PointFive
-
Posts
5 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by PointFive
-
-
Thank you.
I ran chkdsk C: /R from Command Prompt (Admin) as you advised.
see attached chkdsk results from Event1000 titled Wininit .
I restarted the PC twice, then I started looking around and found the following under \WinLogs \Security which alarmed me, somewhat:
Event 4648 "A logon was attempted using explicit credentials"
Event 4738 "A user account was changed" Note: One user. I didn't change any users.
Event 4672 "Special privileges assigned to new logon"
Event 4797 "An attempt was made to query the existence of a blank password for an account. This one occurred 12 times today.
From my review of this Security file, all of these events occurred more than once each day, occurred in the order I listed them and this sequence has been happening for quite some time, for as long as MBAM has been stopping per the Event Viewer.
Is this a clue?
Thanks in advance,
Paul
-
It stopped working when I restarted it yesterday following the instructions.
It stopped working today when I started it for the first time.
Attached are the three LOGs.
EVENT VIEWER DETAILS:
Log Name: Application
Source: Application Error
Date: 12/2/2015 2:30:18 PM
Event ID: 1000
Task Category: (100)
Level: Error
Keywords: Classic
User: N/A
Computer: Office
Description:
Faulting application name: mbam.exe, version: 2.3.125.0, time stamp: 0x5612a56b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18007, time stamp: 0x55c4bc8e
Exception code: 0xc0000142
Fault offset: 0x0009d4f2
Faulting process id: 0x1630
Faulting application start time: 0x01d12d37dba97532
Faulting application path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
Faulting module path: KERNELBASE.dll
Report Id: 1e2dea95-992b-11e5-82a5-543530cc0b94
Faulting package full name:
Faulting package-relative application ID:
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2015-12-02T19:30:18.000000000Z" />
<EventRecordID>51217</EventRecordID>
<Channel>Application</Channel>
<Computer>Office</Computer>
<Security />
</System>
<EventData>
<Data>mbam.exe</Data>
<Data>2.3.125.0</Data>
<Data>5612a56b</Data>
<Data>KERNELBASE.dll</Data>
<Data>6.3.9600.18007</Data>
<Data>55c4bc8e</Data>
<Data>c0000142</Data>
<Data>0009d4f2</Data>
<Data>1630</Data>
<Data>01d12d37dba97532</Data>
<Data>C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe</Data>
<Data>KERNELBASE.dll</Data>
<Data>1e2dea95-992b-11e5-82a5-543530cc0b94</Data>
<Data>
</Data>
<Data>
</Data>
</EventData>
</Event> -
MBAM event "Stopped Working".
My search of this FORUM found nothing similar.
Event Viewer: "Critical Event" #1000 Application Failure (by MBAM - see attached in M-B.txt file)
Frequency: The Reliability Monitor also reports this failure occurring about once every other day. Timing of event: System is shutdown every night and event occurs during daily startup (exact start time varies from day-to-day).
I've run all MBAM scans from Dashboard (including Rootkit) Result: nothing is found SEE MBAM-log.TXT attached.
MBAM PREMIUM version 2.2.0 1024, updated daily with the daily scheduled scan.
MBAM non-default options also selected: 1) Enable Self-protection and 2) Early Start.
Kaspersky Anti-Virus installed and updated. Result: Nothing.
Ran Kasperky's TDSSKiller.exe SCAN. Result: nothing.
Environment:
Win 8.1, on automatic update.
MBAM 2.2.0 1024 Premium
Kaspersky Anti-Virus, active updated daily.
Macrium Reflect imaging system installed (opens during startup with a choice of Windows 8.1 or Macrium's System)
Windows File History enabled and working and backing selected data files to dedicated USB drive.
Disk Mgt. lists 500mb EFI Sys Partition. / 40 mb OEM partition. / 490 mb recovery partition. / OS(C:) NTFS-Primary Partition / 8.33 GB-Recovery partition. All healthy
Dell XPS 8700, 1TB disk (lightly loaded), 3Gb Memory, Nvidia card.
-
I purchased PRO version after frequently using the free version.
Now I have significant slowness of my PC which began when I started using PRO.
I tracked the problem down to the amount of memory being used by mbamservice.exe, which = 24% of memory being used by system fles (Ctrl-Alt-Del).
I cannot add more memory, because this laptop memory is FULL.
I also have IOLO-SystemMechanic and Microsoft Security Essentials.
I have added IOLO and MSE folders to the MBAM exceptions list. This does not solve the problem. I have read ALL of the posts related to this and the only possible solution I have not tried is to remove MBAM because I don't want to lose access to this valuable program.
I am willing to just run PRO as a daily task (similar to running the free version), if that is possible.
I tried MBAM because of PC slowness and MBAM found a problem and then the PC worked "normal".
BUT, now it is WORSE than before and much slower.
I appreciate any help that you can provide.
Paul
EventVWR: MBAM (Premium) "Stopped Working"
in Malwarebytes for Windows Support Forum
Posted
Restarted and immediately ran Kaspersky A-V FULL SCAN with all the positive options checked and it found: Trojan.Win32.Menti.gen.silent.xxxxxxxx674_2 buried in my PaperPort app Kaspersky quarantined it. Why Kasp never found anything before is beyond my understanding, except it not running at startup.
I have run the :MBAM clean process" 2x and MBAM has not stopped since the first time I ran the "MBAM clean process" (as above).
Please look at the attached LOG files.
Thank you for your help.
Also, should MBAM's three apps be listed as 32 bit in the Task Manager or DID I do something wrong?
Paul
CheckResults.txt
Addition.txt
FRST.txt