Jump to content

Recommended Posts

  • Root Admin

Hello @dazsvq and :welcome:

Please read the advice from this link and then post back as an attachment the requested logs

 Available Assistance for Possibly Infected Computers

Let me get this log as well please.

Create and obtain an mb-check log:

  1. Download mb-check from here and save to your desktop
  2. Run mb-check and within a few second the command window will open and then close
  3. This will produce one log file on your desktop: mb-checkResult.txt
  4. Attach this log file to your post by clicking on the "Drag files here to attach, or choose files..." or simply drag the file to the attachment area

Thank you

Link to post
Share on other sites

  • Root Admin

The logs show that our program is crashing for some reason. My initial thought is that it may possibly be due to McAfee, but that's not for certain yet at this point.

You're disks also show errors in the Event Logs as well as some Intel drivers.

 

Let me have you run the following to help scan for any possible threats. Will check on you again tomorrow.

 

Please download Malwarebytes Anti-Rootkit from HERE
If needed there is a self help tutorial here: MBAR tutorial

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

 

 

Application errors:
==================
Error: (03/24/2017 09:27:16 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/24/2017 09:16:52 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Daz\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/24/2017 09:16:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/24/2017 09:02:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Daz\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/24/2017 09:01:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/23/2017 12:44:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
Faulting module name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
Exception code: 0x40000015
Fault offset: 0x00000000001f7e9a
Faulting process id: 0xa2c
Faulting application start time: 0x01d2a3b816271054
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Report Id: 0d9a33b8-0fbe-11e7-b4ae-f0761c77244a

Error: (03/23/2017 10:31:55 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Daz\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/23/2017 10:31:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/23/2017 10:18:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
Faulting module name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
Exception code: 0x40000015
Fault offset: 0x00000000001f7e9a
Faulting process id: 0x167c
Faulting application start time: 0x01d2a3b32fe13e77
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Report Id: 9bc9f5fa-0fa9-11e7-82e9-f0761c77244a

Error: (03/23/2017 09:55:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Daz\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (03/24/2017 09:20:33 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The McAfee Home Network service hung on starting.

Error: (03/24/2017 09:16:08 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The WvPCR service depends the following service: TBS. This service might not be installed.

Error: (03/24/2017 09:16:08 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Wave TSS v1.2.32.0 TCS service depends the following service: TBS. This service might not be installed.

Error: (03/24/2017 09:16:03 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 09:10:37 on ‎24/‎03/‎2017 was unexpected.

Error: (03/24/2017 09:09:37 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/24/2017 09:09:37 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/24/2017 09:09:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (03/24/2017 09:09:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Dynamic Application Loader Host Interface Service service to connect.

Error: (03/24/2017 09:07:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (03/24/2017 09:07:43 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The McAfee Home Network service hung on starting.


CodeIntegrity:
===================================
  Date: 2017-03-15 19:29:16.084
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\qcusbwwan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-03-15 19:29:16.038
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\qcusbwwan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-03-15 13:25:31.928
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\qcusbwwan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-03-15 13:25:31.888
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\qcusbwwan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-11-26 19:25:18.034
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\qcusbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-11-26 19:25:17.994
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\qcusbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-11-25 10:04:39.961
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\qcusbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-11-25 10:04:39.930
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\qcusbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Link to post
Share on other sites

  • Root Admin

Yes, we were having a certificate error on an update server that affected other servers temporarily yesterday but that has been corrected. There was also a component issue that affected some users but that can be corrected in a clean removal and reinstall.

Let's try a clean removal and reinstall. It won't correct the errors in your logs but should correct issues with Malwarebytes

 

Please read the following topic and then run the Malwarebytes Clean Removal tool mb-clean

https://forums.malwarebytes.com/topic/196955-malwarebytes-mb-clean-tool/

The download link for the tool is:  https://downloads.malwarebytes.com/file/mb_clean


Restart the computer when done and reinstall Malwarebytes 3 with the latest build again.

Here is the link for the latest installer

https://downloads.malwarebytes.com/file/mb3/


Thank you

Ron

 

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.