NeonCoffee Posted August 31, 2011 ID:471131 Share Posted August 31, 2011 For the past few days MalwareBytes Anti-Malware Keeps Crashing!I've uninstalled, Reinstalled, and updated.This is a home computer- And the only other software I've had is 'AVG' and that is normal...This is what shows up-Problem signature: Problem Event Name: APPCRASH Application Name: mbam.exe Application Version: 1.51.1.1076 Application Timestamp: 4e0a6f10 Fault Module Name: ntdll.dll Fault Module Version: 6.1.7600.16695 Fault Module Timestamp: 4cc7ab44 Exception Code: c0000005 Exception Offset: 00056ce6 OS Version: 6.1.7600.2.0.0.768.3 Locale ID: 1033 Additional Information 1: e8ad Additional Information 2: e8adce1c2b9e7be834b4063ac3c53863 Additional Information 3: e8ad Additional Information 4: e8adce1c2b9e7be834b4063ac3c53863 Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted August 31, 2011 Root Admin ID:471150 Share Posted August 31, 2011 Please run the following scanner and post back both the logsDownload DDS and save it to your desktophttp://download.bleepingcomputer.com/sUBs/dds.scrDisable any script blocker if your Anti-Virus/Anti-Malware has it.Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.Then double click dds.scr to run the tool.When done, the DDS.txt will open.Click Yes at the next prompt for Optional Scan.When done, DDS will open two (2) logs:DDS.txtAttach.txtSave both reports to your desktopPlease include the following logs in your next reply: DDS.txt and Attach.txt Link to post Share on other sites More sharing options...
NeonCoffee Posted August 31, 2011 Author ID:471154 Share Posted August 31, 2011 DDS.txtAttach.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted August 31, 2011 Root Admin ID:471155 Share Posted August 31, 2011 Why do you have these entries in your hosts file? Did you put them there on purpose?Hosts: 87.106.15.67 play.net-7.orgHosts: 87.106.15.67 local.net-7.orgPleaes FULLY disable these two programs and prevent them from loading when Windows starts.µTorrentFrostWire 4.21.1Also fully disable this one from starting when Windows starts as wellSkype™ 5.3Please uninstall the followingJava Auto UpdaterJava 6 Update 20Fully Disable the services or temporarily uninstall the following Anti-Virus productAVG 2011Now run a FULL DISK CHECK on your system. It should take at least 10 minutes to a couple of hours to run depending on size and speed of the drive and hardware resources.How to Run Check Disk at Startup in Vista or Windows 7After it restarts make sure that AVG 2011 is still disabled and try to update MBAM and do a Full Scan and post back the log from that.Then enable AVG 2011 but make sure you setup the following file exclusions for it.Show Hidden Files and Folders in Windows XP:Click Start and select My ComputerClick the Tools item from the menu at the top of the window (if you don't see Tools press the Alt key on your keyboard and it will appear)Select Folder Options Click the View tab and make sure Show hidden files and folders is selected under Hidden files and foldersNext, uncheck the box next to Hide protected operating system files (Recommended)Then, uncheck the box next to Hide extensions for known filetypesClick Apply then click OKSet Exclusions for Malwarebytes' Anti-Malware in AVG Free 2011 on Windows XP:Open AVG and close the pop-up ad that shows up on the bottom of the screen then double-click on Resident ShieldClick on Tools at the top and select Advanced settings...Click on Excluded Items under Resident ShieldClick on the Add Path button on the rightClick on the + next to My Computer in the Browse For Folder windowClick on the + next to your system drive (usually C:)Click on the + next to Program FilesClick once on the Malwarebytes' Anti-Malware folder so that it is highlighted and click on OKClick on the Add Path button on the rightClick on the + next to My Computer in the Browse For Folder windowClick on the + next to your system drive (usually C:)Click on the + next to Documents and SettingsClick on the + next to Application DataClick once on the Malwarebytes folder so that it is highlighted and click on OKClick on the Add File button on the right and click on My Computer on the leftDouble-click on your system drive (usually C:)Double-click on WindowsScroll to the right until you find the System32 folder and double-click on itDouble-click on the drivers folderScroll to the right until you find mbam.sys and double-click on itClick on the Add File button on the right and scroll to the right until you find mbamswissarmy.sys and double-click on itClick on the Apply button at the bottom of the program window and then click on OKClose the AVG windowReset Hidden Files and Folders in Windows XP:Click Start and select My ComputerClick the Tools item from the menu at the top of the window (if you don't see Tools press the Alt key on your keyboard and it will appear)Select Folder Options Click the View tab and make sure Do not show hidden files and folders is selected under Hidden files and foldersNext, check the box next to Hide protected operating system files (Recommended)Then, check the box next to Hide extensions for known filetypesClick Apply then click OKSet Exclusions for AVG Free 2011 in Malwarebytes' Anti-Malware:Open Malwarebytes' Anti-Malware and click on the Ignore List tabClick on the Add buttonIn the small browse window that opens, navigate to C:\Program Files and click once on AVG and click OKClose Malwarebytes' Anti-Malware Link to post Share on other sites More sharing options...
NeonCoffee Posted August 31, 2011 Author ID:471160 Share Posted August 31, 2011 This was a friends computer-And honestly I don't know what the hosts are..."Hosts: 87.106.15.67 play.net-7.orgHosts: 87.106.15.67 local.net-7.org" Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted August 31, 2011 Root Admin ID:471161 Share Posted August 31, 2011 Well ask him and if he doesn't know then clean out your hosts file to only the default entries.Try the above and let me know how it goes, the system could be infected actually and may require further analysis but we can try this stuff so far. Link to post Share on other sites More sharing options...
NeonCoffee Posted August 31, 2011 Author ID:471298 Share Posted August 31, 2011 It crashed again but I found the problem area,"Runtime ErrorOut of Stack Space"I saw where it crashed prior-So I canned the folder-"C:\Acer\ Acer Tour\web-nl\imagesThen the weird part is it has \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\after the images, I see 15 objects, It says it scanned 76930.The clock of scanning hasn't stopped- The Runtime error is up but the clock continues to count. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted August 31, 2011 Root Admin ID:471364 Share Posted August 31, 2011 This really looks like more going on here and as I said possibly an infected computer.We do not do analysis and removal of malware except via the HJT forum or the Help Desk.Please open a new ticket on the Help DeskThen once you have an open ticket post back and let me know and I'll try to locate your ticket and assist you further.Thanks Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 7, 2011 Root Admin ID:473644 Share Posted September 7, 2011 Post closed due to no response Link to post Share on other sites More sharing options...
Recommended Posts