Jump to content

Search the Community

Showing results for tags 'Crash'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. I've been trying to install Malwarebytes, but i can't...I'm getting errors, some more than once when i try to install this software.These are some pics i took : http://gyazo.com/8c95da19c7e77b7b48b56edf3bfe821c http://gyazo.com/e850c0de7cea51d1a96ec4683c705b68 http://gyazo.com/b103dba0bfb0cff9bdf7c3600fc231d7 http://gyazo.com/c64a7ced8a46c44c4ac4ad7592495b2c As you can see, when i get an error i can press ok and then the installation continues, but in the end , it crashes...I hope someone here can help me.
  2. Hi, for some reason my mbam.exe always gets an APPCRASH error when I try to use it, even Chameleon doesn't work, the fault module it shows is MSVCR100.dll. Any idea what's causing this? I also have AVG and Avast, both of which I have set an exception for Mbam folders in Programfiles and Programdata. There was once that when AVG and Avast was scanning for the first time it just hung at a certain number of file and didn't move on past it. I had to close them and reopen them to get it to work again, and consequent scans showed up nothing. Even in safemode and enabled thorough scanning and scanning for rootkits had nothing show up for both Avast and AVG. Mbam worked before for 2 days and then this error showed up. Tried using a clean copy of the entire mbam directory and renaming Mbam to something else, and nothing worked. Is it some sort of really nasty trojan or is there something else blocking the Mbam? Shouldnt be conflict because Mbam works for about 2-3 days everytime I do a fresh reinstall with Mbam clean. Also, mbamcheck.exe returns with error whenever I try to run it as well. Also used bleeping computer's Rkill and returned with clean results. *Have used mbam clean and reinstalled a number of times, same thing shows up a few days after installation.
  3. Hello and thanks in advance for any assistance . I've been using Malwarebytes for quite some time now as part of my toolkit of antivirus/antimalware software. I have never had a problem with it until I got to one of the latest releases, when the layout changed dramatically to the new layout. Since then, I cannot complete a scan without getting a BSoD. I have tried disabling my firewall when scanning, to no avail. Sometimes the BSoD occurs when scanning Filesystem Objects and sometimes during Heuristic Analysis. The First BSoD occurs generally when it happens during scanning Filesystem Objects and the second when performing Heuristic Analysis (the one with the SwissArmy file in the image). Both of these happen even with just a basic Threat Scan. I have tried scanning in safe mode and this works perfectly, finding no malware. Hope you can help as this is really annoying, I would like to go back to having no problems with this great piece of kit. Thanks in advance, Adam
  4. First off I just want to give a big thank you to the moderators who help so many people on these forums, and everyone who works at the Malwarebytes organization, this is my first time posting, but I have read through and seen how much you guys do to provide help for people with malware, it's pretty amazing. Anyway I'm having trouble with my favorite malware-removal tool. Upon my PSU dying and not being able to afford a new one for a month, I finally purchased a new PSU this week and booted my computer back up from the dead. Everything was working fine except when I ran malwarebytes it crashed. So I decided to re-install it, but during the install process I kept receiving errors all throughout the install. Upon trying to run it the program would crash. This has never happened to me before, any help would be greatly appreciated. Desktop Info: OS Name Microsoft Windows 7 UltimateVersion 6.1.7601 Service Pack 1 Build 7601Other OS Description Not AvailableOS Manufacturer Microsoft CorporationSystem Manufacturer Gigabyte Technology Co., Ltd.System Model Z68X-UD3H-B3System Type x64-based PCProcessor Intel® Core i7-3770K CPU @ 3.50GHz, 3801 Mhz, 4 Core(s), 8 Logical Processor(s)BIOS Version/Date Award Software International, Inc. F12, 3/20/2012SMBIOS Version 2.4System Directory C:\Windows\system32Boot Device \Device\HarddiskVolume1Installed Physical Memory (RAM) 16.0 GB
  5. I am a computer tech in SW Florida and myself and another technician have run into the same problem. After installing and opening the latest version of Malwarebytes it tries to update and crashes saying "Malwarebytes has stopped working, Windows is searching for a solution...". Windows doesn't find anything and so it closes. We have tried many things including; running the latest mbam-clean.exe, manualy removing left over files from app data and program data, Installing Windows updates, and running CCleaner after the removal but nothing seems to work. Every time Malwarebytes is opened and tries to update it crashes. When checking the Event Viewer logs we found this error associated with the crash. Any other ideas? We like the program and would like to continue to use it in the future...
  6. Hello, Malwarebytes' was just upgraded from 1.75 to 2.0.2. I purchased and installed a license. The software crashes during a scan. Here is the Event Viewer report: Faulting application name: mbam.exe, version:, time stamp: 0x53518532 Faulting module name: mbamcore.dll, version:, time stamp: 0x536d8027 Exception code: 0xc0000005 Fault offset: 0x0001748f Faulting process id: 0x820 Faulting application start time: 0x01cfa60dbd1f1059 Faulting application path: C:\Program Files\Malwarebytes Anti-Malware\mbam.exe Faulting module path: C:\Program Files\Malwarebytes Anti-Malware\mbamcore.dll Report Id: 5b4d4a61-120e-11e4-aff3-50e54965e50e Faulting package full name: Faulting package-relative application ID: Please assist. It repeatedly occurs. I have rebooted and run malware scans with other software. Your assistance is appreciated. Thank you, Silekonn
  7. After each scan of Malwarebytes i view the following ------------------------------------ Version=1 EventType=BEX EventTime=130520927490850000 ReportType=2 Consent=1 UploadTime=130520927503310000 ReportIdentifier=cc5c99a1-200a-11e4-aedb-20cf30e68da2 IntegratorReportIdentifier=cc5c99a0-200a-11e4-aedb-20cf30e68da2 WOW64=1 Response.BucketId=60667353 Response.BucketTable=19 Response.type=4 Sig[0].Name=Nom de l’application Sig[0].Value=mbam.exe Sig[1].Name=Version de l’application Sig[1].Value= Sig[2].Name=Horodatage de l’application Sig[2].Value=53518532 Sig[3].Name=Nom du module par défaut Sig[3].Value=StackHash_50cb Sig[4].Name=Version du module par défaut Sig[4].Value= Sig[5].Name=Horodateur du module par défaut Sig[5].Value=00000000 Sig[6].Name=Décalage de l’exception Sig[6].Value=25206e6f Sig[7].Name=Code de l’exception Sig[7].Value=c0000005 Sig[8].Name=Données d’exception Sig[8].Value=00000008 DynamicSig[1].Name=Version du système DynamicSig[1].Value=6.1.7601. DynamicSig[2].Name=Identificateur de paramètres régionaux DynamicSig[2].Value=2060 DynamicSig[22].Name=Information supplémentaire n° 1 DynamicSig[22].Value=50cb DynamicSig[23].Name=Information supplémentaire n° 2 DynamicSig[23].Value=50cb53e78d43c666d3bdfcc11eef6cc9 DynamicSig[24].Name=Information supplémentaire n° 3 DynamicSig[24].Value=de6d DynamicSig[25].Name=Information supplémentaire n° 4 DynamicSig[25].Value=de6d33ca1418d82f3b1e1c128392054a UI[2]=C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe LoadedModule[0]=C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe LoadedModule[1]=C:\Windows\SysWOW64\ntdll.dll LoadedModule[2]=C:\Windows\syswow64\kernel32.dll LoadedModule[3]=C:\Windows\syswow64\KERNELBASE.dll LoadedModule[4]=C:\Windows\syswow64\USER32.dll LoadedModule[5]=C:\Windows\syswow64\GDI32.dll LoadedModule[6]=C:\Windows\syswow64\LPK.dll LoadedModule[7]=C:\Windows\syswow64\USP10.dll LoadedModule[8]=C:\Windows\syswow64\msvcrt.dll LoadedModule[9]=C:\Windows\syswow64\ADVAPI32.dll LoadedModule[10]=C:\Windows\SysWOW64\sechost.dll LoadedModule[11]=C:\Windows\syswow64\RPCRT4.dll LoadedModule[12]=C:\Windows\syswow64\SspiCli.dll LoadedModule[13]=C:\Windows\syswow64\CRYPTBASE.dll LoadedModule[14]=C:\Windows\syswow64\SHELL32.dll LoadedModule[15]=C:\Windows\syswow64\SHLWAPI.dll LoadedModule[16]=C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.dll LoadedModule[17]=C:\Windows\system32\DNSAPI.dll LoadedModule[18]=C:\Windows\syswow64\WS2_32.dll LoadedModule[19]=C:\Windows\syswow64\NSI.dll LoadedModule[20]=C:\Windows\system32\VERSION.dll LoadedModule[21]=C:\Windows\syswow64\WINTRUST.dll LoadedModule[22]=C:\Windows\syswow64\CRYPT32.dll LoadedModule[23]=C:\Windows\syswow64\MSASN1.dll LoadedModule[24]=C:\Windows\syswow64\PSAPI.DLL LoadedModule[25]=C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dll LoadedModule[26]=C:\Windows\syswow64\USERENV.dll LoadedModule[27]=C:\Windows\syswow64\profapi.dll LoadedModule[28]=C:\Windows\system32\MPR.dll LoadedModule[29]=C:\Windows\syswow64\imagehlp.dll LoadedModule[30]=C:\Windows\syswow64\ole32.dll LoadedModule[31]=C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamsrv.dll LoadedModule[32]=C:\Windows\system32\IPHLPAPI.DLL LoadedModule[33]=C:\Windows\system32\WINNSI.DLL LoadedModule[34]=C:\Program Files (x86)\Malwarebytes Anti-Malware\QtCore4.dll LoadedModule[35]=C:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCP100.dll LoadedModule[36]=C:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll LoadedModule[37]=C:\Windows\system32\WTSAPI32.dll LoadedModule[38]=C:\Program Files (x86)\Malwarebytes Anti-Malware\QtGui4.dll LoadedModule[39]=C:\Windows\syswow64\COMDLG32.dll LoadedModule[40]=C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\COMCTL32.dll LoadedModule[41]=C:\Windows\syswow64\OLEAUT32.dll LoadedModule[42]=C:\Windows\syswow64\IMM32.dll LoadedModule[43]=C:\Windows\syswow64\MSCTF.dll LoadedModule[44]=C:\Windows\system32\WINMM.dll LoadedModule[45]=C:\Windows\system32\WINSPOOL.DRV LoadedModule[46]=C:\Program Files (x86)\Malwarebytes Anti-Malware\QtNetwork4.dll LoadedModule[47]=C:\Windows\system32\UxTheme.dll LoadedModule[48]=C:\Windows\system32\CRYPTSP.dll LoadedModule[49]=C:\Windows\system32\rsaenh.dll LoadedModule[50]=C:\Windows\system32\dwmapi.dll LoadedModule[51]=C:\Program Files (x86)\Malwarebytes Anti-Malware\imageformats\qgif4.dll LoadedModule[52]=C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll LoadedModule[53]=C:\Windows\system32\apphelp.dll LoadedModule[54]=C:\Windows\syswow64\SETUPAPI.dll LoadedModule[55]=C:\Windows\syswow64\CFGMGR32.dll LoadedModule[56]=C:\Windows\syswow64\DEVOBJ.dll LoadedModule[57]=C:\Windows\syswow64\CLBCatQ.DLL LoadedModule[58]=C:\Windows\system32\propsys.dll LoadedModule[59]=C:\Windows\system32\ntmarta.dll LoadedModule[60]=C:\Windows\syswow64\WLDAP32.dll LoadedModule[61]=C:\Windows\system32\WindowsCodecs.dll LoadedModule[62]=C:\Windows\system32\EhStorShell.dll LoadedModule[63]=C:\Windows\system32\ntshrui.dll LoadedModule[64]=C:\Windows\system32\srvcli.dll LoadedModule[65]=C:\Windows\system32\cscapi.dll LoadedModule[66]=C:\Windows\system32\slc.dll LoadedModule[67]=C:\Windows\system32\WINSTA.dll LoadedModule[68]=C:\Windows\system32\oleacc.dll LoadedModule[69]=C:\Windows\system32\RpcRtRemote.dll LoadedModule[70]=C:\Windows\system32\SXS.DLL LoadedModule[71]=C:\Program Files (x86)\Malwarebytes Anti-Malware\7z.dll LoadedModule[72]=C:\Windows\system32\mswsock.dll LoadedModule[73]=C:\Windows\System32\wshtcpip.dll LoadedModule[74]=C:\Windows\System32\wship6.dll LoadedModule[75]=C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL LoadedModule[76]=C:\Windows\system32\rasadhlp.dll LoadedModule[77]=C:\Windows\System32\fwpuclnt.dll State[0].Key=Transport.DoneStage1 State[0].Value=1 FriendlyEventName=Fonctionnement arrêté ConsentKey=BEX AppName=Malwarebytes Anti-Malware AppPath=C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe -------------------- Thanks in adavnce
  8. I had been raving about Malwarebytes to my sister, since I have bought and installed on my computers. Now I'm not so sure I should have. She finally tried the free download on her laptop, and desktop computers. Since scanning with it, her laptop only works in safe mode and her desktop crashes right after it starts up . She more or less can't use the desktop. She can't use her printer either. The laptop keeps referring to registry files missing. She said she did what was recommended -Quarantine the files. Evidently she had many bad files and some were registry files that she said had pups among them. She saide she can't get the quarantine files to come up to try to restore them. I feel so bad I encouraged her to use it. I don't know of anyway to fix this, other than her taking them in to some shop and paying some one to fix them. Any suggestions??
  9. This is the response from my original post: The logs indicate that there is probably some type of infection going on. I would suggest following the advice from the topic here: Available Assistance for Possibly Infected Computers (http://forums.malwarebytes.org/index.php?showtopic=119858 and having one of the experts assist you with looking into the issue. After scanning and cleaning if you continue to have updating issues that the helper is unable to resolve please let us know. My Original Post: I have been using Malwarebytes since before 2012 and it has always worked well. Recently it crashes whenever it checks for updates or tries to run a scan. I did an MBAM clean remove and a new install per instructions too many times with the same results. I also followed the instructions and ran the SCAN Tool and the MBAM check; Files attached. Also did a CHDSK and DeFrag. I get this Windows Error: Problem Signature: Problem Event Name: APPCRASH Application Name: mbam.exe Application Version: Application Timestamp: 53518532 Fault Module Name: MSVCR100.dll Fault Module Version: 10.0.40219.325 Fault Module Timestamp: 4df2be1e Exception Code: 40000015 Exception Offset: 0008d6fd OS Version: 6.1.7601. Locale ID: 1033 FRST.txt CheckResults.txt Addition.txt
  10. Hello everyone, I am new to the community and was looking for some assistance with a problem I have been having with the new Malewarebytes Anti-Maleware version during my scans. The problem I am experiencing is MBAM will crash during a scan and my computer will also freeze up and I will be unable to do anything. I have to hold the power button down until the computer shuts off and restart it. The problem occurs when I am running a custom scan with the following custom scanning options enabled: scan memory objects, scan startup and registry settings, scan archives and scan for rootkits. I select my hdd and ssd as the locations to scan. Once it starts scanning the system drivers it freezes on "object scanned" number 108. It freezes on this specific object everytime. I've tried running it in safe mode and the same thing occurs. I figured it might have something to do with the scan rootkit option being enabled so I downloaded MBAR and that also freezes, except I can see the name of the file and it is igdkmd64.sys. My research shows that this is related to the integrated intel HD 4000 gpu? Either way I'm not sure if that is related or not. I've searched the forums and was unable to find anything that can help. I don't believe this is related to any actual infection but I'm not an expert and it's always possible there is an infectoin. I tried the mbam cleaner to remove the software and redownloaded it and that did not help. Any advice is greatly appreciated. Thank you in advance and sorry for the lengthy e-mail. BTW I'm running a lenovo y580, win 7 64 bit, gtx 660m nvidia gpu, intel i7 3610q quad core processor with hybrid ssd and hdd. If it makes a difference with advice or suggestions on where to start. Cheers
  11. Hi, I notice a few other similar topics relating to this type of issue in the forums but am creating a new topic as requested. I have already followed the v2 clean uninstall and re-install procedures and have also removed the pre-existing A/V product (McAfee Viruscan 8.8 PL4) just to be on the safe side. To give a bit of background we run MBAM "pro" on 100 Windows 7 clients and this is the first problem of this kind that we have experienced in any of our offices although a number of the clients are still running v1 and have not updated themselves yet. The affected laptop is a Dell Latitude E6410 running 32-bit English Windows 7 SP1 and all windows updates are up-to-date as of today (28.05.14). It is located in our Sydney office. I have attached screenshots of the errors when MBAM crashes during update, the logs from FRST and the logs from Mbam-Check. Hopefully someone can help. Addition.txt CheckResults.txt FRST.txt
  12. When I opened Malwarebytes today to run a scan, a message popped up saying three was a new version -- need to install update. It look suspicious somehow, so I cancelled. On checking the Malwarebyte site, I say that there was a ndew version out last month, so when I tried again to launch the Software and got the box about install update, I accepted. On running the setup that downloaded, launching, I got screenshot 1, attached. Whenever I click either "update database" or "scan", the program crashes -- see screenshot 2. Any help appreciated. Thanks
  13. When I upgraded to Malwarebytes, it opened without problems. I would run it and get an error stating that the program stopped working (like the one in the picture). I tried the uninstall and clean method more than once with no working result. I am running Windows 7 32-bit edition. I have 1 administrator account and 2 standard user accounts. I installed MWB 2.0 while logged in under the administrator account. This is where I would get the crash issue. I logged out of the administrator account and logged in under one of the standard accounts. Then I ran MWB 2.0. Amazingly it worked fine without crashing. Then I logged back into the administrator account and MWB 2.0 has been working fine ever since. I have no idea how this corrected the issue, but it did for me. Hope this helps others in their plight.
  14. I recently tried to scan My computer and MalwareBytes tried to do an automatic update...after initializing the update process it completely crashed and closed before I could update. I'm afraid I have a bug that won't let me run the program. I also tried to run MalwareBytes Chameleon-that didn't work either...it tried to update the program through Chameleon and it just did the same thing and crashed. PLEASE HELP!!!
  15. I just updated to on a 32-bit Windows 7 machine. I have been using Malwarebytes very happily for years. As of updating to this new version, it crashes when I attempt to run the update database. The crash is instantaneous when I try and execute any function. I have uninstalled and reinstalled and the result is the same. I had an older version (1.7.x) saved and installed that (the database was 450 days old) and that ran just fine. Your assistance would be much appreciated. As suggested in my initial post, please see the following thread. I have attached the originally requested dumps. https://forums.malwarebytes.org/index.php?/topic/151709-crash-on-update/ Addition.txt FRST_30-06-2014_21-49-42.txt CheckResults.txt
  16. My malwarebytes keeps crashing over and over, i cant even start a scan it crashes as soon as it opens. logs Addition.txtCheckResults.txtFRST.txt
  17. Malwarebytes installed on a new computer. Crashes whenever I try to update or scan. Error message below: Problem signature: Problem Event Name: APPCRASH Application Name: mbam.exe Application Version: Application Timestamp: 53518532 Fault Module Name: MSVCR100.dll Fault Module Version: 10.0.40219.325 Fault Module Timestamp: 4df2be1e Exception Code: 40000015 Exception Offset: 0008d6fd OS Version: 6.1.7600. Locale ID: 3081 Additional Information 1: 8374 Additional Information 2: 83748d7ce6919cf452bf5c3838e036f3 Additional Information 3: 2e01 Additional Information 4: 2e01b10c887fd7f971b05773252074ee Addition.txt CheckResults.txt FRST.txt
  18. Hello, I have been using Malwarebytes since before 2012 and it has always worked well. Recently it crashes whenever it checks for updates or tries to run a scan. I did an MBAM Clean Remove and a new install per instructions too many times with the same results. I also followed the instructions and ran the SCAN Tool and MBAM Check; Files attached. Also did a CKDSK and Defrag I get this windows Error: Problem Signature: Problem Event Name: APPCRASH Application Name: mbam.exe Application Version: Application Timestamp: 53518532 Fault Module Name: MSVCR100.dll Fault Module Version: 10.0.40219.325 Fault Module Timestamp: 4df2be1e Exception Code: 40000015 Exception Offset: 0008d6fd OS Version: 6.1.7601. Locale ID: 1033 FRST.txt CheckResults.txt Addition.txt
  19. Hello I need help identifying a virus; I'm running Windows 7 - Service Pack 1. In the past couple months my computer has been experiencing: -Extremely slow performance when starting up and running games/programs -Crashes at least once a day -Malwarebytes is unable to run--whenever I load it up I get a "busy" icon and nothing happens; I uninstalled it and something is preventing it from being reinstalled. -I can access Chameleon but ran all 13 tests and the scan keeps failing and getting terminated (see pic attached). -BSODs *1st crash - Stop Code pointed to graphics driver so I uninstalled/updated drivers *2nd - "Memory Management"; failed to start Windows 7; restarted and computer would not start up--Beep Code: 2 short beeps (Dell); ran Memtest86 and crashed. Then ran windows Memcheck and crashed. Later got computer to start up again. *3rd - "Page Fault In Non Paged Area"; ran System Restore. *4th - "Driver IRQL Not Less or Equal"; uninstalled/reinstalled Graphics Driver, immediately crashed again. *Ran Memcheck again and it made one pass. *Ran Dell Diagnostic test twice and Memory passed. *Ran CHKDSK and there were no bad sectors. (I'm not sure where to find the minidump files.) -Ran full scan on Bitdefender and it didn't find anything... System Restored again and it still crashes. Event Viewer shows many processes being blocked/errors. -Still cannot run/install MBAM I am not sure if I should reformat/reinstall Windows or if there is a solution to this... PLEASE HELP! Thank you in advance.
  20. I purchased Malwarebytes in October of last year. I haven't scanned my computer in awhile, however, it is always running in the background. Recently, I have tried to scan my computer and I keep getting an error. (see below). This is making me believe I have a virus on my computer. Please help! I want to be able to scan my computer to keep it safe. Thank you! Crash info: Problem signature: Problem Event Name: APPCRASH Application Name: mbam.exe Application Version: Application Timestamp: 53518532 Fault Module Name: MSVCR100.dll Fault Module Version: 10.0.40219.325 Fault Module Timestamp: 4df2be1e Exception Code: 40000015 Exception Offset: 0008d6fd OS Version: 6.1.7601. Locale ID: 1033 Additional Information 1: 8374 Additional Information 2: 83748d7ce6919cf452bf5c3838e036f3 Additional Information 3: 2e01 Additional Information 4: 2e01b10c887fd7f971b05773252074eeFRST.txt Addition.txt
  21. Since i didn't find a solution in the mentioned topic I aske for a solution here I hope someone can help me. I get the same crashes with chrome. https://forums.malwarebytes.org/index.php?showtopic=145538 I installed and reinstalled mbam exploit and Google chrome a lot of times in the last few weeks. It kept crashing in about 50% of the time. I even reinstalled windows (upgrade) yesterday. Nothing worked till I found this forum topic today. I uninstalled Mbam exploit and the crashes have disappeared. I attached the DDS file, but cannot find anything myself. Thanks Dirk attach and DDS.rar picture from crash.rar
  22. Hello, my first post here! Recently I updated my Intel RST drivers, and since then my Windows 7 x64 PC crashes like every 30 minutes, even in a safe mode (or in a boot with a minimum services enabled). I tried sfc /scannow, which said it fixed some but could not fix all the issues, Running Malaewarebytes (the latest version with updated db) crashes after a few minutes, even in a quick scan. I have attached the logs per similar thread advice. Thanks in advance for your help! attach.txt CheckResults.txt dds.txt
  23. ok here is my hijackthis log PLEASE HELP QUICKLY my app is 20% of my grade!!!! Logfile of Trend Micro HijackThis v2.0.4Scan saved at 3:37:29 AM, on 12/31/2013Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Unable to get Internet Explorer version!Boot mode: Normal Running processes:C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\ProgramData\FLEXnet\Connect\11\ISUSPM.exeC:\Program Files (x86)\Launch Manager\LManager.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Users\Owner\AppData\Local\Google\Update\\GoogleCrashHandler.exeC:\Program Files (x86)\Real\RealPlayer\Update\realsched.exeC:\Users\Owner\Downloads\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLLO4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exeO4 - HKLM\..\Run: [sOSUAUI] "C:\Program Files (x86)\Malwarebytes Secure Backup\sosuploadagent.exe" -showuiO4 - HKLM\..\Run: [sMessaging] C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exeO4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osbootO4 - HKCU\..\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] "C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-windowO4 - HKCU\..\Run: [bDAB3CD44D7D45EEC58DB422F61BD03E74CADA2F._service_run] "C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe" --type=serviceO4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -schedulerO4 - HKCU\..\Run: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exeO9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exeO23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exeO23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exeO23 - Service: RealPlayer Desktop Service - RealNetworks, Inc. - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exeO23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 9812 bytes
  24. attach.txt: .DDS (Ver_2012-11-20.01).Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume3Install Date: 25/05/2012 4:58:08 PMSystem Uptime: 25/12/2013 5:19:59 PM (0 hours ago).Motherboard: Dell Inc. | | 0U990CProcessor: Intel® Core2 Duo CPU T5750 @ 2.00GHz | Microprocessor | 2000/166mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 99 GiB total, 22.41 GiB free.D: is FIXED (NTFS) - 10 GiB total, 5.912 GiB free.E: is CDROM ()F: is FIXED (NTFS) - 298 GiB total, 151.766 GiB free..==== Disabled Device Manager Items =============.==== System Restore Points ===================..==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)7-Zip 9.20Adobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.4)AllShare Framework DMSApple Application SupportApple Mobile Device SupportApple Software UpdateBonjourCanon MP280 series MP DriversCCleanerD3DX10DefragglerDell TouchpadDropboxEyeLeof.luxFacebook Video Calling Size ChromeGoogle DriveGoogle Update HelperHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)iCloudIntel® Graphics Media Accelerator DriverIntel® PROSet/Wireless SoftwareiTunesJava 7 Update 45Java Auto UpdaterJava 6 Update 32K-Lite Codec Pack 8.8.0 (Full)Laptop Integrated Webcam Driver ( Malwarebytes Anti-Malware version Miniport DrivermCoremDriverMesh RuntimemHelpMicrosoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219mMHouseMozilla Firefox 12.0 (x86 en-US)Mozilla Maintenance ServicemPfMgrMSVCRTmWMIRICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01Samsung KiesSAMSUNG USB Driver for Mobile PhonesSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Segoe UISkype™ 5.9Spybot - Search & DestroyTeraCopy 2.27Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596660) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596802) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596848) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)VC80CRTRedist - 8.0.50727.6195VLC media player 2.0.1Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language Pack.==== End Of File =========================== DDS.txt DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16520 BrowserJavaVersion: 10.45.2Run by user at 17:22:31 on 2013-12-25Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3061.1996 [GMT -5:00].AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\system32\SLsvc.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exeC:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Google\Update\\GoogleCrashHandler.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Windows\OEM02Mon.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Windows\system32\igfxsrvc.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Spybot - Search & Destroy 2\SDTray.exeC:\Users\user\AppData\Local\FluxSoftware\Flux\flux.exeC:\Windows\ehome\ehtray.exeC:\Program Files\AeroSnap\AeroSnap.exeC:\Program Files\EyeLeo\EyeLeo.exeC:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\conime.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroup.============== Pseudo HJT Report ===============.uProxyServer = Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dlluRun: [F.lux] "c:\users\user\appdata\local\fluxsoftware\flux\flux.exe" /noshowuRun: [ehTray.exe] c:\windows\ehome\ehTray.exemRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hidemRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exemRun: [Apoint] c:\program files\delltpad\Apoint.exemRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkeymRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [sDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\user\appdata\roaming\dropbox\bin\Dropbox.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\aerosnap.lnk - c:\program files\aerosnap\AeroSnap.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\eyeleo.lnk - c:\program files\eyeleo\EyeLeo.exemPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = Interfaces\{51C024C2-8D34-41C0-99D8-6AA9A4A2DF33} : DHCPNameServer = grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dllNotify: igfxcui - igfxdev.dllNotify: SDWinLogon - SDWinLogon.dllSEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg.================= FIREFOX ===================.FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\7hvqq0a7.default\FF - prefs.js: browser.search.selectedEngine - Ask.comFF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dllFF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLLFF - plugin: c:\program files\google\update\\npGoogleUpdate3.dllFF - plugin: c:\program files\google\update\\npGoogleUpdate3.dllFF - plugin: c:\program files\google\update\\npGoogleUpdate3.dllFF - plugin: c:\program files\google\update\\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dllFF - plugin: c:\users\user\appdata\local\facebook\video\skype\npFacebookVideoCalling.dllFF - plugin: c:\users\user\appdata\local\google\update\\npGoogleUpdate3.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-12-24 3921880]R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-12-24 1042272]R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-12-24 171416]R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2012-5-25 111616]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-6-23 83864]S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2013-2-18 37344]S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 104768]S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-6-23 181912]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 756392]S4 AllShare Framework DMS;AllShare Framework DMS;c:\program files\samsung\allshare framework dms\1.3.18\AllShareFrameworkManagerDMS.exe [2013-9-10 401800]S4 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-2-18 233472]S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040].=============== Created Last 30 ================.2013-12-25 19:49:17 -------- d-----w- c:\users\user\appdata\roaming\BitTorrent2013-12-25 02:55:09 18968 ----a-w- c:\windows\system32\sdnclean.exe2013-12-25 02:54:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy2013-12-25 02:54:31 -------- d-----w- c:\program files\Spybot - Search & Destroy 22013-12-25 00:36:02 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a42f272e-3da9-4eed-8025-b54618e72bfb}\mpengine.dll2013-12-21 22:46:29 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll2013-12-09 22:51:03 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{4dd89be2-b553-4af4-9e52-de10de0436e3}\gapaengine.dll.==================== Find3M ====================.2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe2013-10-13 09:48:06 1806848 ----a-w- c:\windows\system32\jscript9.dll2013-10-13 09:35:52 1427968 ----a-w- c:\windows\system32\inetcpl.cpl2013-10-13 09:35:38 1129472 ----a-w- c:\windows\system32\wininet.dll2013-10-13 09:30:14 142848 ----a-w- c:\windows\system32\ieUnatt.exe2013-10-13 09:29:02 420864 ----a-w- c:\windows\system32\vbscript.dll2013-10-13 09:25:39 2382848 ----a-w- c:\windows\system32\mshtml.tlb2013-10-11 02:08:02 444928 ----a-w- c:\windows\system32\IKEEXT.DLL2013-10-11 02:07:57 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL2013-10-08 12:50:41 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2013-10-03 12:45:50 297984 ----a-w- c:\windows\system32\gdi32.dll2013-10-03 12:45:45 993792 ----a-w- c:\windows\system32\crypt32.dll2013-09-27 14:53:06 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys2013-09-27 14:53:06 104768 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys.============= FINISH: 17:26:29.16 =============== So I'm pretty sure I have a virus and I'm pretty stuck on what to do. When I try and open any sort of folder, windows explorer crashes, and restarts. Sometimes I can open a folder, but most of the time I can't, if I open it right after startup then it works but otherwise it does not. Sometimes mbam doesn't open and I get "runtime error 2147417848 (80010108)". These are all things that change though, randomly, right now I can open folders and mbam is working but if I restart my computer they probably wont, but all is fine in safe mode. I've tried a bunch of things (in safe mode too), I've tried running spybot, which detects things and then doesn't, I've used ccleaner and cleaned(?) the registry, I've performed a full scan with mbam which detected nothing, I've checked startup programs, also used shell cleaner thing****, I've opened command prompt and scanned (sfc/scannow), I've used shellexview and disabled everything that wasn't microsoft. I'm just stumped, and lost and confused. Sorry if the way I explain isn't clear, please help.
  25. Hi there all, I'm finally at my wit's end with this: A guy on my course gave me his laptop to have a look at as apparently it went from "fine" to the unusable condition it's in now literally overnight (I'm no expert but I've helped fix a few friends/relatives computers in the past with the help of sites like this) - firstly, there WAS an instance of uTorrent on there when I recieved it, which I have deleted as recommended (and I also assume is the cause of the problem in the first place - although I'm unable to find any keygens or other obvious "warez" by searching on the drive, so aside from individually going through his private files I'll assume it's piracy-free...or was at least "cleaned up" before he gave it to me). Right, basically the boot time now takes anything up to ten minutes and windows has hung and failed to boot on a few occasions, seemingly at random. RAM use is seemingly normal, but the CPU spikes at roughly 50% in intermittent but regular patterns (to clarify, the timing of when this happens is intermittent, but the pattern of the CPU spikes is regular and looks like a "sawtooth" wave) and the computer becomes essentially locked-up while this happens for up to ten minutes at a time. Firefox hangs and then asks to be restarted almost every time you click it - also, this morning on booting it said that the windows copy wasn't legit, but after running a system restore that issue at least has been resolved (he hasn't backed anything up, there seemed to be 3 restore points I could choose and I picked the most recent - they were all from about 3 days ago within 12 hours of each other - not sure if there were automatically generated as he didn't know what I meant when I asked if he'd already tried a system restore - when I get this working again I'll image his drive for him so either myself or someone else doesn't have to fix it for him again!). I've seperately scanned with Malware Bytes, SuperAntiSpyware, IOBit Advanced System Care just to make sure, all of which came back as clean. Hijackthis wouldn't create a log file yesterday, but for reasons unknown, now will (maybe something to do with the system restore I did earlier today) - it still says that it can't access the HOST file though - there was an alarming amount of red-flagged entries when I passed the HJT log through an automated scanner, but I didn't wish to make any changes without first checking with folks more knowledgable than myself! (also, after reading a few posts on here, it seems HJT isn't as relavent nowadays anyway) The requested "attach.txt" and "dds.txt" should be attached. Apologies for the long rant, I incorrectly assumed this would be a quick and easy fix and I'm just frustrated at my own lack of know-how. P.S. - if there is anything on the logs that shouldn't be there that I've missed (piracy or otherwise) please just tell me and I'll delete it immediately - I've no interest in helping someone break the law. Thanks in advance X attach.txt dds.txt
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.