Jump to content

Protection will not enable


Recommended Posts

  • Root Admin

Hello viktik and :welcome:
 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.

 

 

Then run this scanner as well
 
Please create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please do not copy and paste the entire contents of the log into your next post, instead please attach the log CheckResults.txt file which should now be located on your desktop to your next post

 

Thanks

Link to post
Share on other sites

  • Root Admin

If you look near the bottom of the Addition.txt file you'll see quite a few entries where explorer, firefox, Cyberghost, Cryptographic Services, etc have failed or continue to fail.
It does not mean for sure that the computer is infected but something is going on that is causing these failures so it's not just our program that's failing - others are too.

What language is this version of Windows 8.1 ?

You're running 360 Internet Security which appears to be well known in certain Regions of Asia such as China but not very common overall so we don't have much information about it and how it runs with other security products or our own product.
It may need to have file or firewall exclusions setup for it in order for other applications to work well with it.  If so you would need to explore those options as I'm not sure where or how the product manages them.
Are you able to fully disable 360 Internet Security for testing?


I also notice that you have IObit - Advanced SystemCare 7 installed on your computer.
The company behind this product was found to be stealing our database.
Personally I would not trust installing any software from a company that resorts to stealing someone's technology to sell their product.
Please see the following links and make up your own mind if you want to keep this on your system. If needed I can help you remove it.

I also see you're running CyberGhost 5 and WinPcap both of which bind with a network card for a virtual driver that could potentially add to the reason you're unable to load the Web protectio module for MBAM.  In general it should not affect it but it's possible.


This file here does not appear to be legit as searching for the hash value only shows 1 hit.  Again that does not mean it's not valid but makes it suspicious.
C:\Windows\System32\rpcss.dll
Please locate that file and upload it to www.virustotal.com and have them scan it and post back the link for their scan results.

 

 

Since the computer appears to possibly be infected I'm going to move your post into the malware removal forum.

 

Link to post
Share on other sites

Thanks for your help.

 

i was able to start web protection by disabling 360 internet security. i also cleaned the system using junk files cleaner and reistry cleaner. this problem is rectified.

 

C:\Windows\System32\rpcss.dll is windows file and is clean. I am using windows 8.1 Pro update 1 x64 ENG . So this file is the newest version.

 

I don't think my computer is infected. i scanned with 360 internet security, malwarebytes, hitman pro, comodo cleaning essential.

 

Link to post
Share on other sites

  • 4 weeks later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.