Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My antivirus and anti-malware close automatically right at boot. [Solv

Started by Strobenz , Jun 26 2015 07:06 PM
antivirus Antimalware boot cant open cant run

  • This topic is locked This topic is locked

#1
Strobenz
Posted 26 June 2015 - 07:06 PM

Strobenz

    New Member

  • Member
  • Pip
  • 4 posts

Hello, I am currently running Windows 8.1 (upgraded from Windows Store) on an x64 system. I think my computer is infected because I recently noticed that neither my antivirus nor my antimalware run when I boot my computer. McAfee and MBAM is what I own. I immediatly tried to run both as Administrator but they just wouldn't open, so I rebooted. Again, they didn't open automatically and I wasn't able to run them manually. After that, I decided to reboot on Safe Mode and found out that both applications were able to run from there. I scanned with MBAM and it supposedly deleted 12 files, mostly PUPs and one Trojan. I rebooted again in normal mode and ran Chameleon (that occurred to me when I was scanning before) to see if there was something that maybe wasn't detected the first time. Chameleon opened succesfully and I was able to scan, but nothing was detected. Then, I tried to open McAfee and scan with it too, but it wouldn't run... so I rebooted in Safe Mode again, ran the application and attempted to scan, but it gave me an error message that an "unexpected error" occurred. I thought maybe MBAM and McAfee are incompatible and that's why they don't run, so I uninstalled MBAM (since I use the free version anyway) to see if there was any difference, and nothing changed. This time I reinstalled MBAM and tried to run Chameleon again, only to find that it wasn't of any help this time since it wasn't able to run MBAM and do any scans...

 

I'm very desperate because this malware thing is really annoying! I don't really know what else to do, so if someone could please help me I'd really appreciate it! I should mention that no other applications (that I know of) are being affected by this infection (or whatever it is), it's only my protection softwares... I am also able to browse the internet normally (I use Firefox) and when I downloaded FRST the McAfee Web Advisor actually worked... so I have no idea what's going on!

 

Please help! Here are my FRST logs:

 

FRST.txt

Spoiler

 

Addition.txt

Spoiler

 


  • 0

Advertisements

#2
Essexboy
Posted 27 June 2015 - 04:17 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you let me know if your AV works after the reboot from FRST

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
FF user.js: detected! => C:\Users\Mind\AppData\Roaming\Mozilla\Firefox\Profiles\vmqfrxlw.default\user.js [2015-06-19]
R2 VSSS; C:\Users\Mind\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [106694464 2015-06-25] (Microsoft Corporation) [File not signed]
R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]
2015-06-26 17:03 - 2015-06-26 17:03 - 01415680 _____ (wj32) C:\Program Files\62UY2YKK.exe
2015-06-26 16:01 - 2015-06-26 16:01 - 01415680 _____ (wj32) C:\Program Files\2IUIUEKY.exe
2015-06-26 14:46 - 2015-06-26 14:46 - 01415680 _____ (wj32) C:\Program Files\7N7RZJ3J.exe
2015-06-26 14:45 - 2015-06-26 14:45 - 01415680 _____ (wj32) C:\Program Files\RVJBNNFB.exe
2015-06-26 13:22 - 2015-06-26 13:22 - 01415680 _____ (wj32) C:\Program Files\99XHLHPT.exe
2015-06-17 22:10 - 2015-05-06 13:14 - 00000000 __SHD C:\Users\sheyl_000\AppData\Local\EmieBrowserModeList
2015-06-17 22:10 - 2014-06-18 11:27 - 00000000 __SHD C:\Users\sheyl_000\AppData\Local\EmieUserList
2015-06-17 22:10 - 2014-06-18 11:27 - 00000000 __SHD C:\Users\sheyl_000\AppData\Local\EmieSiteList
2015-06-14 16:14 - 2014-11-16 15:13 - 00000000 __SHD C:\Users\Mind\AppData\Local\EmieBrowserModeList
2015-06-14 16:14 - 2014-04-14 16:40 - 00000000 __SHD C:\Users\Mind\AppData\Local\EmieUserList
2015-06-14 16:14 - 2014-04-14 16:40 - 00000000 __SHD C:\Users\Mind\AppData\Local\EmieSiteList
2015-06-26 16:01 - 2015-06-26 16:01 - 1415680 _____ (wj32) C:\Program Files\2IUIUEKY.exe
2015-06-26 17:03 - 2015-06-26 17:03 - 1415680 _____ (wj32) C:\Program Files\62UY2YKK.exe
2015-06-26 14:46 - 2015-06-26 14:46 - 1415680 _____ (wj32) C:\Program Files\7N7RZJ3J.exe
2015-06-26 13:22 - 2015-06-26 13:22 - 1415680 _____ (wj32) C:\Program Files\99XHLHPT.exe
2015-06-26 19:39 - 2015-06-26 19:39 - 1415680 _____ (wj32) C:\Program Files\PHDDTXXH.exe
2015-06-26 14:45 - 2015-06-26 14:45 - 1415680 _____ (wj32) C:\Program Files\RVJBNNFB.exe
C:\Users\Mind\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
C:\ProgramData\mstwrzb.exe
C:\Program Files\kprocesshacker.sys
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
Strobenz
Posted 27 June 2015 - 12:53 PM

Strobenz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Hello! Thank you very much for your response!

 

I am able to run my antivirus now that I did the Fix thing in FRST, but real-time protection can't be enabled. I can run Malwarebytes too now.

 

Here's the Fixlog.txt

 

Spoiler

 

Here's AdwCleaner log:

Spoiler

 

Actually, there were 2 AdwCleaner logs... I'm posting the one named AdwCleaner[S1].txt... Should I post the other log too?

 

Thanks again!


  • 0

#4
Essexboy
Posted 27 June 2015 - 01:30 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you repair McAfee using the steps on this page please https://kc.mcafee.co...tent&id=KB56087

Once done could you let me know what problems remain
  • 0

#5
Strobenz
Posted 27 June 2015 - 09:09 PM

Strobenz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

It worked and it's fixed now! I can open, run a scan and activate the real-time protection on McAfee. Malwarebytes is also working now!

 

Thank you very much for your help! I really, really appreciate it!


  • 0

#6
Essexboy
Posted 28 June 2015 - 04:06 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes.

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#7
Strobenz
Posted 28 June 2015 - 01:20 PM

Strobenz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Alright! Did all of the steps above and I'm finished :)

 

Thank you very much for your tips and your help, again!! I'll come back later if there's any new problem, though I doubt it haha.


  • 0

#8
Essexboy
Posted 28 June 2015 - 01:21 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Keep safe :)
  • 0

#9
Essexboy
Posted 29 June 2015 - 07:43 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: antivirus, Antimalware, boot, cant open, cant run

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP