Malwarebytes disconnects internet and freezes my programs

[hund]

Malwarebytes often randomly disconnects internet and freezes my programs, my programs takes so long time to launch. I always have exit Malwarebytes to go back to normal behaviour. This issue still persists since around 2020 but the issue occur lessen if i keep updating Malwarebytes, so the issue only happens like 2 times a month.

Today, it gets worse and worse. I ran the repair using Support tool but it didn't help, the issue comes back a few mins later and i have to exit Malwarebytes as fast as possible to restore my system to normal behavior

my system is WIndows 10 Pro 20H2

Logs in attachment

mbst-grab-results.zip

[Malwarebytes]

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes for Windows Help forum.

If you are having technical issues with our Windows product, please do the following:

Malwarebytes Support Tool - Advanced Options

This feature is designed for the following reasons:

• For use when you are on the forums and need to provide logs for assistance
• For use when you don't need or want to create a ticket with Malwarebytes
• For use when you want to perform local troubleshooting on your own

How to use the Advanced Options:

Spoiler

1. Download Malwarebytes Support Tool
2. Double-click mb-support-X.X.X.XXXX.exe to run the program
   • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
3. Place a checkmark next to Accept License Agreement and click Next
4. Navigate to the Advanced tab
5. The Advanced menu page contains four categories:
   • Gather Logs: Collects troubleshooting information from the computer. As part of this process, Farbar Recovery Scan Tool (FRST) is run to perform a complete diagnosis. The information is saved to a file on the Desktop named mbst-grab-results.zip and can be added as an email attachment or uploaded to a forum post to assist with troubleshooting the issue at hand.
   • Clean: Performs an automated uninstallation of all Malwarebytes products installed to the computer and prompts to install the latest version of Malwarebytes for Windows afterwards. The Premium license key is backed up and reinstated. All user configurations and other data are removed. This process requires a reboot.
   •  Repair System: Includes various system-related repairs in case a Windows service is not functioning correctly that Malwarebytes for Windows is dependent on. It is not recommended to use any Repair System options unless instructed by a Malwarebytes Support agent.
   • Anonymously help the community by providing usage and threat statistics: Unchecking this option will prevent Malwarebytes Support Tool from sending anonymous telemetry data on usage of the program.
6. To provide logs for review click the Gather Logs button
7. Upon completion, click OK
8. A file named mbst-grab-results.zip will be saved to your Desktop
9. Please attach the file in your next reply.
10. To uninstall all Malwarebytes Products, click the Clean button.
11. Click the Yes button to proceed. 
12. Save all your work and click OK when you are ready to reboot.
13. After the reboot, you will have the option to re-install the latest version of Malwarebytes for Windows.
14. Select Yes to install Malwarebytes.
15. Malwarebytes for Windows will open once the installation completes successfully.

Screenshots:

Spoiler

 

 

 

 

Spoiler

 

 

 

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

• Renewals
• Refunds (including double billing)
• Cancellations
• Update Billing Info
• Multiple Transactions
• Consumer Purchases
• Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/hc/en-us/requests/new to get help

If you need help looking up your license details, please head here: Find my premium license key

 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

[Porthos]

29 minutes ago, hund said:

my system is WIndows 10 Pro 20H2

Pending Windows Update Reboot
==================================
A reboot is pending

[hund]

5 hours ago, Porthos said:

Pending Windows Update Reboot
==================================
A reboot is pending

That's interesting. So pending reboot causing Malwarebytes to do this issue?

I can't just reboot while doing important work, so i will do later when my work is done and see if it happens again

[Porthos]

27 minutes ago, hund said:

So pending reboot causing Malwarebytes to do this issue?

No but a restart is in order before we go any further with any diagnosis or fix.

Restarts are needed at least once a month after a Windows monthly update is installed (every second Tuesday of the month). If you do not restart and an update reboot is pending, strange thing's can start to happen on the computer.

6 hours ago, hund said:

I ran the repair using Support tool but it didn't help

After you restart,

Please do the following not a repair, Uninstall and reinstall using the Malwarebytes Support Tool

Please have lots of patience with the tool.  The first phase is a cleanup and does require a Windows Restart.
After the Restart, it may take 2 - 3 - 4 minutes till the Support tool screen shows up.   Please be patient and have faith.  Wait for it, whatever it takes.
The 2nd phase is where it offers to do a new Install.

 Let me know if that clears up the issue or not.

If the issue returns we need a new set of support tool logs.

Edited March 13, 2021 by Porthos

[hund]

Alright thanks, I will follow these steps when I have time

[Porthos]

1 minute ago, hund said:

Alright thanks, I will follow these steps when I have time

Since this seems to keep happening, next we will have to address all of your system errors on your system. @AdvancedSetup will probly move your topic and assist further.

Quote

==================== Event log errors: ========================

Application errors:
==================
Error: (03/13/2021 01:54:54 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center kunne ikke validere kalderen med fejl %1.

Error: (03/13/2021 11:20:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: OLicenseHeartbeat.exe, version: 16.0.13801.20182, tidsstempel: 0x602dd932
Navn på modul med fejl: KERNELBASE.dll, version: 10.0.19041.804, tidsstempel: 0x0e9c5eae
Undtagelseskode: 0xc06d007e
Forskydning med fejl 0x000000000002d759
Proces-id 0x3b14
Programmets starttidspunkt 0x01d717f28629f7f8
Programsti: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Modulsti: C:\Windows\System32\KERNELBASE.dll
Rapport-id: 692952bf-ad92-42ba-a4d3-2857e1a9f8cc
Fuldt navn på program med fejl:
Relativt program-id for program med fejl:

Error: (03/12/2021 03:26:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: adb.exe, version: 0.0.0.0, tidsstempel: 0x31993187
Navn på modul med fejl: ucrtbase.dll, version: 10.0.19041.789, tidsstempel: 0x82dc99a2
Undtagelseskode: 0xc0000409
Forskydning med fejl 0x0009eddb
Proces-id 0x4124
Programmets starttidspunkt 0x01d7173ad8f1c0c8
Programsti: D:\AndroidSDK\platform-tools\adb.exe
Modulsti: C:\Windows\System32\ucrtbase.dll
Rapport-id: 6bfa9aa9-2c63-4ebb-99d8-094e4d54fca3
Fuldt navn på program med fejl:
Relativt program-id for program med fejl:

Error: (03/12/2021 09:51:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programmet Un_A.exe, version 5.0.0.1409 blev afsluttet, da det ophørte med at kommunikere med Windows. Yderligere oplysninger om problemet kan findes i problemhistoriken i kontrolpanelet Sikkerhed og vedligeholdelse.

Proces-id: 7e8

Starttid: 01d7171b88eab3b3

Afslutningstid: 4294967295

Programsti: C:\Users\quocd\AppData\Local\Temp\~nsuA.tmp\Un_A.exe

Rapport-id: 2f5dc4a9-b243-4fb7-bf6b-51c0651d0698

Fuldstændigt navn på fejlbehæftet pakke:

Program-id relativt til fejlbehæftet pakke:

Type af låsning: Top level window is idle

Error: (03/12/2021 09:44:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: OLicenseHeartbeat.exe, version: 16.0.13801.20182, tidsstempel: 0x602dd932
Navn på modul med fejl: KERNELBASE.dll, version: 10.0.19041.804, tidsstempel: 0x0e9c5eae
Undtagelseskode: 0xc06d007e
Forskydning med fejl 0x000000000002d759
Proces-id 0x3ff4
Programmets starttidspunkt 0x01d7171beb8bc1b2
Programsti: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Modulsti: C:\Windows\System32\KERNELBASE.dll
Rapport-id: 857d0fe2-a175-4c9c-b51e-d26254c27a16
Fuldt navn på program med fejl:
Relativt program-id for program med fejl:

Error: (03/11/2021 04:25:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: AutoToaster.exe, version: 1.0.1.0, tidsstempel: 0x604a15fc
Navn på modul med fejl: KERNELBASE.dll, version: 10.0.19041.804, tidsstempel: 0x0e9c5eae
Undtagelseskode: 0xe0434352
Forskydning med fejl 0x000000000002d759
Proces-id 0xacc
Programmets starttidspunkt 0x01d7168ab8ab4233
Programsti: F:\Portable Apps\- PMTAutoToaster\AutoToaster.exe
Modulsti: C:\Windows\System32\KERNELBASE.dll
Rapport-id: 64ea54a3-ca89-464c-80d2-18b3a015097c
Fuldt navn på program med fejl:
Relativt program-id for program med fejl:

Error: (03/11/2021 04:25:09 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Program: AutoToaster.exe
Framework-version: v4.0.30319
Beskrivelse: Denne proces blev afsluttet pga. en ubehandlet undtagelse.
Undtagelsesoplysninger: System.IO.FileNotFoundException
   ved System.IO.__Error.WinIOError(Int32, System.String)
   ved System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
   ved System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32)
   ved System.Xml.XmlDownloadManager.GetStream(System.Uri, System.Net.ICredentials, System.Net.IWebProxy, System.Net.Cache.RequestCachePolicy)
   ved System.Xml.XmlUrlResolver.GetEntity(System.Uri, System.String, System.Type)
   ved System.Xml.XmlTextReaderImpl.FinishInitUriString()
   ved System.Xml.XmlReaderSettings.CreateReader(System.String, System.Xml.XmlParserContext)
   ved System.Xml.Linq.XElement.Load(System.String, System.Xml.Linq.LoadOptions)
   ved Bugsnag.UnhandledException.DetermineUnobservedTerminates()
   ved Bugsnag.UnhandledException..ctor()
   ved Bugsnag.UnhandledException.get_Instance()
   ved Bugsnag.Client..ctor(Bugsnag.IConfiguration, Bugsnag.IDelivery, Bugsnag.IBreadcrumbs, Bugsnag.ISessionTracker)
   ved Bugsnag.Client..ctor(Bugsnag.IConfiguration)
   ved SaveToGameWpf.Logic.GlobalVariables..ctor()
   ved DynamicClass.lambda_method(System.Runtime.CompilerServices.Closure, System.Object[])
   ved Autofac.Core.Activators.Reflection.BoundConstructor.Instantiate()

Undtagelsesoplysninger: Autofac.Core.DependencyResolutionException
   ved Autofac.Core.Activators.Reflection.BoundConstructor.Instantiate()
   ved Autofac.Core.Activators.Reflection.ReflectionActivator.ActivateInstance(Autofac.IComponentContext, System.Collections.Generic.IEnumerable`1<Autofac.Core.Parameter>)
   ved Autofac.Core.Activators.Reflection.ReflectionActivator.<ConfigurePipeline>b__11_0(Autofac.Core.Resolving.Pipeline.ResolveRequestContext, System.Action`1<Autofac.Core.Resolving.Pipeline.ResolveRequestContext>)
   ved Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder+<>c__DisplayClass14_0.<BuildPipeline>b__1(Autofac.Core.Resolving.Pipeline.ResolveRequestContext)
   ved Autofac.Core.Resolving.Middleware.DisposalTrackingMiddleware.Execute(Autofac.Core.Resolving.Pipeline.ResolveRequestContext, System.Action`1<Autofac.Core.Resolving.Pipeline.ResolveRequestContext>)
   ved Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder+<>c__DisplayClass14_0.<BuildPipeline>b__1(Autofac.Core.Resolving.Pipeline.ResolveRequestContext)
   ved Autofac.Core.Resolving.Middleware.ActivatorErrorHandlingMiddleware.Execute(Autofac.Core.Resolving.Pipeline.ResolveRequestContext, System.Action`1<Autofac.Core.Resolving.Pipeline.ResolveRequestContext>)

Undtagelsesoplysninger: Autofac.Core.DependencyResolutionException
   ved Autofac.Core.Resolving.Middleware.ActivatorErrorHandlingMiddleware.Execute(Autofac.Core.Resolving.Pipeline.ResolveRequestContext, System.Action`1<Autofac.Core.Resolving.Pipeline.ResolveRequestContext>)
   ved Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder+<>c__DisplayClass14_0.<BuildPipeline>b__1(Autofac.Core.Resolving.Pipeline.ResolveRequestContext)
   ved Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder+<>c__DisplayClass14_0.<BuildPipeline>b__1(Autofac.Core.Resolving.Pipeline.ResolveRequestContext)
   ved Autofac.Core.Resolving.Middleware.SharingMiddleware+<>c__DisplayClass5_0.<Execute>b__0()
   ved Autofac.Core.Lifetime.LifetimeScope.CreateSharedInstance(System.Guid, System.Func`1<System.Object>)
   ved Autofac.Core.Lifetime.LifetimeScope.CreateSharedInstance(System.Guid, System.Nullable`1<System.Guid>, System.Func`1<System.Object>)
   ved Autofac.Core.Resolving.Middleware.SharingMiddleware.Execute(Autofac.Core.Resolving.Pipeline.ResolveRequestContext, System.Action`1<Autofac.Core.Resolving.Pipeline.ResolveRequestContext>)
   ved Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder+<>c__DisplayClass14_0.<BuildPipeline>b__1(Autofac.Core.Resolving.Pipeline.ResolveRequestContext)
   ved Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder+<>c__DisplayClass14_0.<BuildPipeline>b__1(Autofac.Core.Resolving.Pipeline.ResolveRequestContext)
   ved Autofac.Core.Resolving.Middleware.CircularDependencyDetectorMiddleware.Execute(Autofac.Core.Resolving.Pipeline.ResolveRequestContext, System.Action`1<Autofac.Core.Resolving.Pipeline.ResolveRequestContext>)
   ved Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder+<>c__DisplayClass14_0.<BuildPipeline>b__1(Autofac.Core.Resolving.Pipeline.ResolveRequestContext)
   ved Autofac.Core.Resolving.ResolveOperation.GetOrCreateInstance(Autofac.Core.ISharingLifetimeScope, Autofac.ResolveRequest)
   ved Autofac.Core.Resolving.ResolveOperation.ExecuteOperation(Autofac.ResolveRequest)
   ved Autofac.Core.Lifetime.LifetimeScope.ResolveComponent(Autofac.ResolveRequest)
   ved Autofac.ResolutionExtensions.TryResolveService(Autofac.IComponentContext, Autofac.Core.Service, System.Collections.Generic.IEnumerable`1<Autofac.Core.Parameter>, System.Object ByRef)
   ved Autofac.ResolutionExtensions.ResolveService(Autofac.IComponentContext, Autofac.Core.Service, System.Collections.Generic.IEnumerable`1<Autofac.Core.Parameter>)
   ved SaveToGameWpf.App.OnStartup(System.Windows.StartupEventArgs)
   ved System.Windows.Application.<.ctor>b__1_0(System.Object)
   ved System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   ved System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   ved System.Windows.Threading.DispatcherOperation.InvokeImpl()
   ved MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
   ved System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   ved System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   ved System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   ved MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   ved System.Windows.Threading.DispatcherOperation.Invoke()
   ved System.Windows.Threading.Dispatcher.ProcessQueue()
   ved System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   ved MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   ved MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   ved System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   ved System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   ved System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   ved MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   ved MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   ved System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   ved System.Windows.Application.RunDispatcher(System.Object)
   ved System.Windows.Application.RunInternal(System.Windows.Window)
   ved SaveToGameWpf.App.Main()

Error: (03/11/2021 04:24:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: AutoToaster.exe, version: 1.0.1.0, tidsstempel: 0x604a15fc
Navn på modul med fejl: KERNELBASE.dll, version: 10.0.19041.804, tidsstempel: 0x0e9c5eae
Undtagelseskode: 0xe0434352
Forskydning med fejl 0x000000000002d759
Proces-id 0x572c
Programmets starttidspunkt 0x01d7168aad62296b
Programsti: F:\Portable Apps\- PMTAutoToaster\AutoToaster.exe
Modulsti: C:\Windows\System32\KERNELBASE.dll
Rapport-id: 03922e63-11b8-4d72-afc5-e5fd75893ca2
Fuldt navn på program med fejl:
Relativt program-id for program med fejl:

System errors:
=============
Error: (03/13/2021 11:14:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten Fing.Agent kunne ikke starte pga. følgende fejl:
Den angivne fil blev ikke fundet.

Error: (03/12/2021 10:29:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjenesten VMware Workstation Server blev afbrudt uventet. Dette er sket 1 gange. Følgende korrigerende handling foretages om 60000 millisekunder: Genstart tjenesten.

Error: (03/12/2021 01:55:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjenesten Origin Client Service afsluttede uventet. Dette er sket 1 gang(e).

Error: (03/12/2021 11:18:46 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-M0JLLH3)
Description: En DCOM-server: {9F156763-7844-4DC4-B2B1-901F640F5155} kunne ikke startes som Ikke tilgængelig/Ikke tilgængelig. Fejlen:
"2147958106"
Opstod ved start af denne kommando:
"C:\Windows\system32\DllHost.exe" /Processid:{9F156763-7844-4DC4-B2B1-901F640F5155}

Error: (03/12/2021 11:18:46 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-M0JLLH3)
Description: En DCOM-server: {9F156763-7844-4DC4-B2B1-901F640F5155} kunne ikke startes som Ikke tilgængelig/Ikke tilgængelig. Fejlen:
"2147958106"
Opstod ved start af denne kommando:
"C:\Windows\system32\DllHost.exe" /Processid:{9F156763-7844-4DC4-B2B1-901F640F5155}

Error: (03/12/2021 11:18:46 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-M0JLLH3)
Description: En DCOM-server: {9F156763-7844-4DC4-B2B1-901F640F5155} kunne ikke startes som Ikke tilgængelig/Ikke tilgængelig. Fejlen:
"2147958106"
Opstod ved start af denne kommando:
"C:\Windows\system32\DllHost.exe" /Processid:{9F156763-7844-4DC4-B2B1-901F640F5155}

Error: (03/12/2021 11:18:46 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-M0JLLH3)
Description: En DCOM-server: {9F156763-7844-4DC4-B2B1-901F640F5155} kunne ikke startes som Ikke tilgængelig/Ikke tilgængelig. Fejlen:
"2147958106"
Opstod ved start af denne kommando:
"C:\Windows\system32\DllHost.exe" /Processid:{9F156763-7844-4DC4-B2B1-901F640F5155}

Error: (03/12/2021 11:18:45 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-M0JLLH3)
Description: En DCOM-server: {9F156763-7844-4DC4-B2B1-901F640F5155} kunne ikke startes som Ikke tilgængelig/Ikke tilgængelig. Fejlen:
"2147958106"
Opstod ved start af denne kommando:
"C:\Windows\system32\DllHost.exe" /Processid:{9F156763-7844-4DC4-B2B1-901F640F5155}

Windows Defender:
================
Date: 2021-01-30 17:30:55
Description:
Microsoft Defender Antivirus har registreret ondsindet software eller anden potentielt uønsket software.
Du kan finde flere oplysninger i det følgende:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Navn: HackTool:Win32/Keygen
Id: 2147593794
Alvorsgrad: Høj
Kategori: Værktøj
Sti: file:_C:\Users\quocd\AppData\Local\Temp\Rar$DRb288.8393\IDM_6.38_Build_15_Multilingual\Crack\Patch.exe
Registreringsoprindelse: Lokal computer
Registreringstype: Konkret
Registreringskilde: Fuldtidsbeskyttelse
Bruger: DESKTOP-M0JLLH3\quocd
Procesnavn: C:\Windows\explorer.exe
Version af sikkerhedsintelligens: AV: 1.329.2950.0, AS: 1.329.2950.0, NIS: 1.329.2950.0
Programversion: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-15 14:04:25
Description:
Microsoft Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {973F421E-F631-4B2D-9E0E-16E6D9A7B067}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2021-01-12 11:49:05
Description:
Microsoft Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {1F9D9C38-4822-463A-A83A-8D824DCC4289}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2021-01-10 12:58:19
Description:
Microsoft Defender Antivirus har registreret ondsindet software eller anden potentielt uønsket software.
Du kan finde flere oplysninger i det følgende:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Navn: Trojan:Script/Wacatac.B!ml
Id: 2147735503
Alvorsgrad: Alvorlig
Kategori: Trojan
Sti: file:_C:\Users\quocd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AutoToaster.lnk; file:_F:\Portable Apps\- PMTAutoToaster\AutoToaster.exe; process:_pid:3356,ProcessStart:132547534777897087
Registreringsoprindelse: Lokal computer
Registreringstype: FastPath
Registreringskilde: System
Bruger: NT AUTHORITY\SYSTEM
Procesnavn: F:\Portable Apps\- PMTAutoToaster\AutoToaster.exe
Version af sikkerhedsintelligens: AV: 1.329.1700.0, AS: 1.329.1700.0, NIS: 1.329.1700.0
Programversion: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-10 12:58:01
Description:
Microsoft Defender Antivirus har registreret ondsindet software eller anden potentielt uønsket software.
Du kan finde flere oplysninger i det følgende:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Navn: Trojan:Script/Wacatac.B!ml
Id: 2147735503
Alvorsgrad: Alvorlig
Kategori: Trojan
Sti: file:_F:\Portable Apps\- PMTAutoToaster\AutoToaster.exe
Registreringsoprindelse: Lokal computer
Registreringstype: FastPath
Registreringskilde: System
Bruger: NT AUTHORITY\SYSTEM
Procesnavn: F:\Portable Apps\- PMTAutoToaster\AutoToaster.exe
Version af sikkerhedsintelligens: AV: 1.329.1700.0, AS: 1.329.1700.0, NIS: 1.329.1700.0
Programversion: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-03-11 20:18:29
Description:
Microsoft Defender Antivirus har registreret en fejl under forsøg på at opdatere sikkerhedsintelligens.
Ny version af sikkerhedsintelligens:
Forrige version af sikkerhedsintelligens: 1.331.2350.0
:     Opdater kilde: Microsoft Malware Protection Center
Type af sikkerhedsintelligens: AntiSpyware
Opdateringstype: Fuld
Bruger: NT AUTHORITY\NETVÆRKSTJENESTE
Aktuel programversion:
Forrige programversion: 1.1.17800.5
Fejlkode: 0x80072f8f
Fejlbeskrivelse: Der opstod et sikkerhedsproblem

Date: 2021-03-11 20:18:29
Description:
Microsoft Defender Antivirus har registreret en fejl under forsøg på at opdatere sikkerhedsintelligens.
Ny version af sikkerhedsintelligens:
Forrige version af sikkerhedsintelligens: 1.331.2350.0
:     Opdater kilde: Microsoft Malware Protection Center
Type af sikkerhedsintelligens: AntiVirus
Opdateringstype: Fuld
Bruger: NT AUTHORITY\NETVÆRKSTJENESTE
Aktuel programversion:
Forrige programversion: 1.1.17800.5
Fejlkode: 0x80072f8f
Fejlbeskrivelse: Der opstod et sikkerhedsproblem

Date: 2021-03-11 20:18:28
Description:
Microsoft Defender Antivirus har registreret en fejl under forsøg på at opdatere sikkerhedsintelligens.
Ny version af sikkerhedsintelligens:
Forrige version af sikkerhedsintelligens: 1.331.2350.0
:     Opdater kilde: Microsoft Update-server
Type af sikkerhedsintelligens: AntiVirus
Opdateringstype: Fuld
Bruger: NT AUTHORITY\SYSTEM
Aktuel programversion:
Forrige programversion: 1.1.17800.5
Fejlkode: 0x8007045b
Fejlbeskrivelse: Systemet er ved at lukke ned.

Date: 2021-03-07 20:40:01
Description:
Microsoft Defender Antivirus-funktionen til fuldtidsbeskyttelse har registreret en fejl og er stoppet.
Funktion:Netværksinspektion
Fejlkode:0x8007045b
Fejlbeskrivelse:Systemet er ved at lukke ned.
Årsag:Systemet mangler de nødvendige opdateringer for at kunne køre Network Inspection System. Installér de nødvendige opdateringer, og genstart enheden.

Date: 2021-02-14 22:22:00
Description:
Microsoft Defender Antivirus-funktionen til fuldtidsbeskyttelse har registreret en fejl og er stoppet.
Funktion:Netværksinspektion
Fejlkode:0x8007045b
Fejlbeskrivelse:Systemet er ved at lukke ned.
Årsag:Systemet mangler de nødvendige opdateringer for at kunne køre Network Inspection System. Installér de nødvendige opdateringer, og genstart enheden.

CodeIntegrity:
===============
Date: 2021-03-13 14:10:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-13 14:07:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

 

[hund]

Excatly caused today that all programs stopped working which I have to exit Malwarebytes before it gets worse

[AdvancedSetup]

Hello @hund

ATTENTION: System Restore is disabled (Total:111.18 GB) (Free:22.56 GB) (20%)

I would highly recommend that you enable System Restore and create a new Restore Point

Please go to Control Panel, Programs, Programs and Features and uninstall the following

Bonjour
All older versions of Java. If you really need Java then uninstall the old versions and keep it up to date. Java is often a target to compromise.  https://java.com

 

What exactly is mDNSResponder.exe? (Bonjour)

https://www.groovypost.com/howto/howto/what-is-mdnsresponder-exe-and-why-is-it-running/

MDNSResponder, also known as Bonjour, is Apple’s native zero-configuration networking process for Mac that was ported over to Windows and associated with MDNSNSP.DLL.  On a Mac or iOS device, this program is used for networking nearly everything.  On Windows, this process is only necessary for sharing libraries via iTunes and other Mac applications like the Apple TV that were ported to Windows.  Bonjour allows different computers running iTunes to communicate with each other regardless of network configuration, this is because it enables automatic network discovery.

What Is mDNSResponder.exe / Bonjour and How Can I Uninstall or Remove It?
https://www.howtogeek.com/howto/6456/what-is-mdnsresponder.exe-bonjour-and-how-can-i-uninstall-or-remove-it/

 

 

Just curious of you're Chinese or not. There is some Chinese software installed that is not common to see on most systems. Did you install them on purpose?

 

You have a significant amount of system errors and at least a few keygens and cracks that often lead to a compromised operating system. Just an FYI that playing around with illegally cracked software can pose a risk to the system and your data and believing that Security or Antivirus software will protect you is not prudent. It may protect you in most cases but in some cases it may not and you could potentially lose all your data or have personal information stolen from you.

 

 

 

Application errors:
==================
Error: (03/13/2021 01:54:54 PM) (Source: SecurityCenter) (EventID: 17) (User:)
Description: Security Center could not validate the caller with error% 1.

Error: (03/13/2021 11:20:43 AM) (Source: Application Error) (EventID: 1000) (User:)
Description: Error program name: OLicenseHeartbeat.exe, version: 16.0.13801.20182, timestamp: 0x602dd932
Name of module with error: KERNELBASE.dll, version: 10.0.19041.804, timestamp: 0x0e9c5eae
Exception code: 0xc06d007e
Offset with error 0x000000000002d759
Process ID 0x3b14
Program start time 0x01d717f28629f7f8
Program path: C: \ Program Files \ Common Files \ Microsoft Shared \ Office16 \ OLicenseHeartbeat.exe
Module path: C: \ Windows \ System32 \ KERNELBASE.dll
Report ID: 692952bf-ad92-42ba-a4d3-2857e1a9f8cc
Full name of program with error:
Relative program ID for program with error:

Error: (03/12/2021 03:26:17 PM) (Source: Application Error) (EventID: 1000) (User:)
Description: Error program name: adb.exe, version: 0.0.0.0, time stamp: 0x31993187
Name of module with error: ucrtbase.dll, version: 10.0.19041.789, timestamp: 0x82dc99a2
Exception code: 0xc0000409
Offset with error 0x0009eddb
Process ID 0x4124
Program start time 0x01d7173ad8f1c0c8
Software: D: \ AndroidSDK \ platform-tools \ adb.exe
Module path: C: \ Windows \ System32 \ ucrtbase.dll
Report ID: 6bfa9aa9-2c63-4ebb-99d8-094e4d54fca3
Full name of program with error:
Relative program ID for program with error:

Error: (03/12/2021 09:51:07 AM) (Source: Application Hang) (EventID: 1002) (User:)
Description: The Un_A.exe program, version 5.0.0.1409 was terminated when it stopped communicating with Windows. For more information about the issue, see the issue history in the Security and Maintenance control panel.

Process ID: 7e8

Start time: 01d7171b88eab3b3

Closing time: 4294967295

Program: C: \ Users \ quocd \ AppData \ Local \ Temp \ ~ nsuA.tmp \ Un_A.exe

Report ID: 2f5dc4a9-b243-4fb7-bf6b-51c0651d0698

Full name of faulty package:

Program ID relative to faulty package:

Type of locking: Top level window is idle

Error: (03/12/2021 09:44:31 AM) (Source: Application Error) (EventID: 1000) (User:)
Description: Error program name: OLicenseHeartbeat.exe, version: 16.0.13801.20182, timestamp: 0x602dd932
Name of module with error: KERNELBASE.dll, version: 10.0.19041.804, timestamp: 0x0e9c5eae
Exception code: 0xc06d007e
Offset with error 0x000000000002d759
Process ID 0x3ff4
Program start time 0x01d7171beb8bc1b2
Program path: C: \ Program Files \ Common Files \ Microsoft Shared \ Office16 \ OLicenseHeartbeat.exe
Module path: C: \ Windows \ System32 \ KERNELBASE.dll
Report ID: 857d0fe2-a175-4c9c-b51e-d26254c27a16
Full name of program with error:
Relative program ID for program with error:

Error: (03/11/2021 04:25:09 PM) (Source: Application Error) (EventID: 1000) (User:)
Description: Program name with error: AutoToaster.exe, version: 1.0.1.0, timestamp: 0x604a15fc
Name of module with error: KERNELBASE.dll, version: 10.0.19041.804, timestamp: 0x0e9c5eae
Exception code: 0xe0434352
Offset with error 0x000000000002d759
Process ID 0xacc
Program start time 0x01d7168ab8ab4233
Program: F: \ Portable Apps \ - PMTAutoToaster \ AutoToaster.exe
Module path: C: \ Windows \ System32 \ KERNELBASE.dll
Report ID: 64ea54a3-ca89-464c-80d2-18b3a015097c
Full name of program with error:
Relative program ID for program with error:

Error: (03/11/2021 04:25:09 PM) (Source: .NET Runtime) (EventID: 1026) (User:)
Description: Program: AutoToaster.exe
Framework version: v4.0.30319
Description: This process was terminated due to an unhandled exception.
Exception Information: System.IO.FileNotFoundException
   at System.IO .__ Error.WinIOError (Int32, System.String)
   at System.IO.FileStream.Init (System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean , Boolean, Boolean)
   at System.IO.FileStream..ctor (System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32)
   at System.Xml.XmlDownloadManager.GetStream (System.Uri, System.Net.ICredentials, System.Net.IWebProxy, System.Net.Cache.RequestCachePolicy)
   at System.Xml.XmlUrlResolver.GetEntity (System.Uri, System.String, System.Type)
   at System.Xml.XmlTextReaderImpl.FinishInitUriString ()
   at System.Xml.XmlReaderSettings.CreateReader (System.String, System.Xml.XmlParserContext)
   at System.Xml.Linq.XElement.Load (System.String, System.Xml.Linq.LoadOptions)
   at Bugsnag.UnhandledException.DetermineUnobservedTerminates ()
   at Bugsnag.UnhandledException..ctor ()
   at Bugsnag.UnhandledException.get_Instance ()
   at Bugsnag.Client..ctor (Bugsnag.IConfiguration, Bugsnag.IDelivery, Bugsnag.IBreadcrumbs, Bugsnag.ISessionTracker)
   at Bugsnag.Client..ctor (Bugsnag.IConfiguration)
   by SaveToGameWpf.Logic.GlobalVariables..ctor ()
   by DynamicClass.lambda_method (System.Runtime.CompilerServices.Closure

Application errors:
==================
Error: (03/13/2021 01:54:54 PM) (Source: SecurityCenter) (EventID: 17) (User:)
Description: Security Center could not validate the caller with error% 1.

Error: (03/13/2021 11:20:43 AM) (Source: Application Error) (EventID: 1000) (User:)
Description: Error program name: OLicenseHeartbeat.exe, version: 16.0.13801.20182, timestamp: 0x602dd932
Name of module with error: KERNELBASE.dll, version: 10.0.19041.804, timestamp: 0x0e9c5eae
Exception code: 0xc06d007e
Offset with error 0x000000000002d759
Process ID 0x3b14
Program start time 0x01d717f28629f7f8
Program path: C: \ Program Files \ Common Files \ Microsoft Shared \ Office16 \ OLicenseHeartbeat.exe
Module path: C: \ Windows \ System32 \ KERNELBASE.dll
Report ID: 692952bf-ad92-42ba-a4d3-2857e1a9f8cc
Full name of program with error:
Relative program ID for program with error:

Error: (03/12/2021 03:26:17 PM) (Source: Application Error) (EventID: 1000) (User:)
Description: Error program name: adb.exe, version: 0.0.0.0, time stamp: 0x31993187
Name of module with error: ucrtbase.dll, version: 10.0.19041.789, timestamp: 0x82dc99a2
Exception code: 0xc0000409
Offset with error 0x0009eddb
Process ID 0x4124
Program start time 0x01d7173ad8f1c0c8
Software: D: \ AndroidSDK \ platform-tools \ adb.exe
Module path: C: \ Windows \ System32 \ ucrtbase.dll
Report ID: 6bfa9aa9-2c63-4ebb-99d8-094e4d54fca3
Full name of program with error:
Relative program ID for program with error:

Error: (03/12/2021 09:51:07 AM) (Source: Application Hang) (EventID: 1002) (User:)
Description: The Un_A.exe program, version 5.0.0.1409 was terminated when it stopped communicating with Windows. For more information about the issue, see the issue history in the Security and Maintenance control panel.

Process ID: 7e8

Start time: 01d7171b88eab3b3

Closing time: 4294967295

Program: C: \ Users \ quocd \ AppData \ Local \ Temp \ ~ nsuA.tmp \ Un_A.exe

Report ID: 2f5dc4a9-b243-4fb7-bf6b-51c0651d0698

Full name of faulty package:

Program ID relative to faulty package:

Type of locking: Top level window is idle

Error: (03/12/2021 09:44:31 AM) (Source: Application Error) (EventID: 1000) (User:)
Description: Error program name: OLicenseHeartbeat.exe, version: 16.0.13801.20182, timestamp: 0x602dd932
Name of module with error: KERNELBASE.dll, version: 10.0.19041.804, timestamp: 0x0e9c5eae
Exception code: 0xc06d007e
Offset with error 0x000000000002d759
Process ID 0x3ff4
Program start time 0x01d7171beb8bc1b2
Program path: C: \ Program Files \ Common Files \ Microsoft Shared \ Office16 \ OLicenseHeartbeat.exe
Module path: C: \ Windows \ System32 \ KERNELBASE.dll
Report ID: 857d0fe2-a175-4c9c-b51e-d26254c27a16
Full name of program with error:
Relative program ID for program with error:

Error: (03/11/2021 04:25:09 PM) (Source: Application Error) (EventID: 1000) (User:)
Description: Program name with error: AutoToaster.exe, version: 1.0.1.0, timestamp: 0x604a15fc
Name of module with error: KERNELBASE.dll, version: 10.0.19041.804, timestamp: 0x0e9c5eae
Exception code: 0xe0434352
Offset with error 0x000000000002d759
Process ID 0xacc
Program start time 0x01d7168ab8ab4233
Program: F: \ Portable Apps \ - PMTAutoToaster \ AutoToaster.exe
Module path: C: \ Windows \ System32 \ KERNELBASE.dll
Report ID: 64ea54a3-ca89-464c-80d2-18b3a015097c
Full name of program with error:
Relative program ID for program with error:

Error: (03/11/2021 04:25:09 PM) (Source: .NET Runtime) (EventID: 1026) (User:)
Description: Program: AutoToaster.exe
Framework version: v4.0.30319
Description: This process was terminated due to an unhandled exception.
Exception Information: System.IO.FileNotFoundException
   at System.IO .__ Error.WinIOError (Int32, System.String)
   at System.IO.FileStream.Init (System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean , Boolean, Boolean)
   at System.IO.FileStream..ctor (System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32)
   at System.Xml.XmlDownloadManager.GetStream (System.Uri, System.Net.ICredentials, System.Net.IWebProxy, System.Net.Cache.RequestCachePolicy)
   at System.Xml.XmlUrlResolver.GetEntity (System.Uri, System.String, System.Type)
   at System.Xml.XmlTextReaderImpl.FinishInitUriString ()
   at System.Xml.XmlReaderSettings.CreateReader (System.String, System.Xml.XmlParserContext)
   at System.Xml.Linq.XElement.Load (System.String, System.Xml.Linq.LoadOptions)
   at Bugsnag.UnhandledException.DetermineUnobservedTerminates ()
   at Bugsnag.UnhandledException..ctor ()
   at Bugsnag.UnhandledException.get_Instance ()
   at Bugsnag.Client..ctor (Bugsnag.IConfiguration, Bugsnag.IDelivery, Bugsnag.IBreadcrumbs, Bugsnag.ISessionTracker)
   at Bugsnag.Client..ctor (Bugsnag.IConfiguration)
   by SaveToGameWpf.Logic.GlobalVariables..ctor ()
   by DynamicClass.lambda_method (System.Runtime.CompilerServices.Closure

ing.Dispatcher.ProcessQueue()
   ved System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   ved MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   ved MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   ved System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   ved System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   ved System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   ved MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   ved MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   ved System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   ved System.Windows.Application.RunDispatcher(System.Object)
   ved System.Windows.Application.RunInternal(System.Windows.Window)
   ved SaveToGameWpf.App.Main()

Error: (03/11/2021 04:24:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: AutoToaster.exe, version: 1.0.1.0, tidsstempel: 0x604a15fc
Navn på modul med fejl: KERNELBASE.dll, version: 10.0.19041.804, tidsstempel: 0x0e9c5eae
Undtagelseskode: 0xe0434352
Forskydning med fejl 0x000000000002d759
Proces-id 0x572c
Programmets starttidspunkt 0x01d7168aad62296b
Programsti: F:\Portable Apps\- PMTAutoToaster\AutoToaster.exe
Modulsti: C:\Windows\System32\KERNELBASE.dll
Rapport-id: 03922e63-11b8-4d72-afc5-e5fd75893ca2
Fuldt navn på program med fejl:
Relativt program-id for program med fejl:

System errors:
=============
Error: (03/13/2021 11:14:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten Fing.Agent kunne ikke starte pga. følgende fejl:
Den angivne fil blev ikke fundet.

Error: (03/12/2021 10:29:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjenesten VMware Workstation Server blev afbrudt uventet. Dette er sket 1 gange. Følgende korrigerende handling foretages om 60000 millisekunder: Genstart tjenesten.

Error: (03/12/2021 01:55:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjenesten Origin Client Service afsluttede uventet. Dette er sket 1 gang(e).

Error: (03/12/2021 11:18:46 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-M0JLLH3)
Description: En DCOM-server: {9F156763-7844-4DC4-B2B1-901F640F5155} kunne ikke startes som Ikke tilgængelig/Ikke tilgængelig. Fejlen:
"2147958106"
Opstod ved start af denne kommando:
"C:\Windows\system32\DllHost.exe" /Processid:{9F156763-7844-4DC4-B2B1-901F640F5155}

Error: (03/12/2021 11:18:46 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-M0JLLH3)
Description: En DCOM-server: {9F156763-7844-4DC4-B2B1-901F640F5155} kunne ikke startes som Ikke tilgængelig/Ikke tilgængelig. Fejlen:
"2147958106"
Opstod ved start af denne kommando:
"C:\Windows\system32\DllHost.exe" /Processid:{9F156763-7844-4DC4-B2B1-901F640F5155}

Error: (03/12/2021 11:18:46 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-M0JLLH3)
Description: En DCOM-server: {9F156763-7844-4DC4-B2B1-901F640F5155} kunne ikke startes som Ikke tilgængelig/Ikke tilgængelig. Fejlen:
"2147958106"
Opstod ved start af denne kommando:
"C:\Windows\system32\DllHost.exe" /Processid:{9F156763-7844-4DC4-B2B1-901F640F5155}

Error: (03/12/2021 11:18:46 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-M0JLLH3)
Description: En DCOM-server: {9F156763-7844-4DC4-B2B1-901F640F5155} kunne ikke startes som Ikke tilgængelig/Ikke tilgængelig. Fejlen:
"2147958106"
Opstod ved start af denne kommando:
"C:\Windows\system32\DllHost.exe" /Processid:{9F156763-7844-4DC4-B2B1-901F640F5155}

Error: (03/12/2021 11:18:45 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-M0JLLH3)
Description: En DCOM-server: {9F156763-7844-4DC4-B2B1-901F640F5155} kunne ikke startes som Ikke tilgængelig/Ikke tilgængelig. Fejlen:
"2147958106"
Opstod ved start af denne kommando:
"C:\Windows\system32\DllHost.exe" /Processid:{9F156763-7844-4DC4-B2B1-901F640F5155}

Windows Defender:
================
Date: 2021-01-30 17:30:55
Description:
Microsoft Defender Antivirus har registreret ondsindet software eller anden potentielt uønsket software.
Du kan finde flere oplysninger i det følgende:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Navn: HackTool:Win32/Keygen
Id: 2147593794
Alvorsgrad: Høj
Kategori: Værktøj
Sti: file:_C:\Users\quocd\AppData\Local\Temp\Rar$DRb288.8393\IDM_6.38_Build_15_Multilingual\Crack\Patch.exe
Registreringsoprindelse: Lokal computer
Registreringstype: Konkret
Registreringskilde: Fuldtidsbeskyttelse
Bruger: DESKTOP-M0JLLH3\quocd
Procesnavn: C:\Windows\explorer.exe
Version af sikkerhedsintelligens: AV: 1.329.2950.0, AS: 1.329.2950.0, NIS: 1.329.2950.0
Programversio

 

n: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-15 14:04:25
Description:
Microsoft Defender Antivirus scanning has been stopped before it is completed.
Scan ID: {973F421E-F631-4B2D-9E0E-16E6D9A7B067}
Scan type: AntiMalware
Scanning parameters: Fast scanning
User: NT AUTHORITY \ SYSTEM

Date: 2021-01-12 11:49:05
Description:
Microsoft Defender Antivirus scanning has been stopped before it is completed.
Scan ID: {1F9D9C38-4822-463A-A83A-8D824DCC4289}
Scan type: AntiMalware
Scanning parameters: Fast scanning
User: NT AUTHORITY \ SYSTEM

Date: 2021-01-10 12:58:19
Description:
Microsoft Defender Antivirus has detected malicious software or other potentially unwanted software.
You can find more information in the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan: Script / Wacatac.B! Ml
Id: 2147735503
Severity: Severe
Category: Trojan
Sti: file: _C: \ Users \ quocd \ AppData \ Roaming \ Microsoft \ Internet Explorer \ Quick Launch \ User Pinned \ TaskBar \ AutoToaster.lnk; file: _F: \ Portable Apps \ - PMTAutoToaster \ AutoToaster.exe; process: _pid: 3356, ProcessStart: 132547534777897087
Registration origin: Local computer
Registration type: FastPath
Registration source: System
User: NT AUTHORITY \ SYSTEM
Process Name: F: \ Portable Apps \ - PMTAutoToaster \ AutoToaster.exe
Version of security intelligence: AV: 1.329.1700.0, AS: 1.329.1700.0, NIS: 1.329.1700.0
Program version: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-10 12:58:01
Description:
Microsoft Defender Antivirus has detected malicious software or other potentially unwanted software.
You can find more information in the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan: Script / Wacatac.B! Ml
Id: 2147735503
Severity: Severe
Category: Trojan
Sti: file: _F: \ Portable Apps \ - PMTAutoToaster \ AutoToaster.exe
Registration origin: Local computer
Registration type: FastPath
Registration source: System
User: NT AUTHORITY \ SYSTEM
Process Name: F: \ Portable Apps \ - PMTAutoToaster \ AutoToaster.exe
Version of security intelligence: AV: 1.329.1700.0, AS: 1.329.1700.0, NIS: 1.329.1700.0
Program version: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-03-11 20:18:29
Description:
Microsoft Defender Antivirus has detected an error while trying to update security intelligence.
New version of security intelligence:
Previous version of security intelligence: 1.331.2350.0
: Update Source: Microsoft Malware Protection Center
Type of security intelligence: AntiSpyware
Update type: Full
User: NT AUTHORITY \ NETWORK SERVICE
Current software version:
Previous software version: 1.1.17800.5
Error code: 0x80072f8f
Error Description: A security issue has occurred

Date: 2021-03-11 20:18:29
Description:
Microsoft Defender Antivirus has detected an error while trying to update security intelligence.
New version of security intelligence:
Previous version of security intelligence: 1.331.2350.0
: Update Source: Microsoft Malware Protection Center
Type of security intelligence: AntiVirus
Update type: Full
User: NT AUTHORITY \ NETWORK SERVICE
Current software version:
Previous software version: 1.1.17800.5
Error code: 0x80072f8f
Error Description: A security issue has occurred

Date: 2021-03-11 20:18:28
Description:
Microsoft Defender Antivirus has detected an error while trying to update security intelligence.
New version of security intelligence:
Previous version of security intelligence: 1.331.2350.0
: Update Source: Microsoft Update Server
Type of security intelligence: AntiVirus
Update type: Full
User: NT AUTHORITY \ SYSTEM
Current software version:
Previous software version: 1.1.17800.5
Error code: 0x8007045b
Error description: The system is shutting down.

Date: 2021-03-07 20:40:01
Description:
The Microsoft Defender Antivirus Full-Time Protection feature has detected an error and has stopped.
Function: Network inspection
Error code: 0x8007045b
Error description: The system is shutting down.
Cause: The system lacks the necessary updates to run the Network Inspection System. Install the necessary updates and restart the device.

Date: 2021-02-14 22:22:00
Description:
The Microsoft Defender Antivirus full-time protection feature has detected an error and has stopped.
Function: Network inspection
Error code: 0x8007045b
Error description: The system is shutting down.
Cause: The system lacks the necessary updates to run the Network Inspection System. Install the necessary updates and restart the device.

 

 

There is quite a bit goijng on here and without cleaning it all up I don't think our program is going to work well for you.

If you're will to try to clean up some of this and look at removing old, or possibly unwanted software and validate and verify the operating system files, etc then I'll be happy to help you clean up.

If you're not really interested though that's fine too, just let me know. As it is currently though I don't think our program will work correctly

Thanks

 

 

 

[hund]

I don't mind System Restore being disabled, but I enable it back then. I would just reinstall if windows is broken and not recoverable

I'm not chinese, i'm vietnamese-danish and my english is not the best. I needed to install chinese tools for development purposes. I understand the risk of using chinese tools and cracked softwares but had no choice, i'm slowly purchasing softwares though. There were no english softwares I could use. It's also likely that cracked software can freeze my system until I exit malwarebytes, i'm not sure though but I will see and will get rid if it. Exiting Malwarebytes which returns my system to normal, made me report here.

I have uninstalled softwares I don't need and ran the Support tool and rebooted my PC https://support.malwarebytes.com/hc/en-us/articles/360039023473-Uninstall-and-reinstall-using-the-Malwarebytes-Support-Tool Hopefully it solves the problem.

As i'm power user, I always try to address the problems by myself. I might come back if i'm really stuck

Thanks

[hund]

*Also uninstalled Bonjour and all older versions of Java, and updated Java to latest version

[AdvancedSetup]

Please run the following on the computer.

Open an elevated admin command prompt. Then copy / paste the following and then press the Enter key.

SFC  /SCANNOW 

If that returns successfully and says nothing found or it finds and fixes issues that's good. If on the other hand it say it finds issues but cannot fix them then please run the following

Copy  / Paste into the command prompt and press the Enter key

DISM.exe /Online /Cleanup-image /Restorehealth 

If that returns success then run the SFC command again.

Then restart the computer.

If you get an error from DISM please let me know what the error is.

 

[hund]

I did run SFC  /SCANNOW  and it was succesful and fixed

A week later, the issue came back again randomly, internet disconnects, my programs including task manager hangs and won't launch. I couldn't do anything with Task manager. Instead exiting Malwarebytes, I opened up Malwarebytes from task bar to see what is going on. it was freezing too, so i tried hard to close Malwarebytes by clicking many times until Windows ask me to close it. Like i said as soon as i close/exit/kill Malwarebytes, everything returned to normal

[AdvancedSetup]

But did you ever clean up that mess of Event Log errors?

Between the cracked software that's been run on the system and multiple system errors it would probably be best to backup your data to an external USB drive. Then FDISK, Format and reinstall Windows from scratch and then restore your data back.

 

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you