ____D () C:\ProgramData\SophuWogew
2014-11-07 23:19 - 2014-11-09 12:51 - 00000000 ____D () C:\Users\New Account\AppData\Local\Edmvtion
2014-11-07 23:02 - 2014-11-09 12:51 - 00000000 ____D () C:\Users\New Account\AppData\Local\Elthtion
2014-11-07 23:01 - 2014-11-09 12:51 - 00000000 ____D () C:\ProgramData\WincArxe
2014-11-07 20:48 - 2014-11-07 22:30 - 00000000 ____D () C:\Users\New Account\AppData\Roaming\deluge
2014-11-07 19:59 - 2014-11-07 19:59 - 00000000 ____D () C:\ProgramData\APN
2014-11-07 19:54 - 2014-11-07 19:54 - 00003162 _____ () C:\windows\System32\Tasks\{1E5C3023-DAD5-4891-832B-BEBEFC9D13B6}
2014-11-09 12:51 - 2013-01-01 12:11 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
CustomCLSID: HKU\S-1-5-21-703966476-2288818501-2186851463-1104_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
C:\Users\New Account\AppData\Local\acikmao.dll
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKU\S-1-5-21-703966476-2288818501-2186851463-1104\Software\Microsoft\Windows\CurrentVersion\Run\\acikmao => value deleted successfully.
"HKU\S-1-5-21-703966476-2288818501-2186851463-1104\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key deleted successfully.
"HKU\S-1-5-21-703966476-2288818501-2186851463-1104\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
"HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => Key not found.
C:\Users\New Account\Documents\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Users\New Account\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Users\New Account\AppData\Roaming\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Users\New Account\AppData\Local\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Users\New Account\AppData\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Users\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\ProgramData\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\6c90536 => Moved successfully.
C:\ProgramData\RusfEsge => Moved successfully.
C:\ProgramData\OiqiKebra => Moved successfully.
C:\ProgramData\@system.temp => Moved successfully.
C:\ProgramData\@system3.att => Moved successfully.
C:\Users\New Account\AppData\Roaming\FrameworkUpdate7 => Moved successfully.
C:\ProgramData\ZavkEwurv => Moved successfully.
C:\ProgramData\SophuWogew => Moved successfully.
C:\Users\New Account\AppData\Local\Edmvtion => Moved successfully.
C:\Users\New Account\AppData\Local\Elthtion => Moved successfully.
C:\ProgramData\WincArxe => Moved successfully.
C:\Users\New Account\AppData\Roaming\deluge => Moved successfully.
C:\ProgramData\APN => Moved successfully.
C:\windows\System32\Tasks\{1E5C3023-DAD5-4891-832B-BEBEFC9D13B6} => Moved successfully.
C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} => Moved successfully.
"HKU\S-1-5-21-703966476-2288818501-2186851463-1104_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key not found.
"C:\Users\New Account\AppData\Local\acikmao.dll" => File/Directory not found.

=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x80070422
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


========= End of CMD: =========

EmptyTemp: => Removed 4.8 GB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[essexboy]

How is the computer behaving at the moment ?

Could you download and run the following small programme http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe
A log will be generated could you please post that

THEN

Run the FSS programme once more and attach that log

FINALLY

Run a FRST scan and please attach that log

[REDACTED]

The AVG Web warnings have ceased and it seems to be running normally. I've run several MWB and virus scans and they're all clean so far. Since I don't store my documents and photos in the traditional Windows locations (My Documents, My Pictures), nor do I have them mapped in any way, I lost very little to the encryption. My only problem now appears to be restoring Outlook since my PST files were encrypted and the only items I didn't have a backup of. I use Gmail to check them via POP3 anyways, so there's no real loss. It's just a PITA because Outlook keeps looking at the old configuration and searching for the corrupt PST files. I'll probably just uninstall, C-Clean, and re-install Office at this point.

Anyhow... Thanks for all your help thus far. It's back to work this morning for me, so I'll run those three logs tonight and post the results for your review.

[REDACTED]

Services Repair, FSS, and FRS Logs attached.

[essexboy]

Follow these steps to display hidden files and folders.

◾Open Folder Options by clicking the Start button , clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
◾Click the View tab.
◾Under Advanced settings, click Show hidden files and folders, and then click OK.

Could you manually delete this file/folder please C:\Users\New Account\AppData\Roaming\麽鎒駓覜

Are there any further problems ?

[REDACTED]

Ah, well, that does seem like an odd folder name. Thanks for catching that one.

Outlook has still been an issue, but that's not really a topic for here. I seem to have trouble getting to certain websites, Chrome just has unable to open page. My Chrome Speed Dial extension was lost in the cleanup but I put it back and an repopulating it. SO I'm not sure if there's some sort of web browser problem still or not. I need to try other browsers and test it out.

I currently have my video card out for warranty replacement as well, so when that comes back I may just do a clean OS install to be safe.

[essexboy]

I can see nothing untoward in Chrome .. What error do you get ?

[REDACTED]

It was an Unable to Access Network error. I have PeerBlock running and it showed "Savvis-1 216.33.93.211" as blocked for the site http://dorchester.nes.schoolfusion.us. I allowed it and the site works. I'm not sure why these new IPs are being blocked, or if it's routing IP addresses oddly. I looked up the IP associated with http://dorchester.nes.schoolfusion.us and it showed 216.33.93.211, so could there be something going on still with the IP routing?

[essexboy]

Savvis-1 216.33.93.211  appears to be a mail server is it associated with the site you are going to ?

[REDACTED]

OK. I could just reset the lists in Peer Block and leave it at that. I'm really leaning towards a clean install once the video card warranty comes back.