1.    28 May 2017 #1
    Join Date : May 2017
    Posts : 3
    Windows 10 pro Creators Update

    Every...i mean every anti malware blocked by unknown malware/virus


    i have looked up this issue and apparently this must be a new one since there is no solution what so ever, even the hidden admin account is defenseless, here is what's going on

    1. the PC got infected on windows defenders watch, the infection proceeded to disabling it and what happened next is still unclear.
    2. it disabled every anti-malware i tried, even KVRT which is specifically used on this situation. it says my admin has declared anti-virus softwares an enemy of the state. it either wont allow new installation or apparently uninstallation too...
    3. just recently, it started blocking powershell, and 2 other apps i have never used before, skeptic to open and see., might be a consequence of not having anything to protect my PC, I am online for 60% of the day.
    4. the overall performance has not been impacted, and that's what is worrying me.

    things i tried so far

    1. manually deleting the viruses carried by the malicious program. i canceled the set up once i found out it was fake but obviously, it didnt work.
    2. running KVRT through elevated cmd found some malware but didnt have necessary privileges, it copies the malwares to quarantine and let them loose. that's actually how they protect themselves, they can not be deleted..period.
    3. i finally found adwcleaner which destroyed the adwares which plagued my browsers, but after that there is a recurring key which seems to be immortal...screen shot attached.
    4. i installed avast premier (the one antivirus which managed to finish installing through cmd and Administrator account)but it seems it turn blind eye to the infection as i run every scan it provided and it says my PC is in pristine condition.
    5. this led me to believe the infection might be gone but what it did stayed, so i reset group policy, no avail.
    6. Helpppp...... Formatting is not an option.....
    Attached Thumbnails Attached Thumbnails Screenshot (35).png   IMG_20170528_211757.jpg   Screenshot (36).png  
      My ComputerSystem Spec
  2.    28 May 2017 #2
    Join Date : Oct 2014
    Posts : 2,457
    W10 Pro + W10 Preview

    To save you all the agro.....a nice clean install......or have you done a back up?
      My ComputersSystem Spec
  3.    28 May 2017 #3
    Join Date : Aug 2016
    S/E England
    Posts : 4,488
    10 Home x64 (1709) (10 Pro on 2nd pc)

    Welcome to TenForums @FitseMan

    Yes, some malware can block you from using anti-malware software. That's what RKill is for...

    RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections.
    https://www.bleepingcomputer.com/download/rkill/
      My ComputersSystem Spec
  4.    28 May 2017 #4
    Join Date : Oct 2014
    Trnava
    Posts : 2,857
    Windows 10.4 Home 1709 x64
      My ComputerSystem Spec
  5.    28 May 2017 #5
    Join Date : May 2017
    Posts : 3
    Windows 10 pro Creators Update
    Thread Starter

    Quote Originally Posted by Bree View Post
    Welcome to TenForums @FitseMan

    Yes, some malware can block you from using anti-malware software. That's what RKill is for...

    https://www.bleepingcomputer.com/download/rkill/
    i used it, it helped me clean 'simpler' viruses, but this one is way powerful, nothing detects it,
      My ComputerSystem Spec
  6.    28 May 2017 #6
    Join Date : May 2017
    Posts : 3
    Windows 10 pro Creators Update
    Thread Starter

    the unsigned zemena slipped right under the blockade and is running, will update with result...THANKS.
      My ComputerSystem Spec
  7.    29 May 2017 #7
    Join Date : Sep 2015
    Posts : 268
    Windows 10 Home

    I would make a bootable antivirus rescue cd or USB disk and try to clean the virus that way.

    11 Top free bootable antivirus rescue discs for Windows PCs | Digital Citizen

    You could place the hard drive in a USB hard drive enclosure or use a USB hard drive adapter and clean the hard drive from another computer.

    Another option would be to download Kyhi's Bootable Rescue Disk and run the antivirus programs he has on there.

    Windows 10 Recovery Tools - Bootable Rescue Disk - Windows 10 Forums
      My ComputerSystem Spec
  8.    29 May 2017 #8
    Join Date : Jul 2015
    Posts : 866
    Windows 10 Home x64

    I would do what Dencal suggested: when a system is pretty compromised you are never sure you will recover 100% from infection. Time for a clean installation.
      My ComputerSystem Spec
  9.    01 Jun 2017 #9
    Join Date : Apr 2015
    Posts : 12,819
    W10Prox64
      My ComputerSystem Spec

 


Similar Threads
Thread Forum
Anti-virus and Anti-malware??
1. Do I need a particular anti-malware software , in addition to Anti-virus? 2. Is the paid version of Avast good and sufficient enough to reduce risks? 3. Is "malware" a collective term that includes ransomware, adware, spyware ...... or are...
AntiVirus, Firewalls and System Security
Most anti-virus/anti-malware method of browsing
It seems that so many anti-virus products are decent and do a fair job of protecting your computer, whether or not you pay for them. And all reviews I've read over the years usually conclude that free is best, because the "extra stuff" you get...
AntiVirus, Firewalls and System Security
Solved Malwarebytes anti-malware home premuim found a virus
Hey guys my Malwarebytes anti-malware home premuim found a virus on 12/28/2015 the virus is called Registry Keys: 2Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe, Quarantined, , Trojan.Agent,...
AntiVirus, Firewalls and System Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 07:04.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums