Author Topic: Re-Check Please  (Read 7956 times)

0 Members and 1 Guest are viewing this topic.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20329
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Re-Check Please
« Reply #30 on: October 22, 2020, 06:16:36 PM »
Looking back at your logs, it appears you are using Realtek Wireless Network.  Try connecting to your modem/router instead of using Wi-Fi and see if that makes a difference via Ethernet rather than Wi-Fi.

If still having an issue open Settings > Update & Security > Troubleshoot > Additional Troubleshooters.  There are several Troubleshooters there you can run:  Network Adapter, Internet Connections and even Incoming connections.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline hayc59

  • Voodoo Child
  • Hero Member
  • *****
  • Posts: 1451
  • Gentleman
    • View Profile
Re: Re-Check Please
« Reply #31 on: October 22, 2020, 06:22:26 PM »
Ok I have Malwarebtyes installed used the offline installer

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Offline hayc59

  • Voodoo Child
  • Hero Member
  • *****
  • Posts: 1451
  • Gentleman
    • View Profile
Re: Re-Check Please
« Reply #32 on: October 22, 2020, 06:37:53 PM »
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/22/20
Scan Time: 12:28 PM
Log File: ce73058e-149c-11eb-9552-78e3b5681083.json

-Software Information-
Version: 4.2.1.89
Components Version: 1.0.1070
Update Package Version: 1.0.31674
License: Free

-System Information-
OS: Windows 10 (Build 18362.1139)
CPU: x64
File System: NTFS
User: KAILEE\Gordon & Nancy

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 301790
Threats Detected: 3
Threats Quarantined: 0
Time Elapsed: 4 min, 49 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
PUP.Optional.AuslogicsRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\AUSLOGICS\Registry Cleaner, No Action By User, 8480, 349780, 1.0.31674, , ame, , ,

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
Adware.OxyPumper, C:\USERS\GORDON & NANCY\APPDATA\ROAMING\TOOLSYSHOST\SIHOST.EXE, No Action By User, 8075, 844038, 1.0.31674, E92AEE6F402EF64E73198320, dds, 00948146, 5639281E9929589EE91ABFDA3A745F08, 3C7D336C0D16858A2000608DF1DCD0358CE001767DFB32F55F2FDCCDC4490D97
PUP.Optional.Auslogics, C:\USERS\GORDON & NANCY\DESKTOP\JUNK\UTILTIES\AUSDISKDEFRAGPORTABLE.EXE, No Action By User, 10876, 859216, 1.0.31674, , ame, , CE63D7B5179711855C58904D5CC55A71, 35E71D7CCABC409777C4262316BBD25BBB358DCA6E535B83D76D8407C55DC64D

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20329
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Re-Check Please
« Reply #33 on: October 22, 2020, 06:52:19 PM »
Whew!  Glad you figured that out.  :)  Personally, I'd remove what MBAM found but it is your PC so your choice. 

Anyway, if everything is back to normal now, you can delete the Malwarebytes Support Tool and then do the following:

Please download KpRm by kernel-panik and save it to your desktop.
  • Right-click kprm_(version).exe and select Run as Administrator.
  • When the tool opens, ensure all boxes are checked, and select Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.

Edit Note:  Don't forget to make the change to remove Malwarebytes from the Security Center.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline hayc59

  • Voodoo Child
  • Hero Member
  • *****
  • Posts: 1451
  • Gentleman
    • View Profile
Re: Re-Check Please
« Reply #34 on: October 22, 2020, 07:03:25 PM »
Ok just want to make sure

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20329
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Re-Check Please
« Reply #35 on: October 22, 2020, 07:10:13 PM »
Check the "Create Restore Point" box too. 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline hayc59

  • Voodoo Child
  • Hero Member
  • *****
  • Posts: 1451
  • Gentleman
    • View Profile
Re: Re-Check Please
« Reply #36 on: October 22, 2020, 07:11:07 PM »
cool here we go....

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Offline hayc59

  • Voodoo Child
  • Hero Member
  • *****
  • Posts: 1451
  • Gentleman
    • View Profile
Re: Re-Check Please
« Reply #37 on: October 22, 2020, 07:15:25 PM »
# Run at 10/22/2020 1:11:57 PM
# KpRm (Kernel-panik) version 2.8
# Website https://kernel-panik.me/tool/kprm/
# Run by Gordon & Nancy from C:\Users\Gordon & Nancy\Desktop\Junk
# Computer Name: KAILEE
# OS: Windows 10 X64 (18363)
# Number of passes: 1

- Checked options -

    ~ Registry Backup
    ~ Delete Tools
    ~ Restore System Settings
    ~ UAC Restore
    ~ Delete Restore Points
    ~ Create Restore Point
    ~ Delete Quarantines

- Create Registry Backup -

   ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
   ~ [OK] Hive C:\Users\Gordon & Nancy\NTUSER.dat backed up

     [OK] Registry Backup: C:\KPRM\backup\2020-10-22-13-11-57

- Delete Tools -


  ## AdwCleaner
     [OK] C:\AdwCleaner deleted

  ## Autoruns
     [OK] C:\Users\Gordon & Nancy\Desktop\Junk\Utilties\autoruns.exe deleted

  ## ESET Online Scanner
     [OK] C:\Users\Gordon & Nancy\AppData\Local\ESET\ESETOnlineScanner deleted

  ## FRST
     [OK] C:\Users\Gordon & Nancy\Desktop\Junk\FRST64.exe deleted
     [OK] C:\FRST deleted

- Restore System Settings -

     [OK] Reset WinSock
     [OK] FLUSHDNS
     [OK] Hide Hidden file.
     [OK] Show Extensions for known file types
     [OK] Hide protected operating system files

- Restore UAC -

     [OK] Set EnableLUA with default (1) value
     [OK] Set ConsentPromptBehaviorAdmin with default (5) value
     [OK] Set ConsentPromptBehaviorUser with default (3) value
     [OK] Set EnableInstallerDetection with default (0) value
     [OK] Set EnableSecureUIAPaths with default (1) value
     [OK] Set EnableUIADesktopToggle with default (0) value
     [OK] Set EnableVirtualization with default (1) value
     [OK] Set FilterAdministratorToken with default (0) value
     [OK] Set PromptOnSecureDesktop with default (1) value
     [OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear Restore Points -

   ~ [OK] RP named Removed TinyWall created at 10/13/2020 01:41:49 deleted
   ~ [OK] RP named Installed TinyWall created at 10/13/2020 17:11:13 deleted
   ~ [OK] RP named Removed TinyWall created at 10/13/2020 17:41:47 deleted
   ~ [OK] RP named Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 created at 10/15/2020 16:56:54 deleted
   ~ [OK] RP named Installed TinyWall created at 10/15/2020 17:07:16 deleted
   ~ [OK] RP named Installed Open-Shell created at 10/18/2020 20:06:10 deleted
   ~ [OK] RP named Removed TinyWall created at 10/19/2020 18:02:20 deleted
   ~ [OK] RP named Removed AdGuard created at 10/20/2020 22:11:28 deleted
     [OK] All system restore points have been successfully deleted

- Create Restore Point -

     [OK] System Restore Point created

- Display System Restore Point -

   ~ RP named KpRm created at 10/22/2020 20:12:59

-- KPRM finished in 115.98s --

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20329
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Re-Check Please
« Reply #38 on: October 22, 2020, 07:18:05 PM »
Excellent!  I'm glad that was resolved, G!


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline hayc59

  • Voodoo Child
  • Hero Member
  • *****
  • Posts: 1451
  • Gentleman
    • View Profile
Re: Re-Check Please
« Reply #39 on: October 22, 2020, 08:38:24 PM »
As always.thank you very mucho amigas

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20329
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Re-Check Please
« Reply #40 on: October 22, 2020, 08:39:18 PM »
You're welcome! 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline DR M

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1830
  • Keep on keeping on.
    • View Profile
Re: Re-Check Please
« Reply #41 on: October 26, 2020, 03:14:36 PM »
I'm sorry for the late reply here, but I had to stay away from screens for a while...  :)

Just asking from curiosity:

Quote
Ok I have Malwarebtyes installed used the offline installer

That means that you didn't try Ethernet (instead of wifi), as Corrine suggested on 22 October here: https://www.landzdown.com/analysis-and-malware-removal/re-check-please/msg203693/#msg203693

I would also suggest to disable your wifi adopter (Netgear I think? ) and enable the wifi card. Then try to download it again.

Let us know the result.

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

Offline hayc59

  • Voodoo Child
  • Hero Member
  • *****
  • Posts: 1451
  • Gentleman
    • View Profile
Re: Re-Check Please
« Reply #42 on: October 26, 2020, 03:51:05 PM »
OK a little help........I can use the Ethernet cord I have on main pc which is very old still has
XP Home installed un plug it and plug it into the laptop correct? then what....sorry for being so inept 

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Offline DR M

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1830
  • Keep on keeping on.
    • View Profile
Re: Re-Check Please
« Reply #43 on: October 26, 2020, 04:23:07 PM »
Plug the one end of the cord into the laptop and leave the other end where it is.

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

Offline DR M

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1830
  • Keep on keeping on.
    • View Profile
Re: Re-Check Please
« Reply #44 on: October 26, 2020, 04:36:48 PM »
The ethernet port on a laptop is shown in the attached image.

P.S. The suggestion about disabling the adopter and enabling the wifi card applies only if your card is working properly.

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."