Re-Check Please

Started by hayc59, October 20, 2020, 05:39:24 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Corrine

Looking back at your logs, it appears you are using Realtek Wireless Network.  Try connecting to your modem/router instead of using Wi-Fi and see if that makes a difference via Ethernet rather than Wi-Fi.

If still having an issue open Settings > Update & Security > Troubleshoot > Additional Troubleshooters.  There are several Troubleshooters there you can run:  Network Adapter, Internet Connections and even Incoming connections.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

hayc59

Ok I have Malwarebtyes installed used the offline installer

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


hayc59

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/22/20
Scan Time: 12:28 PM
Log File: ce73058e-149c-11eb-9552-78e3b5681083.json

-Software Information-
Version: 4.2.1.89
Components Version: 1.0.1070
Update Package Version: 1.0.31674
License: Free

-System Information-
OS: Windows 10 (Build 18362.1139)
CPU: x64
File System: NTFS
User: KAILEE\Gordon & Nancy

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 301790
Threats Detected: 3
Threats Quarantined: 0
Time Elapsed: 4 min, 49 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
PUP.Optional.AuslogicsRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\AUSLOGICS\Registry Cleaner, No Action By User, 8480, 349780, 1.0.31674, , ame, , ,

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
Adware.OxyPumper, C:\USERS\GORDON & NANCY\APPDATA\ROAMING\TOOLSYSHOST\SIHOST.EXE, No Action By User, 8075, 844038, 1.0.31674, E92AEE6F402EF64E73198320, dds, 00948146, 5639281E9929589EE91ABFDA3A745F08, 3C7D336C0D16858A2000608DF1DCD0358CE001767DFB32F55F2FDCCDC4490D97
PUP.Optional.Auslogics, C:\USERS\GORDON & NANCY\DESKTOP\JUNK\UTILTIES\AUSDISKDEFRAGPORTABLE.EXE, No Action By User, 10876, 859216, 1.0.31674, , ame, , CE63D7B5179711855C58904D5CC55A71, 35E71D7CCABC409777C4262316BBD25BBB358DCA6E535B83D76D8407C55DC64D

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Corrine

Whew!  Glad you figured that out.  :)  Personally, I'd remove what MBAM found but it is your PC so your choice. 

Anyway, if everything is back to normal now, you can delete the Malwarebytes Support Tool and then do the following:

Please download KpRm by kernel-panik and save it to your desktop.

  • Right-click kprm_(version).exe and select Run as Administrator.
  • When the tool opens, ensure all boxes are checked, and select Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.
Edit Note:  Don't forget to make the change to remove Malwarebytes from the Security Center.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

hayc59

Ok just want to make sure

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Corrine

Check the "Create Restore Point" box too. 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

hayc59


9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


hayc59

# Run at 10/22/2020 1:11:57 PM
# KpRm (Kernel-panik) version 2.8
# Website https://kernel-panik.me/tool/kprm/
# Run by Gordon & Nancy from C:\Users\Gordon & Nancy\Desktop\Junk
# Computer Name: KAILEE
# OS: Windows 10 X64 (18363)
# Number of passes: 1

- Checked options -

    ~ Registry Backup
    ~ Delete Tools
    ~ Restore System Settings
    ~ UAC Restore
    ~ Delete Restore Points
    ~ Create Restore Point
    ~ Delete Quarantines

- Create Registry Backup -

   ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
   ~ [OK] Hive C:\Users\Gordon & Nancy\NTUSER.dat backed up

     [OK] Registry Backup: C:\KPRM\backup\2020-10-22-13-11-57

- Delete Tools -


  ## AdwCleaner
     [OK] C:\AdwCleaner deleted

  ## Autoruns
     [OK] C:\Users\Gordon & Nancy\Desktop\Junk\Utilties\autoruns.exe deleted

  ## ESET Online Scanner
     [OK] C:\Users\Gordon & Nancy\AppData\Local\ESET\ESETOnlineScanner deleted

  ## FRST
     [OK] C:\Users\Gordon & Nancy\Desktop\Junk\FRST64.exe deleted
     [OK] C:\FRST deleted

- Restore System Settings -

     [OK] Reset WinSock
     [OK] FLUSHDNS
     [OK] Hide Hidden file.
     [OK] Show Extensions for known file types
     [OK] Hide protected operating system files

- Restore UAC -

     [OK] Set EnableLUA with default (1) value
     [OK] Set ConsentPromptBehaviorAdmin with default (5) value
     [OK] Set ConsentPromptBehaviorUser with default (3) value
     [OK] Set EnableInstallerDetection with default (0) value
     [OK] Set EnableSecureUIAPaths with default (1) value
     [OK] Set EnableUIADesktopToggle with default (0) value
     [OK] Set EnableVirtualization with default (1) value
     [OK] Set FilterAdministratorToken with default (0) value
     [OK] Set PromptOnSecureDesktop with default (1) value
     [OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear Restore Points -

   ~ [OK] RP named Removed TinyWall created at 10/13/2020 01:41:49 deleted
   ~ [OK] RP named Installed TinyWall created at 10/13/2020 17:11:13 deleted
   ~ [OK] RP named Removed TinyWall created at 10/13/2020 17:41:47 deleted
   ~ [OK] RP named Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 created at 10/15/2020 16:56:54 deleted
   ~ [OK] RP named Installed TinyWall created at 10/15/2020 17:07:16 deleted
   ~ [OK] RP named Installed Open-Shell created at 10/18/2020 20:06:10 deleted
   ~ [OK] RP named Removed TinyWall created at 10/19/2020 18:02:20 deleted
   ~ [OK] RP named Removed AdGuard created at 10/20/2020 22:11:28 deleted
     [OK] All system restore points have been successfully deleted

- Create Restore Point -

     [OK] System Restore Point created

- Display System Restore Point -

   ~ RP named KpRm created at 10/22/2020 20:12:59

-- KPRM finished in 115.98s --

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Corrine

Excellent!  I'm glad that was resolved, G!


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

hayc59

As always.thank you very mucho amigas

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Corrine



Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

DR M

I'm sorry for the late reply here, but I had to stay away from screens for a while...  :)

Just asking from curiosity:

QuoteOk I have Malwarebtyes installed used the offline installer

That means that you didn't try Ethernet (instead of wifi), as Corrine suggested on 22 October here: https://www.landzdown.com/analysis-and-malware-removal/re-check-please/msg203693/#msg203693

I would also suggest to disable your wifi adopter (Netgear I think? ) and enable the wifi card. Then try to download it again.

Let us know the result.
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

hayc59

OK a little help........I can use the Ethernet cord I have on main pc which is very old still has
XP Home installed un plug it and plug it into the laptop correct? then what....sorry for being so inept 

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


DR M

Plug the one end of the cord into the laptop and leave the other end where it is.
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

DR M

The ethernet port on a laptop is shown in the attached image.

P.S. The suggestion about disabling the adopter and enabling the wifi card applies only if your card is working properly.
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."