Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan Virus or spyware

clean this device Facebook and ESET Scanner download Scanner

  • Please log in to reply

#16
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
I think this is what you wanted Bob, I am Betty-RobertDad's wife.   Thank you for your help.  
Greatly appreciated   The other logs (Fix-results have my name on it)  I sure hope its from this computer.  
Everything is the same so far, still can't login to FB.
 
 
 
Fix result of Farbar Recovery Scan Tool (x86) Version: 10.02.2018 02
Ran by Admin (14-02-2018 17:29:37) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin & Betty Tremblay (Available Profiles: Admin & Betty Tremblay & Guest)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
createrestorepoint:
closeprocesses:
emptytemp:
cmd: ipconfig /flushdns
Startup: C:\Users\Shabnam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shabnam.lnk [2016-11-12]
ShortcutTarget: Shabnam.lnk -> C:\ProgramData\hmoqkj\hmoqkj.exe ()
C:\ProgramData\hmoqkj
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2404025715-3262374805-409840524-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-2404025715-3262374805-409840524-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/cse?cx=partner-pub-8036109189802438%3A7790813904&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=yourtv.link%2F
SearchScopes: HKU\S-1-5-21-2404025715-3262374805-409840524-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/cse?cx=partner-pub-8036109189802438%3A7790813904&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=yourtv.link%2F
*****************
 
Restore point was successfully created.
Processes closed successfully.
 
 
 
# AdwCleaner 7.0.8.0 - Logfile created on Wed Feb 14 23:10:49 2018
# Updated on 2018/08/02 by Malwarebytes 
# Running on Windows Vista ™ Home Basic (X86)
# Mode: clean
 
***** [ Services ] *****
 
Deleted: WtuSystemSupport
Deleted: vToolbarUpdater40.3.2
 
 
***** [ Folders ] *****
 
Deleted: C:\ProgramData\AVG Secure Search
Deleted: C:\ProgramData\Application Data\AVG Secure Search
Deleted: C:\Program Files\Common Files\AVG Secure Search
Deleted: C:\Users\All Users\AVG Secure Search
Deleted: C:\ProgramData\AVG Security Toolbar
Deleted: C:\ProgramData\Application Data\AVG Security Toolbar
Deleted: C:\Users\All Users\AVG Security Toolbar
Deleted: C:\Program Files\avg web tuneup
Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\avg web tuneup
Deleted: C:\Users\Admin\AppData\Local\avg web tuneup
Deleted: C:\Users\Betty Tremblay\AppData\Local\avg web tuneup
Deleted: C:\Users\Guest\AppData\Local\avg web tuneup
Deleted: C:\Users\All Users\Documents\Downloaded Installers
Deleted: C:\Users\Public\Documents\Downloaded Installers
Deleted: C:\Users\Admin\AppData\Roaming\TotalAV
Deleted: C:\Users\Admin\AppData\Local\slimware utilities inc
Deleted: C:\Users\Admin\AppData\Local\SlimWare Utilities Inc
Deleted: C:\ProgramData\Avg_Update_0316tb
Deleted: C:\ProgramData\Avg_Update_0615tb
Deleted: C:\ProgramData\Avg_Update_0915tb
 
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****

  • 0

Advertisements


#17
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

If you don't have the fixlog.txt file, AdwCleaner{C*}.txt, please let me know.   I put them here last night, but I don't see them.   I really have a hard time finding what I am looking for here.

 

Fix result of Farbar Recovery Scan Tool (x86) Version: 10.02.2018 02
Ran by Admin (14-02-2018 17:29:37) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin & Betty Tremblay (Available Profiles: Admin & Betty Tremblay & Guest)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
createrestorepoint:
closeprocesses:
emptytemp:
cmd: ipconfig /flushdns
Startup: C:\Users\Shabnam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shabnam.lnk [2016-11-12]
ShortcutTarget: Shabnam.lnk -> C:\ProgramData\hmoqkj\hmoqkj.exe ()
C:\ProgramData\hmoqkj
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2404025715-3262374805-409840524-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-2404025715-3262374805-409840524-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/cse?cx=partner-pub-8036109189802438%3A7790813904&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=yourtv.link%2F
SearchScopes: HKU\S-1-5-21-2404025715-3262374805-409840524-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/cse?cx=partner-pub-8036109189802438%3A7790813904&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=yourtv.link%2F
*****************
 
Restore point was successfully created.
Processes closed successfully.
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
"C:\Users\Shabnam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shabnam.lnk" => not found
"C:\ProgramData\hmoqkj\hmoqkj.exe" => not found
"C:\ProgramData\hmoqkj" => not found
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2404025715-3262374805-409840524-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
"HKU\S-1-5-21-2404025715-3262374805-409840524-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
"HKU\S-1-5-21-2404025715-3262374805-409840524-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => not found
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 20813 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8660845 B
Java, Flash, Steam htmlcache => 5529 B
Windows/system/drivers => 190355434 B
Edge => 0 B
Chrome => 314285329 B
Firefox => 376957840 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 25857644 B
LocalService => 66708 B
NetworkService => 95628 B
Admin => 142215299 B
Betty Tremblay => 32627507 B
Guest => 15079863 B
 
RecycleBin => 482459 B
EmptyTemp: => 1 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 17:31:24 ====

  • 0

#18
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Hi Bruce, 
I think this is what you wanted, I redid the the copy and Paste, I don't know why it didn't work for me last night.  I copied, pasted, and hit Post.  I saw them there last night, but not this morning.  I sure hope I am looking in the right place.    TY Betty/RobertDad
 
 
# AdwCleaner 7.0.8.0 - Logfile created on Thu Feb 15 21:13:44 2018
# Updated on 2018/08/02 by Malwarebytes 
# Running on Windows Vista ™ Home Basic (X86)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
No malicious folders deleted.
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKLM\SOFTWARE\MimarSinan
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries deleted.
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Proxy settings cleared
::TCP/IP settings cleared
::IPSec settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[C0].txt - [3478 B] - [2018/2/14 23:10:49]
C:/AdwCleaner/AdwCleaner[S0].txt - [3823 B] - [2018/2/14 23:0:53]
C:/AdwCleaner/AdwCleaner[S1].txt - [1119 B] - [2018/2/15 21:11:6]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

Edited by RobertDad, 15 February 2018 - 03:24 PM.

  • 0

#19
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,703 posts

It doesn't look like that is the fixlist that I gave you.

When logged in as Admin On the desktop is there a file called fixlog.txt? If there is please open this file and copy and paste the contents into your next reply.

Also looks like some of the AdwCleaner log has cut off. Click on this computer (C:) > Look for a folder called AdwCleaner and double click on this.

There should be a report called AdwCleaner[C*].txt The report would have been run on Wed Feb 14. Open this report. It will open with notepad.

Click on Edit > Select All. This will highlight all the text.

Click on Edit again > select Copy

Paste this log into your next post.

Thanks


  • 0

#20
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,703 posts
Hi

Our posts may have crossed. :)

The AdxCleaner log I am looking for is this one

C:/AdwCleaner/AdwCleaner[C0].txt - [3478 B] - [2018/2/14 23:10:49]

It will be found in the C: drive and a folder called AdwCleaner

Thanks
  • 0

#21
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Did you look at all the last few logs, I only ask because I can not use Bob's computer.  He has no internet connection, and I don't know why.   

The internet is working on mine.  I can not redo the fixlist or AdwClearer  from my computer, am I correct.  I am going to have reset the router 

and modem which will also shut this one down.    I will try to get right back to you.   Can you get rid of all those extra report/logs here, or do I 

just delete them.  I am not sure how your program works here.   Thanks, RobertDad's wife. 


  • 0

#22
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Hi Bruce, 

 

I still can not get RobertDad's computer logged onto the internet.   I have unpluged everything, and waited, it's a no go for tonight.  Will let you know if I can get back on and maybe do a scan of the documents and copy it here for you.  

Sorry about not getting more done, but stuff happens I quess.


  • 0

#23
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,703 posts
Hi

Yes you won't be able to re create the reports on your machine.

Lets see if we can get the internet connection working again. Do you have a spare USB thumbdrive/stick?

On the your working laptop please do the following:

Plug your thumbdrive into the working computer.
Please download MiniToolBox, save it to your USB thumbdrive.
Unplug the USB drive and plug into the broken computer.
Double click the MiniToolBox to run the application.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

    Click Go A copy of MTB.txt will be saved in the same directory the tool is run.(on the USB drive)

    Post this log in your next reply.

    Thanks

  • 0

#24
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Hope this works;

Attached Files

  • Attached File  MTB.txt   26.78KB   31 downloads

  • 0

#25
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,703 posts
Hi

Exactly what I need, thanks. :)

It looks like your network adapter is not connected on the laptop
 

Wireless LAN adapter Betty:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter #3
Physical Address. . . . . . . . . : 00-16-44-17-C6-42
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes


Follow the instructions on this page for the broken laptop and see if this fixes the issue.

Let me know how you get on.
  • 0

Advertisements


#26
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Okay, I get your first part, not connected, click on a network for me is nothing.  I get your first screen (attached) but my next screen shows windows can not fine any networks.   I have installed the updated Realtek adapter, no luck there. I can not pull up the network name.  

Attached Thumbnails

  • 3.png

  • 0

#27
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,703 posts
Hi

On RobertDads computer

Can you post screenshots of your network adapter tcp/ip properties please.

Press the Windows + R key at the same time.
In the Run box type ncpa.cpl and press enter.
Look for the Wireless Network Connection, Right Click on it and select Properties.
Select Internet Protocol Version 4(TCP/IPv4), click Properties.
How_to_configure_TCPIP_Properties_of_the

Take a screenshot of this.

Then Click on Advanced.

Please click on each tab and take a screenshot please.

Attach your screenshots to your next reply.

Many thanks
  • 0

#28
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Hi Bruce, 

 

I have added 4 screen shots for you, hope they work and are helpful.   I am really resetting to factory settings and starting over again.  I wish I knew how to use parental controls, and block out all the stupid things he clicks on.   I never should have given/or created a Facebook account for him.

Attached Thumbnails

  • Network Screen print 1.jpg
  • Screen 2.jpg
  • Screen 3.jpg
  • screen 4.jpg

  • 0

#29
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,703 posts
Hi

Thanks for the screenshots.

Just to confirm when you Select Internet Protocol Version 4(TCP/IPv4) and clicked on Properties was the first screen you see have the following selected.

Obtain an IP address automatically

Obtain DNS Server address automatically
  • 0

#30
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Yes it does.  Sorry I guess I missed sending that one. 

 

 

Attached Thumbnails

  • Interne Protocol Version 4 TCP-IPv4 Properties.jpg

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP