Virus that's blocking anti-malware and antivirus from loading.

Status
Not open for further replies.
M

MoeB74

New Member
Thread author
Feb 9, 2019
5
One of my kids downloading something and what it did was open multiple instances of fake programs to eat up memory. Also, it's currently blocking chrome from working and not allowing me to open any antivirus or malware protection and in most cases also not letting me even install the programs. I was able to find and delete most of the fake programs. Not sure if their are any more, but there's still something in the system that's making the system not act right. Also it's adding data to a drive partition to a drive that's segmented for computer recovery. Also the only time chrome will work is when it's hijacked by a fake chrome exe file.
 

Attachments

  • Addition.txt
    72.8 KB · Views: 6
  • FRST.txt
    72 KB · Views: 8
  • Like
Reactions: oldschool
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Hello,


51a46ae42d560-malwarebytes_anti_malware.png
Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Install the progam.
  • Click the Scan tab, choose Threat Scan is checked and click Start Scan.
  • If threats are detected, click the Quarantine Selected button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the Reports tab.
  • Double-click the Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.
 
  • Like
Reactions: Franz123, oldschool and stefanos
M

MoeB74

New Member
Thread author
Feb 9, 2019
5
TwinHeadedEagle said:
Hello,


51a46ae42d560-malwarebytes_anti_malware.png
Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Install the progam.
  • Click the Scan tab, choose Threat Scan is checked and click Start Scan.
  • If threats are detected, click the Quarantine Selected button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the Reports tab.
  • Double-click the Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.
Click to expand...

That's the whole point of my post. I can't the malware is blocking it from installing.
 
  • Like
Reactions: oldschool
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.
  • Plug the flashdrive into the infected PC.
  • Restart your computer and tap F8 to bring up the Advanced Menu, then click Repair your computer
  • Follow the prompt to enter keyboard input method, and then the prompt to enter a password. If the machine does not have a password, simply click Enter.
  • In the Choose Recovery Tool menu select Command Prompt.
  • You will see a big black window with a blinking cursor (command prompt).



    notepad.png
    Access the notepad and identify your USB drive

    In the Command Prompt please type in:
    Code: 
    notepad
    and press Enter.
  • When the notepad opens, go to File menu.
  • Select Open.
  • Go to Computer and search there for your USB drive letter.
  • Note down the letter and close the notepad.



    FRST.gif
    Scan with Farbar Recovery Scan Tool

    Once back in the command prompt window, please do the following:
  • Type in e:\frst64.exe and press Enter.
    You need to replace e with the letter of your USB drive taken from notepad!
  • FRST will start to run. Give him a minute or so to load itself.
  • Click Yes to Disclaimer.
  • In the main console, please click Scan and wait.
  • When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile.

    Transfer it to your clean machine and include it in your next reply.
 
  • Like
Reactions: oldschool
TairikuOkami

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,479
www.bleepingcomputer.com

SmartService & S5Mark acts like an Adware Bodyguard by Blocking Antivirus Software

A program called SmartService is being distributed with Adware and PUP installations in order to prevent security software from being able to run and remove the installed adware.
www.bleepingcomputer.com www.bleepingcomputer.com

Malware like smartservice blocks AVs based on the digital signature and the name. CureIt randomizes the name, but it has still got the certificate.
They made an unsigned Zemana for smartservice, but it is no longer around, there are some AVs without a certificate, but they are usually weak.
The best option is to use a bootable removal USB, like ESET SysRescue or Kaspersky Rescue Disk 18 or Dr.Web LiveDisk - Как это работает?
 
  • Like
Reactions: boutthatlife
Status
Not open for further replies.

Similar threads

L
    • Like
  • Locked
Delete 'CanisLupusBaileyi' extension in Google Chrome? No option to remove in Chome extensions menu.
Replies
6
Views
942
Windows Malware Removal Help & Support
nasdaq
nasdaq
Shadowra
    • +Reputation
    • Like
    • Thanks
App Review Adlice RogueKiller Anti-Malware Pro 2024
Replies
9
Views
582
Video Reviews - Security and Privacy
vaccineboy
vaccineboy
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Microsoft Defender Antivirus with Andy Ful WHHLight
Replies
38
Views
3,700
Video Reviews - Security and Privacy
LennyFox
L

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top