Jump to content

Malwarebytes closes when starting a scan.


cdeas13

Recommended Posts

Today I ran Malwarebytes like I usually do but the scan immediately closed with the error stating that the program has stopped responding. I tried restarting my laptop and trying again, but the same thing happened. I tried reinstalling Malwarebytes, but was told that access was denied when doing so. I'm worried that I may be infected with Malware, and would appreciate assistance in removing it. These are the logs from the DDS software.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Cody at 3:35:16 on 2014-02-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2807.907 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Cody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{2838B2FA-3BB7-459E-AE68-8136EBEEF1AE} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{2838B2FA-3BB7-459E-AE68-8136EBEEF1AE}\14364796F6E6475636 : DHCPNameServer = 192.168.0.1 64.105.204.28
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 2210640]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 134944]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-27 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-27 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-8-27 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-27 1255736]
S4 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-9-9 5071712]
S4 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2013-8-27 57344]
.
=============== Created Last 30 ================
.
2014-02-11 08:16:31 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AD776721-7F69-45C8-86F5-39B33C4BE190}\offreg.dll
2014-02-11 08:00:39 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AD776721-7F69-45C8-86F5-39B33C4BE190}\mpengine.dll
2014-02-11 07:36:08 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-11 04:17:50 -------- d-----w- C:\ProgramData\NexonUS
2014-02-09 00:18:49 -------- d-----w- C:\Users\Cody\player
2014-02-07 19:32:03 -------- d-----w- C:\Users\Cody\Starbound
2014-02-04 22:56:08 -------- d-----w- C:\Users\Cody\AppData\Local\Skype
2014-02-04 22:55:35 -------- d-----r- C:\Program Files (x86)\Skype
2014-02-01 04:00:59 517960 ----a-w- C:\Windows\System32\XAudio2_5.dll
2014-02-01 03:59:58 5081608 ----a-w- C:\Windows\System32\d3dx9_36.dll
2014-02-01 03:58:57 107368 ----a-w- C:\Windows\System32\xinput1_3.dll
2014-02-01 03:57:56 364824 ----a-w- C:\Windows\System32\xactengine2_4.dll
2014-02-01 02:22:46 3767504 ----a-w- C:\Windows\System32\d3dx9_26.dll
2014-02-01 02:22:46 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll
2014-01-27 23:43:37 -------- d-----w- C:\ProgramData\Package Cache
2014-01-23 23:55:10 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D8648B71-7D84-4EE2-905F-FFC106A3B875}\gapaengine.dll
2014-01-15 14:09:57 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 14:09:57 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-15 14:09:57 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-15 14:09:57 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-15 14:09:57 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 14:09:57 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-15 14:09:56 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-15 14:09:54 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-15 14:09:53 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-01-15 04:09:31 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 04:09:31 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-15 04:08:22 -------- d-----w- C:\Users\Cody\AppData\Local\Adobe
2014-01-15 04:05:03 -------- d-----w- C:\Users\Cody\AppData\Roaming\ô«é¡E
.
==================== Find3M  ====================
.
2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-06 15:51:58 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:06:05 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2013-11-26 08:06:05 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
.
============= FINISH:  3:35:31.00 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 8/27/2013 12:31:10 AM
System Uptime: 2/11/2014 2:47:10 AM (1 hours ago)
.
Motherboard: Acer |  | Aspire 5742Z
Processor: Intel® Pentium® CPU        P6100  @ 2.00GHz | CPU | 1999/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 284 GiB total, 210.492 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: USB Video Device
Device ID: USB\VID_064E&PID_A219&MI_00\7&612D10C&0&0000
Manufacturer: Microsoft
Name: 1.3M WebCam
PNP Device ID: USB\VID_064E&PID_A219&MI_00\7&612D10C&0&0000
Service: usbvideo
.
==== System Restore Points ===================
.
RP81: 1/30/2014 8:57:10 AM - Windows Update
RP82: 1/31/2014 9:21:59 PM - Installed DirectX
RP83: 2/2/2014 10:34:55 PM - Windows Update
RP84: 2/3/2014 4:14:25 AM - Installed Microsoft Fix it 50199
RP85: 2/7/2014 11:32:04 AM - Windows Update
RP86: 2/11/2014 12:00:22 AM - Installed HawtMaple client.
RP87: 2/11/2014 2:17:57 AM - Restore Operation
RP88: 2/11/2014 2:58:55 AM - Windows Update
.
==== Installed Programs ======================
.
???
?????
Adobe Flash Player 12 Plugin
Amazing Pyramids
Audacity 2.0.4
Battle Rush
Broadcom 802.11 Network Adapter
Broadcom Gigabit NetLink Controller
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Elsword version v3.0828.7.1
FastStone Image Viewer 4.8
Google Chrome
Google Update Helper
ImgBurn
Java 7 Update 45
Java Auto Updater
LogMeIn Hamachi
Microsoft .NET Framework 4.5.1
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
Microsoft XNA Framework Redistributable 4.0
Nexon Game Manager
Pando Media Booster
Qualcomm Atheros Fast Reconnect
Risk of Rain
Skype™ 6.13
Starbound
Steam
tConfig version 0.35.3a
TeamViewer 8
Terraria
Terraria Game Launcher version 3.0
VLC media player 2.0.8
WinRAR 4.20 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
2/9/2014 10:21:37 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1005]  - Unable to produce a minidump file from the full dump file.
2/9/2014 10:21:37 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001a (0x0000000000041287, 0x0000000002ab850f, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: .
2/8/2014 2:18:29 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001a (0x0000000000041287, 0x000007ff01c9088b, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020814-58531-01.
2/8/2014 10:14:03 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x000000d0 (0x0000001049df8b44, 0x0000000000000002, 0x0000000000000000, 0xfffff80002bb70ec). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020814-17643-01.
2/8/2014 10:11:42 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000000a (0x0000000048e0d348, 0x0000000000000002, 0x0000000000000000, 0xfffff80002b8edec). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020814-21652-01.
2/8/2014 1:53:49 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x000000d1 (0x0000000032870f0a, 0x0000000000000002, 0x0000000000000000, 0xfffff8800168abed). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020814-35880-01.
2/7/2014 12:50:42 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001a (0x0000000000041287, 0x0000000000000030, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020714-36488-01.
2/6/2014 7:48:24 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000000a (0x0000000048e0d348, 0x0000000000000002, 0x0000000000000000, 0xfffff80002b40dec). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020614-19749-01.
2/6/2014 2:50:24 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.165.3394.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.10201.0   Error code: 0x80072efe   Error description: The connection with the server was terminated abnormally 
2/11/2014 3:17:34 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004]  - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
2/11/2014 2:46:08 AM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
2/11/2014 2:46:02 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/11/2014 2:46:01 AM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
2/11/2014 2:45:59 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2/11/2014 2:45:55 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/11/2014 2:45:49 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/11/2014 2:45:47 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  discache MpFilter spldr Wanarpv6
2/11/2014 2:45:44 AM, Error: Service Control Manager [7001]  - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
2/11/2014 2:36:08 AM, Error: Microsoft Antimalware [2004]  - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.   Signatures Attempted: Current   Error Code: 0x80070002   Error description: The system cannot find the file specified.   Signature version: 0.0.0.0;0.0.0.0   Engine version: 0.0.0.0
2/11/2014 2:23:17 AM, Error: Microsoft Antimalware [2004]  - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.   Signatures Attempted: Current   Error Code: 0x80070002   Error description: The system cannot find the file specified.   Signature version: 0.0.0.0;0.0.0.0   Engine version: 0.0.0.0
2/10/2014 7:35:05 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000000a (0xffffe88007b3fdd0, 0x0000000000000002, 0x0000000000000000, 0xfffff80002ae5807). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 021014-38391-01.
.
==== End Of File ===========================
 
 
Link to post
Share on other sites

Hello and welcome to Malwarebytes forum.

I will need some additional information for review.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Disconnect any external storage drives from the computer.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
OR If you have the Windows o.s. DVD, then To enter System Recovery Options, by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
    • Startup Repair
    • System Restore
    • Windows Complete PC Restore
    • Windows Memory Diagnostic Tool
    • Command Prompt i_arrow-l.gif
  • Select Command Prompt

    Now, Plug the flashdrive with FRST tool into the PC.

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

    Note: Replace letter e with the drive letter of your flash drive.

  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please attach it to your reply.
Link to post
Share on other sites

Hello,

 

Please carefully follow this procedure  

Please download the attached  fixlist.txt and SAVE / copy it to your flashdrive.

NOTICE: This script was written specifically for this user, for use on this particular system. Running this on another machine may cause damage to your operating system

On Vista or Windows 7/8: Now please enter System Recovery Options. (as you did before)

Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

Task 2

 

After that is done, remove the USB-flash drive and save in a safe place.

 

Now, reboot your system and start Windows in regular mode.

 

Do not start other apps, and do not use the system to start anything else or use while the scan is under way.

 

Temporarily turn off (disable) your antivirus program
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Start your MBAM MalwareBytes' Anti-Malware.
Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

look down the screen to Action for potentially unwanted programs PUP < = = VERY Important

& look down the screen to Action for potentially unwanted modifications PUM &
& Action for peer-to-peer software P2P

For each one of the 3 by clicking the down arrow ( on each one, one at a time ) ***
select "Show in results list and check for removal" from the drop down (arrow) selections. < = = =

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.
Do a Quick Scan.   i_arrow-l.gif

When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

 

the log would be under this folder similar to this:
C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

I need the most current one that starts with the name mbam-log-2014    ( with the latest time & Date stamp)

When all done, attach the MBAM scan log into a new reply.
Tell me, How is the system ?

Re-enable your antivirus program.

Fixlist.txt

Link to post
Share on other sites

Hello,

 

Download and SAVE & then run mbam-clean.exe from  http://www.malwarebytes.org/mbam-clean.exe

It will ask to restart your computer, please allow it to do so very important

After the computer restarts, temporarily disable your Anti-Virus
If you need how-to guidance, see => How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
 http://www.bleepingcomputer.com/forums/index.php?showtopic=114351


Next Download & SAVE  the latest version of Malwarebytes' Anti-Malware from http://downloads.malwarebytes.org/file/mbam
        
Run the mbam-setup.  IF your Windows is Vista / Windows 7 / 8, then do a Right-click on mbam-setup.exe and select Run as Administrator and allow to run.

Note: You will need to reactivate the program using the license you were sent via email if using the Pro version


Launch the program and set the Protection and Registration, if you have a license. Then go to the UPDATE tab if not done during installation and check for updates.

Restart the computer again and verify that Malwarebytes Anti-Malware is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications.  

You may use the guides posted in the FAQ's { Frequently Asked Questions } http://forums.malwarebytes.org/index.php?showtopic=10138  

Re-enable the anti-virus application that you turned off before.
 

NEXT:

Start MBAM program.

Do an Update run.

 

Do a Quick scan.

 

attach the scan log for review.

Link to post
Share on other sites

Hello,

 

I will need more information.

 

Show all files in Windows 7:
Press and hold Windows-key+E key on keyboard to start Windows Explorer.
From the Windows Explorer menu options, Select Tools, then Folder Options.
Next click the View tab.
Locate and uncheck "Hide protected operating system files (Recommended).
Locate and click "Show hidden files and folders and drives. "
Click Apply > OK.
 

Download Random's System Information Tool (RSIT)
from http://images.malwareremoval.com/random/RSITx64.exe
and save it to your desktop.

Start on RSITx64.exe   Do a RIGHT-Click on RSITx64 and select Run as Administrator and allow to run.
Accept the disclaimer:
Click "Continue" at the disclaimer screen.
Once it has finished, two logs will open. Please attach the logs in your next reply:
 both "log.txt" (<<will be maximized) and "info.txt" (<<will be minimized)
 

Link to post
Share on other sites

Hello Cody,

 

Go to your sub-folder Libraries\Documents

Look for and delete the copy you have of mbam-setup.1.75.0.1300

 

Next, save my file attached here W7SERV.zip to your desktop.

Unzip and extract all content to the Desktop.

You should now have there a W7SERV.BAT

 

That is a btach-file to be run in a Command-prompt-window.

Do a Right-click on W7SERV.BAT  and select "Run as administrator" and allow to start & run.

 

This will run quickly in a Command prompt and will at the end Restart your system.

 

NEXT

a new try to do a clean setup of our anti-malware.

 

Download and SAVE & then run mbam-clean.exe from  http://www.malwarebytes.org/mbam-clean.exe

It will ask to restart your computer, please allow it to do so very important

After the computer restarts, temporarily disable your Anti-Virus
If you need how-to guidance, see => How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
 http://www.bleepingcomputer.com/forums/index.php?showtopic=114351


Next Download & SAVE  the latest version of Malwarebytes' Anti-Malware from http://downloads.malwarebytes.org/file/mbam
        
Then do a Right-click on mbam-setup.exe and select Run as Administrator and allow to run.

Note: You will need to reactivate the program using the license you were sent via email if using the Pro version


Launch the program and set the Protection and Registration, if you have a license. Then go to the UPDATE tab if not done during installation and check for updates.

Restart the computer again and verify that Malwarebytes Anti-Malware is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications.  

You may use the guides posted in the FAQ's { Frequently Asked Questions } http://forums.malwarebytes.org/index.php?showtopic=10138  

Re-enable the anti-virus application that you turned off before.
 

Hopefully you should have better luck this round.  ( if not, make sure you took copious exact notes & documentation on any "error" )      :unsure:

 

W7SERV.zip

Link to post
Share on other sites

Unfortunately I still receive the same access is denied error. I didn't really notice anything else so I don't have much to report, but I did notice something while running W7 SERV.BAT. The text was going by pretty quickly in the command prompt but I saw the message access is denied pop up a few times. I'm not sure if this information is useful or not, but I'm just throwing it out there.

Link to post
Share on other sites

I apologize for the double post, but I noticed that whenever I try to install something into my Program Files folder (same goes for Program Files x86) I receive the same access is denied error and that I do not have permission to do so. If I save it into My Documents then it works just fine. Unfortunately though, Malwarebytes shows the same error regardless of where I install it. Perhaps this information might shed a little more light on the situation.

Link to post
Share on other sites

From what you say, I have to ask about the login-account you use in Windows.....

don't you have Administrator rights?

 

I hope you have not being trying to fix things while logged in ( for example) with a Limited user rights account.

 

I'd be very concerned if I were the owner and was doing program installs and then got access denied doing it.

If this is what it is, you need to be thinking about saving your personal files ( if not already done), and then planning to Erase /wipe the system and do a Clean Fresh Windows install from scratch.

 

 

Link to post
Share on other sites

Hello,

 

I apologize for the delay in getting back to you.

From what you described before, your best hope is to (a) Backup your personal files, and (b) Erase / wipe the HDD and do a new Windows install from scratch.

Then be sure to install an antivirus.

Then our anti-malware.

Then the other applications that you have.

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.