Jump to content

Recommended Posts

Just now, Marctwang said:

I did a clean uninstall and reinstall through the support tool but the problem persists. Any help appreciated.

Please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

 

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thanks

Link to post
Share on other sites

  • Root Admin

Hello @Marctwang

The logs indicate your computer has a lot of faulting applications as well as missing files and other issues. None of these are related to malware threats that I see but they're also not related to our program.

If you like I can help you do some generic computer clean up and see if that helps. Let me know if you'd like assistance with that.

Thanks

 

 

 

Application errors:
==================
Error: (11/08/2021 08:35:31 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-FP9OBPN)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (11/08/2021 08:32:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{F1FFBA3D-C08F-41E4-98B2-07144A4928A9}\recordingmanager.exe".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/08/2021 08:31:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: KNDBWM.exe, version: 3.1021.524.1, time stamp: 0x60ab4441
Faulting module name: KNDBWM.exe, version: 3.1021.524.1, time stamp: 0x60ab4441
Exception code: 0xc0000005
Fault offset: 0x000000000007a104
Faulting process id: 0x28f8
Faulting application start time: 0x01d7d4be1505d031
Faulting application path: C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
Faulting module path: C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
Report Id: dd4dbfaa-1dc6-4bb0-8a8a-ccdd38499e0e
Faulting package full name:
Faulting package-relative application ID:

Error: (11/07/2021 08:32:00 PM) (Source: Acronis Scheduler) (EventID: 1) (User: DESKTOP-FP9OBPN)
Description: Scheduler failed to run task  with GUID '1A7779C8-8294-4740-8160-E7D888EB3738' because of error 3 (The system cannot find the path specified).

Error: (11/07/2021 05:33:37 PM) (Source: Acronis Scheduler) (EventID: 1) (User: DESKTOP-FP9OBPN)
Description: Scheduler failed to run task  with GUID '35CD6FD7-EB08-40BF-9D7B-33B0535CBF1B' because of error 3 (The system cannot find the path specified).

Error: (11/07/2021 05:32:00 PM) (Source: Acronis Scheduler) (EventID: 1) (User: DESKTOP-FP9OBPN)
Description: Scheduler failed to run task  with GUID '1A7779C8-8294-4740-8160-E7D888EB3738' because of error 3 (The system cannot find the path specified).

Error: (11/07/2021 02:38:15 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-FP9OBPN)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (11/07/2021 02:34:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: KNDBWM.exe, version: 3.1021.524.1, time stamp: 0x60ab4441
Faulting module name: KNDBWM.exe, version: 3.1021.524.1, time stamp: 0x60ab4441
Exception code: 0xc0000005
Fault offset: 0x000000000007a104
Faulting process id: 0x24a4
Faulting application start time: 0x01d7d42796b97172
Faulting application path: C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
Faulting module path: C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
Report Id: 3c2a6053-237c-4a1e-a394-ff8f336bcd66
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (11/08/2021 08:34:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service queencreek service terminated with the following error:
{Volume Shadow Copy Service}
The system is now ready for hibernation.

Error: (11/08/2021 08:33:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Browser service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (11/08/2021 08:33:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Browser service to connect.

Error: (11/08/2021 08:33:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Browser service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (11/08/2021 08:33:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Browser service to connect.

Error: (11/08/2021 08:33:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Browser service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (11/08/2021 08:33:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Browser service to connect.

Error: (11/08/2021 08:33:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Browser service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.


Windows Defender:
================
Date: 2021-10-24 09:51:34
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/OpenDownloadManager&threatid=312003&enterprise=0
Name: PUADlManager:Win32/OpenDownloadManager
Severity: Low
Category: Potentially Unwanted Software
Path: file:_E:\Downloads-\Installer.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.351.755.0, AS: 1.351.755.0, NIS: 1.351.755.0
Engine Version: AM: 1.1.18600.4, NIS: 1.1.18600.4

Date: 2021-10-17 09:05:24
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849&enterprise=0
Name: Misleading:Win32/Lodi
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Program Files (x86)\Glary Utilities 5\Integrator.exe; file:_C:\Windows\Temp\TmpAD9B.tmp
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Security intelligence Version: AV: 1.351.534.0, AS: 1.351.534.0, NIS: 1.351.534.0
Engine Version: AM: 1.1.18600.4, NIS: 1.1.18600.4

Date: 2021-10-16 21:47:24
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849&enterprise=0
Name: Misleading:Win32/Lodi
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Program Files (x86)\Glary Utilities 5\Integrator.exe; file:_C:\Windows\Temp\TmpAD9B.tmp
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
Security intelligence Version: AV: 1.351.534.0, AS: 1.351.534.0, NIS: 1.351.534.0
Engine Version: AM: 1.1.18600.4, NIS: 1.1.18600.4

Date: 2021-10-16 21:42:30
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849&enterprise=0
Name: Misleading:Win32/Lodi
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Program Files (x86)\Glary Utilities 5\Integrator.exe; file:_C:\Windows\Temp\TmpAD9B.tmp
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
Security intelligence Version: AV: 1.351.534.0, AS: 1.351.534.0, NIS: 1.351.534.0
Engine Version: AM: 1.1.18600.4, NIS: 1.1.18600.4

Date: 2021-10-16 19:25:16
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849&enterprise=0
Name: Misleading:Win32/Lodi
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Program Files (x86)\Glary Utilities 5\Integrator.exe; file:_C:\Windows\Temp\TmpAD9B.tmp
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Security intelligence Version: AV: 1.351.534.0, AS: 1.351.534.0, NIS: 1.351.534.0
Engine Version: AM: 1.1.18600.4, NIS: 1.1.18600.4
Event[0]:

Date: 2021-11-05 19:34:42
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Backup
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.351.755.0;1.351.755.0
Engine version: 1.1.18600.4

Date: 2021-11-05 19:34:41
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.353.94.0;1.353.94.0
Engine version: 1.1.18700.4

Date: 2021-10-20 12:22:26
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Backup
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.349.1819.0;1.349.1819.0
Engine version: 1.1.18500.10

Date: 2021-10-20 12:22:25
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.351.633.0;1.351.633.0
Engine version: 1.1.18600.4

Date: 2021-10-18 14:17:28
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007045b
Error description: A system shutdown is in progress.
Reason: The system is missing updates that are required for running Network Inspection System.  Install the required updates and restart the device.

 

Link to post
Share on other sites

  • Root Admin

I would recommend you go to Control Panel, Programs, Programs and Features and uninstall the following

Bonjour

CCleaner (this will not change loading speed but it is no longer a recommended program by computer experts)

 

Please setup exclusions for the following programs

Acronis Cyber Protect Home Office
SUPERAntiSpyware

https://support.malwarebytes.com/hc/en-us/articles/360038522974-Malwarebytes-for-Windows-antivirus-exclusions-list

 

Not sure what this is as the entry is set to Hidden so it doesn't show in Add/Remove for programs. You need to look into the Registry for it and see if you can find more details about it.

. . (HKLM\...\{B994CB81-2376-4BF3-9648-DA8736384B26}) (Version: 7.1 - Intel) Hidden

 

Let me know if you'd like further assistance on clean up

Cheers

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.