Jump to content

Recommended Posts

any updates on this one?? having the same problem on a work computer where i am unable to install/diagnose easily... i have never had problems with viruses/spyware (since i cleaned it out when started i using this pos), even on my pc at home and do not believe there is any threat on here currently, but not being able to 'full scan' with mb is scary!

Link to post
Share on other sites

  • Root Admin

Sorry I did not have this topic set to watch. I've had to rebuild my system and I don't currently have the right tools installed to properly look at the dump file but an initial scan with other tools does not show an immediate cause.

Please run the following scanner and post back the logs.

Download
DDS
and save it to your desktop

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click
dds.scr
to run the tool.

When done, the
DDS.txt
will open.

Click Yes at the next prompt for Optional Scan.


    When done, DDS will open two (2) logs:

  1. DDS.txt

  2. Attach.txt

  • Save both reports to your desktop
  • Please include the following logs in your next reply:
    DDS.txt
    and
    Attach.txt

Link to post
Share on other sites

  • Root Admin

Please try the following.

STEP 01

You may have corrupted files on your disk. Please try running the following.

Click on START - RUN and copy / paste the following entry into the box and click OK

CMD /C ECHO Y|CHKDSK C: /R 

Then restart your computer and it should run for a little while and check all the sectors on the drive.

If it does not run a disk check on reboot please let me know.

STEP 02

Please try downloading and installing the following update from Microsoft.

Service Pack 6 for Visual Basic 6.0: Run-Time Redistribution Pack (vbrun60sp6.exe)

Brief Description:

vbrun60sp6.exe is a self-extracting executable file that installs versions of the Microsoft Visual Basic run-time files required by all applications created with Visual Basic 6.0.

Download: vbrun60sp6.exe

There is also a cumulative update for VB6 located here: Microsoft Visual Basic 6.0 Service Pack 6 Cumulative Update

STEP 03

Disable the uTorrent program from running for now.

STEP 04

Please do the following:

  • Download and run mbam-clean.exe from here
  • It will ask to restart your computer, please allow it to do so very important
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
    • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
      Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.

STEP 05

Try running another scan and let us know the results or post back the logs if it runs okay this time.

Thanks

Link to post
Share on other sites

Hello DaveXNet,

Let's Create a process Monitor log.

Create a Process Monitor Log:

  • Create a new folder on your desktop called Logs
  • Please download Process Monitor from here and save it to your desktop
  • Double-click on Procmon.exe to run it
  • In Process Monitor, click on File at the top and select Backing Files...
  • Click the circle to the left of Use file named: and click the ... button
  • Browse to the Logs folder you just created and type MBAM Log in the File name: box and click Save
  • Exit Process Monitor and open it again so that it starts creating the logs
  • Re-Create the issue.
  • Close Process Monitor
  • Right-click on the Logs folder on your desktop and hover your mouse over Send To and select Compressed (zipped) Folder
  • Please attach the Logs.zip file you just created to your next reply

Thank you!

Link to post
Share on other sites

Hello DaveXNet,

Let's Create a process Monitor log.

Create a Process Monitor Log:

  • Create a new folder on your desktop called Logs
  • Please download Process Monitor from here and save it to your desktop
  • Double-click on Procmon.exe to run it
  • In Process Monitor, click on File at the top and select Backing Files...
  • Click the circle to the left of Use file named: and click the ... button
  • Browse to the Logs folder you just created and type MBAM Log in the File name: box and click Save
  • Exit Process Monitor and open it again so that it starts creating the logs
  • Re-Create the issue.
  • Close Process Monitor
  • Right-click on the Logs folder on your desktop and hover your mouse over Send To and select Compressed (zipped) Folder
  • Please attach the Logs.zip file you just created to your next reply

Thank you!

Hello procmon fails to start. It gives an error box with the message, "unable to load process monitor device driver".

According to http://technet.microsoft.com/en-us/sysinternals/bb896645 it needs XP sp2 or higher. (I have Win2k sp4).

I'll have a look round to see if I can find an older version of procmon. I'm sure I had one from a couple of years ago somewhere...

Link to post
Share on other sites

Ok, evidently the download states it's Windows 2000 compatible but it is not. My apologies, it is missing a .dll that is with Windows XP. Unfortunately that .dll is no longer support by Microsoft. To make a short story long, my apologies; I have a substitute. :)

If this occurs again let's get a full crash dump of MBAM.

Replicate the Crash, and then do the BELOW Directions. Do not close any of the dialog boxes (MBAM or the Windows Error)

To create a userdump on Windows XP/2003, please do the following:

You must first reproduce the issue and get the software to pop up with an error message. You must not close the error message. Instead, leave it open until you have created the userdump.

1. Download and extract the Microsoft Userdump Utility

userdump001-300x183.png

2. After the utility is installed, identify the PID (Process ID) of the process of which you need to create the userdump:

* Open Windows Task Manager (Ctrl-Alt-Del);

* Go to the Processes tab;

* Go to View -> Select Columns:

userdump003-300x384.png

* Check PID (Process Identifier):

userdump004-300x384.png

* Next to the Image Name, you will see PID:

userdump005-300x384.png

The PID is MBAM.exe

3. Once you have noted down the PID of the process, open Windows Command Line (Start-Run -> cmd) and navigate to the userdump.exe file by issuing the following command:

Windows 32 bit: cd /d C:\kktools\userdump8.1\x86

Windows 64 bit: cd /d C:\kktools\userdump8.1\x64

4. Then issue the following command:

Userdump xxxx

where xxxx is the PID that you have noted down previously.

In the C:\kktools\userdump8.1\xxx folder, you will see a PROCCESSNAME.dmp. For example, Agent.dmp

5. ZIP the dump file;

6. Upload the dump file to RapidShare and post the link in your response Please.

Thank you!

Link to post
Share on other sites

OK Mainard,

I'll keep an eye on it - and if I can reproduce, I'll gather the dump.

Dave

I am unable to get the dump the way you asked for.

The message box comes up saying there was a problem and within 3 seconds it's gone,

mbam.exe is no longer running, no time to issue the command to get the dump.

The utility you mentioned gives you the option to monitor the task and it

will capture the dump when it crashes. This worked, but the dump was 100MB,

almost exactly the same size as it was before I installed the utility and Drwatson

created the dump.

Sometimes it crashes and sometimes it works even on identical runs (no update in between).

Could it be sensitive to memory timing? I don't have a problem anywhere else

(that I'm aware of).

Link to post
Share on other sites

Hello davexnet,

Are you able to replicate the crash while in safe mode?

Please let me know if safe mode still has the crash occur.

How to Boot in Safe Mode:

  • Restart your computer.
  • When the Boot menu appears, press F8.
  • Under the boot options select 'Safe Mode'

Thank you!

Link to post
Share on other sites

Hello dave,

Lets run the SFC scannow tool.

This tool will require you to have your Windows 2000 CD.

Please click on Start->Run.

Type inside the run box:

sfc.exe /scannow

Please let me know if you have that CD so you can then check the integrity of the files within your system.

Thank you!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.