Need help, laptop cannot connect to certain websites.

**Malnutrition** · 10-26-2016, 04:16 PM

Ok, post the Zemana file when ready.

Edit: Got it, what issues remain? I am working on a FRST fix for you at the moment.

**Malnutrition** · 10-26-2016, 04:19 PM

Can you tell me what these are? You know what they are, and OK with them on your machine?

HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\Run: [reconvenes] => “C:\Program Files (x86)\gowen\segel.exe”
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\Run: [gambrell] => “C:\Program Files (x86)\gowen\segel.exe”
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\Run: [cares] => “C:\Program Files (x86)\polygamy\cares.exe”
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\Run: [militants] => “C:\Program Files (x86)\gowen\segel.exe”

**Joshua_Bobbitt** · 10-26-2016, 04:21 PM

Those dont look familiar. My issue is that when I’m in normal mode, I cannot connect to certain websites. Facebook, this forum, etc etc., yet I can connect to websites such as reddit and google. Skype cannot connect to the internet, yet Steam is able to. When I try to connect to facebook, it’ll just say the dns server cannot be found.

**Malnutrition** · 10-26-2016, 04:25 PM

Alright, now I am working on the FRST Script. This will take some time as I need to go over the logs manually. Can you scan the files below at Virus Total or Jotti…

C:\Program Files (x86)\gowen\segel.exe
C:\Program Files (x86)\polygamy\cares.exe

While I scan over your FRST logs please run this tool.

RogueKiller by Tigzy

[ul]
[li]Download RogueKiller and save it to your desktop[/li][li]Close all running programs[/li][li]Right click on the icon and select Run as Administrator[/li][li]For Windows XP simply double click on the icon[/li][li]The program will conduct a prescan and when finished you wlll see Prescan Finished. Please hit the scan button[/li][li]Click Scan[/li][li]If, during the scan, you receive a request to upload a file to Virustotal please click Yes[/li][li]A report should open and a copy of the report will be placed on your desktop. If not, hit the Report button.[/li][li]If RogueKiller has been blocked, do not hesitate to try a few times more. If it really won’t run, rename it winlogon.exe (or winlogon.com) and try again[/li][li]Copy and paste the contents of the report in your reply[/li][/ul]

**Malnutrition** · 10-26-2016, 04:28 PM

Sorry here are Virus Total instructions…

Upload Files to VirusTotal

[ul]
[li]Please go to VirusTotal.[/li][li]Click the Choose File button.[/li][li]Navigate to >>>>>>>> C:\Program Files (x86)\polygamy\cares.exe & C:\Program Files (x86)\gowen\segel.exe [/li][li]or simply copy and paste it. [/li][li]Click the Scan it! button.[/li][li]You might see a message saying File already analysed, if you do click Reanalyse.[/li][li]Wait for all the scans to finish then copy and paste the web address from your broswer’s address bar.[/li]Example of web address :
[IMG alt="VirusTotalresultslink" width="690px" height="19px"]http://i526.photobucket.com/albums/cc345/MPKwings/VirusTotalresultslink.jpg[/IMG]

[li]Include the link in your next reply.[/li][/ul]

**Joshua_Bobbitt** · 10-26-2016, 04:28 PM

Apparently I can’t find those two files.

**Joshua_Bobbitt** · 10-26-2016, 04:29 PM

Those two files aren’t showing up anywhere.

**Malnutrition** · 10-26-2016, 04:33 PM

Originally posted by Joshua Bobbitt

Those two files aren’t showing up anywhere.

Continue on with RK scan please.

**Joshua_Bobbitt** · 10-26-2016, 04:46 PM

RogueKiller V12.7.4.0 (x64) [Oct 24 2016] (Free) by Adlice Software
mail : Support Form | Contact • Adlice Software
Feedback : http://forum.adlice.com
Website : Free Virus Cleaner | RogueKiller AntiMalware • Adlice Software
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : Josh [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete – Date : 10/26/2016 12:31:54 (Duration : 00:12:42)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUP] (X64) HKEY_USERS\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\IM → Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\IM → Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {8C5DBC21-DD28-4314-A6BF-511C0A22D8E2} : v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\User s\Josh\AppData\Local\Temp\90DC360E-5FBE-456B-9F7A-602B8188C6F3\installer.exe|Name=C59310272|Desc=All ow|EmbedCtxt=@C:\Users\Josh\AppData\Local\Temp\90D C360E-5FBE-456B-9F7A-602B8188C6F3\installer.exe,-10000| → Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {00152E5A-0A9A-4511-A951-04E0BBD46098} : v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\User s\Josh\AppData\Local\59310272.exe|Name=A59310272|D esc=Allow|EmbedCtxt=@C:\Users\Josh\AppData\Local\5 9310272.exe,-10000| → Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {8C5DBC21-DD28-4314-A6BF-511C0A22D8E2} : v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\User s\Josh\AppData\Local\Temp\90DC360E-5FBE-456B-9F7A-602B8188C6F3\installer.exe|Name=C59310272|Desc=All ow|EmbedCtxt=@C:\Users\Josh\AppData\Local\Temp\90D C360E-5FBE-456B-9F7A-602B8188C6F3\installer.exe,-10000| → Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | {00152E5A-0A9A-4511-A951-04E0BBD46098} : v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\User s\Josh\AppData\Local\59310272.exe|Name=A59310272|D esc=Allow|EmbedCtxt=@C:\Users\Josh\AppData\Local\5 9310272.exe,-10000| → Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000035f]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Volume 1 +++++
— User —
[MBR] e04b4fce3fe80846c1ca1a6926f129be
[BSP] e4afce6e524ea9bc0fea3c8b524c7694 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953851 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 … OK
Error reading LL2 MBR! ([57] The parameter is incorrect. )

+++++ PhysicalDrive1: SAMSUNG SSD PM830 mSATA +++++
— User —
[MBR] 0d090174b7aad47bdce2e8107b669cc9
[BSP] 6cbb86a5bc87f699163d8df4e4d068f5 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 122002 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 … OK
User = LL2 … OK

**Malnutrition** · 10-26-2016, 04:47 PM

FRST Fix.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

**Joshua_Bobbitt** · 10-26-2016, 04:57 PM

[HEADING=1]Fix result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Josh (2016-10-26 12:50:59) Run:1
Running from D:\Downloads
Loaded Profiles: Josh (Available Profiles: Josh)
Boot Mode: Safe Mode (with Networking)[/HEADING]
fixlist content:

CreateRestorePoint:
HKLM-x32...\Run: =>
C:\Program Files (x86)\gowen
C:\Program Files (x86)\gowen\segel.exe
C:\Program Files (x86)\polygamy\cares.exe
C:\Program Files (x86)\polygamy
HKLM...\Run: [materialized] => “C:\Program Files (x86)\gowen\segel.exe”
HKLM-x32...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32...\Run: [eastman] => “C:\Program Files (x86)\gowen\segel.exe”
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\Run: [reconvenes] => “C:\Program Files (x86)\gowen\segel.exe”
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\Run: [gambrell] => “C:\Program Files (x86)\gowen\segel.exe”
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\Run: [cares] => “C:\Program Files (x86)\polygamy\cares.exe”
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\Run: [militants] => “C:\Program Files (x86)\gowen\segel.exe”
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\MountPoints2: G - G:\OriginSetup.exe
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\MountPoints2: H - H:\setup.exe
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000...\MountPoints2: {e7c743ff-75e0-11e5-a21d-2016d891c3a4} - G:\LaunchU3.exe -a
ShortcutTarget: remembrances.lnk → C:\Program Files (x86)\gowen\segel.exe (No File)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip..\Interfaces{498BA7C9-35C6-484B-A5DD-DAA56319F437}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2025992066-4083076924-3298436488-1000 → {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
FF Plugin: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-25] (Google Inc.)
FF Plugin HKU.DEFAULT: @hola.org/FlashPlayer → C:\Users\Josh\AppData\Local\Hola\firefox_hola\app\ flash\NPSWF32_18_0_0_232.dll No File
FF Plugin HKU.DEFAULT: @hola.org/vlc → C:\Users\Josh\AppData\Local\Hola\firefox_hola\app\ vlc\npvlc.dll No File
CHR Extension: (Adblock Plus) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddi lifddb [2015-06-04]
C:\Windows\64467D47FFE44FBCABBAA0DB829A17EB.TMP
2016-10-15 10:56 - 2016-10-15 10:56 - 00000000 ____D C:\Windows\64467D47FFE44FBCABBAA0DB829A17EB.TMP
2016-10-26 11:33 - 2015-12-01 12:00 - 00000000 ____D C:\Users\Josh\AppData\Roaming\uTorrent
2015-09-21 10:32 - 2015-09-21 10:33 - 0003584 _____ () C:\Users\Josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-25 17:03 - 2016-10-25 17:04 - 0000003 _____ () C:\Users\Josh\AppData\Local\run1.txt
Task: {03DBD415-22DB-4CD7-B213-C2DE248009A2} - {A464AA88-BA75-4DE2-A262-CE6BB1F59402} → No File <==== ATTENTION
Task: {10C27108-6476-4977-BF29-B7BB966551E7} - \GyazoUpdateTaskMachineDaily → No File <==== ATTENTION
Task: {14ADB510-0347-41DF-9597-5CD9A1B423E4} - \Overwolf Updater Task → No File <==== ATTENTION
Task: {1629EFAA-CA68-42C2-A9FA-D0D92418A29D} - {854949CE-D0DC-4386-9CA9-A7B04A9D1FF5} → No File <==== ATTENTION
Task: {2906F17B-C3E3-4B03-8DAA-DA1671275D6C} - \Adobe Flash Player PPAPI Notifier → No File <==== ATTENTION
Task: {805EA7FF-D61C-4884-95AE-D7DA7CC556FA} - \AMD Updater → No File <==== ATTENTION
Task: {8F27F744-EF4A-43F0-B915-1D8D44201FC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-25] (Google Inc.)
Task: {918AFD42-81CE-459B-AAF6-DB8B86B6C42A} - \GyazoUpdateTaskMachine → No File <==== ATTENTION
Task: {ACB2F35F-F054-411A-9A34-0B7D1B81BC54} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-09-12] (Microsoft Corporation)
Task: {C3F15C6B-9041-4C25-A34F-87E59F672D61} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-25] (Google Inc.)
Task: {DCA8A377-3907-4C9A-A4B6-92AB56591E01} - {4ADFB7BF-6FCD-4D30-8CE8-A3A0DA0029E5} → No File <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Pol icy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Pol icy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers

Error: Restore point can only be created in normal mode.
HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Run\ => value removed successfully
“C:\Program Files (x86)\gowen” => File/Folder not found.
“C:\Program Files (x86)\gowen\segel.exe” => File/Folder not found.
“C:\Program Files (x86)\polygamy\cares.exe” => File/Folder not found.
“C:\Program Files (x86)\polygamy” => File/Folder not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run \materialized => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Run\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Run\eastman => value removed successfully
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Windows\CurrentVersion\Run \reconvenes => value removed successfully
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Windows\CurrentVersion\Run \gambrell => value removed successfully
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Windows\CurrentVersion\Run \cares => value removed successfully
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\Software\Microsoft\Windows\CurrentVersion\Run \militants => value removed successfully
“HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\F” => key removed successfully
“HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\G” => key removed successfully
“HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\H” => key removed successfully
“HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2{e7c743ff-75e0-11e5-a21d-2016d891c3a4}” => key removed successfully
HKCR\CLSID{e7c743ff-75e0-11e5-a21d-2016d891c3a4} => key not found.
C:\Program Files (x86)\gowen\segel.exe => not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\Interfaces{498BA7C9-35C6-484B-A5DD-DAA56319F437}\DhcpNameServer => value removed successfully
“HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer” => key removed successfully
“HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{012E1000-F331-11DB-8314-0800200C9A66}” => key removed successfully
HKCR\CLSID{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units{6C269571-C6D7-4818-BCA4-32A035E8C884}” => key removed successfully
“HKCR\Wow6432Node\CLSID{6C269571-C6D7-4818-BCA4-32A035E8C884}” => key removed successfully
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units{D4B68B83-8710-488B-A692-D74B50BA558E}” => key removed successfully
“HKCR\Wow6432Node\CLSID{D4B68B83-8710-488B-A692-D74B50BA558E}” => key removed successfully
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units{F6ACF75C-C32C-447B-9BEF-46B766368D29}” => key removed successfully
“HKCR\Wow6432Node\CLSID{F6ACF75C-C32C-447B-9BEF-46B766368D29}” => key removed successfully
“HKLM\Software\MozillaPlugins@microsoft.com/GENUINE” => key removed successfully
“HKLM\Software\Wow6432Node\MozillaPlugins@microsoft.com/GENUINE” => key removed successfully
“HKLM\Software\Wow6432Node\MozillaPlugins@tools.google.com/Google Update;version=3” => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll => moved successfully
“HKLM\Software\Wow6432Node\MozillaPlugins@tools.google.com/Google Update;version=9” => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll => not found.
“HKU.DEFAULT\Software\MozillaPlugins@hola.org/FlashPlayer” => key removed successfully
C:\Users\Josh\AppData\Local\Hola\firefox_hola\app\ flash\NPSWF32_18_0_0_232.dll => not found.
“HKU.DEFAULT\Software\MozillaPlugins@hola.org/vlc” => key removed successfully
C:\Users\Josh\AppData\Local\Hola\firefox_hola\app\ vlc\npvlc.dll => not found.
C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddi lifddb => moved successfully
C:\Windows\64467D47FFE44FBCABBAA0DB829A17EB.TMP => moved successfully
“C:\Windows\64467D47FFE44FBCABBAA0DB829A17EB.TMP” => File/Folder not found.
C:\Users\Josh\AppData\Roaming\uTorrent => moved successfully
C:\Users\Josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\Josh\AppData\Local\run1.txt => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{03DBD41 5-22DB-4CD7-B213-C2DE248009A2}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{03DBD41 5-22DB-4CD7-B213-C2DE248009A2}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree{A464AA88-BA75-4DE2-A262-CE6BB1F59402}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{10C2710 8-6476-4977-BF29-B7BB966551E7}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{10C2710 8-6476-4977-BF29-B7BB966551E7}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GyazoUpd ateTaskMachineDaily” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{14ADB51 0-0347-41DF-9597-5CD9A1B423E4}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{14ADB51 0-0347-41DF-9597-5CD9A1B423E4}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Overwolf Updater Task” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{1629EFA A-CA68-42C2-A9FA-D0D92418A29D}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{1629EFA A-CA68-42C2-A9FA-D0D92418A29D}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree{854949CE-D0DC-4386-9CA9-A7B04A9D1FF5}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{2906F17 B-C3E3-4B03-8DAA-DA1671275D6C}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{2906F17 B-C3E3-4B03-8DAA-DA1671275D6C}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player PPAPI Notifier” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{805EA7F F-D61C-4884-95AE-D7DA7CC556FA}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{805EA7F F-D61C-4884-95AE-D7DA7CC556FA}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AMD Updater” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{8F27F74 4-EF4A-43F0-B915-1D8D44201FC1}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{8F27F74 4-EF4A-43F0-B915-1D8D44201FC1}” => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUp dateTaskMachineUA” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{918AFD4 2-81CE-459B-AAF6-DB8B86B6C42A}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{918AFD4 2-81CE-459B-AAF6-DB8B86B6C42A}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GyazoUpd ateTaskMachine” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{ACB2F35 F-F054-411A-9A34-0B7D1B81BC54}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{ACB2F35 F-F054-411A-9A34-0B7D1B81BC54}” => key removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Applic ation Experience\ProgramDataUpdater => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Application Experience\ProgramDataUpdater” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{C3F15C6 B-9041-4C25-A34F-87E59F672D61}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{C3F15C6 B-9041-4C25-A34F-87E59F672D61}” => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUp dateTaskMachineCore” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{DCA8A37 7-3907-4C9A-A4B6-92AB56591E01}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{DCA8A37 7-3907-4C9A-A4B6-92AB56591E01}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree{4ADFB7BF-6FCD-4D30-8CE8-A3A0DA0029E5}” => key removed successfully

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Pol icy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Pol icy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= RemoveProxy: =========

HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVers ion\Internet Settings\Connections\DefaultConnectionSettings => value removed successfully
HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVers ion\Internet Settings\Connections\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2025992066-4083076924-3298436488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

========= netsh advfirewall reset =========

Ok.

========= End of CMD: =========

========= netsh advfirewall set allprofiles state ON =========

Ok.

========= End of CMD: =========

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

========= netsh int ip reset c:\resetlog.txt =========

Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Reseting Subinterface, OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= ipconfig /release =========

Windows IP Configuration

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Default Gateway . . . . . . . . . :

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

========= End of CMD: =========

========= ipconfig /renew =========

Windows IP Configuration

No operation can be performed on Local Area Connection while it has its media disconnected.

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 192.168.0.12
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

========= End of CMD: =========

========= netsh int ipv4 reset =========

Reseting Interface, OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= netsh int ipv6 reset =========

Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Reseting Subinterface, OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
The dependency service or group failed to start.

========= End of CMD: =========

EmptyTemp: => 276.2 MB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 12:51:05 ====

**Malnutrition** · 10-26-2016, 04:58 PM

Are you able to connect now?

**Joshua_Bobbitt** · 10-26-2016, 05:00 PM

Give me a minute to check

**Joshua_Bobbitt** · 10-26-2016, 05:03 PM

It seems so! Thanks a bunch, greatly appreciated! :LOL:

**Malnutrition** · 10-26-2016, 05:06 PM

Ok, lets just run one last scan to do a mop up operation, then I will give you some instructions on how to avoid this sort of thing again and keep your machine running smooth.

[ul]
[li]Hold down Control and click on this link to open ESET OnlineScan in a new window.[/li][li]Click the http://www.bleepstatic.com/fhost/upl...tonlinebtn.png button.[/li][li]For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)[/li][li]Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.[/li][li]Double click on the http://www.bleepstatic.com/fhost/upl...taller_enu.png icon on your desktop.[/li][li]Check “YES, I accept the Terms of Use.”[/li][li]Click the Start button.[/li][li]Accept any security warnings from your browser.[/li][li]Under scan settings, check “Scan Archives” and “Remove found threats” [/li][li]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.[/li][li]When the scan completes, click List Threats[/li][li]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.[/li][li]Click the Back button.[/li][li]Click the Finish button.[/li][li]NOTE:Sometimes if ESET finds no infections it will not create a log.[/li][/ul]

Need help, laptop cannot connect to certain websites.

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment