[blue_mike]

I thank you for your help.  I am going to create a repair disk and see what happens.  As far as re installing windows, the computer works enough to get on the internet, and do what I need to do.  When you had me reset the winsock and flush the dns that made a world of diffrence.  If the computer crashed again I will just re install windows.  This has been such a pain because I am the type of person that will not give up until I solve a problem, but I am going to run it the way it is for now.  The only thing I notice now is it will sometimes be  slow to load a web page, and then I get the dcom or comcast error.  I can deal with that for now, as I want to get back to malware training and focus all my efforts on that.  I have been looking to buy a laptop so I always have a back up computer but I was trying to hold off until the next version of windows comes out.  Again thanks for all your help and sticking with me. 

[Advertisements]

Hi.
 

I thank you for your help.

You're welcome!

I am going to create a repair disk and see what happens.

Fair play and the rest of your response is acknowledged, also far as I can ascertain malware is not the root cause of the on-going issues now.

Anyway if no luck with startup repair, proceed to the below please...

Windows Repair (All In One):

Please download the installer for Windows Repair (All In One) from here to your desktop

Alternate downloads are here and here.

• Right-click on tweaking.com_windows_repair_aio_setup.exe and select Run as Administrator >> when the installation window has loaded click on Next > >> follow the rest of the prompts for a default installation.
• Once fully installed the below GUI(graphical user interface) will appear/load:-

• Click on the Step 5 tab >> Under 1. Registry Backup click on Backup
• When the above has been created, under the 2. System Restore setting click on the Create tab.
• Then after Restore point created at date/time is denoted >> click on Next >> deselect Automatically do a registry backup >> Open Repairs
• Referring to the image below ensure the following are selected only(deselect/select to suit):-

• Now click on the Start Repairs tab and the repair process will begin. Do not use your machine for anything else until the repairs are completed.
• Upon completion your machine should automatically reboot, if it does not do so manually please.

Then:-

Click on Start(Windows 7 Orb) >> Run...(or the Windows key and R together) to bring up the Run box and copy and paste in:

"C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs"

Click on OK >> a window named Logs will open. Right-click on the folder and select Send To >> Compressed (zipped) Folder

At the prompt click on Yes >> the zip file will be saved to your desktop. Attach the zip file in your next reply please.

[Dakeyras]

Hi.
 

I thank you for your help.

You're welcome!

I am going to create a repair disk and see what happens.

Fair play and the rest of your response is acknowledged, also far as I can ascertain malware is not the root cause of the on-going issues now.

Anyway if no luck with startup repair, proceed to the below please...

Windows Repair (All In One):

Please download the installer for Windows Repair (All In One) from here to your desktop

Alternate downloads are here and here.

• Right-click on tweaking.com_windows_repair_aio_setup.exe and select Run as Administrator >> when the installation window has loaded click on Next > >> follow the rest of the prompts for a default installation.
• Once fully installed the below GUI(graphical user interface) will appear/load:-

• Click on the Step 5 tab >> Under 1. Registry Backup click on Backup
• When the above has been created, under the 2. System Restore setting click on the Create tab.
• Then after Restore point created at date/time is denoted >> click on Next >> deselect Automatically do a registry backup >> Open Repairs
• Referring to the image below ensure the following are selected only(deselect/select to suit):-

• Now click on the Start Repairs tab and the repair process will begin. Do not use your machine for anything else until the repairs are completed.
• Upon completion your machine should automatically reboot, if it does not do so manually please.

Then:-

Click on Start(Windows 7 Orb) >> Run...(or the Windows key and R together) to bring up the Run box and copy and paste in:

"C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs"

Click on OK >> a window named Logs will open. Right-click on the folder and select Send To >> Compressed (zipped) Folder

At the prompt click on Yes >> the zip file will be saved to your desktop. Attach the zip file in your next reply please.

[blue_mike]

I will be working on this fix this weekend, been really busy with the Thanksgiving Holiday!

[Dakeyras]

Acknowledged and thank you for the courtesy of informing myself.

[blue_mike]

Good Afternoon

I created a windows repair disk, and ran the start up repair.  No issues were found!  I then ran the above program, and here is the log file that was created!

 

Tweaking.com - Windows Repair v2.10.2
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: MIKE-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\MIke
Current Profile SID: S-1-5-21-2361466355-1747013578-2723715605-1000
Current Profile Classes: S-1-5-21-2361466355-1747013578-2723715605-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\MIke\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:08:40

Process Count: 46
Commit Total: 1.49 GB
Commit Limit: 14.95 GB
Commit Peak: 1.86 GB
Handle Count: 12463
Kernel Total: 250.25 MB
Kernel Paged: 214.39 MB
Kernel Non Paged: 35.86 MB
System Cache: 858.94 MB
Thread Count: 586
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.48 GB
Memory Used: 1.29 GB(17.2857%)
Memory Avail.: 6.18 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.48 GB
Memory Used: 1.15 GB(15.3625%)
Memory Avail.: 6.33 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Started at (11/30/2014 12:38:22 PM)

Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 34
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (11/30/2014 12:38:24 PM)
   Running Repair Under Current User Account
   Done (11/30/2014 12:38:26 PM)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (11/30/2014 12:38:26 PM)
   Running Repair Under System Account
   Done (11/30/2014 12:41:15 PM)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (11/30/2014 12:41:15 PM)
   Running Repair Under System Account
   Done (11/30/2014 12:42:02 PM)

03 - Reset Service Permissions
   Start (11/30/2014 12:42:02 PM)
   Running Repair Under System Account
   Done (11/30/2014 12:42:35 PM)

04 - Register System Files
   Start (11/30/2014 12:42:35 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:42:59 PM)

10 - Remove Policies Set By Infections
   Start (11/30/2014 12:42:59 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:03 PM)

13 - Repair Winsock & DNS Cache
   Start (11/30/2014 12:43:03 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:18 PM)

14 - Remove Temp Files
   Start (11/30/2014 12:43:18 PM)
   Running Repair Under System Account
   Done (11/30/2014 12:43:19 PM)

15 - Repair Proxy Settings
   Start (11/30/2014 12:43:19 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:21 PM)

23.01 - Repair bat Association
   Start (11/30/2014 12:43:21 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:23 PM)

23.02 - Repair cmd Association
   Start (11/30/2014 12:43:23 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:26 PM)

23.03 - Repair com Association
   Start (11/30/2014 12:43:26 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:28 PM)

23.04 - Repair Directory Association
   Start (11/30/2014 12:43:28 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:30 PM)

23.05 - Repair Drive Association
   Start (11/30/2014 12:43:30 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:32 PM)

23.06 - Repair exe Association
   Start (11/30/2014 12:43:32 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:34 PM)

23.07 - Repair Folder Association
   Start (11/30/2014 12:43:34 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:36 PM)

23.08 - Repair inf Association
   Start (11/30/2014 12:43:36 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:39 PM)

23.09 - Repair lnk (Shortcuts) Association
   Start (11/30/2014 12:43:39 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:41 PM)

23.10 - Repair msc Association
   Start (11/30/2014 12:43:41 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:43 PM)

23.11 - Repair reg Association
   Start (11/30/2014 12:43:43 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:45 PM)

23.12 - Repair scr Association
   Start (11/30/2014 12:43:45 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:47 PM)

26 - Restore Important Windows Services
   Start (11/30/2014 12:43:47 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:43:54 PM)

27 - Set Windows Services To Default Startup
   Start (11/30/2014 12:43:54 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/30/2014 12:44:03 PM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done at (11/30/2014 12:44:03 PM)
   Total Repair Time: 00:05:43


...YOU MUST RESTART YOUR SYSTEM...

 

 

 

Deleted file - C:\Users\MIke\AppData\Local\Temp\14089852.tmp
Deleted file - C:\Users\MIke\AppData\Local\Temp\20141117-011414-ec9b21f3-3a55-47c7-8cfb-67d4aa1b2416.pad
Deleted file - C:\Users\MIke\AppData\Local\Temp\28751538.tmp
Deleted file - C:\Users\MIke\AppData\Local\Temp\ec9b21f3-3a55-47c7-8cfb-67d4aa1b2416-25885.stats
C:\Users\MIke\AppData\Local\Temp\FXSAPIDebugLogFile.txt
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\MIke\AppData\Local\Temp\MS4A295.LOG
Deleted file - C:\Users\MIke\AppData\Local\Temp\MSETUP4.EXE
Deleted file - C:\Users\MIke\AppData\Local\Temp\PCC9003.tmp
Deleted file - C:\Users\MIke\AppData\Local\Temp\PCC9199.tmp
Deleted file - C:\Users\MIke\AppData\Local\Temp\PCC963C.tmp
Deleted file - C:\Users\MIke\AppData\Local\Temp\PCL159.tmp
Deleted file - C:\Users\MIke\AppData\Local\Temp\PCL5F4F.tmp
Deleted file - C:\Users\MIke\AppData\Local\Temp\PCL6597.tmp
Deleted file - C:\Users\MIke\AppData\Local\Temp\PCLFFE1.tmp
Deleted file - C:\Users\MIke\AppData\Local\Temp\TWAIN.LOG
Deleted file - C:\Users\MIke\AppData\Local\Temp\Twain001.Mtx
Deleted file - C:\Users\MIke\AppData\Local\Temp\Twunk001.MTX
Deleted file - C:\Users\MIke\AppData\Local\Temp\Twunk002.MTX
Deleted file - C:\Users\MIke\AppData\Local\Temp\vfp2c32.fll
Deleted file - C:\Users\MIke\AppData\Local\Temp\wmplog00.sqm
Deleted file - C:\Users\MIke\AppData\Local\Temp\wmsetup.log
C:\Users\MIke\AppData\Local\Temp\~DF00EA636202FCD353.TMP
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\MIke\AppData\Local\Temp\~DFEAB163E5EB22ED81.TMP
Deleted file - C:\Windows\Temp\MpCmdRun.log
Deleted file - C:\Windows\Temp\MpSigStub.log

 

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

Ok.

Reseting Interface, OK!
Restart the computer to complete this action.


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

The following command was not found: int 6to4 reset all.
There's no user specified settings to be reset.

Reseting Interface, OK!
Restart the computer to complete this action.


The following command was not found: int isatap reset all.


Reset of all TCP parameters OK!
Ok.

The following command was not found: int teredo reset all.

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

Windows IP Configuration

Registration of the DNS resource records for all adapters of this computer has been initiated. Any errors will be reported in the Event Viewer in 15 minutes.

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

Ok.

There's no user specified settings to be reset.


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

The following command was not found: int 6to4 reset all.
There's no user specified settings to be reset.

There's no user specified settings to be reset.


The following command was not found: int isatap reset all.


Reset of all TCP parameters OK!
Ok.

The following command was not found: int teredo reset all.

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

Windows IP Configuration

Registration of the DNS resource records for all adapters of this computer has been initiated. Any errors will be reported in the Event Viewer in 15 minutes.

[Dakeyras]

Hi.
 

I created a windows repair disk, and ran the start up repair. No issues were found! I then ran the above program, and here is the log file that was created!

Acknowledged/good and pending no further issues remaining...Congratulations your computer appears to be malware free!

Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.

Importance of Regular System Maintenance:

I advise you read both of the below listed topics as this will go a long way to keeping your Computer performing well.

Slow Computer/browser?

Also so is this:

What to do if your Computer is running slowly

Clean up with OTL:

• Right-click OTL and select Run as Administrator to start the program.
• Close all other programs apart from OTL as this step will require a reboot.
• On the OTL main screen, depress the CleanUp button.
• Say Yes to the prompt and then allow the program to reboot your computer.

The above process should clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

Reset the System Restore points:

Create a new, clean System Restore point:-

• Right click on Computer and select Properties >> System protection >> Create....
• Give this restore point a descriptive name and click Create.
• When the new restore point is created click on OK >> close the System Properties window.

Note: Do not clear infected/old System Restore points before creating a new System Restore point first!

Flush Old System Restore points:-

• Click on Start(Windows 7 Orb) >> All Programs >> Accessories >> System Tools >> right-click on Disk Cleanup and select Run as Administrator.
• Select the system drive, C >> OK.
• Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
• Click on Clean up system files >> Select the system drive, C >> OK.
• Now click on the More Options tab.
• Under:-

System Restore and Shadow Copies

• Click on Clean up... >> Delete >> OK >> Delete Files.

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you consider reinstalling this. Check for updates and run a scan at least once per week.

Other installed security software:

Your presently installed security application, Microsoft Security Essentials automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also at least once per week.

Further reading/resources:

This is a very helpful/useful set of advice from Microsoft: Microsoft Safety & Security Center

As is this: Computer Security - a short guide to staying safer online

And these are worth reading also: Understanding Windows Firewall settings & Securing Your Router

Keep Your System Updated:

Microsoft releases patches for Windows and other products regularly:

• Click on Start(Windows 7 Orb) >> All Programs >> Windows Update.
• In the navigation pane, click Check for updates.
• After Windows Update has finished checking for updates, click View available updates.
• Click to select the check box for any found, then click Install.
• When completed Reboot(restart) your computer if not prompted to do so.

Plus check Automatic Updates is enabled.

Be careful when opening attachments and downloading files:

1 - Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.

2 - Never open emails from unknown senders.

4 - Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.

5 - Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on MajorGeeks

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, Limewire, Vuze. Criminals have "planted" thousands upon thousands of infections in the "free" shared files. Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".

I will further add; P2P software has the ability to create a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their infected dross onto your computer. Further to that, if your P2P software is not configured correctly you may be sharing more files than you realise. There have been cases where people's address books, passwords, other personal, private and financial details have been exposed to the file sharing network by a badly configured P2P applications

My friendly advice is to avoid these types of software applications.

Consider the below extra/layered security for your machine:

Custom Host File:

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

Here are some Hosts files:

• MVPS Hosts File
• hpHosts

Only use one of the above!

CryptoPrevent Tool:

How to prevent your computer from becoming infected by CryptoLocker

WinPatrol:

WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.

Download it from here.

You can find information about how WinPatrol works here.

Next:

Any questions ? Feel free to ask, if not stay safe!

[Dakeyras]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.