Anti-Virus Won't Open =\

Started by desert ashes, December 25, 2009, 02:23:28 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

desert ashes

So, while staying up late and waiting for a gaggle of children to go to sleep last night, a sudden pop up of this Malware Defense (attempting to disguise itself as Windows Security) popped up and very quickly caused a whole bunch of chaos on the computer.  It took some time, but I found how to get rid of it using a renamed Malwarebyte's and having to save something inside its folder and whatnot.  (I followed researched instructions, bottom line, lol.  Please don't ask me to describe exactly what I did because I can't.)

Unfortunately, that didn't solve the entire problem.  Avira won't open.  AVG doesn't list any components.  No anti-virus or spyware programs will open.  I tried going into services.msc (following detailed instructions) to get Avira to start there, but all I get is Error 1053.  I researched that, redownloaded Microsoft's .net framework since the research said that would fix it, but it hasn't. 

Currently the only protection is Window's Firewall. 

Help?  Nothing else I've got coming up in my Googling is working and I'd really, really love not to have to reformat.  (I killed my laptop trying that and I only have the XP disc.)

make me forget
how to breathe

leave me with the
taste of your sin
they will lie about you, insult you, hurt you,
betray you, injure  you, set you aflame and
watch you burn. but they will not, shall not,
c a n n o t, destroy  you. because  you, like
R o m e, were built  on ashes, and you, like
a phoenix, know how to rise and resurrect.
· accepting new stories ·
 ·· · ideas & cravings ·· ons & offs ·· poetry ·· a/a ·· stories · ··

let there be beauty born from ashes

Chevalier des Poissons

Alright, you probably got yourself some wonderful malware there.

This is what you will do: find and download a program named combofix. Run malwarebytes, then combofix, then uninstall and reinstall your antiviruses, which btw I recommend Karpersky and Avira. Alright, after that, you could find, download and run Ccleaner. After that, restart the pc and it will be good as new.

If you can't find anyone of those softwares, post here and I will guide you through all the process.
-I have Maro's heart, and I promise to take good care of it-

A & A

desert ashes

Well, I get stuck at step two as ComboFix will download but not open.  Double click, I get the pop up saying, "Do you want to run this?", I hit run and ... nothing. 


Edit:  I also ran Rkill before trying to open it and nothing as well.
make me forget
how to breathe

leave me with the
taste of your sin
they will lie about you, insult you, hurt you,
betray you, injure  you, set you aflame and
watch you burn. but they will not, shall not,
c a n n o t, destroy  you. because  you, like
R o m e, were built  on ashes, and you, like
a phoenix, know how to rise and resurrect.
· accepting new stories ·
 ·· · ideas & cravings ·· ons & offs ·· poetry ·· a/a ·· stories · ··

let there be beauty born from ashes

Chevalier des Poissons

You know that combofix, as a DOS program, does not use mouse, right? =3 Therefore you'd need to hit the key "Y" to make it run.
-I have Maro's heart, and I promise to take good care of it-

A & A

desert ashes

Right, I saw that under the Bleepingcomputer guide, but what I'm saying is... it downloads onto the desktop, I double click to open the program and nothing happens.  I don't even get to the DOS screen. 



That's as far as it'll go.  After I hit run the computer just doesn't do anything, nothing opens or pops up.
make me forget
how to breathe

leave me with the
taste of your sin
they will lie about you, insult you, hurt you,
betray you, injure  you, set you aflame and
watch you burn. but they will not, shall not,
c a n n o t, destroy  you. because  you, like
R o m e, were built  on ashes, and you, like
a phoenix, know how to rise and resurrect.
· accepting new stories ·
 ·· · ideas & cravings ·· ons & offs ·· poetry ·· a/a ·· stories · ··

let there be beauty born from ashes

Chevalier des Poissons

That's weird, it wasn't supposed to be like that.

Try offing the windows firewall then running it again.
-I have Maro's heart, and I promise to take good care of it-

A & A

desert ashes

make me forget
how to breathe

leave me with the
taste of your sin
they will lie about you, insult you, hurt you,
betray you, injure  you, set you aflame and
watch you burn. but they will not, shall not,
c a n n o t, destroy  you. because  you, like
R o m e, were built  on ashes, and you, like
a phoenix, know how to rise and resurrect.
· accepting new stories ·
 ·· · ideas & cravings ·· ons & offs ·· poetry ·· a/a ·· stories · ··

let there be beauty born from ashes

Chevalier des Poissons

Don't worry, it is safe. I recommend however getting out of the internet for that.
-I have Maro's heart, and I promise to take good care of it-

A & A

desert ashes

Aye, but disabling the firewall didn't work.
make me forget
how to breathe

leave me with the
taste of your sin
they will lie about you, insult you, hurt you,
betray you, injure  you, set you aflame and
watch you burn. but they will not, shall not,
c a n n o t, destroy  you. because  you, like
R o m e, were built  on ashes, and you, like
a phoenix, know how to rise and resurrect.
· accepting new stories ·
 ·· · ideas & cravings ·· ons & offs ·· poetry ·· a/a ·· stories · ··

let there be beauty born from ashes

Chevalier des Poissons

Hm. Then let's skip combofix. Try running malwarebytes, then going right to spybot, if you have it.
-I have Maro's heart, and I promise to take good care of it-

A & A

jouzinka

Seeing the awful headache it's giving you, is there any reason why you can't just reinstall the whole damn windows? I know it may sound a little cruel, but I always saw it as a better option to messing the system registry any further, plus it works on any virus 100% :-)
Story status: Not Available
Life Status: Just keep swimming...
Working on: N/A

desert ashes

Aside that I killed my laptop trying that?  ;)  I don't want to kill my desktop as well and then be left entirely stranded, especially as I can't even consider replacing this for at least another year.
make me forget
how to breathe

leave me with the
taste of your sin
they will lie about you, insult you, hurt you,
betray you, injure  you, set you aflame and
watch you burn. but they will not, shall not,
c a n n o t, destroy  you. because  you, like
R o m e, were built  on ashes, and you, like
a phoenix, know how to rise and resurrect.
· accepting new stories ·
 ·· · ideas & cravings ·· ons & offs ·· poetry ·· a/a ·· stories · ··

let there be beauty born from ashes

Krysia

#12
I got this a bit ago actually where no programs would open from a virus I got. I had to reboot in safe mode (reboot and when you get to the black screen hit F8) with networking and go download Malwarebytes and have it run in safe mode. Once you get everything scanned and deleted reboot into normal windows mode as you would normally. Then run the scans from malware again. Also if you need virus protection you can get Avira it's free and works rather well. You just have to deal with a daily pop up asking you to buy the program.

http://www.malwarebytes.org/

http://www.avira.com/en/pages/index.php

Note: Oh yes and you'll have to uninstall the programs and reinstall them again in safe mode. :) That's how my husband fixed my pc when I got this issue. Hope it helps. I hate reformatting!

Hunter

My suggestion would be to get an offline copy of your anti-virus then disconnect from the internet completely.   Restart in safe mode and try doing a reinstall.

Vekseid

Check out here:
https://elliquiy.com/forums/index.php?topic=25435.0

Though, would be better to get your laptop going first, I think? If you still have it.

desert ashes

#15
Thanks everyone for the suggestions, all of which I have taken into use but nothing has worked.  Cest le vie.

I'll just keep Googling onward.  ;)
make me forget
how to breathe

leave me with the
taste of your sin
they will lie about you, insult you, hurt you,
betray you, injure  you, set you aflame and
watch you burn. but they will not, shall not,
c a n n o t, destroy  you. because  you, like
R o m e, were built  on ashes, and you, like
a phoenix, know how to rise and resurrect.
· accepting new stories ·
 ·· · ideas & cravings ·· ons & offs ·· poetry ·· a/a ·· stories · ··

let there be beauty born from ashes

Vekseid

Quote from: Moirae on December 25, 2009, 09:28:27 PM
Thanks everyone for the suggestions, all of which I have taken into use but nothing has worked.  Cest le vie.

I'll just keep Googling onward.  ;)

You can't have someone help work through your laptop so that fixing your desktop isn't an issue?

If anything, starting in safe mode with command prompt should let you get combofix working.

desert ashes

God, this computer thing is making me feel less intelligent by the moment.  XD  So, yeah.  The words "with command prompt" send flashes of horror and black screens with yellow writing that is nothing more than mumbo jumbo, but... a Googling I go.  (I realize it's probably exceptionally simple for those who understand it.) 

If fixing the laptop was a viable option, I'd be all over that. ;)  However, it really is simply dead and will never see the light of virtual life again.
make me forget
how to breathe

leave me with the
taste of your sin
they will lie about you, insult you, hurt you,
betray you, injure  you, set you aflame and
watch you burn. but they will not, shall not,
c a n n o t, destroy  you. because  you, like
R o m e, were built  on ashes, and you, like
a phoenix, know how to rise and resurrect.
· accepting new stories ·
 ·· · ideas & cravings ·· ons & offs ·· poetry ·· a/a ·· stories · ··

let there be beauty born from ashes

Vekseid

Quote from: Moirae on December 26, 2009, 12:17:53 AM
God, this computer thing is making me feel less intelligent by the moment.  XD  So, yeah.  The words "with command prompt" send flashes of horror and black screens with yellow writing that is nothing more than mumbo jumbo, but... a Googling I go.  (I realize it's probably exceptionally simple for those who understand it.) 

If fixing the laptop was a viable option, I'd be all over that. ;)  However, it really is simply dead and will never see the light of virtual life again.

If you're sure it's dead : / What, exactly, happens with it?

It's just a lot safer and a lot easier to do it from another machine, so you can communicate with someone and/or Google.

desert ashes

#19
Well, it won't turn on.  I really have no clue what happened.  It got a blue screen of death at 30% into Window's reinstalling (and wouldn't go further than that before blue screen and needing to be manually rebooted), so it turned into a mere physical shell at that point.  Now, though, it just doesn't even turn on. =\   (I'm not surprised.  By the time the reformat was happening the fan was already half dead, the battery cell unit wasn't functioning, the screen was flickering, and several keys no longer worked.)

Edit: It was a beautiful second hand machine that survived some long years.
make me forget
how to breathe

leave me with the
taste of your sin
they will lie about you, insult you, hurt you,
betray you, injure  you, set you aflame and
watch you burn. but they will not, shall not,
c a n n o t, destroy  you. because  you, like
R o m e, were built  on ashes, and you, like
a phoenix, know how to rise and resurrect.
· accepting new stories ·
 ·· · ideas & cravings ·· ons & offs ·· poetry ·· a/a ·· stories · ··

let there be beauty born from ashes

Vekseid

Ah, well, the process is somewhat tedious, but I think I'll detail it and when I can, try to get up screenshots. The process is slow and tedious when done perfectly, but you can often take shortcuts.

The basic premise is that the explorer.exe process is most frequently corrupted - so, in order to completely disinfect your machine, you need to get cleaning before it gets loaded. This can be done from the recovery console sometimes, but often that gets broken or can't be used for various reasons.

So, safe mode with command prompt.

If you want to do it the quick, easy, and somewhat familiar way, you can just use ctrl+alt+del, start the task manager, file -> new task -> browse. This does load the task manager, but it isn't corrupted as often as explorer.exe is, and you can function mostly normally, just remember where things get installed and so on.

Try Roguefix and MBAM first. Run them both, reboot into command prompt, run them both again, rinse and repeat until they generate the same results each time. After you start explorer.exe, even in safe mode, you risk losing all progress.

Combofix should be a last resort. It can break things, though not typically on machines not associated with a domain.

Soran

Okay, should the worse come to the worse, it's going to cost you a hard drive which are fairly cheap to get depending on the size you want (Make sure you get the right type of connection) however first I would try downloading the trial version of Bit Defender total security. I have found it is very effective...they even do an online scan if you prefer that option.

Good luck :)

desert ashes

::Sighs and rubs her temples.:: 

Okay, so I've been doing this all day.  Malware isn't showing anything, but every time Roguefix runs, it's fixing the same thing in the registry:

[-HKEY_LOCAL_MACHINE/Software/Microsoft/WindowsNT/CurrentVersion/Image File Execution options/alogser.exe]

Now, however, if I'm not in Safe Mode, Windows is locking up and crashing anywhere from five to fifteen minutes into running (75% of the time, it's taken me several tries just to get this note finished =\ ). 

I tried running ComboFix during Safe Mode, but it won't run there either. 

Suggestions?

make me forget
how to breathe

leave me with the
taste of your sin
they will lie about you, insult you, hurt you,
betray you, injure  you, set you aflame and
watch you burn. but they will not, shall not,
c a n n o t, destroy  you. because  you, like
R o m e, were built  on ashes, and you, like
a phoenix, know how to rise and resurrect.
· accepting new stories ·
 ·· · ideas & cravings ·· ons & offs ·· poetry ·· a/a ·· stories · ··

let there be beauty born from ashes

Vekseid

Safe mode with networking isn't usable either?

And you've been trying this in safe mode with command prompt, yes?

You can try downloading the files (roguefix and combofix) on a known clean computer, place them on a USB drive, start from command prompt again, but this time just copy the files over through the command prompt ( copy e:\*.* where e:\ is the flash drive).

Reboot into safe mode with command prompt again, and run the files manually (just type the names in - combofix.exe and roguefixversionhere.bat )

May need to seduce a geek to look into it : /

desert ashes

Yes, it was all being done in safe mode with command prompt, though I did use the task manager as optioned. 

I'll pick up a USB driver in a couple weeks and see if that works, then.  Hopefully it will as all of my seducable geeks are thousands miles away. 

Thank you for your help, Vek, and for everyone who came in with suggestions, it was beyond appreciated.   :-*
make me forget
how to breathe

leave me with the
taste of your sin
they will lie about you, insult you, hurt you,
betray you, injure  you, set you aflame and
watch you burn. but they will not, shall not,
c a n n o t, destroy  you. because  you, like
R o m e, were built  on ashes, and you, like
a phoenix, know how to rise and resurrect.
· accepting new stories ·
 ·· · ideas & cravings ·· ons & offs ·· poetry ·· a/a ·· stories · ··

let there be beauty born from ashes