Jump to content

Search the Community

Showing results for tags 'windows7'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 13 results

  1. I recently did a scan with Malwarebytes and once completed there were over 2000 threats detected. One was a Trojan DNS. Proceeded to quarantine and remove all threats. Once removed all internet stopped working. Everything else seems to be working fine. Just cannot get on the internet via wired or wireless connections. I have read seve
  2. Since 17/12/2018 I started getting intermittent random PC freezes/lockups on my Windows 7 PC. I'm a long term user of MB, also on two Windows 10 PCs which are not having any problems. My MB version on the Windows 7 PC (now uninstalled) were: Malwarebytes Version: 3.5.1.2711 Component Package Version: 1.0.508 Update Package Version: 1.0.8722 My Windows 7 version is: Windows 7 Ultimate Version 6.1 (Build7601: Service Pack 1) My PC would freeze (screen frozen no mouse, or keyboard action possible) at random intervals, anywhere from 2 minutes after login to 120 minutes after login. Failures NEVER occurred in Windows Safe Mode with networking enabled, nor in Windows normal mode with the Ethernet network disconnected. Failures DID occur in Windows Normal Mode at a login prompt, without any users logged in or any applications running. Unaware that MB was the cause of my freezes, following one of the failures, I detected activity in the log file MBAMSERVICE.LOG as pasted below. Accessing reports in these Malwarebytes forums I read entries about MB causing freezes earlier in 2018 such as "3.4.4 is freezing my computer" By Anorax, March 12, 2018 in Malwarebytes 3 Support Forum, so I decided to completely uninstall MB on my Windows 7 PC. From the time I first logged in to Windows 7 normal mode after Malwarebytes was removed (now some 30 hours) I have not had any further PC Freezes, or lockups. What I am trying to determine is whether others have had similar 'freezing lockups' in Windows 7? What version of MB I should be using to prevent them? And is there any configuration action I can take to prevent such freezes/lockups happening again? Thank you. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ My PC freeze occurred at 01/11/19 17:19:34 following which I rebooted my PC into Safe Mode at 17:37:22. The entries in this file near the time of failure, there were many Warning entries prior to the PC freeze/lockup: 01/11/19 " 16:19:31.722" 663499 0228 09b8 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 16:19:35.691" 667465 0e9c 0f54 INFO ActionsShim ActionsShim::FinishUpdate "actionsshim.cpp" 129 "Finishing u 01/11/19 " 16:19:35.838" 667606 0e9c 0f54 INFO MBAMShimImpl MBAMShimImpl::FinishUpdate "mbamshimimpl.cpp" 131 "MBAMCor 01/11/19 " 16:19:35.979" 667746 0e9c 0f54 INFO MBAMShimImpl MBAMShimImpl::InitializeInternal "mbamshimimpl.cpp" 62 01/11/19 " 16:19:33.194" 664971 01dc 020c WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 16:19:38.137" 669914 0228 09b8 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 16:19:39.212" 670989 01dc 0258 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 16:19:43.238" 675016 0e9c 0f54 INFO MBAMCoreImpl MBAMCoreImpl::Initialize "mbamcoreimpl.cpp" 123 "MBAMCor 01/11/19 " 16:19:43.238" 675016 0e9c 0f54 INFO BrowserSDKShim BrowserSDKShim::FinishUpdate "browsersdkshim.cpp" 154 01/11/19 " 16:19:43.390" 675156 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Pro 01/11/19 " 16:19:43.390" 675156 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Upd 01/11/19 " 16:19:43.400" 675172 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Upd 01/11/19 " 16:19:43.409" 675187 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Val 01/11/19 " 16:19:44.575" 676342 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Val 01/11/19 " 16:19:44.575" 676342 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Che 01/11/19 " 16:19:44.580" 676357 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Pro 01/11/19 " 16:19:44.580" 676357 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoU 01/11/19 " 16:19:44.580" 676357 0e9c 1424 INFO CleanControllerImpl CleanDBParser::Parse "cleandbparser.cpp" 18 "Parsing 01/11/19 " 16:19:44.582" 676357 0e9c 1424 INFO GalaxyRuleParser mb::common::galaxyrules::SimpleRuleFileParserV2::Parse 01/11/19 " 16:19:44.630" 676394 0e9c 1678 INFO MBAMWebProtection CSIRPCompleteCanceledIrp "cancelsafeirps.c" 99 "Min 01/11/19 " 16:19:44.630" 676394 0e9c 167c INFO MBAMWebProtection CSIRPCompleteCanceledIrp "cancelsafeirps.c" 99 "Min 01/11/19 " 16:19:44.634" 676398 0e9c 1690 INFO MBAMWebProtection DriverDispatchCleanup "driver.c" 203 "Client has disc 01/11/19 " 16:19:44.638" 676402 0004 0040 INFO MBAMWebProtection AddressHostFinalize "addresshost.c" 404 "At most 0 'loca 01/11/19 " 16:19:44.638" 676402 0004 0040 INFO MBAMWebProtection DriverUnload "driver.c" 162 "MBAMWebProtection servi 01/11/19 " 16:19:44.883" 676654 0e9c 1500 INFO MWACShimImpl MwacShimImpl::Initialize "mwacshimimpl.cpp" 357 "Initial 01/11/19 " 16:19:44.909" 676685 0e9c 1500 INFO MWACShimImpl MwacShimImpl::InitializeInternal "mwacshimimpl.cpp" 113 01/11/19 " 16:19:44.909" 676685 0e9c 1500 INFO MwacLibImpl MWAC_Initialize "mwaclib.cpp" 27 "Initializing Mwac SDK (3.1. 01/11/19 " 16:19:46.035" 677808 0e9c 1500 INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InitializeMw 01/11/19 " 16:19:45.211" 676987 0004 002c INFO MBAMWebProtection DriverEntry "driver.c" 121 "MBAMWebProtection service s 01/11/19 " 16:19:45.214" 676990 0e9c 062c INFO MBAMWebProtection DriverDispatchCreate "driver.c" 191 "Client has conn 01/11/19 " 16:19:48.151" 679928 0228 0310 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj ~ 01/11/19 " 17:08:33.126" 3604903 0c28 0690 INFO MBAMChameleon EnumerateAndDeleteIfeoKeys "watchdog-common.c" 1029 "Enu 01/11/19 " 17:08:33.126" 3604903 0c28 0690 INFO MBAMChameleon EnumerateAndDeleteIfeoKeys "watchdog-common.c" 1099 "Enu ~ 01/11/19 " 17:18:51.980" 4223757 01dc 0258 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 17:19:01.153" 4232930 0228 09b8 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 17:19:04.023" 4235800 01dc 0258 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 17:19:11.167" 4242944 0228 0310 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 17:19:13.058" 4244835 01dc 0258 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 17:19:21.168" 4252945 0228 0310 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 17:19:22.087" 4253864 01dc 0224 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 17:19:26.584" 4258359 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Val 01/11/19 " 17:19:27.755" 4259529 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Val 01/11/19 " 17:19:27.755" 4259529 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Che 01/11/19 " 17:19:27.760" 4259529 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoU 01/11/19 " 17:19:27.760" 4259529 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoU 01/11/19 " 17:19:27.761" 4259529 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Get 01/11/19 " 17:19:27.761" 4259529 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Get 01/11/19 " 17:19:27.761" 4259529 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::Get 01/11/19 " 17:19:28.930" 4260699 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoU 01/11/19 " 17:19:28.930" 4260699 0e9c 0f54 INFO UpdateControllerImpl mb::updatecontrollerimpl::CUpdateControllerImpl::DoU 01/11/19 " 17:19:31.182" 4262959 0228 0320 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj 01/11/19 " 17:19:34.131" 4265908 01dc 0224 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "Obj Following this entry my PC froze/locked up. Restarted PC. 1101/11/19 " 17:37:22.399" 24273 042c 0448 INFO LogController CLogController::Start "logcontroller.cpp" 93 "Started log 01/11/19 " 17:37:22.399" 24273 042c 0448 INFO LogController CLogController::Start "logcontroller.cpp" 95 "Local time
  3. Can you help to overcome following problem Malwarebytes Premium blocks Microsoft Office Word Malicious Memory Protection Exploit: 1 Malware.Exploit.Agent.Generic, , blocked, [0], [392684],0.0.0 Exploit code executing from Heap memory blocked In addition, I also run EMET 5.0, which reports the following when trying to open Word or Excel, which both get blocked by EMET 5.0: EMET detected SimExecFlow mitigation and will close the application Assuming that Malwarebytes and EMET 5.0 are fully compatible, I wonder what is causing the problem: Here is the report of Malwarebytes: -Exploit-Daten- Malwarebytes www.malwarebytes.com -Protokolldetails- Datum des Schutzereignisses: 23.03.18 Uhrzeit des Schutzereignisses: 08:46 Protokolldatei: 44d01e5a-2e6e-11e8-b14b-00241d745f82.json Administrator: Ja -Softwaredaten- Version: 3.4.4.2398 Komponentenversion: 1.0.322 Version des Aktualisierungspakets: 1.0.4458 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: System -Einzelheiten zu Exploits- Datei: 0 (keine bösartigen Elemente erkannt) Exploit: 1 Malware.Exploit.Agent.Generic, , Blockiert, [0], [392684],0.0.0 -Exploit-Daten- Betroffene Anwendung: Microsoft Office Word Schutzebene: Malicious Memory Protection Schutzverfahren: Exploit code executing from Heap memory blocked Dateiname: URL: END Thanks for any help and advice on this most annoying and concering problem. A. Naseweiss
  4. Hi, Recently we have been experiencing random and spiking plague of the BSOD on our Dell systems (all latitude E7470 + very recently some OptiPlex AIO). For almost all of the machines it is related to either Intel WiFi or Graphic driver (Widi). Some are Kernel_data_inpage and other. Recently we were able to narrow plenty of those errors to malwarebytes. For example, one of the machines was restored to factory image. Some basic software was installed. It looked to be fine until Malwareybtes was installed - instant crash right and left. You would boot computer, login and every few minutes it would result in blue screen. Once malwarebytes was removed BSOD would stop. We have reinstalled it and it seems to be fine now. It is really puzzling. We are using endpoint + anti-exploit. I know dell puts a lot of crap software on their images but this is what we have to live with. Maybe something gets in conflict? Does anyone else experience similar problems? I would say it started around those updates for Intel processors. Any chance malwarebytes has problem with it? I am more than happy to answer any questions.
  5. I have downloaded a torrent of sims 4 game it was 16 GB so I lefted 2 days downloading after the torrent finished the popups websites on google chrome keep opening and cmd saying it is transfering files and there was written simstransfer.info and many process then navigate to copied successfully of two files but when I tried to capture the process so I can put it here it goes away fast to another in cmd and then cmd stay opened and doesn't go by itself .. I then close it by myself... I have tried many antimalwares but they did nothing although I saw the reports and removed malwares but the problem still exist, tried Hitman and tried them in safe mode with networking but still the same what I have noticed is that cmd starts poping up and so for the websites pop ups when startup and then repeats in different times through the day. I uninstalled utorrent and any of the recent programs.In cmd says that is from system 32. If I can capture the cmd proccess I will put here... and thank you.
  6. Good afternoon I downloaded an Internet program and at the time of installation entered a trojan with the name of hijack.exefile I already ran the scan with the malware and every time I restart the computer it back would like help and support to solve my program is bought and I already downloaded the dds.src and already did the scan I would like to Pulb what appears in the TXT of the DDS hugs from Brazil Note: My programs only open when I open as ADM DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 Run by Usuario at 13:10:48 on 2017-11-13 Microsoft Windows 7 Professional 6.1.7601.1.1252.55.1046.18.16285.13055 [GMT -2:00] . AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B} SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\DAODx.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe F:\Program Files (x86)\Steam\Steam.exe F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll uRun: [Spotify Web Helper] C:\Users\Usuario\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart uRun: [uTorrent] "C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 TCP: NameServer = 192.168.0.1 TCP: Interfaces\{E532C053-0A6C-4C55-B342-8A9C6715F8A2} : DHCPNameServer = 192.168.0.1 SSODL: WebCheck - <orphaned> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-SSODL: WebCheck - <orphaned> x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\x3xoe7yl.default\ FF - plugin: C:\Program Files\VideoLAN\VLC\npvlc.dll . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2017-9-20 83656] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2017-9-20 43720] R0 MBAMChameleon;MBAMChameleon;C:\Windows\System32\drivers\MbamChameleon.sys [2017-11-12 192952] R0 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\mbamswissarmy.sys [2017-11-12 252232] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2017-9-24 283064] R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Windows\System32\drivers\mbae64.sys [2017-9-25 77440] R1 wsddntf;Diebold Network Monitor;C:\Windows\System32\drivers\wsddntf.sys [2017-10-29 36984] R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-9-20 817760] R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-9-26 2257016] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2017-9-20 246272] R2 Focusrite Control Server;Focusrite Control Server;C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [2017-9-22 1313792] R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-9-25 6058960] R2 TeamViewer;TeamViewer 12;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-9-21 10803440] R2 Warsaw Technology;Warsaw Technology;C:\Program Files\Diebold\Warsaw\core.exe [2017-10-29 1056304] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2013-8-16 140032] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2013-8-16 424192] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2017-9-20 95760] R3 FocusriteUSB;Focusrite USB;C:\Windows\System32\drivers\FocusriteUSB.sys [2017-9-22 87056] R3 FocusriteUSBAudio;Focusrite USB Audio;C:\Windows\System32\drivers\FocusriteUSBAudio.sys [2017-9-22 45072] R3 FocusriteUSBMidi;Focusrite USB MIDI;C:\Windows\System32\drivers\FocusriteUSBMidi.sys [2017-9-22 36880] R3 FocusriteUSBSwRoot;USB Audio Root;C:\Windows\System32\drivers\FocusriteUSBSwRoot.sys [2017-9-22 88592] R3 MBAMFarflt;MBAMFarflt;C:\Windows\System32\drivers\farflt.sys [2017-11-12 110016] R3 MBAMProtection;MBAMProtection;C:\Windows\System32\drivers\mbam.sys [2017-11-12 45504] R3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2017-11-12 84256] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2017-9-20 943832] S1 wsddfac;wsddfac;C:\Windows\System32\drivers\wsddfac.sys [2017-10-29 28376] S1 wsddpp;Warsaw - Driver (PP);C:\Windows\System32\drivers\wsddpp.sys [2017-10-29 25184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-4-21 107656] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-4-21 128648] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-7-18 358880] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 iobit_monitor_server;iobit_monitor_server;C:\PROGRA~2\IObit\ADVANC~1\drivers\Monitor_win7_x64.sys [2017-11-12 14680] S3 StorSvc;Serviço de Armazenamento;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 wsddprm;Warsaw - Driver (PRM);C:\Windows\System32\drivers\wsddprm.sys [2017-10-29 25184] . =============== Created Last 30 ================ . 2017-11-12 19:36:42 -------- d-----w- C:\ProgramData\ProductData 2017-11-12 19:36:24 -------- d-----w- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A} 2017-11-12 19:36:23 -------- d-----w- C:\Program Files (x86)\Common Files\IObit 2017-11-12 19:36:14 -------- d-----w- C:\Users\Usuario\AppData\Roaming\IObit 2017-11-12 19:36:14 -------- d-----w- C:\Program Files (x86)\IObit 2017-11-12 19:35:57 -------- d-----w- C:\ProgramData\IObit 2017-11-12 19:20:51 -------- d-----w- C:\Users\Usuario\AppData\Local\ElevatedDiagnostics 2017-11-12 16:10:26 192952 ----a-w- C:\Windows\System32\drivers\MbamChameleon.sys 2017-11-12 16:10:24 84256 ----a-w- C:\Windows\System32\drivers\mwac.sys 2017-11-12 16:10:24 45504 ----a-w- C:\Windows\System32\drivers\mbam.sys 2017-11-12 16:10:24 252232 ----a-w- C:\Windows\System32\drivers\mbamswissarmy.sys 2017-11-12 16:10:24 110016 ----a-w- C:\Windows\System32\drivers\farflt.sys 2017-11-12 11:17:02 0 ----a-w- C:\Windows\directx.sys 2017-11-12 00:18:40 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2017-11-09 20:49:24 -------- d-sh--w- C:\ProgramData\SecuROM 2017-11-09 20:43:48 -------- d-----w- C:\Windows\SysWow64\xlive 2017-11-09 20:43:48 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2017-11-09 20:41:24 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll 2017-10-29 21:46:57 36984 ----a-w- C:\Windows\System32\drivers\wsddntf.sys 2017-10-29 21:46:57 28376 ----a-w- C:\Windows\System32\drivers\wsddfac.sys 2017-10-29 21:46:57 25184 ------w- C:\Windows\System32\drivers\wsddprm.sys 2017-10-29 21:46:57 25184 ------w- C:\Windows\System32\drivers\wsddpp.sys 2017-10-29 21:46:55 -------- d--h--w- C:\Program Files (x86)\GAS Tecnologia 2017-10-29 21:46:55 -------- d--h--w- C:\Program Files (x86)\Diebold 2017-10-29 21:46:34 -------- d-----w- C:\Program Files\Diebold 2017-10-29 21:45:47 -------- d-----w- C:\Users\Usuario\AppData\Local\Aplicativo Itau 2017-10-25 21:03:31 -------- d-----w- C:\Users\Usuario\aTubeCatcher 2017-10-23 18:51:38 -------- d-----w- C:\Users\Usuario\AppData\Roaming\Cycling '74 . ==================== Find3M ==================== . 2017-11-11 16:27:12 16 ----a-w- C:\Windows\System32\msvcsv60.dll 2017-11-11 16:27:12 16 ----a-w- C:\Users\Usuario\AppData\Roaming\msregsvv.dll 2017-10-29 21:48:42 1856 ----a-w- C:\Windows\Fonts\Warsaw Bold.ttf 2017-10-09 16:16:04 77440 ----a-w- C:\Windows\System32\drivers\mbae64.sys 2017-09-25 18:30:17 7649280 ----a-w- C:\Program Files (x86)\GUT3C93.tmp 2017-09-24 19:20:49 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2017-09-24 19:20:49 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll 2017-09-24 19:20:49 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll 2017-09-24 15:27:59 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2017-09-20 21:24:00 1864 ----a-w- C:\Windows\Fonts\dbldwrsw.ttf 2017-09-20 20:48:12 0 ----a-w- C:\Windows\ativpsrm.bin . ============= FINISH: 13:11:00,68 ===============
  7. Hello, wonderful helpers! My desktop computer is running in 64 bit mode with Windows 7 professional with service pack 1 with an i7 CPU and 16GB RAM. It is protected by MALWAREBYTES PREMIUM. Malwarebytes version 3.0.6.1469, version of compnents package 1.0.103, version of actualisation package 1.0.3171, edition premium, correct licence id, correct licence key, status unlimited. I am having problems running the update as usual. No update is done after a longer time of waiting. I really need help and will follow your instructions in topic Hope to hear of you soon! Andy Munich, Germany
  8. Hello, so I had a weird error message popping up in my Windows 7 x64 so I ran all the available security tools, and I unfortunately found a couple of infections. The strangest thing was that there was a Mozilla.zip (with the content of the Firefox /AppData files) in my Roaming folder created last night, so I was wondering if my passwords have been stolen, as I save a lot of them in Firefox and I had no Master Password? I would be also grateful if anyone could check my log files, but I guess my system is clean now, only the Mozilla.zip bugs me..... Malwarebytes.txt AdwCleaner[S0].txt FRST.txt Addition.txt ComboFix.txt HitmanPro_20171024_1332.log
  9. Hello- my computer has recently started doing something very unusual such as blocking programs (that are unharmful), Popping up everytime I log in, everytime I open up my browser, or any other app/program, and also pops up if I don't touch my computer for a certain amount of time. It started doing this about a week ago and I'd really like to resolve it. Each time it pops up it says the same thing: "C:Windows\system32\ncrypt.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support." I've tried uninstalling C:Windows\system32\ncrypt.dll to re-install it but it won't even do that! Please help
  10. While I was out, I got bluescreened. WhoCrashed is telling me that Win7 is blaming the Anti-Ransomware module. As per support sticky, mb-check results(with FRST results) is attached, as is the log: mb-check-results.zip
  11. I scanned my Win7 with Malwarebytes after it experienced issues. 3 generic Trojans were found& removed. Cleanup / restart took overnight to run. My PC starts now but I always get a BSOD about 5 minutes after startup, even in Safe Mode. I've downloaded FRST & run. It doesn't finish before the reboot, logs are attached. I'd greatly appreciate any recommendations on next steps to recover. Addition.txt FRST.txt
  12. Hello. I'm a Windows 7 user and a few months ago, I've changed my laptop's keyboard (hardware) into a new one because some keys were malfunctioned. At first, everything seems fine but soon the keys started to going crazy. Some keys turned to shortcut keys (like opening a new window, open the control panel, etc) or freezed the screen . I don't know whether this got to do with malware or because it has a conflict with other program. After I changed to that new keyboard, I uninstalled some programs, bought and downloaded Microsoft Office 2016 and Malwarebytes Premium 3.0. The problem getting worse so I decided to restore the system. At first, it worked well but later, the same problem came back again. After googling for some help, I found out that my windows key is always stuck (though it seems didn't stuck physically) whenever I open the on-screen keyboard. So I downloaded SharpKeys to disable/turn off the windows key and I confirmed that the key didn't stick on the screen keyboard anymore. But, 'magically', my problem isn't solved yet. Sometimes, the short keys pop up randomly when I type the key *sigh* I have to restart my laptop a few times to make it better. Help me please...
  13. On Monday, I received the upgrade to Malwarebytes 3.0.6 from the previous one and I have to say, I am not happy with it at all. My main gripe is that it has become more resource-heavy when one of its processes, "MBAMProcess", takes up over 300MB of memory and with that number being higher than "explorer.exe" and "svchost.exe" combined, and even worse when I have Mozilla Firefox open that also consumes memory, and this is because I only have 4GB of memory for this laptop (which is a Dell Inspiron N7010) and when I performed the first scan with it, the laptop is forced to work harder as it causes its fan to spin faster, implicating that the scanning process is now much more intense and to be frank, is not good for a seven-year old machine. Don't want the fan to wear out each time I do a scan. Also, the animations within the program are somewhat choppy even during the scan and from what I've seen and experienced, I feel this is more optimised for Windows 10 but that's solely my opinion. Unhappy with this, I decided to downgrade it back to 2.2.1.1043 but after I did that, I am denied of real-time protection and with the program nagging me to upgrade each time I open it. Even if this has three more months of support, I feel this is entirely not fair unless I done something wrong. According to the FAQ, I didn't know you had to reboot after the removal of the new version and then install the older one. Maybe that's why I'm getting this but, I don't know. I don't really want to part with the software itself as it has been very good to me since I had it, and I hope things will change for the next release even with what I said above.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.