Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

StartupCheckLibrary.dll, Win Defender and windows update


  • Please log in to reply

#1
simana

simana

    New Member

  • Member
  • Pip
  • 6 posts
Hi,
I have an issue with my Windows 10. The "microsoft windows defender" has disappeared from my windows 10 installation. At the same time, the "windows update" stopped working due to the absence of "Win Defender".
 
I scanned with ESET online and quarantined these files. On startup, the pop up of StartupCheckLibrary.dll and winscomrssrv.dll files missing appeared.
 
After reading other threads in this website I ran FRST. I have attached the FRST.text and Addition.text files.
I have uninstalled all pirated softwares as well.
 
Can you please help me?
Thank you!

Attached Files


  • 0

Advertisements


#2
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 123 posts

Hi , simana..!  :)  Please run the following tool in safe mode:

 

https://www.avast.co...install-utility

 

..to remove debris from Avast ..!

 

 

Then :

 

Re-scan with FRST

 

  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Scan button.
  • When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
  • Please copy and paste the logs in your next reply.

---------------------------------------------------

In your next reply, please include:

  • FRST.txt
  • Addition.txt

  • 1

#3
simana

simana

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

I have run the tool to remove debris from avast and have attached the FRST and Addition files after rescanning.

 

Thank you so much for helping me.

 

Please tell me what should I do now.

Attached Files


Edited by simana, Yesterday, 11:54 PM.

  • 0

#4
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 123 posts

Hi , simana..! :)

 

Farbar Recovery Scan Tool - Fix
 

  • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
Start::
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\MountPoints2: {e5f99822-6350-11ea-bdb1-04d4c4e4c4f6} - "E:\.\setup.exe" 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {11E70B29-A477-497A-B7FC-D0FD88AD6E9F} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe <==== ATTENTION
Task: {16FCAC46-FBA5-4C96-912A-7B4FB3CF5D93} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {1ACD88EA-DEDC-4C62-9737-2C3BCE47EBB5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {C5B974DE-17AA-478B-883F-95182DF1E339} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => winrmsrv.exe <==== ATTENTION
S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
2020-04-04 16:54 - 2020-04-04 16:55 - 003480040 _____ (McAfee, Inc.) C:\Users\asus\Desktop\MCPR.exe
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
FirewallRules: [{9A9878B6-8C45-46CC-9B72-9CE6A49BE195}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File
FirewallRules: [{6739F4CB-D9E8-4B7F-BA9A-114250E790AF}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File
FirewallRules: [{E5500F92-855F-4899-87F3-362B7957E0E2}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File
FirewallRules: [{0C187F94-CC18-4C45-AC32-EB66024B917C}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File
FirewallRules: [TCP Query User{86B9F015-6E12-4F8A-81BD-1C1830523E6A}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File
FirewallRules: [UDP Query User{0A31AEF7-1098-4EAD-B40C-E821880B4DEF}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File
FirewallRules: [TCP Query User{C706BB9A-680A-4D24-935D-2C7DADB920AB}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File
FirewallRules: [UDP Query User{035AED66-F871-445A-A632-455D6855244B}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File
FirewallRules: [TCP Query User{BA58459C-74C6-4731-B3B4-557C248BC938}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File
FirewallRules: [UDP Query User{5AC95D6E-E6A1-499F-AE2A-7189A1D6CF9F}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File
FirewallRules: [TCP Query User{4BD03EDD-FF2C-42F3-B4DD-39A158802265}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File
FirewallRules: [UDP Query User{DAE7176E-F540-4EA4-B14C-95607A55D78B}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File
FirewallRules: [TCP Query User{0B176D98-AD20-4A66-BEBF-2F5DE9456524}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File
FirewallRules: [UDP Query User{75FE936B-C026-43A0-8B17-150E458B82A4}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File
FirewallRules: [TCP Query User{F0D86C67-C82B-43BE-B0D3-8D099E09CE6E}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File
FirewallRules: [UDP Query User{32C09130-B65D-4032-95EE-521E88A0E3BB}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File
FirewallRules: [{AAF3F56C-0DAF-4659-B517-9EA7DB729EA4}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{90060D29-511B-4B8E-9AC3-030AF96EE629}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{F2BD04F7-198B-4CD2-8ACE-BC6A4CC976FB}] => (Allow) C:\WINDOWS\system32\winrmsrv.exe No File
C:\Program Files\AVAST Software

CMD: netsh int ip reset
CMD: ipconfig /flushDNS

EmptyTemp:
End::

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Fix button just once and wait.
    Note: No need to paste the script into FRST.
  • Restart the computer if prompted.
  • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
  • Please copy and paste its contents into your reply.

---------------------------------------------------

In your next reply, please include:

  • Fixlog.txt

  • 1

#5
simana

simana

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Thank you for your response.

 

I have done as you asked and attached the Fixlog.txt.

 

I will wait for further instructions.

Attached Files


  • 0

#6
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 123 posts

Great ..!   Let's proceed like this:

 

Farbar Service Scanner

Download Farbar Service Scanner and save it to your desktop.

  • Right-click FSS.exe and select Run as Administrator.
  • Check the following boxes:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

 

---------------------------------------------------

 

Re-scan with FRST

  • Double-click FRST64.exe to run it.
  • Press the Scan button.
  • When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
  • Please copy and paste the logs in your next reply.

---------------------------------------------------

In your next reply, please include:

  • FSS.txt
  • FRST.txt
  • Addition.txt

  • 1

#7
simana

simana

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I have attached the required files in this message.
 
Thank you.

Edit: After sending this message, I could not connect to the internet, so I restarted my computer. Now, I cannot connect to the internet as the button for turning the Wi-Fi on/off is not present in the taskbar.

Please help me.

Attached Files


Edited by simana, Today, 03:55 AM.

  • 0

#8
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 123 posts
Tweaking.com - Windows Repair All-In-One (Portable)
 
  • Download Windows Repair All-In-One (Portable Version) from here
  • Extract tweaking.com_windows_repair_aio.zip to your Desktop.
 
YOU PROBABLY STILL HAVE THE PROGRAM. START HERE.
 
  • Disable all your antivirus and antimalware software - see how to do that from here
 
  • Right click on QfBzvq1.png and select Run as Administrator (XP users just double click) to start Windows Repair All-In-One.
  • (Windows Vista/7/8 users: Accept UAC warning if it is enabled.)
  • A window will appear. Click Step 2.
2f8o60N.png
 
  •  Click the Open Pre-Scan button, then click Start Scan. Wait for Windows Repair to finish scanning.
  •  Depending on which error Windows Repair found, click Repair, Repair Reparse Point or Repair Environment Variable accordingly. When the button changes to "Done!", click the close button to return to Windows Repair.
  •  Go to Step 3, then click Check in the See If Check Disk Is Needed.
Ymy7crZ.png
 
  •  If Windows Repair stated that errors are found, click Open Check Disk At Next Boot. Choose (/R) Fixes errors on the disk also locate bad sectors and recovers readable information, then click Add To Next Boot. Reboot the computer to let Windows check the disk. https://i.imgur.com/Ymy7crZ.png
  • Go to Step 4, then click Do It.
zDtdN75.png
 
  •  Go to Step 5. Under System Restore click Create.
f7lEe1N.png
 
  •  Go to Repairs and click Open Repairs. Leave all checkmarks as they are, then click Start Repairs.
PGv2vtD.png
 
  •  By default Windows Repair All-In-One will create a "Logs" folder in its folder on the Desktop. Please post the contents of the log in your next reply.
 
 
==================================================================================================================
 
In your next reply, please include:
 
  • Attach the logs and let me know what problem persists with this computer.

  • 1

#9
simana

simana

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

I did not find any anti virus software installed in this computer, so i went ahead with the steps you gave.

 

After running all the steps, the wifi button on the task bar is back and the windows update is running normally.

 

I get notifications that some apps were reset to default apps. (is this normal?)

 

I have attached the files in the logs folder as told.

 

Please let me know if there is more to do now. Thank you.

 

Edit: the windows update completed successfully, but there is still no windows defender in my computer. How do I install Windows defender?

Attached Files


Edited by simana, Today, 06:40 AM.

  • 0

#10
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 123 posts

 

After running all the steps, the wifi button on the task bar is back and the windows update is running normally.

Great ..!  :)

 

 

I get notifications that some apps were reset to default apps. (is this normal?)

 

Yes, that's normal ..!

 

 

Farbar Service Scanner

Download Farbar Service Scanner and save it to your desktop.

  • Right-click FSS.exe and select Run as Administrator.
  • Check the following boxes:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

-------------------------------------------------------------------------------------------------------------------------------------------

 

AdwCleaner

Download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan Now ...
    • When the scan has finished a Scan Results window will open.
    • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Files tab ...
    • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
    • A Notepad file will open containing the results of the scan.
    • Please post the contents of the file in your next reply.

--------------------------------------------------------------------------------------------------

 

ESET Online Scanner

Download ESET Online Scanner and save it to your desktop.

  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

------------------------------------------------------------------------------------------------------------------------------------------------

 

In your next reply, please include:

  • FSS.txt
  • AdwCleaner log.
  • ESET log

  • 1

#11
simana

simana

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

I have attached all the necessary files here.

Attached Files


  • 0

#12
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 123 posts

Please do the following:

Registry Script

Download the attached files (wuauserv.reg and windefend.reg) and save them to your desktop.

wuauserv.reg
windefend.reg

  • Double-click wuauserv.reg
  • Allow the information to be merged into the registry if prompted. (click Yes)
  • Restart the computer.
  • Repeat the process for windefend.reg

 

----------------------------------------------------------------------------------------------------------------

 

Re-scan with Farbar Service Scanner

  • Right-click FSS.exe on your desktop and select Run as Administrator.
  • Check the following boxes:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

---------------------------------------------------

In your next reply, please include:

  • FSS.txt

  • 0






Similar Topics

3 user(s) are reading this topic

2 members, 1 guests, 0 anonymous users


    icotonev, simana

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP