Jump to content

Crashing despite alleged cleanness


Lukaina
 Share

Recommended Posts

A few months ago, programs started crashing at random. I only just now got around to trying to fix it. "(Application name) has encountered a problem and has to close." Occasionally, it will restart itself out of the blue. I reformatted, but the problem persists. I've run MBAM, Avast, disk check, disk cleanup, and defrag, everything returns clean. I followed the instructions in the What Now pinned topic. The GMER crashed twice before it completed.

MBAM log:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4546

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

9/6/2010 4:49:50 PM

mbam-log-2010-09-06 (16-49-50).txt

Scan type: Full scan (C:\|)

Objects scanned: 138457

Time elapsed: 15 minute(s), 11 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS log:

DDS (Ver_10-03-17.01) - NTFSx86

Run by Administrator at 16:51:05.98 on Mon 09/06/2010

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.685 [GMT -4:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [steam] "c:\program files\steam\Steam.exe" -silent

mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [igfxtray] c:\windows\system32\igfxtray.exe

mRun: [igfxpers] c:\windows\system32\igfxpers.exe

mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-9-4 165456]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-9-4 17744]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-4 40384]

R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-4 40384]

R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-4 40384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-5 136176]

=============== Created Last 30 ================

2010-09-06 20:50:50 0 ----a-w- c:\documents and settings\administrator\defogger_reenable

2010-09-06 20:39:11 664 ----a-w- c:\windows\system32\d3d9caps.dat

2010-09-06 19:27:46 0 d-----w- c:\program files\common files\Blizzard Entertainment

2010-09-06 19:14:02 0 d-sha-r- C:\cmdcons

2010-09-06 19:13:10 98816 ----a-w- c:\windows\sed.exe

2010-09-06 19:13:10 77312 ----a-w- c:\windows\MBR.exe

2010-09-06 19:13:10 256512 ----a-w- c:\windows\PEV.exe

2010-09-06 19:13:10 161792 ----a-w- c:\windows\SWREG.exe

2010-09-06 06:44:07 0 d-----w- c:\windows\system32\URTTemp

2010-09-05 22:42:37 0 d-----w- c:\program files\DirectX

2010-09-05 22:20:23 0 dc-h--w- c:\windows\ie8

2010-09-05 20:40:23 0 d--h--w- c:\windows\msdownld.tmp

2010-09-05 20:40:16 0 d-----w- c:\windows\Logs

2010-09-05 09:21:56 0 d-----w- c:\program files\EA Games

2010-09-05 08:18:22 0 d-----w- c:\program files\Steam

2010-09-05 05:38:18 0 d-----w- c:\windows\pss

2010-09-05 03:19:11 0 d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes

2010-09-05 03:18:50 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-09-05 03:18:49 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-09-05 03:18:49 0 d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-09-05 03:18:49 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2010-09-05 02:54:49 135168 ----a-w- c:\windows\system32\igfxres.dll

2010-09-04 06:35:49 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2010-09-04 06:35:49 272128 ------w- c:\windows\system32\drivers\bthport.sys

2010-09-04 06:34:48 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2010-09-04 06:31:49 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2010-09-04 06:31:46 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2010-09-04 06:31:43 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2010-09-04 06:31:42 2066816 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe

2010-09-04 06:31:13 0 d-sh--w- c:\documents and settings\administrator\IECompatCache

2010-09-04 06:28:28 2560 ------w- c:\windows\system32\xpsp4res.dll

2010-09-04 06:27:06 38848 ----a-w- c:\windows\avastSS.scr

2010-09-04 06:26:46 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software

2010-09-04 06:26:23 0 d-----w- c:\windows\system32\PreInstall

2010-09-04 06:17:56 0 d-sh--w- c:\documents and settings\administrator\PrivacIE

2010-09-04 06:17:30 0 d-sh--w- c:\documents and settings\administrator\IETldCache

2010-09-04 06:15:10 0 d-----w- c:\windows\ie8updates

2010-09-04 06:15:09 0 d--h--w- c:\windows\$hf_mig$

2010-09-04 06:14:41 26144 ----a-w- c:\windows\system32\spupdsvc.exe

2010-09-04 06:12:19 16896 -c----w- c:\windows\system32\dllcache\iecompat.dll

2010-09-04 06:12:17 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2010-09-04 06:12:17 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2010-09-04 06:12:16 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2010-09-04 06:12:16 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2010-09-04 06:12:15 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2010-09-04 06:12:15 1986560 -c----w- c:\windows\system32\dllcache\iertutil.dll

2010-09-04 06:12:14 11077120 -c----w- c:\windows\system32\dllcache\ieframe.dll

2010-09-04 05:28:06 0 d--h--w- c:\program files\WindowsUpdate

2010-09-04 05:27:45 0 d-----w- c:\docume~1\alluse~1\applic~1\Blizzard

2010-09-04 05:27:33 0 d-----w- c:\program files\common files\MSSoap

2010-09-04 05:26:17 0 d-----w- c:\program files\Online Services

2010-09-04 05:26:11 0 d-----w- c:\program files\Messenger

2010-09-04 05:26:08 0 d-----w- c:\program files\MSN Gaming Zone

2010-09-04 05:25:38 0 d-----w- c:\program files\Windows NT

2010-09-04 05:08:21 0 d-----w- c:\program files\Analog Devices

2010-09-04 04:20:00 0 d-sh--w- c:\documents and settings\all users\DRM

2010-09-04 00:14:30 0 d-----r- c:\documents and settings\all users\Documents

2010-09-03 22:21:25 0 d-----w- c:\program files\common files\ODBC

2010-09-03 22:21:23 0 d-----w- c:\program files\common files\SpeechEngines

==================== Find3M ====================

2010-09-04 05:43:18 21640 ----a-w- c:\windows\system32\emptyregdb.dat

2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll

2010-06-24 12:22:03 916480 ----a-w- c:\windows\system32\wininet.dll

2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys

2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll

2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll

============= FINISH: 16:51:17.45 ===============

logs.zip

Link to post
Share on other sites

Hi,

Download ComboFix from one of these locations:

Link 1

Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them:
    Click me
    If you can't disable them then just continue on.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

whatnext.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.

Link to post
Share on other sites

  • 3 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.