Jump to content

Search the Community

Showing results for tags 'win7'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 8 results

  1. my plan is to do a cleanses out all of my USB flash sticks and to emptied them by moving all file to a safe place and then to formatting all of them .and I almost thinking to make an multi-boot windows into one of USB drive but how to make a multi-boot windows into USB drive ? is there any free tool or utility for it ? and I would like to know exactly how many GB needed to makes one windows 7 -32-bit and one windows 7-64-bit and one windows xp-32-bit and one windows 10-64-bit ! and also I want to make a back-up for the system into a 4 GB flash drive which is for recovery if it needed ! I’ve check for a website which is for an official tool but it look like its down any tutorial or recommendation are highly welcomed !
  2. October 7, 2018 Hello, I am doing some disk clean up and need some help with UNINSTALLING an older version on Malwarebytes. My system is WIN7 PRO, desktop, up to date with all updates. The program has an install date to my computer of September – October 2015 and I believe the program release number is 2_2_0_1024. The program is not listed in Control panel and I get an error when I try to run the mbam.exe or the unins000.exe. Is there an “universal” type of installer available I can use to remove the program and all registery entries? Thanks for any help, krazykat
  3. [reposting from Malwarebytes 3 Support Forum, summary below followed by the info you requested] I had issues with my WIn7 Pro SP1 64-bit laptop (an HP Envy 15 Notebook, i7-4720HQ) suddenly having the network stop working and the entries in DeviceMgr seem corrupt, so ... 1. Booted into Safe Mode (no networking) 2. Tried to run MWB 2.2.0.124 (last version I had on this older laptop), it failed with Couldn't open proc 406:120 3. Tried MWB uninstall, also failed with similar error 4. Copied mbam 3.5 install, and various clean/support/check utils from a USB stick (I downloaded them on another PC that is fine) 5. Ran both mbam-clean-2.3.0.1001 and mb-clean-3.1.0.1035, both completed fine. 6. Checked certmgr.msc, no MWB-related Untrusted Certificates present 6. Tried to install mb3-setup-consumer-3.5.1.2522-1.0.391-1.0.5889 7. Got similar error (attached setup #001 log and error details dialog contents). mbam-35-setup-error.txt Setup Log 2018-07-17 #001.txt ------------------------------------------------------------------------- [Trusted Advisor FIrefox suggested I run Malwarebytes Support Tool] In Win7 Safe Mode (with no networking or command prompt) ... I tried to run mbam-support-1.1.2.471.exe, it crashes with this error: mbstub.exe has stopped working Details: Problem signature: Problem Event Name: APPCRASH Application Name: mbstub.exe Application Version: 1.1.2.471 Application Timestamp: 5b1acb3c Fault Module Name: mbstub.exe Fault Module Version: 1.1.2.471 Fault Module Timestamp: 5b1acb3c Exception Code: 40000015 Exception Offset: 001247b7 OS Version: 6.1.7601.2.1.0.256.48 Locale ID: 1033 Additional Information 1: 6ac4 Additional Information 2: 6ac4267233eb42f9537fb9cbe95bc2b4 Additional Information 3: e5b8 Additional Information 4: e5b8dd6588014878a76d6275082685f0 [Expert exile360 then suggested I run Malwarebytes Anti-Rootkit Tool, and AdwCleaner if issues persist] In Win7 Safe Mode with Networking ... I ran the .zip version of mbar.1.10.3.1001.exe, after running it on another Win7 64-bit computer with network access to update databases to v2018.07.20.1 and copying the whole mbar folder onto USB to get it onto the affected Win7 laptop. Scan Finished: No malware found! Then, in the same Safe Mode with Networking (even though my network access is messed up) ... I ran adw_7.2.2.exe , but got another error: AdwCleaner has stopped working Details: Problem signature: Problem Event Name: APPCRASH Application Name: adwcleaner_7.2.2.exe Application Version: 7.2.2.0 Application Timestamp: 5b4dec42 Fault Module Name: adwcleaner_7.2.2.exe Fault Module Version: 7.2.2.0 Fault Module Timestamp: 5b4dec42 Exception Code: 40000015 Exception Offset: 008f3377 OS Version: 6.1.7601.2.1.0.256.48 Locale ID: 1033 Additional Information 1: a08f Additional Information 2: a08f23b5c2d65e2c49b9eb088389e4b5 Additional Information 3: f84d Additional Information 4: f84d5274b666029d48327d47d6020d72 ----------------------------------------------------------------- [Here is what you requested, after the preceding results from before I posted into the Windows malware removal forum] When I try to run mbam-support-1.1.2.471.exe, it crashes with this error: mbstub.exe has stopped working Details: Problem signature: Problem Event Name: APPCRASH Application Name: mbstub.exe Application Version: 1.1.2.471 Application Timestamp: 5b1acb3c Fault Module Name: mbstub.exe Fault Module Version: 1.1.2.471 Fault Module Timestamp: 5b1acb3c Exception Code: 40000015 Exception Offset: 001247b7 OS Version: 6.1.7601.2.1.0.256.48 Locale ID: 1033 Additional Information 1: 6ac4 Additional Information 2: 6ac4267233eb42f9537fb9cbe95bc2b4 Additional Information 3: e5b8 Additional Information 4: e5b8dd6588014878a76d6275082685f0 I copied FRST64.exe via USB, after running it once on another Win7 64-bit computer just in case it updated itself (which it seemed to). It gets a 'Failed to update(1)' message on startup due to no network I am assuming, but the Scan seems to run to completion. Files attached. Addition.txt FRST.txt
  4. I'm not sure I'm infected. BleepingComputer looked at my MisToolBox logs and moved my post to AM I infected ? I have been waiting for almost 3 days for BleepingComputer To look at my FAR logs with no response. I have the Malawarebytes Premiuim Edition. Below is what I've done please help and direct me if I'm infected or if this is a Win 7 Admin User Prob. Please help Thanks Win7, 32 Bit Days ago my computer booted up and my desktop was rearranged. Then I was booted up as Default User. I reboot w/F8 and was back in my Admin Profile. Again today booted into Default Profile. I reboot trying F8 (It will not work as usual) and the system Boots me up as Default User. I then have to Cntl Alt Delete to go into my normal Admin User/Safe Mode. My DeskTop is gone and I’m booted in as a New User(Old Windows Look) with no Restore points. All my files look to bein the system just none of my Admin User Profile info. I used Minimal Safe Mode in the default Safe Mode option. I ran Malwarebytes, Sophos 2.6.1 , Spybot, Adw Cleaner in Safe mode with nothing found, CC Cleaner Will not run in Safe Mode. https://helpdeskgeek.com/windows-7/safe-mode-f8-doesnt-work/ I ran Malwarebytes, Sophos 2.6.1 , Adw Cleaner, CC Cleaner in Normal boot with nothing found. Sophos 2.6.1 will not run Error 1606 Could not access network location. Info below from Event Viewer - Event Viewer Error 4/11/18 0xc000000d Error - Unable to load registry I believe this is my problem but I need guidance to create a NEW Admin User Profile or how to fix the corrupted Admin Profile ? ??? Error: (04/11/2018 03:37:51 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. FRST.txt Addition.txt
  5. I have a Raspberry Pi set up to act as my DNS server on my network to block advertisements (Pi-Hole). It also tracks all DNS searches and has revealed that two domains are being accessed every 2 minutes by my Win7 PC - primewire.ag and 123netflix.com This happens even when the browsers on my PC are closed. I previously visited these domains using Chrome incognito mode so I thought they infected my PC. Malwarebytes and Avira find nothing. There are no suspicious add-ons to my browsers. I kept track of exactly when the Pi-Hole showed access to the two domains from my PC (every 2 minutes exactly). Ran Process Monitor (to show Network Activity) and Wireshark both as Admin. Opened Windows Powershell as Admin and typed: Then I waited and clicked enter on the command exactly when my PC was accessing those 2 domains. Checked Wireshark for the same time and found the packets being sent to the pi-hole to check the DNS of those two domains. Double clicked the packets and scrolled down to find the Source Port numbers: 57098 and 65208 Switched to Process Monitor and located the processes captured during the same time that was using those same Source Port numbers. Double clicked and now I had: the PID (1576), the Path (C:\Windows\system32), the Command Line parameters (-k NetworkService) and the process name (svchost.exe) Unfortunately, it’s the ubiquitous svchost.exe Switch to Windows Powershell and checked out the results from when I ran the tasklist command. PS C:\Users\MyPC> tasklist /svc /fi “imagename eq svchost.exe” Image Name PID Services ========================= ======== ============================================ svchost.exe 1576 CryptSvc, Dnscache, LanmanWorkstation, NlaSvc Now I have the Services behind svchost.exe. Then I went into the Registry and found the Registry Entries for each of the 4 Services and that gave me the DLL files and the file paths. They’re all under %SystemRoot%\System32: Ran system filechecker with command Scanned each file with MalwareBytes and Avira. Nothing found. Decided to check each service’s Display Name and Description: CryptSvc = Cryptographic Services = Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Dnscache = DNS Client = The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will continue to be resolved. However, the results of DNS name queries will not be cached and the computer’s name will not be registered. If the service is disabled, any services that explicitly depend on it will fail to start. LanmanWorkstation = Server = Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. NlaSvc = Network Location Awareness = Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration information might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Now I’m stumped. Other than Blacklisting those sites on the Pi-Hole, any ideas on how to find out why they are being accessed every 2 minutes?
  6. Hello, I am facing a problem similar to some other users from what i have read until now. I have done the steps that i have read in another thread regarding this issue. Downloaded and run farbar recovery scan tool x64 with the following results. Thank you for your time and looking foward to your reply. FRST.txt
  7. Hi, this is the second system (my main Desktop PC) with what seems to be an identical issue, at least from what I can gather from "Who Crashed". It has Malwarebytes 3.2.2.2018 and Microsoft Security Essentials running at the same time, and I've attempted to add the exclusions after I started getting the BSOD's. It seems to have started around the time that I upgraded to Malwarebytes 3.0, but I was never really sure because it was around that time that I did a Security Only windows update. Who Crashed is telling me it's the IRST driver iastora.sys (iaStorA+0x877B8). I have upgraded to all the available IRST drivers for my chipset, and still the BSOD's continued. So I eventually went back to the original IRST drivers that had been fine for years. I have the most current MoBo BIOS installed. SFC scans come up clean. Every few days I get some Event ID 2001 "Microsoft Antimalware has encountered an error trying to update signatures". The system restarts randomly every few days. It almost always happens in the morning between 7:00am - 8:00am, which is around when Malwarebytes is doing it's automatic scan. Please, any help will be much appreciated. I built, and have maintained this systems since the end of 2013 with no BOSD's or issues whatsoever. until this past July. perfmon report Main Desktop PC.zip SysnativeFileCollectionApp.zip
  8. Hi, I've been getting BSOD's on two of my Win7 machines since about July. It seems to have started around the time that I upgraded to Malwarebytes 3.0, but I was never really sure because it was around that time that I did a Security Only windows update. Both systems of mine that are getting these sporadic BSOD's have Malwarebytes 3.+ and Microsoft Security Essentials. The BSOD's almost always happen around 7:30am - 8:00am. Which is the same time Malwarbytes does it's daily scan. The only thing I have been able to find out through "Who Crashed" is that it's a driver that is triggering the BSOD's (probably the IRST driver). "Who Crashed" says this is the case for both of my systems. I have tried every IRST update available, and still after a few days I wake up to one of my systems having been restarted because of a BSOD. I finally just went back to IRST version I had originally. Also, I have the most current BIOS available on both systems. Lastly, every few days (on both systems) I get some Event ID 2001 "Microsoft Antimalware has encountered an error trying to update signatures". Oh, and I already tried adding exclusions in both Malwarebytes & MSE. I will make this thread about the first one which is my HTPC then open another thread for my other main Desktop. I didn't want to mention both systems in the same thread at first, but the problems/symptoms are exactly the same for both, and the BSOD's started happening at the same time. Any help will be much appreciated. Thanks perfmon report HTPC.zip SysnativeFileCollectionApp.zip
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.