Solved Malware Removal

Still having issues?

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    1.5 KB · Views: 1
Yes I'm still having issues :(
When I try to go on Internet it says no internet connection
I did not hit fix after the FRST was done- should I have done that?
 
Fix result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
Ran by Scott (2015-10-26 22:01:55) Run:1
Running from C:\Users\Scott\Desktop
Loaded Profiles: Scott (Available Profiles: Scott)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {9F12D2E0-039F-45F9-8940-A0D647F91E6A} - \Iledroipsouik -> No File <==== ATTENTION
Task: {A4539E25-565B-44DF-BED1-74D03A014F34} - \PROPCCleanerSoftware_Popup -> No File <==== ATTENTION
Task: {D134D1B0-D3B9-41F9-89DD-A0EAF32A03D4} - \PROPCCleanerSoftware_Start -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Scott\Desktop\ComboFix.exe:BDU
AlternateDataStreams: C:\Users\Scott\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Scott\Downloads\OTL.exe:BDU
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1500130686-4110971754-1691798755-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-1500130686-4110971754-1691798755-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
S3 cpuz134; \??\C:\Users\Scott\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
2011-05-10 13:56 - 2013-12-17 21:28 - 0002253 _____ () C:\ProgramData\hpzinstall.log

*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9F12D2E0-039F-45F9-8940-A0D647F91E6A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F12D2E0-039F-45F9-8940-A0D647F91E6A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Iledroipsouik" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4539E25-565B-44DF-BED1-74D03A014F34}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4539E25-565B-44DF-BED1-74D03A014F34}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PROPCCleanerSoftware_Popup => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D134D1B0-D3B9-41F9-89DD-A0EAF32A03D4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D134D1B0-D3B9-41F9-89DD-A0EAF32A03D4}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PROPCCleanerSoftware_Start => key not found.
"C:\Users\Scott\Desktop\ComboFix.exe" => ":BDU" ADS not found.
C:\Users\Scott\Desktop\FRST64.exe => ":BDU" ADS removed successfully.
C:\Users\Scott\Downloads\OTL.exe => ":BDU" ADS removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-1500130686-4110971754-1691798755-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-1500130686-4110971754-1691798755-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109" => key removed successfully
cpuz134 => service removed successfully
MREMP50a64 => service removed successfully
MREMPR5 => service removed successfully
MRENDIS5 => service removed successfully
MRESP50a64 => service removed successfully
C:\ProgramData\hpzinstall.log => moved successfully

==== End of Fixlog 22:01:56 ====
 
Let's see about your internet connection.

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
 
Farbar Service Scanner Version: 26-07-2015
Ran by Scott (administrator) on 26-10-2015 at 22:10:18
Running from "C:\Users\Scott\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo.com returned error: Yahoo.com is unreachable


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 
That looks good.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark following boxes:
  • Flush DNS
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List Devices (do NOT change any settings)
Click Go and post the result.
 
My computer will not open the internet if the computer has been on for a long time- I click on restart and it won't shut off- it says do u want to close program and force restart and I click yes but it doesn't say what is open? A blue screen that says shutting down but it never shuts down- I click on off button on computer and once it boots back up I can go back on Internet- but my other computer never has a problem with Internet so I am pretty sure it is something wrong with just this computer?? I am sorry it takes me a little bit once u write me back- I actually have 5 kids and a monkey so it's pretty crazy here to say the least!! Haha! I am following ur next step- I just wanted to let u know what computer is doing now- thank you!!
 
MiniToolBox by Farbar Version: 25-07-2015 01
Ran by Scott (administrator) on 27-10-2015 at 11:17:24
Running from "C:\Users\Scott\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Model: p6716f Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================






















127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=10.0.0.5 metric=1 publish=Yes
add address name="Local Area Connection 2" address=169.254.59.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Scott-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 78-AC-C0-B2-34-B4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2601:584:100:a122:b026:c9a8:129a:5ee8(Preferred)
Temporary IPv6 Address. . . . . . : 2601:584:100:a122:c09c:fa17:4d60:5c(Preferred)
Link-local IPv6 Address . . . . . : fe80::b026:c9a8:129a:5ee8%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 27, 2015 11:13:22 AM
Lease Expires . . . . . . . . . . : Tuesday, November 03, 2015 11:13:21 AM
Default Gateway . . . . . . . . . : fe80::4632:c8ff:fe57:bdb%11
10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 259566784
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-37-B1-88-78-AC-C0-B2-34-B4
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{88D6FDC8-C028-4379-A05F-5AA6C23B289B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4008:804::200e
216.58.219.110


Pinging google.com [2607:f8b0:4008:809::200e] with 32 bytes of data:
Destination host unreachable.
Destination host unreachable.

Ping statistics for 2607:f8b0:4008:809::200e:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 2001:4998:58:c02::a9
2001:4998:44:204::a7
2001:4998:c:a06::2:4008
98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=64ms TTL=44
Reply from 98.138.253.109: bytes=32 time=65ms TTL=44

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 65ms, Average = 64ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...78 ac c0 b2 34 b4 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
10...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.5 20
10.0.0.0 255.255.255.0 On-link 10.0.0.5 276
10.0.0.5 255.255.255.255 On-link 10.0.0.5 276
10.0.0.255 255.255.255.255 On-link 10.0.0.5 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 10.0.0.5 21
169.254.255.255 255.255.255.255 On-link 10.0.0.5 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.5 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.5 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 10.0.0.5 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 276 ::/0 fe80::4632:c8ff:fe57:bdb
1 306 ::1/128 On-link
11 28 2601:584:100:a122::/64 On-link
11 276 2601:584:100:a122::/64 fe80::4632:c8ff:fe57:bdb
11 276 2601:584:100:a122:b026:c9a8:129a:5ee8/128
On-link
11 276 2601:584:100:a122:c09c:fa17:4d60:5c/128
On-link
11 276 fe80::/64 On-link
11 276 fe80::b026:c9a8:129a:5ee8/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Devices: ================================


**** End of log ****
 
Oh, you didn't tell me before that the internet issue is intermittent.

Let's run couple more tools and we'll come back to internet issue.

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Bitdefender Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 65
Java version 32-bit out of Date!
Google Chrome (46.0.2490.71)
Google Chrome (46.0.2490.80)
Google Chrome (plugins...)
````````Process Check: objlist.exe by Laurent````````
Bitdefender Bitdefender 2016 vsserv.exe
Bitdefender Bitdefender 2016 bdagent.exe
Bitdefender Bitdefender 2016 bdwtxag.exe
Bitdefender Agent ProductAgentService.exe
Bitdefender Bitdefender 2016 updatesrv.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 
I apologize that I was not clear about internet issues. I hope I didn't cause any additional issues! I really do appreciate you helping me with this! This has been a very time consuming for you and I cant thank you enough!!
 
I am not sure if you needed a copy of what the Temp file cleaner said but I copied it for you and I am sending it just in case:

Getting user folders.
Stopping running processes.
Emptying Temp folders.
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Scott
->Temp folder emptied: 1658 bytes
->Temporary Internet Files folder emptied: 215422315 bytes
->Java cache emptied: 50252 bytes
->Flash cache emptied: 4020 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 129728 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 107552 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 274669 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1275337 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67758 bytes
Emptying RecycleBin. Do not interrupt.
RecycleBin emptied: 0 bytes
Process complete!
Total Files Cleaned = 207.00 mb
 
Sophos took an extremely long time to run- It says that my computer is clean and number of threats found: 0
I click on details and it wont open- I have tried doing it a couple times and nothing happens and I even shut the computer off and re ran Sophos and it said the exact same thing and the details wont open?! My computer is running even slower now. The internet and the shut down are still not working- The internet says not connected but if I restart computer and open internet right away it works for a limited time (it has done this all along) but once the computer has been on it says internet not connected. When I go to restart the computer it says the following program is running- But nothing listed- do you want to force shut down and I click ok but it wont shut down no matter how long I wait- The blue screen comes up and says shutting down but it never gets past this.
 
Sophos won't produce any log if nothing is detected so you're fine there.

but once the computer has been on it says internet not connected
Where exactly do you see a message like that? In your browser or in a taskbar?
 
When I open internet explorer or try to go on anything on Internet it say connection failed and it has a bottom u can push to troubleshoot the problem- which it never gives a solution
 
It does seem like the last couple steps you had me take has helped- I was able to get on Internet without any problems this morning and last night which is unusual! So it might be fixed?? It is still slow but at least it is connecting to Internet which is awesome!!
 
Attached I out what my internet is still doing- I thought it stopped but it is still knocking me off my internet- when I said slow I meant:
- it won't shutdown- the screen just says shutting down- I have waited an hour and it never shut down- I hold the power button down and it will shut down but when it comes back up and I say start Windows normal then a black screen will come up and it stays like that for about 2-5 mins before window opens and shows my icons.
- when I try to open any file it takes approx 4 complete mins- when it used to happen right away?!
- if it does happen to open internet it takes approx 5 mins for anything to happen on screen

This has not always happened- We noticed about 3 weeks ago and we tried to clean and antivirus it
 

Attachments

  • image.jpeg
    image.jpeg
    615.3 KB · Views: 1
Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22012121.gif



Once the above is done go to Step 4 and allow it to run System File Check by clicking on Do It button:

p22012122.gif



Go to Step 5 and under "System Restore" click on Create button:

p22012123.gif



Go to Repairs tab and click Open Repairs button.

p22012124.gif


In next window....
Leave all checkmarks as they're.
Click on Start Repairs button.

p22012126.gif


Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
 
Tweaking.com - Windows Repair v3.6.1
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: SCOTT-HP
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Scott
Current Profile SID: S-1-5-21-1500130686-4110971754-1691798755-1000
Current Profile Classes: S-1-5-21-1500130686-4110971754-1691798755-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Scott\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:02:27

Process Count: 22
Commit Total: 605.37 MB
Commit Limit: 11.50 GB
Commit Peak: 603.12 MB
Handle Count: 4039
Kernel Total: 176.16 MB
Kernel Paged: 151.48 MB
Kernel Non Paged: 24.68 MB
System Cache: 236.92 MB
Thread Count: 235
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 5.75 GB
Memory Used: 626.92 MB(10.6487%)
Memory Avail.: 5.14 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 5.75 GB
Memory Used: 534.92 MB(9.0861%)
Memory Avail.: 5.23 GB
--------------------------------------------------------------------------------

Starting Repairs...
Started at (11/1/2015 1:04:44 PM)

Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 0

01 - Reset Registry Permissions
Restore Windows 7/8/10 Default Registry Permissions
Start (11/1/2015 1:04:48 PM)


Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\hku.7z
Done, 0.17 seconds.


Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\hklm.7z
Done, 2.2 seconds.

Running Repair Under System Account
Done (11/1/2015 1:07:40 PM)

02 - Reset File Permissions: C:
C: & Sub Folders
Start (11/1/2015 1:07:40 PM)

Running Repair Under Current User Account
Done (11/1/2015 1:31:41 PM)

02 - Reset File Permissions
Restore Windows 7/8/10 Default File Permissions
Start (11/1/2015 1:31:41 PM)


Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\default.7z
Done, 0.13 seconds.


Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\profile.7z
Done, 0.13 seconds.


Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\program_files.7z
Done, 0.14 seconds.


Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\program_files_x86.7z
Done, 0.13 seconds.


Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\programdata.7z
Done, 0.13 seconds.


Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\windows.7z
Done, 1.62 seconds.

Running Repair Under Current User Account
Done (11/1/2015 1:42:56 PM)

02 - Reset File Permissions: Cleanup
Repairing Restricted Folders Permissions To Avoid Infinite Loops
Start (11/1/2015 1:42:56 PM)

Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:42:59 PM)

03 - Reset Service Permissions
Start (11/1/2015 1:42:59 PM)

Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:43:45 PM)

04 - Register System Files
Start (11/1/2015 1:43:45 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:44:19 PM)

05 - Repair WMI
Start (11/1/2015 1:44:19 PM)

Starting Security Center So We Can Export The Security Info.

Exporting Antivirus Info...
Bitdefender Antivirus Exported.

Exporting AntiSpyware Info...
Bitdefender Antispyware Exported.
Windows Defender Exported.

Exporting 3rd Party Firewall Info...
Bitdefender Firewall Exported.

Running Repair Under Current User Account
Done (11/1/2015 1:46:47 PM)

06 - Repair Windows Firewall
Start (11/1/2015 1:46:47 PM)

Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done, 0.14 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:47:03 PM)

07 - Repair Internet Explorer
Start (11/1/2015 1:47:03 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:47:55 PM)

08 - Repair MDAC/MS Jet
Start (11/1/2015 1:47:55 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:48:01 PM)

09 - Repair Hosts File
Start (11/1/2015 1:48:01 PM)
Running Repair Under System Account
Done (11/1/2015 1:48:02 PM)

10 - Remove Policies Set By Infections
Start (11/1/2015 1:48:02 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:48:04 PM)

11 - Repair Start Menu Icons Removed By Infections
Start (11/1/2015 1:48:04 PM)
Running Repair Under System Account
Done (11/1/2015 1:48:05 PM)

12 - Repair Icons
Start (11/1/2015 1:48:05 PM)
Running Repair Under Current User Account
Done (11/1/2015 1:48:06 PM)

13 - Repair Network
Start (11/1/2015 1:48:06 PM)

Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done, 0.13 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:48:12 PM)

14 - Remove Temp Files
Start (11/1/2015 1:48:12 PM)
Running Repair Under System Account
Done (11/1/2015 1:48:16 PM)

15 - Repair Proxy Settings
Start (11/1/2015 1:48:16 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:48:20 PM)

17 - Repair Windows Updates
Start (11/1/2015 1:48:20 PM)

Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done, 0.12 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
Done (11/1/2015 1:48:43 PM)

18 - Repair CD/DVD Missing/Not Working
Start (11/1/2015 1:48:43 PM)
iTunes not found, not applying UpperFilters iTunes Reg Key
Done (11/1/2015 1:48:43 PM)

19 - Repair Volume Shadow Copy Service
Start (11/1/2015 1:48:43 PM)

Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done, 0.14 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:04 PM)

20 - Repair Windows Sidebar/Gadgets
Start (11/1/2015 1:49:04 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:06 PM)

21 - Repair MSI (Windows Installer)
Start (11/1/2015 1:49:06 PM)

Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done, 0.16 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:17 PM)

22 - Repair Windows Snipping Tool
Start (11/1/2015 1:49:17 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:19 PM)

23.01 - Repair bat Association
Start (11/1/2015 1:49:19 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:21 PM)

23.02 - Repair cmd Association
Start (11/1/2015 1:49:21 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:23 PM)

23.03 - Repair com Association
Start (11/1/2015 1:49:23 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:25 PM)

23.04 - Repair Directory Association
Start (11/1/2015 1:49:25 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:27 PM)

23.05 - Repair Drive Association
Start (11/1/2015 1:49:27 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:29 PM)

23.06 - Repair exe Association
Start (11/1/2015 1:49:29 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:32 PM)

23.07 - Repair Folder Association
Start (11/1/2015 1:49:32 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:34 PM)

23.08 - Repair inf Association
Start (11/1/2015 1:49:34 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:36 PM)

23.09 - Repair lnk (Shortcuts) Association
Start (11/1/2015 1:49:36 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:38 PM)

23.10 - Repair msc Association
Start (11/1/2015 1:49:38 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:40 PM)

23.11 - Repair reg Association
Start (11/1/2015 1:49:40 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:42 PM)

23.12 - Repair scr Association
Start (11/1/2015 1:49:42 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:44 PM)

24 - Repair Windows Safe Mode
Start (11/1/2015 1:49:44 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:47 PM)

25 - Repair Print Spooler
Start (11/1/2015 1:49:47 PM)

Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done, 0.16 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:51 PM)

26 - Restore Important Windows Services
Start (11/1/2015 1:49:51 PM)

Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done, 0.16 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:49:57 PM)

27 - Set Windows Services To Default Startup
Start (11/1/2015 1:49:57 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:50:05 PM)

Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1

Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1

Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1

31 - Repair Windows 'New' Submenu
Start (11/1/2015 1:50:05 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:50:07 PM)

32 - Restore UAC (User Account Control) Settings
Start (11/1/2015 1:50:07 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (11/1/2015 1:50:09 PM)

33 - Repair Performance Counters
Start (11/1/2015 1:50:09 PM)
Running Repair Under Current User Account
Done (11/1/2015 1:50:17 PM)

Cleaning up empty logs...

All Selected Repairs Done.
Done at (11/1/2015 1:50:17 PM)
Total Repair Time: 00:45:34


...YOU MUST RESTART YOUR SYSTEM...
 
I have tried to play around to see if I could tell- but it still won't shut down and the Internet still won't let me connect after the computer has been on for a little while it say the same thing- your not connected to a network???
 
At this point....

In this forum, we make sure, your computer is free of malware and your computer is clean :)
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.

Good luck :)
 
Back