|
Post by rickia on Jul 28, 2015 18:02:53 GMT -8
Recently, I've started getting a blue screen error shortly after startup that states that there are issues with "mfeaack.sys" and forces the computer to reboot. Then there seems to be a string of boot device errors... that, when I am able to finally get back to an operable Windows session, displays an issue with McAfee shutting down its primary scanning function and repeatedly turns off scanning when turned back on.
I have followed the posted instructions and run FRST64.exe as administrator. Here are the requested files:
FRST.txt Addition.txt
-Rick
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Jul 28, 2015 21:31:47 GMT -8
Download the latest version of TDSSKiller from here and save it to your Desktop. [/b] to run the application, then click on Change parameters. [*]Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK. [*]Click the Start Scan button. [*]If a suspicious object is detected, the default action will be Skip, click on Continue. [*]If malicious objects are found, they will show in the Scan results and offer three (3) options. [*]Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process. [*]Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.[/ul] A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
|
|
|
Post by rickia on Jul 31, 2015 0:29:33 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Aug 1, 2015 21:39:40 GMT -8
Yes it is; FRST found a fourth partition that TDSSKiller does not but this could be from your industrial programming / testing tools. (I did that myself some years ago.) Open notepad by pressing the Windows Key + R key, typing notepad in the Run box and pressing Enter. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txtNOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemStart FRST that is on the desktop by right clicking on file and selecting "Run as Administrator..." and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
|
|
|
Post by rickia on Aug 2, 2015 4:42:11 GMT -8
When I tried to run FRST, it said my system was incompatible and to run FRST64 instead. So I did that, and it placed the old FRST and FRST64 in a new folder. I then ran FRST64 as administrator and hit 'Fix.' Then I let the computer restart and boot up normally. After some time, I got the same mfeeack.sys blue screen, and I am now back in Safe Mode with Networking.
I apologize, I forgot to mention that I ran Malwarebytes before I ran into this forum. I cannot recall what it found and removed. =\ Perhaps that is why TDSSKiller didn't find anything?
Here is the fixlog: Fixlog.txt
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Aug 2, 2015 20:43:39 GMT -8
Let em see what this finds and fixes: AdwCleaner by XplodeDownload AdwCleaner from here or from here. Save the file to the desktop. NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete. Close all open windows and browsers.[/b][/font] Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner. You will see the following console: Click the Scan button and wait for the scan to finish. After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Waiting for action. Please uncheck elements you don't want to remove.Click the Clean button. Everything checked will be deleted. When the program has finished cleaning a report appears. Once done it will ask to reboot, allow this On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt[/ul] Optional: NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.
|
|
|
Post by rickia on Aug 2, 2015 22:04:35 GMT -8
Here it is! Looks like it took care of some stuff... AdwCleanerS0.txt (4.16 KB)
(For some reason the wikisend URL wouldn't paste properly... so I attached the .txt file instead...)
Still seem to be getting the blue screen, however... =\
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Aug 4, 2015 20:14:51 GMT -8
|
|
|
Post by rickia on Aug 6, 2015 6:08:06 GMT -8
Ran an update in Safe Mode (only way it wouldn't crash), and that seemed to do the trick, oddly enough. Also ran a Full Scan, since I wonder if kicking off the scan was previously initiating the issue. That seemed to run fine...
Have had the computer on for awhile now... and it hasn't gone blue screen...
I think it's fixed!!
Thank you SO much for your help. Will make a donation for your time. Thank you!
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Aug 6, 2015 22:32:36 GMT -8
Thank you for the update. I will have to remember that (about the Updating of McAfee in Safe Mode). Sometimes Safe Mode allows processes to 'unstick' themselves so good find. We need to remove the tools we've used during the cleaning of your machine. [/a] Ensure the following is ticked: - Activate UAC
- Remove disinfection tools
- Create registry backup
- Purge system restore
- Reset system settings
[/ul] Then click Run. The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply. Once you have the log file saved, please reboot your system to complete the clean up process. Your system looks clean and your logs are fine. Unless you want something else done, you are done and free to go.Final word from me: Surf safely, and watch when installing or letting anything add itself to your system. Remember, the best security is not on your system but in the chair in front of it. Take care and thanks for sticking with us. I will leave this open for a few days in case you need to come back (after the Delfix log is posted, that is).
|
|