StartupCheckLibrary.dll, Win Defender and windows update [Solved]
#1
Posted 04 April 2020 - 10:47 AM
#2
Posted 04 April 2020 - 11:58 AM
Hi , simana..! Please run the following tool in safe mode:
https://www.avast.co...install-utility
..to remove debris from Avast ..!
Then :
Re-scan with FRST
- Double-click FRST.exe/FRST64.exe to run it.
- Press the Scan button.
- When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
- Please copy and paste the logs in your next reply.
---------------------------------------------------
In your next reply, please include:
- FRST.txt
- Addition.txt
#3
Posted 04 April 2020 - 03:39 PM
I have run the tool to remove debris from avast and have attached the FRST and Addition files after rescanning.
Thank you so much for helping me.
Please tell me what should I do now.
Attached Files
Edited by simana, 04 April 2020 - 11:54 PM.
#4
Posted 05 April 2020 - 02:06 AM
Hi , simana..!
Farbar Recovery Scan Tool - Fix
- Highlight the contents of the below code box and press Ctrl + C on your keyboard:
Start:: CreateRestorePoint: CloseProcesses: HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2987826816-1455516208-1627320750-1001\...\MountPoints2: {e5f99822-6350-11ea-bdb1-04d4c4e4c4f6} - "E:\.\setup.exe" FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: {11E70B29-A477-497A-B7FC-D0FD88AD6E9F} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe <==== ATTENTION Task: {16FCAC46-FBA5-4C96-912A-7B4FB3CF5D93} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Task: {1ACD88EA-DEDC-4C62-9737-2C3BCE47EBB5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe Task: {C5B974DE-17AA-478B-883F-95182DF1E339} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => winrmsrv.exe <==== ATTENTION S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X] 2020-04-04 16:54 - 2020-04-04 16:55 - 003480040 _____ (McAfee, Inc.) C:\Users\asus\Desktop\MCPR.exe AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4} ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File FirewallRules: [{9A9878B6-8C45-46CC-9B72-9CE6A49BE195}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File FirewallRules: [{6739F4CB-D9E8-4B7F-BA9A-114250E790AF}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File FirewallRules: [{E5500F92-855F-4899-87F3-362B7957E0E2}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File FirewallRules: [{0C187F94-CC18-4C45-AC32-EB66024B917C}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe No File FirewallRules: [TCP Query User{86B9F015-6E12-4F8A-81BD-1C1830523E6A}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File FirewallRules: [UDP Query User{0A31AEF7-1098-4EAD-B40C-E821880B4DEF}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File FirewallRules: [TCP Query User{C706BB9A-680A-4D24-935D-2C7DADB920AB}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File FirewallRules: [UDP Query User{035AED66-F871-445A-A632-455D6855244B}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File FirewallRules: [TCP Query User{BA58459C-74C6-4731-B3B4-557C248BC938}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File FirewallRules: [UDP Query User{5AC95D6E-E6A1-499F-AE2A-7189A1D6CF9F}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe No File FirewallRules: [TCP Query User{4BD03EDD-FF2C-42F3-B4DD-39A158802265}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File FirewallRules: [UDP Query User{DAE7176E-F540-4EA4-B14C-95607A55D78B}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File FirewallRules: [TCP Query User{0B176D98-AD20-4A66-BEBF-2F5DE9456524}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File FirewallRules: [UDP Query User{75FE936B-C026-43A0-8B17-150E458B82A4}C:\program files\android\android studio1\jre\bin\java.exe] => (Allow) C:\program files\android\android studio1\jre\bin\java.exe No File FirewallRules: [TCP Query User{F0D86C67-C82B-43BE-B0D3-8D099E09CE6E}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File FirewallRules: [UDP Query User{32C09130-B65D-4032-95EE-521E88A0E3BB}D:\games\doom.2016\doomx64.exe] => (Allow) D:\games\doom.2016\doomx64.exe No File FirewallRules: [{AAF3F56C-0DAF-4659-B517-9EA7DB729EA4}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe No File FirewallRules: [{90060D29-511B-4B8E-9AC3-030AF96EE629}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe No File FirewallRules: [{F2BD04F7-198B-4CD2-8ACE-BC6A4CC976FB}] => (Allow) C:\WINDOWS\system32\winrmsrv.exe No File C:\Program Files\AVAST Software CMD: netsh int ip reset CMD: ipconfig /flushDNS EmptyTemp: End::
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
- Double-click FRST.exe/FRST64.exe to run it.
- Press the Fix button just once and wait.
Note: No need to paste the script into FRST. - Restart the computer if prompted.
- When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
- Please copy and paste its contents into your reply.
---------------------------------------------------
In your next reply, please include:
- Fixlog.txt
#5
Posted 05 April 2020 - 02:59 AM
Thank you for your response.
I have done as you asked and attached the Fixlog.txt.
I will wait for further instructions.
Attached Files
#6
Posted 05 April 2020 - 03:07 AM
Great ..! Let's proceed like this:
Farbar Service Scanner
Download Farbar Service Scanner and save it to your desktop.
- Right-click FSS.exe and select Run as Administrator.
- Check the following boxes:
Internet Services Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender
- Press "Scan".
- It will create a log (FSS.txt) in the same directory the tool is run.
- Please copy and paste the log to your reply.
---------------------------------------------------
Re-scan with FRST
- Double-click FRST64.exe to run it.
- Press the Scan button.
- When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
- Please copy and paste the logs in your next reply.
---------------------------------------------------
In your next reply, please include:
- FSS.txt
- FRST.txt
- Addition.txt
#7
Posted 05 April 2020 - 03:21 AM
Thank you.
Edit: After sending this message, I could not connect to the internet, so I restarted my computer. Now, I cannot connect to the internet as the button for turning the Wi-Fi on/off is not present in the taskbar.
Please help me.
Attached Files
Edited by simana, 05 April 2020 - 03:55 AM.
#8
Posted 05 April 2020 - 04:13 AM
- Download Windows Repair All-In-One (Portable Version) from here
- Extract tweaking.com_windows_repair_aio.zip to your Desktop.
- Disable all your antivirus and antimalware software - see how to do that from here
- Right click on and select Run as Administrator (XP users just double click) to start Windows Repair All-In-One.
- (Windows Vista/7/8 users: Accept UAC warning if it is enabled.)
- A window will appear. Click Step 2.
- Click the Open Pre-Scan button, then click Start Scan. Wait for Windows Repair to finish scanning.
- Depending on which error Windows Repair found, click Repair, Repair Reparse Point or Repair Environment Variable accordingly. When the button changes to "Done!", click the close button to return to Windows Repair.
- Go to Step 3, then click Check in the See If Check Disk Is Needed.
- If Windows Repair stated that errors are found, click Open Check Disk At Next Boot. Choose (/R) Fixes errors on the disk also locate bad sectors and recovers readable information, then click Add To Next Boot. Reboot the computer to let Windows check the disk. https://i.imgur.com/Ymy7crZ.png
- Go to Step 4, then click Do It.
- Go to Step 5. Under System Restore click Create.
- Go to Repairs and click Open Repairs. Leave all checkmarks as they are, then click Start Repairs.
- By default Windows Repair All-In-One will create a "Logs" folder in its folder on the Desktop. Please post the contents of the log in your next reply.
- Attach the logs and let me know what problem persists with this computer.
#9
Posted 05 April 2020 - 06:07 AM
I did not find any anti virus software installed in this computer, so i went ahead with the steps you gave.
After running all the steps, the wifi button on the task bar is back and the windows update is running normally.
I get notifications that some apps were reset to default apps. (is this normal?)
I have attached the files in the logs folder as told.
Please let me know if there is more to do now. Thank you.
Edit: the windows update completed successfully, but there is still no windows defender in my computer. How do I install Windows defender?
Attached Files
Edited by simana, 05 April 2020 - 06:40 AM.
#10
Posted 05 April 2020 - 06:58 AM
After running all the steps, the wifi button on the task bar is back and the windows update is running normally.
Great ..!
I get notifications that some apps were reset to default apps. (is this normal?)
Yes, that's normal ..!
Farbar Service Scanner
Download Farbar Service Scanner and save it to your desktop.
- Right-click FSS.exe and select Run as Administrator.
- Check the following boxes:
Internet Services Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender
- Press "Scan".
- It will create a log (FSS.txt) in the same directory the tool is run.
- Please copy and paste the log to your reply.
-------------------------------------------------------------------------------------------------------------------------------------------
AdwCleaner
Download AdwCleaner and save it to your desktop.
- Double click AdwCleaner.exe to run it.
- Click Scan Now ...
- When the scan has finished a Scan Results window will open.
- Click Cancel (at this point do not attempt to Quarantine anything that is found)
- Now click the Log Files tab ...
- Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
- A Notepad file will open containing the results of the scan.
- Please post the contents of the file in your next reply.
--------------------------------------------------------------------------------------------------
ESET Online Scanner
Download ESET Online Scanner and save it to your desktop.
- Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
- When the tool opens, click Get Started.
- Read and accept the license agreement.
- At the Welcome to ESET Online Scanner window, click Get Started.
- Select whether you would like to send anonymous data to ESET.
- Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
- Click on the Full Scan option.
- Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
- ESET will now begin scanning your computer. This may take some time.
- When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
- ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
- On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
- Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
------------------------------------------------------------------------------------------------------------------------------------------------
In your next reply, please include:
- FSS.txt
- AdwCleaner log.
- ESET log
#11
Posted 05 April 2020 - 08:10 AM
I have attached all the necessary files here.
Attached Files
#12
Posted 05 April 2020 - 08:16 AM
Please do the following:
Registry Script
Download the attached files (wuauserv.reg and windefend.reg) and save them to your desktop.
- Double-click wuauserv.reg
- Allow the information to be merged into the registry if prompted. (click Yes)
- Restart the computer.
- Repeat the process for windefend.reg
----------------------------------------------------------------------------------------------------------------
Re-scan with Farbar Service Scanner
- Right-click FSS.exe on your desktop and select Run as Administrator.
- Check the following boxes:
Internet Services Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender
- Press "Scan".
- It will create a log (FSS.txt) in the same directory the tool is run.
- Please copy and paste the log to your reply.
---------------------------------------------------
In your next reply, please include:
- FSS.txt
#13
Posted 05 April 2020 - 08:30 AM
#14
Posted 05 April 2020 - 08:39 AM
edit: the FSS.txt file attached.
I can't see the attachment ....! Something very strange is visible in your system ..! All services stopped, I don't know why ..! I have to think ..!
==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) S4 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0346262.inf_amd64_c058abf1b241a588\B346039\atiesrxx.exe [516624 2019-08-31] (Advanced Micro Devices, Inc. -> AMD) S4 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [271328 2020-03-25] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) S4 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2019-09-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S4 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSLinkNear\AsusLinkNear.exe [973944 2020-01-30] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) S4 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSLinkRemote\AsusLinkRemote.exe [314488 2020-01-30] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) S4 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2019-09-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S4 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSOptimization\AsusOptimization.exe [264312 2020-01-30] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) S4 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSSoftwareManager\AsusSoftwareManager.exe [458408 2020-01-30] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) S4 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSSystemAnalysis\AsusSystemAnalysis.exe [1824168 2020-01-30] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) S4 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_610b7c1b6fee074c\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [570264 2020-01-30] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-12-29] (Brave Software, Inc. -> BraveSoftware Inc.) S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-12-29] (Brave Software, Inc. -> BraveSoftware Inc.) S4 DTSAPO3Service; C:\WINDOWS\System32\DTS\PC\APO3x\DTSAPO3Service.exe [206744 2018-11-02] (DTS, Inc. -> ) S4 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [2856632 2020-03-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation) S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation) S4 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [29696 2019-01-11] () [File not signed] S4 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [2165728 2020-03-16] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) S4 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [862192 2019-02-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) S4 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [710600 2019-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-02-28] (Microsoft Windows Publisher -> Microsoft Corporation) S2 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S2 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S4 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_af6519e6e3300977\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_af6519e6e3300977\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
#15
Posted 05 April 2020 - 08:45 AM
Please do, I am very concerned about my laptop.
Thank you.
p.s. I forgot to attach the file, now edited.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users