1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved winscomrssrv.dll, startupchecklibrary.dll a threat?

Discussion in 'Virus & Other Malware Removal' started by jj2131, Aug 9, 2019.

Advertisement
  1. jj2131

    jj2131 Thread Starter

    Joined:
    Aug 9, 2019
    Messages:
    26
    hi can someone help me?
    What happened first was I downloaded Microsoft Security Essentials then after 1 month, it disappeared. So I checked the Action Center it says that my Virus Protection, Spyware and unwanted software protection, and Windows update were off. I tried opening MSE, but it says that the shortcut is missing and i cant find it too. I uninstalled it from Programs and Features.
    Next thing i did was trying to open my Windows Defender, it opens but i cant turn it on. It says "the specified service does not exist as an installed service. (Error code: 0x80070424)".
    Next thing i did was try to change the settings of my Windows Update because it's like it has been turned off. I clicked Check for Updates but a notification pops up that "Windows Update cannot currently check for updates, because the service is not running. You may need to restart your computer."
    I tried something though. I downloaded Avira Antivirus because i need something to protect my computer or atleast notify me if there's a threat. I let it scanned my computer and the result was i have three threats that could be quarantined. winscomrssrv.dll, startupchecklibrary.dll, and winlogui.exe all from System32 file. I did quarantine it after having some thoughts since it's from system32 and that is an important folder. Then I tried restarting it so I know if some things changed then it got slow on starting up or boot, it had a long black screen with only a cursor then notified me that those files are missing. and after that I panicked so the safest way i thought is to System Restore it. I did that and that version was before i install Avira Antivirus but uninstalled MSE.
    I did try to install MSE again but it had an error so it cant continue
    I also did Reimage Repair but the scanning results says the same of those three files being a threat and i didnt proceed to repair it since i dont have licensed keys and i was scared.
    What should i do?? below are the specs

    Tech Support Guy System Info Utility version 1.0.0.4
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz, Intel64 Family 6 Model 37 Stepping 5
    Processor Count: 4
    RAM: 5876 Mb
    Graphics Card: NVIDIA GeForce GT 420M, 1024 Mb
    Hard Drives: C: 451 GB (313 GB Free);
    Motherboard: Dell Inc., 00CKNG
    Antivirus: Microsoft Security Essentials, Disabled
     
  2. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,501
    First Name:
    Frank
    You appear to have a Dell laptop.
    What's the exact 7-character "service tag/serial" number on it?
    What's the exact Windows version on its Certificate-Of-Authenticity sticker?

    ---------------------------------------------------------------
     
  3. jj2131

    jj2131 Thread Starter

    Joined:
    Aug 9, 2019
    Messages:
    26
    Hi uhm that should be seen from the bottom of the laptop right?

    It says "SERVICE TAG(S/N): CJFW6P1"
    And at the sticker it says "Windows 7 Home Prem OA"
     
  4. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,501
    First Name:
    Frank
    According to that service tag number, you have THIS Dell XPS 15 L501X laptop.
    It was purchased in January 2011 in the U.S.A. and came with Windows 7 Home Premium 64-bit.

    If your laptop is indeed infected, one of the Malware Specialists in this section will need to help you.
    This section is very busy, so be patient until one replies.

    Is your laptop's built-in system recovery/factory restore partition still intact and functional?
    Do you have any install media that came with your laptop or that you created for it?

    ---------------------------------------------------------------
     
  5. jj2131

    jj2131 Thread Starter

    Joined:
    Aug 9, 2019
    Messages:
    26
    I believe it's still intact and functional. Nope
     
  6. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,501
    First Name:
    Frank
    If the recovery/restore partition is still intact, putting it to use will revert that laptop back to its original condition which is more than 8 years out of date.
    That will involve several hours of work afterwards to get Windows 7 updates and software apps installed and up to date.
    If it wasn't so old and had a better processor, it would be a good candidate for Windows 10 Home 64-bit.
    There's nothing further that I can do for you here, so you'll need to wait for a Malware Specialist to reply.

    ---------------------------------------------------------------
     
    Last edited: Aug 10, 2019
  7. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    457
    Hi,

    Let's have a look:

    ---------------------------------------------------
    Farbar Recovery Scan Tool (FRST)

    Download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, and that will be the right version.
    • Right-click FRST.exe/FRST64.exe then click "Run as administrator"
    • When the tool opens, click Yes to the disclaimer.
    • Press the Scan button.
    • When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
    • Please copy and paste the logs in your next reply.
     
  8. jj2131

    jj2131 Thread Starter

    Joined:
    Aug 9, 2019
    Messages:
    26
    here
     

    Attached Files:

  9. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    457
    Hi jj2131,

    Is this computer used for business purposes?

    ---------------------------------------------------
    CKScanner

    Download CKScanner by askey127 from here

    Important : Save it to your desktop.
    • Double-click CKScanner.exe and click Search For Files.
    • After a very short time, when the cursor hourglass disappears, click Save List To File.
    • A message box will verify that the file is saved.
    • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

    ---------------------------------------------------
    Download and Run a Diagnostic Tool (MGADiag.exe) from here and save it to your desktop.
    • Double-click on MGADiag.exe
    • Click Continue
    • When the program has finished, click Copy
    • Open Notepad, and press Ctrl + V to paste the contents of the report into the text file
    • Save the file to your desktop as MGAdiag.txt
    • Post the contents of MGAdiag.txt to your reply.

    ---------------------------------------------------

    In your next reply, please include:
    • CKFiles.txt
    • MGAdiag.txt
     
  10. jj2131

    jj2131 Thread Starter

    Joined:
    Aug 9, 2019
    Messages:
    26
    It's for school purposes like using Microsoft offices and printing and sometimes for small games
     

    Attached Files:

  11. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    457
    Hi jj2131,

    It looks like you may have pirated/cracked software on your computer. Please uninstall any pirated software from your computer, then do the following. If you decide to not remove the programs, let me know.

    ---------------------------------------------------
    CKScanner
    • Delete CKFiles.txt from your desktop.
    • Double-click CKScanner.exe and click Search For Files.
    • After a very short time, when the cursor hourglass disappears, click Save List To File.
    • A message box will verify that the file is saved.
    • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
    ---------------------------------------------------
    FRST scan
    • Double-click FRST.exe/FRST64.exe to run it.
    • Press the Scan button.
    • When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
    • Please copy and paste the logs in your next reply.
    ---------------------------------------------------

    In your next reply, please include:
    • CKFiles.txt
    • FRST.txt
    • Addition.txt
     
  12. jj2131

    jj2131 Thread Starter

    Joined:
    Aug 9, 2019
    Messages:
    26
    I might not uninstall some of it
     

    Attached Files:

  13. jj2131

    jj2131 Thread Starter

    Joined:
    Aug 9, 2019
    Messages:
    26
    oops i copied twice the ckfiles.txt sorry
     
  14. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    457
    Hi jj2131,

    The use of pirated software poses a significant security risk. There is a high chance of getting your computer re-infected due to malicious software being bundled/packaged with pirated software.
    I will see if another malware specialist is available to assist.
     
  15. jj2131

    jj2131 Thread Starter

    Joined:
    Aug 9, 2019
    Messages:
    26
    Okay, though ive uninstalled a pirated software. Looking forward for this fix since i think my other computer is having the same symptoms as my laptop like cant update, cant turn on defender and such. Ill try to see if i can uninstall every pirated things.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...

Short URL to this thread: https://techguy.org/1231231

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice