Issue with SpyShelter Premium, Zemana AntiLogger, and other security software

[YvesStrassburg]

The latest version Malwarebytes' Anti-Malware 1.60.0.1800 is not compatible with my SpyShelter premium 5.40 http://www.spyshelter.com/ .

I tried out every hint given in this thread: no way. I did not make Malwarebytes' Anti-Malware 1.60.0.1800 running on my machines (Windows XP SP3).

But i found another way: i went back to my Malwarebytes' Anti-Malware 1.51.2.1300, waiting for a new and better version of Malwarebytes' Anti-Malware in the future.

For not having 15 nag-screens each day meaning "Install the latest version of Malwarebytes' Anti-Malware", i took out the second checkmark in

I recommend doing in this way, and you will have no problems at all any more :-)

Edited January 10, 2012 by Mainard
Removed links

[YvesStrassburg]

Unfortunately this forum has no EDIT function.

The latest version Malwarebytes' Anti-Malware 1.60.0.1800 is not compatible with my SpyShelter premium 5.40.

I tried out every hint given in this thread: no way. I did not make Malwarebytes' Anti-Malware 1.60.0.1800 running on my machines (Windows XP SP3).

But i found another way: i went back to my Malwarebytes' Anti-Malware 1.51.2.1300, waiting for a new and better version of Malwarebytes' Anti-Malware in the future.

For not having 15 nag-screens each day meaning "Install the latest version of Malwarebytes' Anti-Malware", i took out the second checkmark in

I recommend doing in this way, and you will have no problems at all any more :-)

Edited January 10, 2012 by Mainard
Removed Links

[YvesStrassburg]

Quote: "This post has been edited by Mainard: Today, 05:33 PM

Reason for edit: Removed Links"

Thanks Meinard, for having removed links, and for having exchanged the german picture into an english picture as well

Your english picture is fitting better here in an english forum, indeed.

[Spec-V]

@YvesStrassburg,

Please describe the issue that you are having. If there is an error code or message, copy and paste it here or take a screenshot of it.

Thanks.

[YvesStrassburg]

@Spec-V

Hello Spec-V,

I see, the problems of Malwarebytes' Anti-Malware 1.60.0.1800 already fill 18 pages.

As i do not wish to communicate the same story three times, means: to Malwarebytes', Spyshelter and Zemana, both support@spyshelter.com and support@zemana.com are looking to this thread of http://forums.malwarebytes.org/index.php?showtopic=103148&st=340 here and reading (perhaps also writing).

Well, on my other three desktop machines the concerned programs are running already longer without any problems, but i did not use them since 2011-12-28.

So I copied out the following events only of my Windows XP installation- and remark-log for my three Medion Akoya laptops E1212b (blanc, white) E1212a (argenté, silver) and E1210n (noir, black), 1600 MHz Intel Atom, 2 GB RAM:

- On 2010-04-30 i installed Zemana AntiLogger 1.9.2.203

- On 2010-05-11 i went from Malwarebytes' Anti-Malware 1.41 to Malwarebytes' Anti-Malware 1.46

- On 2010-05-21 i installed Zemana AntiLogger 1.9.2.205

- Between 2010-11-09 and 2011-01-21 i installed Malwarebytes Anti-Malware 1.50.0.0

- Between 2011-01-21and 2011-01-28 i installed Malwarebytes' Anti-Malware 1.50.1.1100

- On 2011-05-16 i uninstalled Zemana AntiLogger 1.9.2.205 as its key became outdated

- On 2011-05-16 i installed SpyShelterFree 5.14.0.0

- On 2011-05-30 i installed SpyShelter Free 5.20

- Between 2011-07-09 and 2011-07-15 i installed Malwarebytes' Anti-Malware 1.51.1.1800

- On 2011-07-26 i installed SpyShelter free 5.40

- On 2011-06-08 i installed Malwarebytes' Anti-Malware 1.51.0.1200

- On 2011-08-07 i installed SpyShelter premium 5.40

- On 2011-09-13 i installed Malwarebytes' Anti-Malware 1.51.2.1300

- On 2011-12-28 i installed Zemana AntiLogger 1.9.2.819

+ + + + + + + + + + + + + + + + + + + + + all was fine up to now, but ..

- On 2011-12-28 i installed Malwarebytes' Anti-Malware 1.60.0.1800

- On 2011-12-28 restauration of Acronis True Image Home 2009 12.0.9769.15-backup "1600_XPA_C_2011-12-28_02.32_b.tib" because i didn't know if it has been SpyShelter premium 5.40 or Zemana AntiLogger 1.9.2.819 which caused the start-problems of Malwarebytes' Anti-Malware 1.60.0.1800

- On 2011-12-28 i uninstalled SpyShelter premium 5.40

- On 2011-12-28 i installed Zemana AntiLogger 1.9.2.819

- On 2011-12-29 restauration of Acronis True Image Home 2009 12.0.9769.15-backup "1600_XPA_C_2011-12-29_04.58_b.tib" (not containing SpyShelter premium 5.40, but Zemana AntiLogger 1.9.2.819) as i got plenty of blue screens (BSOD), received MEMORY.DMP (occupying 2086128 kb in C:\Windows). I was not amused.

- On 2011-12-30 i installed Malwarebytes' Anti-Malware 1.60.0.1800

- On 2011-12-31 restauration of Acronis True Image Home 2009 12.0.9769.15-backup "1600_XPA_C_2011-12-28_02.32_b.tib" because there were too much blue screens (BSOD) since the installation de Malwarebytes' Anti-Malware 1.60.0.1800

- On 2012-12-31 i installed Zemana AntiLogger 1.9.2.819

- On 2012-12-31 i uninstalled SpyShelter premium 5.40, as it seemed to disturb Zemana AntiLogger 1.9.2.819 in good running. There were still blue screens (BSOD)

- On 2012-01-02 restauration of Acronis True Image Home 2009 12.0.9769.15-backup "1600_XPA_C_2011-12-28_02.32_b.tib" because there were still blue screens (BSOD). I was tired and fed up.

Conclusions

1. Since this, Malwarebytes' Anti-Malware 1.51.2.1300 and SpyShelter free 5.40 are running fine, like before.

2. It seems that SpyShelter free 5.40 is not running with Zemana AntiLogger 1.9.2.819.

3. It is clear that Malwarebytes' Anti-Malware 1.60.0.1800 is not running with Zemana AntiLogger 1.9.2.819 and SpyShelter free 5.40.

4. It seems that Malwarebytes' Anti-Malware 1.51.2.1300 is running with Zemana AntiLogger 1.9.2.819, but i did not test it long enough.

Do you understand that i got tired ?

I could still test if

5. Malwarebytes' Anti-Malware 1.51.2.1300 runs with Zemana AntiLogger 1.9.2.819

6. Malwarebytes' Anti-Malware 1.51.2.1300 runs with SpyShelter premium 5.40 + Zemana AntiLogger 1.9.2.819

"Malwarebytes' Anti-Malware 1.60.0.1800 PRO Features include:

Works Well With Others - Cooperative functionality" - I told you my opinion above

"Chameleon - Gets Malwarebytes running when blocked" - Well, i didn't have the time to try it out ..

"Lock It Down - Password protect key program settings" - The feature i have been waiting since a very long time !

I think, i better wait for the next Malwarebytes' Anti-Malware version or build, and keep running Malwarebytes' Anti-Malware 1.51.2.1300 with SpyShelter premium 5.40.

But what shall i do with Zemana AntiLogger 1.9.2.819?

Best regards

[Spec-V]

Thanks for the info.

I'm assuming you are running the Pro version.

About those BSOD, when and how were you getting it?

Please do not delete the MEMORY.DMP since we might need them if we cannot replicate the BSOD.

Also, download DDS from the link below and save it to your desktop:

http://download.blee...om/sUBs/dds.scr

*Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

*Double click dds.scr to run the tool.

*When done, DDS will open 2 logs: DDS.txt and Attach.txt

*Save both logs to your desktop using notepad.

Attach both logs in your next reply. Thanks.

[YvesStrassburg]

Thanks for the info.

I'm assuming you are running the Pro version.

> Yes, you are right

About those BSOD, when and how were you getting it?

> I got them ALL instantly after logging into Windows XP, when the icons on the screen were installing and the other programs were loading.

Please do not delete the MEMORY.DMP since we might need them if we cannot replicate the BSOD.

> Sorry, i deleted the MEMORY.DMP as it took much space. I downloaded some programs before deleting it, for looking the informations inside, but i understood not that much.

But i do have still 6 screenshots made by my NokiaN93 cellular phone (3 MegaPixels). I can put them here into this forum.

Also, download DDS from the link below and save it to your desktop:

http://download.blee...om/sUBs/dds.scr

*Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

> I did so.

*Double click dds.scr to run the tool.

> I will do so after having created a new Acronis True Image Home 2009 12.0.9769.15-backup.

*When done, DDS will open 2 logs: DDS.txt and Attach.txt

*Save both logs to your desktop using notepad.

Attach both logs in your next reply. Thanks.

Thanks for your help, Spec-V, i will continue this evening, now it's mercredi 11 janvier, 2012 - 11:01:52 AM here in France.

If you like, i could answer you better in french or german, as my english is not that good (enough).

[YvesStrassburg]

Attach.txt

.

==== Installed Programs ======================

.

.

Acronis True Image Home

Ad Muncher v4.92 Build 32700

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Advanced File Security 3

AIMP Classic

AIMP2

AkelPad 4.7.2

Aligner

Allzeit Atomzeit 2.00

Angel Writer 3.1

AnyBizSoft PDF Password Remover (Build 1.2.0)

AO Reminder 2.2

Ashampoo Photo Optimizer 3 v.3.13

Ashampoo Snap 4 v.4.3.0

Ashampoo WinOptimizer 6.30

Ashampoo WinOptimizer 8 v.8.13

Assistant de connexion Windows Live

µTorrent

Auslogics BoostSpeed

Auslogics Registry Cleaner

avast! Antivirus

AviScreen Classic Version 1.3

Azurewave Wireless LAN

Babyplaner

Battery Bar

BatteryBar (remove only)

BatteryCare 0.9.8.11

BayWatcher Pro - Deinstallation

BB FlashBack Pro

BenVista PhotoZoom Pro 3.0.6

Beyluxe Messenger

Biet-O-Matic v2.14.8

BitWise 1.7.3

Boilsoft Video Joiner 6.55

BSR Screen Recorder 4

Camtasia Studio 4

CaptureWizPro 3.60

CCleaner

cFosSpeed v7.00

ClickOff version 1.86

ClipboardPath (Aktueller Benutzer)

ClocX (1.5b2)

COMODO Internet Security

COMODO System - Cleaner

Compatibility Pack für 2007 Office System

Compatibility Pack for the 2007 Office system

Cool Record Edit Deluxe

Copernic Desktop Search - Home

CrossLoop 2.31

CrystalDiskMark 2.2.0n

CyberLink YouCam

Debugging Tools for Windows (x86)

Device Remover

DFX for Winamp

DirPrintOK

DirReader 1.55

Dkill95

DMEX Tool Collection (uninstall only)

Driver Detective

Driver Genius Professional Edition

Driver Magician 3.65

Duplicate Music Files Finder 1.5.5

Ear Test 1.00

EASEUS Partition Master 6.5.2 Home Edition

eBoostr 4

eMule

EVEREST Ultimate Edition v5.50

Everything 1.2.1.371

Exact Audio Copy 1.0beta3

FastStone Capture 6.9

FastStone Image Viewer 4.2

Feiertage BR-Deutschland xp2v

File Mover v1.9 (remove only)

Folder Size for Windows

Folderico 4.0 RC2

FolderMatch v3.4.8

FolderMatch v3.4.8 (C:\Programme\FolderMatch\)

FolderMatch v3.5.3

Fraps (remove only)

Free Download Manager 3.8

Free Hide IP

Free Video Dub version 1.8

Free YouTube Download 2.2

Gadwin PrintScreen

GetFoldersize 2.2.6

Glary Utilities Pro 2.29.0.1032

GOM Player

Google Earth Plug-in

Google Update Helper

Hardcopy (d:\Programme\Hardcopy)

HD Tune Pro 3.10

Hex Workshop v5.1

Host OpenAL

Hotfix für Windows Internet Explorer 7 (KB947864)

Hotfix für Windows XP (KB2570791)

Hotfix für Windows XP (KB2633952)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HWiNFO32 Version 2.35

IMTranslator

inSpeak build544

inSSIDer 2.0

Installation Windows Live

Intel® Graphics Media Accelerator Driver

Internet Mobile

IrfanView (remove only)

Java Auto Updater

Java 6 Update 29

JDownloader 0.9

jv16 PowerTools 2009

KC Softwares SUMo

Kcast Beta 2.0.0

KeyScrambler

L&H TTS3000 Français

Last.fm 1.5.4.27091

Lernout & Hauspie TruVoice American English TTS Engine

Letstrade

LetsTrade Komponenten

LingoPad 2.5.1 (Build 325)

Loaris Trojan Remover 1.2

MacroX

Malwarebytes' Anti-Malware version 1.51.2.1300

Manage PC Shut Down 1.0

Microsoft .NET Framework 2.0 Language Pack - DEU

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Excel Viewer 97

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft MPEG-4 VKI Video Codec V1/V2/V3

Microsoft National Language Support Downlevel APIs

Microsoft Office Excel Viewer

Microsoft Office File Validation Add-In

Microsoft Office Professional Edition 2003

Microsoft PowerPoint Viewer

Microsoft PowerPoint Viewer 97

Microsoft Text-to-Speech Engine 4.0 (English)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Word Viewer 97

Mmm

Modem LG LDU-1900D

Module Français pour Irfanview version 4.27

MSN Messenger 7.0

MSVC80_x86

MSVC80_x86_v2

MSVCRT

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 6.0 Parser

MyConnection PC Lite Edition

NanoGrid

NanoTools

NetBalancer

NetSpeedMonitor 2.5.4.0 x86

Network Stumbler 0.4.0 (remove only)

NetWorx 5.2.1

Nitro PDF Professional

No-IP.com DUC (remove only)

No23 Recorder

Nokia Connectivity Cable Driver

Nokia PC Suite

Nokia Software Updater

Nuance PDF Converter Professional 7

Office Recovery

ooVoo

ooVoo Toolbar

OpenOffice.org Installer 1.0

Outil de téléchargement Windows Live

Paltalk Messenger

Paragon Hard Disk Manager™ 2010 Professional

Paragon Partition Manager 8.5 Special Edition

Paragon Partition Manager™ 11 Professional

PC Connectivity Solution

PDF-Viewer

PeerBlock 1.1 (r518)

PerfectDisk 11 Professional

PhotoMizer

PhotoScape

PlanMaker Viewer

Polyglot 3000 (Version 3.63)

PowerISO

Prevx CSI

Process Lasso

RAID Reconstructor

RAID Recovery for Windows

RaimaRadio 2.05

Rainbow Folders

REALTEK GbE & FE Ethernet PCI-E NIC Driver

Realtek High Definition Audio Driver

REALTEK Wireless LAN Driver and Utility

Registry First Aid

Registry Mechanic 9.0

Registry System Wizard

RK-WLAN-Keygen

RW-Everything v1.3

Sandboxie 3.46

Scansoft PDF Professional

SeaTools for Windows

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Segoe UI

SereneScreen Aquarium

Shutdown Element 2007

Sicherheitsupdate für Microsoft Windows (KB2564958)

Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2)

Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)

Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)

Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)

Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)

Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)

Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)

Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)

Sicherheitsupdate für Windows Internet Explorer 7 (KB969897)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2360131)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2416400)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2497640)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2530548)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2559049)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444)

Sicherheitsupdate für Windows Internet Explorer 8 (KB969897)

Sicherheitsupdate für Windows Internet Explorer 8 (KB971961)

Sicherheitsupdate für Windows Internet Explorer 8 (KB972260)

Sicherheitsupdate für Windows Internet Explorer 8 (KB974455)

Sicherheitsupdate für Windows Internet Explorer 8 (KB976325)

Sicherheitsupdate für Windows Internet Explorer 8 (KB978207)

Sicherheitsupdate für Windows Internet Explorer 8 (KB981332)

Sicherheitsupdate für Windows Internet Explorer 8 (KB982381)

Sicherheitsupdate für Windows XP (KB2544893-v2)

Sicherheitsupdate für Windows XP (KB2567053)

Sicherheitsupdate für Windows XP (KB2570947)

Sicherheitsupdate für Windows XP (KB2592799)

Sicherheitsupdate für Windows XP (KB2618451)

Sicherheitsupdate für Windows XP (KB2619339)

Sicherheitsupdate für Windows XP (KB2620712)

Sicherheitsupdate für Windows XP (KB2624667)

Sicherheitsupdate für Windows XP (KB2633171)

Sicherheitsupdate für Windows XP (KB2639417)

Sicherheitsupdate für Windows XP (KB923789)

Skype 3.0

Snagit 10

Snagit 9.1.2

Spybot - Search & Destroy

SpyShelter Premium 5.40

Spyware Doctor 6.0

Startup Delayer v2.5 (build 138)

Steganos Safe 12

StickyNote

STK03N

Sweepi 5.4.00

System Control Manager

TapinRadio 1.37

TClockEx v1.4.2 en français

TextMaker Viewer

Total Recorder 7.1

TreeSize Free V2.4

TuneUp Utilities 2007

TV-Browser 3.0.2

Tweak UI

TweakNow RegCleaner

TypeItIn

Ulead PhotoImpact 12

UltraEdit 15.20 SE

Uninstall 1.0.0.1

Unlocker 1.8.9

Update für Windows Internet Explorer 8 (KB971930)

Update für Windows Internet Explorer 8 (KB973874)

Update für Windows Internet Explorer 8 (KB976662)

Update für Windows Internet Explorer 8 (KB980182)

Update für Windows XP (KB2616676-v2)

Update für Windows XP (KB2641690)

Update für Windows XP (KB955704)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

URL Snooper v2.29.01

USB 2.0 Card Reader

Visual C++ CRT 9.0

VLC media player 1.1.11

VoiceSwitch 1.4

WebcamMax

WebFldrs XP

Webserver Stress Tool 7

Wecker 2.2 2.2

WeFi 3.10.0.9

WIDCOMM Bluetooth Software

Winamp

WinASO Disk Cleaner 2.5

WinASO EasyTweak 2.1.4

WinASO RegDefrag 1.2

WinASO Registry Optimizer 4.2

WinASO Registry Optimizer 4.5.1

Windows-Sicherungsprogramm

Windows-Treiberpaket - Nokia Modem (02/15/2007 3.1)

Windows-Treiberpaket - Nokia Modem (05/22/2008 3.8)

Windows-Treiberpaket - Nokia Modem (05/24/2007 6.84.0.1)

Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4)

Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2)

Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)

Windows Internet Explorer 8

Windows Live Call

Windows Live Communications Platform

Windows Media Format 11 runtime

Windows Media Player 11

WinGlobe

WinPatrol 2009

WinPcap 4.1.2

WinRAR Archivierer

Wise Disk Cleaner Professional v5.93

Wise Registry Cleaner 4 Professional V4.9

WiseDocManager 1.54

Wondershare LiveBoot 2012 (Build 7.0.1)

WOT for Internet Explorer

WWW File Share Pro 5.40

xp-AntiSpy 3.97-11

XQDC X-Setup Pro 9.0.100

XviD MPEG-4 Video Codec

Yahoo! Messenger

Zattoo 3.2.4 Beta

Zattoo4 4.0.5

ZD Soft Screen Recorder

ZD Soft Screen Video Decoder

.

==== End Of File ===========================

DDS.txt

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by yves at 21:07:04 on 2012-01-11

.

============== Running Processes ===============

.

C:\Programme\Widcomm Bluetooth Software\bin\btwdins.exe

C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe

C:\Programme\Alwil Software Avast\aswUpdSv.exe

C:\Programme\Alwil Software Avast\ashServ.exe

C:\Programme\cFosSpeed\spd.exe

C:\Programme\eBoostr\EBstrSvc.exe

C:\Programme\Java\jre6\bin\jqs.exe

C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Programme\Alwil Software Avast\ashWebSv.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Programme\Alwil Software Avast\ashDisp.exe

C:\Programme\WinPatrol\winpatrol.exe

C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe

C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe

C:\Programme\cFosSpeed\cFosSpeed.exe

C:\Programme\Ad Muncher\AdMunch.exe

C:\WINDOWS\PromptService.exe

C:\Programme\Everest Ultimate Edition\everest.exe

C:\Programme\PeerBlock\peerblock.exe

C:\Programme\SpyShelter Personal Free\SpyShelter.exe

D:\Programme\ClocX\ClocX.exe

C:\Programme\KeyScrambler\KeyScrambler.exe

C:\Programme\MyBits PC-RunTimer\PC-RunTimer.exe

D:\Programme\Yahoo!\Messenger\YahooMessenger.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Programme\FastStone Capture\FSCapture.exe

C:\Dokumente und Einstellungen\yves\Desktop\dds.scr

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyServer = http=;ftp=;https=;

mSearchAssistant = about:blank

BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\programme\techsmith\snagit 10\SnagitBHO.dll

BHO: PlusIEEventHelper Class: {551a852f-39a6-44a7-9c13-afbec9185a9d} - c:\programme\nuance\pdf professional 7\bin\PlusIEContextMenu.dll

BHO: ooVoo Toolbar: {a057a204-bacc-4d26-8087-36ee87e26986} - c:\programme\oovootoolbar\oovooToolbar.dll

BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\programme\wot\WOT.dll

BHO: ZeonIEEventHelper Class: {da986d7d-ccaf-47b2-84fe-bfa1549bebf9} - c:\programme\nuance\pdf professional 7\bin\ZeonIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programme\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programme\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\programme\techsmith\snagit 10\SnagitIEAddin.dll

TB: Copernic Desktop Search - Home: {968631b6-4729-440d-9bf4-251f5593ec9a} - c:\programme\copernic desktop search 2\DesktopSearchBand300000074.dll

TB: ooVoo Toolbar: {a057a204-bacc-4d26-8087-36ee87e26986} - c:\programme\oovootoolbar\oovooToolbar.dll

TB: &NetWorx Desk Band: {feea54b4-d80f-41c7-87b9-dc08e6d3255f} - c:\programme\networx\deskband.dll

TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\programme\wot\WOT.dll

TB: Nuance PDF: {e3286bf1-e654-42ff-b4a6-5e111731df6b} - c:\programme\nuance\pdf professional 7\bin\ZeonIEFavClient.dll

EB: Copernic Desktop Search - Home: {968631b6-4729-440d-9bf4-251f5593ec9a} - c:\programme\copernic desktop search 2\DesktopSearchBand300000074.dll

EB: Copernic Desktop Search - Home: {9c3fca1f-99e3-48f2-a7f4-dd3931b2f99a} - c:\programme\copernic desktop search 2\DesktopSearchBand300000074.dll

uRun: [EVEREST AutoStart] c:\programme\everest ultimate edition\everest.exe

uRun: [PeerBlock] c:\programme\peerblock\peerblock.exe

uRun: [spyShelter] c:\programme\spyshelter personal free\SpyShelter.exe

uRun: [ClocX] d:\programme\clocx\ClocX.exe

mRun: [avast!] "c:\programme\alwil software avast\ashDisp.exe"

mRun: [WinPatrol] c:\programme\winpatrol\winpatrol.exe -expressboot

mRun: [Comodo Internet Security] "c:\programme\comodo\comodo internet security\cfp.exe" -h

mRun: [startupDelayer] "c:\programme\startup delayer\Startup Launcher GUI.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\programme\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [TrueImageMonitor.exe] c:\programme\acronis\trueimagehome\TrueImageMonitor.exe

mRun: [AcronisTimounterMonitor] c:\programme\acronis\trueimagehome\TimounterMonitor.exe

mRun: [Acronis Scheduler2 Service] "c:\programme\gemeinsame dateien\acronis\schedule2\schedhlp.exe"

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [cFosSpeed] c:\programme\cfosspeed\cFosSpeed.exe

mRun: [Ad Muncher] "c:\programme\ad muncher\AdMunch.exe" /bt

mRun: [PromptService] c:\windows\PromptService.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)

IE: Append the content of the link to existing PDF file - c:\programme\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Append the content of the selected links to existing PDF file - c:\programme\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML

IE: Append to existing PDF file - c:\programme\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=954V7VT1&id=menu_ie_frame

IE: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=954V7VT1&id=menu_ie_image

IE: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=954V7VT1&id=menu_ie_link

IE: Create PDF file - c:\programme\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: Create PDF file from the content of the link - c:\programme\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: Create PDF files from the selected links - c:\programme\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML

IE: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=954V7VT1&id=menu_ie_exclude

IE: Open with PDF Professional 7 - c:\programme\nuance\pdf professional 7\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm

IE: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=954V7VT1&id=menu_ie_report

IE: Senden an &Bluetooth-Gerät... - c:\programme\widcomm bluetooth software\btsendto_ie_ctx.htm

IE: Senden an Bluetooth - c:\programme\widcomm bluetooth software\btsendto_ie.htm

IE: Tout télécharger avec Free Download Manager - file://c:\programme\free download manager\dlall.htm

IE: Télécharger avec Free Download Manager - file://c:\programme\free download manager\dllink.htm

IE: Télécharger la sélection avec Free Download Manager - file://c:\programme\free download manager\dlselected.htm

IE: Télécharger la vidéo avec Free Download Manager - file://c:\programme\free download manager\dlfvideo.htm

IE: Öffnen mit WordPerfect

IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\programme\paltalk messenger\Paltalk.exe

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\programme\widcomm bluetooth software\btsendto_ie.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - c:\programme\keyscrambler\KeyScramblerIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\microsoft office\office11\REFIEBAR.DLL

Trusted Zone: microsoft.com\*.update

Trusted Zone: microsoft.com\*.windowsupdate

Trusted Zone: microsoft.com\update

Trusted Zone: microsoft.com\windowsupdate

Trusted Zone: windowsupdate.com

Trusted Zone: windowsupdate.com\download

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}

DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211625236765

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab

TCP: DhcpNameServer = 78.42.43.62 82.212.62.62

TCP: Interfaces\{390E168C-1840-46BE-9F83-F10CA29FF017} : NameServer = 208.67.220.222,212.82.225.7

TCP: Interfaces\{64AC8903-DD86-494B-89A1-8F4BF9C9D740} : NameServer = 208.67.220.222,212.82.225.7

TCP: Interfaces\{64AC8903-DD86-494B-89A1-8F4BF9C9D740} : DhcpNameServer = 78.42.43.62 82.212.62.62

TCP: Interfaces\{64E2C2BD-DAFF-41E8-AE16-D660C5487B0A} : NameServer = 208.67.220.222,212.82.225.7

TCP: Interfaces\{C92C2DD6-83FF-4687-80BE-44C52762FD50} : NameServer = 208.67.220.222,212.82.225.7

Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\programme\wot\WOT.dll

Notify: igfxcui - igfxdev.dll

Notify: KeyScrambler - KeyScramblerLogon.dll

AppInit_DLLs: c:\windows\system32\guard32.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R? 188103;188103

R? Ambfilt;Ambfilt

R? avast! Mail Scanner;avast! Mail Scanner

R? B-Service;B-Service

R? black;black

R? CFRMD;CFRMD

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service

R? CSIScanner;CSIScanner

R? CV2K1;CommView Network Monitor

R? epmntdrv;epmntdrv

R? EuGdiDrv;EuGdiDrv

R? ewusbnet;HUAWEI USB-NDIS miniport

R? FGUARD32;FGUARD32

R? gupdate;Service Google Update (gupdate)

R? gupdatem;Service Google Update (gupdatem)

R? hwusbdev;Huawei DataCard USB PNP Device

R? IKFileSec;File Security Driver

R? IKSysFlt;System Filter Driver

R? IKSysSec;System Security Driver

R? ksaud;Creative USB Audio Driver

R? ksaudfl;ksaudfl

R? massfilter;ZTE Mass Storage Filter Driver

R? Micro Star SCM;Micro Star SCM

R? NanoGridService;NanoGrid Installer Service

R? NetBalancer Windows Service;NetBalancer Windows Service

R? NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool

R? PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service

R? PDFProFiltSrv;PDFProFiltSrv

R? Poweroff;Poweroff

R? PROCEXP151;PROCEXP151

R? RapFile;RapFile

R? RapNet;RapNet

R? RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter

R? RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter

R? SbieDrv;SbieDrv

R? sdAuxService;PC Tools Auxiliary Service

R? sdCoreService;PC Tools Security Service

R? TotRec8;Total Recorder WDM audio filter driver

R? UsbEvdomAtc;LGE EVDOM USB Serial Port

R? usbevdombus;LGE EVDOM Composite USB Device

R? UsbEvdomDiag;LGE EVDOM USB Serial DM Port

R? USBEVDOmModem;LGE EVDOM USB Modem

R? VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter

R? VBoxNetFlt;VBoxNetFlt Service

R? VBoxUSB;VirtualBox USB

R? WefiEngSvc;WeFi Engine Service

R? WinRing0_1_2_0;WinRing0_1_2_0

R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0

S? aswFsBlk;aswFsBlk

S? aswSP;avast! Self Protection

S? avast! Antivirus;avast! Antivirus

S? avast! Web Scanner;avast! Web Scanner

S? bbcap;bbcap

S? CamthWDM;WebcamMax, WDM Video Capture

S? cmdAgent;COMODO Internet Security Helper Service

S? cmdGuard;COMODO Internet Security Sandbox Driver

S? cmdHlp;COMODO Internet Security Helper Driver

S? eBoost;eBoostr caching filter driver

S? EBOOSTRSVC;eBoostr Service

S? EverestDriver;Lavalys EVEREST Kernel Driver

S? hotcore3;hc3ServiceName

S? HWiNFO32;HWiNFO32 Kernel Driver

S? KeyScrambler;KeyScrambler

S? MBAMProtector;MBAMProtector

S? MBAMService;MBAMService

S? Nbdrv;NetBalancer Service

S? networx;networx

S? NPF;NetGroup Packet Filter Driver

S? pbfilter;pbfilter

S? PSSDK42;PSSDK42

S? pxscan;pxscan

S? pxsec;pxsec

S? RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader

S? RT80x86;Ralink 802.11n Wireless Driver

S? scrcap;scrcap

S? SLEE_17_DRIVER;Steganos Live Encryption Engine 17 [Driver]

S? Spyshelter;Spyshelter

S? tdrpman228;Acronis Try&Decide and Restore Points filter (build 228)

S? TotRec7;Total Recorder WDM audio driver

S? WinFPdrv;WinFPdrv

.

=============== File Associations ===============

.

inffile="c:\windows\system32\AkelPad.exe" "%1"

inifile="c:\windows\system32\AkelPad.exe" "%1"

txtfile="c:\windows\system32\AkelPad.exe" "%1"

.

=============== Created Last 30 ================

.

2012-01-11 19:24:34 -------- d--h--w- c:\dokumente und einstellungen\yves\Druckumgebung

2012-01-11 19:24:34 -------- d-----w- c:\dokumente und einstellungen\all users\Favoriten

2012-01-11 03:39:01 -------- d--h--w- C:\EBOOSTR

2012-01-04 17:53:59 -------- d-----w- c:\dokumente und einstellungen\yves\anwendungsdaten\SoftMaker

2012-01-03 18:21:42 1882104 ----a-w- c:\windows\system32\Codejock.Controls.v15.0.1.ocx

2012-01-03 18:21:41 526184 ----a-w- c:\windows\system32\XceedCry.dll

2012-01-03 18:21:41 110602 ----a-w- c:\windows\system32\xcdsfx32.bin

2012-01-03 18:21:40 456536 ----a-w- c:\windows\system32\XCEEDZIP.DLL

2012-01-03 18:21:29 -------- d-----w- c:\programme\Driver Magician

2012-01-03 15:10:37 -------- d-----w- c:\dokumente und einstellungen\yves\lokale einstellungen\anwendungsdaten\PC_Drivers_Headquarters

2012-01-03 15:10:15 -------- d-----w- c:\dokumente und einstellungen\all users\anwendungsdaten\PC Drivers HeadQuarters

2012-01-03 15:07:13 -------- d-----w- c:\programme\PC Drivers HeadQuarters

2011-12-27 16:19:22 15873 ----a-w- c:\windows\system32\Inetde.dll

2011-12-27 16:19:21 6656 ----a-w- c:\windows\system32\stdftde.dll

2011-12-26 19:15:52 -------- d-----w- c:\dokumente und einstellungen\yves\anwendungsdaten\aborange

2011-12-26 19:15:29 -------- d-----w- c:\programme\BayWatcher Pro

2011-12-25 15:02:28 -------- d-----w- c:\dokumente und einstellungen\yves\lokale einstellungen\anwendungsdaten\DeviceRemover

2011-12-25 15:01:14 -------- d-----w- c:\programme\Device Remover

2011-12-24 17:44:13 -------- d-----w- c:\windows\NoAssist

2011-12-21 12:38:40 -------- d-----w- c:\dokumente und einstellungen\yves\Bluetooth Software

2011-12-21 00:22:10 -------- d-----w- c:\dokumente und einstellungen\yves\anwendungsdaten\PhotoScape

2011-12-21 00:21:10 -------- d-----w- c:\programme\PhotoScape

2011-12-19 18:58:33 133632 -c----w- c:\windows\system32\dllcache\exfat.sys

2011-12-19 18:58:33 133632 ------w- c:\windows\system32\drivers\exfat.sys

2011-12-19 18:58:31 57344 -c----w- c:\windows\system32\dllcache\uexfat.dll

2011-12-19 18:58:31 57344 ------w- c:\windows\system32\uexfat.dll

2011-12-16 16:20:20 -------- d-----w- c:\dokumente und einstellungen\all users\anwendungsdaten\Licenses

2011-12-16 16:18:02 -------- d-----w- c:\dokumente und einstellungen\yves\anwendungsdaten\Engelmann Media

2011-12-16 16:17:58 -------- d-----w- c:\programme\PhotoMizer

2011-12-16 16:17:58 -------- d-----w- c:\programme\gemeinsame dateien\HDX4

2011-12-16 13:49:05 26432 ----a-w- c:\windows\system32\nitrolocalmon.dll

2011-12-16 13:49:05 17728 ----a-w- c:\windows\system32\nitrolocalui.dll

2011-12-16 13:48:00 -------- d-----w- c:\programme\gemeinsame dateien\Nitro PDF

2011-12-16 13:47:57 -------- d-----w- c:\programme\Nitro PDF

2011-12-16 13:44:12 -------- d-----w- c:\dokumente und einstellungen\yves\anwendungsdaten\Downloaded Installations

2011-12-15 15:35:22 352768 ----a-w- c:\windows\system32\AkelPad.exe

2011-12-13 22:46:33 -------- d-----w- c:\programme\Tracker Software

.

==================== Find3M ====================

.

2011-12-23 03:20:34 286720 ----a-w- c:\windows\iun506.exe

2011-12-19 18:59:21 31704 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2011-12-19 18:59:20 494816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2011-12-19 18:59:19 18056 ----a-w- c:\windows\system32\drivers\cmderd.sys

2011-12-19 18:58:56 33984 ----a-w- c:\windows\system32\cmdcsr.dll

2011-12-19 18:58:55 301224 ----a-w- c:\windows\system32\guard32.dll

2011-12-11 02:38:11 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys

2011-12-11 00:43:16 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-24 13:32:57 98304 ----a-w- c:\windows\Secure.dll

2011-11-24 13:32:57 266240 ----a-w- c:\windows\PromptService.exe

2011-11-24 12:53:51 7168 ----a-w- c:\windows\system32\FPService.exe

2011-11-24 12:53:50 19456 ----a-w- c:\windows\system32\WinFPdrv.sys

2011-11-23 14:40:13 1859712 ----a-w- c:\windows\system32\win32k.sys

2011-11-09 04:44:47 902592 ----a-w- c:\windows\system32\drivers\tdrpm228.sys

2011-11-08 14:52:50 952192 ----a-w- c:\windows\system32\drivers\cfosspeed.sys

2011-11-07 16:19:34 44704 ----a-w- c:\windows\system32\drivers\tifsfilt.sys

2011-11-07 16:19:33 540000 ----a-w- c:\windows\system32\drivers\timntr.sys

2011-11-07 16:19:13 138208 ----a-w- c:\windows\system32\drivers\snapman.sys

2011-11-04 19:13:36 916992 ----a-w- c:\windows\system32\wininet.dll

2011-11-04 19:13:34 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-11-04 19:13:34 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec

2011-11-01 16:07:05 1288704 ----a-w- c:\windows\system32\ole32.dll

2011-10-28 05:31:46 33280 ----a-w- c:\windows\system32\csrsrv.dll

2011-10-26 10:49:46 2151424 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-10-26 10:49:46 2029568 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-10-18 11:13:23 186880 ----a-w- c:\windows\system32\encdec.dll

.

============= FINISH: 21:12:54,90 ===============

I hope, it will not take that much space here? ;-)

[Mainard]

Hello YvesStrassburg,

Can you please attach the screen capture for your BSOD.

Please click the Browse button and locate the BSOD screen capture file.

Then attach this file.

Thank you.

[Mainard]

Also,

What versions of KeyScrammbler, Avast, and Comodo are you using?

Thank you.

[Mainard]

Hello Hello YvesStrassburg,

What is occurring on your system just before you get the BSOD?

What was happening and how did you get the system to BSOD? Are you able to replicate it?

Thank you.

[YvesStrassburg]

Well, here are the BSOD-files.

I'm using KeyScrambler Premium 2.7.0.0, Avast! Antivirus Pro 4.8.1368, Comodo Internet Sécurité 5.9.219863.2196.

All blue screens are simply coming up while the programs are loading by the autostart of Startup Delayer 2.5.138, means in the first minute after having booted, without any warning, suddenly they are there. What can i say else? I need to shutup the computer by the same button using for booting Windows ("cold shut").

"What is occurring on your system just before you get the BSOD?" - Nothing, i'm just looking while the programs are loading.

In StartupDelayer 2.5.138 - 2012-01-12 - 06.27.00.jpg you see how it is working:

Delai = Delay

Paramètres = Parameters

Type de démarrage = Starttype

Emplacement = Placement

Taille du ficheir = Filesize

Well, I'm frenchman, and most of my programs are set to french in the options.

In the screenshot StartupDelayer 2.5.138 - 2012-01-12 - 06.27.00.jpg you see 3 groups:

1] Programs with a checkmark to the left side, and without delay, they are considered to be security programs and must be started everytime

2] Programs with a checkmark to the left side, and with a delay, they are considered to be programs of comfort, and are not started everytime. When i do not want to start them, i hit a red cross in the Startup Delayer progress line coming above in my screen, and only the programs of the group 1 are loaded.

3] Programs without a checkmark but with a delay will not be started. So it's easy to unload a program from loading.

"What was happening and how did you get the system to BSOD? Are you able to replicate it?"

Nothing else was happening. Suddenly the BSDO is there on the screen. Sure that i'm able to replicate it.

So i did for Zemana, they asked me Minidump files, and i had deleted them. No problem.

Here i copy you the e-mail to Zemana that i sent them two hours ago:

Am 11.01.12 15:18, schrieb Zemana Support:

We apologize for the inconvenience and thank you for clarifying this matter to us. In order to investigate further, we’ll need you to provide more details.

Can you please locate the crash minidump, zip it up, and attach it here. It is located in C:\Windows\Minidump

This is an output file generated by the Operating System during a crash.

To locate the dump file:â

• Go to your Windows directory (e.g. C:\Windows);
  
• Browse the Minidump folder;
  
• If you can find related to Zemana AntiLogger crash dump (use the date/time information included into the file name),
  
• Please zip and email it to our support team.
  

We appreciate your patience in this matter and will get back to you as soon as possible once we receive more details.

Best Regards,

Zemana Customer Support Department

Zemana Ltd.

Toll Free(US) +1-650-319-6748

International +1-866-293-2016

www.zemana.com

Dear Customer Support,

I installed Zemana AntiLogger 1.9.2.819 new, with already installed Malwarebytes' Anti-Malware 1.51.2.1300 and SpyShelter premium 5.40.

This created blue screens and new minidump files: Mini011212-01.dmp - Mini011212-06.dmp.

I rewrote the latest backup of Acronis True Image Home 2009 12.0.9769.15, deleted SpyShelter premium 5.40 and installed Zemana AntiLogger 1.9.2.819. Same behaviour like before, blue screens, and Mini011212-07.dmp - Mini011212-11.dmp.

The blue screens are coming up some seconds after having booted Windows XP, sometimes 1 minute later.

For further details, please look my post at

http://forums.malwarebytes.org/index.php?showtopic=104372

All informations are there.

Zemana AntiLogger 1.9.2.819 does not work on my machine.

Well, Meinard, i hope i have answered to all of your questions now.

We could as well speak on Yahoo messenger.

I wanted to send you the Minidump-files, but your system tells me "Error You aren't permitted to upload this kind of file". I sent them to Zemana by e-mail-annexe, 11 x 88 kb.

Kind regards

[YvesStrassburg]

Hello Meinard,

I sent you the Minidump-files *.dmp for Zemana compressed as *.rar-file.

Perhaps there is something interesting in it for you.

Please note: this happened with Malwarebytes' Anti-Malware 1.51.2.1300, but this happens as well with Malwarebytes' Anti-Malware 1.60.0.1800.

Kind regards

Minidump.rar

[YvesStrassburg]

Salut Meinard, salut Spec-V !

At the moment and like before, all works fine with SpyShelter 5.40 premium and Malwarebytes' Anti-Malware 1.51.2.1300.

The other program / version Zemana AntiLogger 1.9.2.819 and Malwarebytes' Anti-Malware 1.60.0.1800 seem to be "bad".

[Mainard]

With MBAM uninstalled do you still experience the BSOD?

Please upload the memory.dmp (the ~200MB file) you got during the BSOD.

• ZIP the dump file
  
• Upload the dump file to MEGAUPLOAD and post the link in your response Please.
  

Thank you very much.

[YvesStrassburg]

The website of this thread has been changing URL and subject for the second time now. I get problems with my favourites.

Well, i cannot say if i would get BSOD when Malwarebytes (version 1.51 or 1.60) is uninstalled, as it was always installed, and i never got BSOD before.

Actually i run SpyShelter 5.40 premium and Malwarebytes' Anti-Malware 1.51.2.1300 and all is working really fine, and there are no BSOD at all.

As i wrote above, i deleted the memory.dmp (2 086 128 kb) because it was to big. Do you want me to reinstall the Malwarebytes' Anti-Malware 1.60.0.1800 for getting BSOD? And with which other software? SpyShelter 5.40 premium and/or Zemana AntiLogger 1.9.2.819?

I think most of the tests are already done, please look the history above. But it would still be possible to (first make a backup by Acronis True Image Home 2009 12.0.9769.15 and then) install / uninstall ..... ? Which program(s), please?

Is a minidump-file (Mini..........dmp, 88 kb) enough? Or do you need a big memory.dmp of more than 2086 MB?

I never uploaded such a huge file to MegaUpload or such websites. How do you think about downloading it from my private HFS webserver, http://www.rejetto.com/hfs/ which is normally running 16/24hours? Well, i have one of the fastest broadband internet connections that we can have here: 2561 MBit/s upload. Once, some time ago, 20 GB went out here in 16 hours, and that friend of mine who downloaded from my HFS-server has 32 000 MBit/s in download.

Please tell me what i should fix in here (blue cases)

+

[YvesStrassburg]

Here the screen shots of my thumb nails above in full size

[Mainard]

Hello YvesStrassburg,

I need the big file. Full memory dump and I will send to the dev team. Downloading from your private webserver is fine. Please be sure to zip up your file.

Thank you.

[YvesStrassburg]

As i wrote above, i deleted the memory.dmp (2 086 128 kb) because it was to big. Do you want me to reinstall the Malwarebytes' Anti-Malware 1.60.0.1800 for getting BSOD? And with which other software? SpyShelter 5.40 premium and/or Zemana AntiLogger 1.9.2.819?

I think most of the tests are already done, please look the history above. But it would still be possible to (first make a backup by Acronis True Image Home 2009 12.0.9769.15 and then) install / uninstall ..... ? Which program(s), please?

[Mainard]

As i wrote above, i deleted the memory.dmp (2 086 128 kb) because it was to big. Do you want me to reinstall the Malwarebytes' Anti-Malware 1.60.0.1800 for getting BSOD? And with which other software? SpyShelter 5.40 premium and/or Zemana AntiLogger 1.9.2.819?

Yes please, recreate the BSOD get the complete memory dump. Upload to your site.

I will then pass on to the dev team to see what it could be.

Thank you.

[YvesStrassburg]

Sorry, what means "Yes please" ?

I asked you "And with which other software? SpyShelter 5.40 premium and/or Zemana AntiLogger 1.9.2.819?"

There are 4 possibilities Malwarebytes' Anti-Malware 1.60.0.1800:

1. Malwarebytes' Anti-Malware 1.60.0.1800 alone

2. Malwarebytes' Anti-Malware 1.60.0.1800 with SpyShelter 5.40 premium

3. Malwarebytes' Anti-Malware 1.60.0.1800 with Zemana AntiLogger 1.9.2.819

4. Malwarebytes' Anti-Malware 1.60.0.1800 with SpyShelter 5.40 premium and Zemana AntiLogger 1.9.2.819

Please tell me only one of the red numbers between 1 and 4 above.

Thank you.

[Mainard]

4.

Thank you for being specific.

[YvesStrassburg]

Edit: There are 4 possibilities installing Malwarebytes' Anti-Malware 1.60.0.1800.

Besides, do you want me to

uninstall first Malwarebytes' Anti-Malware 1.51.2.1300, and install Malwarebytes' Anti-Malware 1.60.0.1800 then,

or installing Malwarebytes' Anti-Malware 1.60.0.1800 over the existing Malwarebytes' Anti-Malware 1.51.2.1300 ?

[Mainard]

Please Download and run mbam-clean.exe from here.

Then install MBAM 1.60

With MBAM running and the two other applciations plesae get the complete memory dump.

Thank you.

[YvesStrassburg]

D'accord, Meinard.

Actually Acronis True Image Home 2009 12.0.9769.15 is running the last backup before that action.

Tomorrow i will use your mbam-clean.exe from http://www.malwareby...clean.exe , after that perform the installation of Malwarebytes' Anti-Malware 1.60.0.1800 with this setting (complete image), hoping that there will be a MEMORY.DMP - as i got already a Mini..........dmp although this setting was made.

You will get my server-URL by private message. There will be no need to communicate me that the file has been successfully downloaded, as i see it here in the server-logfile.

Thank you.