Jump to content

Malwarebytes Anti-Malware has stopped working


Recommended Posts

Welcome randymarsh09 -

Please reinstall the program as directed below - Select your Operating System to suit tbe instructions -

To Fully Remove and Reinstall a Fresh New Copy of Malwarebytes - Read Carefully

Windows XP:

  • Click on Start and select Control Panel
  • Open Add/Remove Programs
  • Uninstall Malwarebytes' Anti-Malware
  • Restart your computer very important !
  • Download and run mbam-clean.exe from here

It will ask to restart your computer, please allow it to do so, very important

After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here

Note: You will need to reactivate the program using the license you were sent via email if using the Pro version only -

Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.

Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask me and I'll explain how to do it.

Windows Vista and Windows 7:

  • Click on the Start button and select Control Panel
  • Click on Programs and Features
  • Uninstall Malwarebytes' Anti-Malware
  • Restart your computer very important !
  • Download and run mbam-clean.exe from here

It will ask to restart your computer, please allow it to do so, very important

After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here

Note: You will need to reactivate the program using the license you were sent via email if using the Pro version only

Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.

Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now reset any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications.

You may use the guides posted in the FAQ's here or ask me and I'll explain how to do it.

Thank You - :)

Link to post
Share on other sites

Exclude Malwarebytes' Anti-Malware's Files and Folders From Other Active Security Programs:

For Windows XP:

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll

C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll

C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

C:\Windows\System32\drivers\mbam.sys

C:\Windows\System32\drivers\mbamswissarmy.sys

For Windows Vista or Windows 7:

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll

C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll

C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

C:\Windows\System32\drivers\mbam.sys

C:\Windows\System32\drivers\mbamswissarmy.sys

For 64 bit versions of Windows Vista or Windows 7:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\zlib.dll

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

C:\Windows\System32\drivers\mbam.sys

C:\Windows\SysWoW64\drivers\mbamswissarmy.sys

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude MBAM.EXE from it as well

Link to post
Share on other sites

Greetings :)

If the above does not resolve the problems then please do the following:

Run a Disk Check on your C: drive in Windows Vista or Windws 7:

  • Click the Start vista-7-start.png button and select Computer
  • Right-click on C: and select Properties
  • Click on the Tools tab
  • Under Error-checking click the Check Now... button and click Continue at the User Account Control prompt
  • Mark the box next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
  • When the message box pops up, click the Schedule disk check button and restart your computer
  • Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so

Repeat the process for all of the hard drives in your computer.

Note: Checking the other hard drives will not require a restart.

Please post back with your results.

Thanks :)

Link to post
Share on other sites

  • 3 weeks later...
  • 3 weeks later...

I have no problem with avast! V5.0.545

What is your operating system and Service Pack level and how much RAM does the system have?

Link to post
Share on other sites

Post Event Logs:

  • Please download VEW by Vino Rosso from here and save it to your desktop
  • Double click it to start it Note: If running Windows Vista or Windows 7 you will need to right click the file and select Run as administrator and click Continue or Allow at the User Account Control Prompt.
  • Click the check boxes next to Application and System located under Select log to query on the upper left
  • Under Select type to list on the right, click the boxes next to Error and Warning Note: If running Windows Vista or Windows 7 also click the box next to Critical (not XP).
  • Under Number or date of events select Number of events and type 20 in the box next to 1 to 20 and click Run
  • Once it finishes it will display a log file in notepad
  • Please copy and paste its entire contents into your next reply

Thanks :)

Link to post
Share on other sites

Post Event Logs:

  • Please download VEW by Vino Rosso from here and save it to your desktop
  • Double click it to start it Note: If running Windows Vista or Windows 7 you will need to right click the file and select Run as administrator and click Continue or Allow at the User Account Control Prompt.
  • Click the check boxes next to Application and System located under Select log to query on the upper left
  • Under Select type to list on the right, click the boxes next to Error and Warning Note: If running Windows Vista or Windows 7 also click the box next to Critical (not XP).
  • Under Number or date of events select Number of events and type 20 in the box next to 1 to 20 and click Run
  • Once it finishes it will display a log file in notepad
  • Please copy and paste its entire contents into your next reply

Thanks :P

I'm getting this error message when I run that.

15ed3t1.png

Link to post
Share on other sites

Vino's Event Viewer v01c run on Windows 2008 in English

Report run at 05/06/2010 19:15:48

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 05/06/2010 17:47:47

Type: Error Category: 0

Event: 0 Source: pctsSvc.exe

The event description cannot be found.

Log: 'Application' Date/Time: 05/06/2010 17:44:26

Type: Error Category: 0

Event: 11706 Source: MsiInstaller

Product: Ask Toolbar -- Error 1706.No valid source could be found for product Ask Toolbar. The Windows Installer cannot continue.

Log: 'Application' Date/Time: 05/06/2010 17:35:10

Type: Error Category: 0

Event: 8194 Source: VSS

Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process.

Operation:

Gathering Writer Data

Context:

Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

Writer Name: System Writer

Writer Instance ID: {440112a2-ccc4-4993-80c3-30a6e557815c}

Log: 'Application' Date/Time: 05/06/2010 16:35:06

Type: Error Category: 1

Event: 100 Source: CVHSVC

Information only. The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Log: 'Application' Date/Time: 05/06/2010 16:26:24

Type: Error Category: 0

Event: 10 Source: Microsoft-Windows-WMI

Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Error Category: 11

Event: 3037 Source: Application Virtualization Client

{tid=B3C}

The Application Virtualization Client cannot open OfficeVirt 2014006204090000

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Error Category: 1

Event: 100 Source: CVHSVC

Information only. The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Error Category: 1

Event: 100 Source: CVHSVC

Information only. Product registration is corrupted for {20140062-0062-0409-0000-0000000FF1CE}

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Error Category: 1

Event: 100 Source: CVHSVC

Information only. Error: Product {20140062-0062-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Error Category: 1

Event: 100 Source: CVHSVC

Information only. Product registration is corrupted for {20140062-0062-0409-0000-0000000FF1CE}

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Error Category: 1

Event: 100 Source: CVHSVC

Information only. Error: Product {20140062-0062-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Error Category: 1

Event: 100 Source: CVHSVC

Information only. Product registration is corrupted for {20140062-0062-0409-0000-0000000FF1CE}

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Error Category: 1

Event: 100 Source: CVHSVC

Information only. Error: Product {20140062-0062-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Log: 'Application' Date/Time: 05/06/2010 14:35:18

Type: Error Category: 0

Event: 59 Source: SideBySide

Activation context generation failed for "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll".Error in manifest or policy file "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll" on line 2. Invalid Xml syntax.

Log: 'Application' Date/Time: 05/06/2010 14:33:32

Type: Error Category: 0

Event: 63 Source: SideBySide

Activation context generation failed for "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Log: 'Application' Date/Time: 05/06/2010 14:33:16

Type: Error Category: 0

Event: 33 Source: SideBySide

Activation context generation failed for "C:\Program Files\EgisTec\MyWinLocker 3\x64\mwlDaemon.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.

Log: 'Application' Date/Time: 05/06/2010 14:33:02

Type: Error Category: 0

Event: 59 Source: SideBySide

Activation context generation failed for "C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll".Error in manifest or policy file "C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll" on line 2. Invalid Xml syntax.

Log: 'Application' Date/Time: 05/06/2010 14:33:01

Type: Error Category: 0

Event: 33 Source: SideBySide

Activation context generation failed for "C:\Program Files\EgisTec\MyWinLocker 3\x64\mwlCCPSD.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.

Log: 'Application' Date/Time: 05/06/2010 14:32:57

Type: Error Category: 0

Event: 33 Source: SideBySide

Activation context generation failed for "C:\Program Files\EgisTec\MyWinLocker 3\x64\mwlRF.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.

Log: 'Application' Date/Time: 05/06/2010 14:32:56

Type: Error Category: 0

Event: 33 Source: SideBySide

Activation context generation failed for "C:\Program Files\EgisTec\MyWinLocker 3\x64\mwlTBMNGR.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 05/06/2010 18:10:56

Type: Warning Category: 0

Event: 12348 Source: VSS

Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{83a6fc22-4837-11df-8d1e-001f16f326d3}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:

Removing auto-release shadow copies

Loading provider

Context:

Execution Context: System Provider

Log: 'Application' Date/Time: 05/06/2010 18:00:26

Type: Warning Category: 0

Event: 12348 Source: VSS

Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{83a6fc22-4837-11df-8d1e-001f16f326d3}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:

Removing auto-release shadow copies

Loading provider

Context:

Execution Context: System Provider

Log: 'Application' Date/Time: 05/06/2010 17:44:35

Type: Warning Category: 0

Event: 12348 Source: VSS

Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{83a6fc22-4837-11df-8d1e-001f16f326d3}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:

Removing auto-release shadow copies

Loading provider

Context:

Execution Context: System Provider

Log: 'Application' Date/Time: 05/06/2010 17:38:39

Type: Warning Category: 0

Event: 12348 Source: VSS

Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{83a6fc22-4837-11df-8d1e-001f16f326d3}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:

Removing auto-release shadow copies

Loading provider

Context:

Execution Context: System Provider

Log: 'Application' Date/Time: 05/06/2010 17:35:03

Type: Warning Category: 0

Event: 12348 Source: VSS

Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{83a6fc22-4837-11df-8d1e-001f16f326d3}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:

Removing auto-release shadow copies

Loading provider

Context:

Execution Context: System Provider

Log: 'Application' Date/Time: 05/06/2010 16:35:06

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Error: verion has fewer then two or more than four components Type: 29::InvalidArgument. Stopping task (Patch task for {20140062-0062-0409-0000-0000000FF1CE}) because of fatal error.

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Error: Virtual app registration is corrupted. Rerun bootstrapper. [softGrid Error: 0x0000000000000a09 in Module: Core, File: swappmgr.cpp:2072] Type: 96::SoftGridApplicationFailure. Stopping task (Stream product id=0x0062) because of fatal error.

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [softGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:872]

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Error: verion has fewer then two or more than four components Type: 29::InvalidArgument. Stopping task (PatchApply task for {20140062-0062-0409-0000-0000000FF1CE}) because of fatal error.

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [softGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:872]

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [softGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:872]

Log: 'Application' Date/Time: 05/06/2010 16:25:06

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [softGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:872]

Log: 'Application' Date/Time: 05/06/2010 16:25:05

Type: Warning Category: 6

Event: 3057 Source: Application Virtualization Client

{tid=B40}

The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.0.551 Install Path: C:\Program Files\Microsoft Application Virtualization Client Global Data Directory: C:\Users\Public\Documents\ Machine Name: ALANNESBITT-PC Operating System: Windows 7 32-bit Service Pack 0.0 Build 7600 OSD Command: no association specified

Log: 'Application' Date/Time: 05/06/2010 16:24:55

Type: Warning Category: 3

Event: 3191 Source: Application Virtualization Client

{tid=B40}

-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 05/06/2010 14:38:47

Type: Warning Category: 0

Event: 12348 Source: VSS

Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{83a6fc22-4837-11df-8d1e-001f16f326d3}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:

Removing auto-release shadow copies

Loading provider

Context:

Execution Context: System Provider

Log: 'Application' Date/Time: 05/06/2010 12:58:10

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Error: verion has fewer then two or more than four components Type: 29::InvalidArgument. Stopping task (Patch task for {20140062-0062-0409-0000-0000000FF1CE}) because of fatal error.

Log: 'Application' Date/Time: 05/06/2010 12:48:11

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Error: Virtual app registration is corrupted. Rerun bootstrapper. [softGrid Error: 0x0000000000000a09 in Module: Core, File: swappmgr.cpp:2072] Type: 96::SoftGridApplicationFailure. Stopping task (Stream product id=0x0062) because of fatal error.

Log: 'Application' Date/Time: 05/06/2010 12:48:10

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [softGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:872]

Log: 'Application' Date/Time: 05/06/2010 12:48:10

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Error: verion has fewer then two or more than four components Type: 29::InvalidArgument. Stopping task (PatchApply task for {20140062-0062-0409-0000-0000000FF1CE}) because of fatal error.

Log: 'Application' Date/Time: 05/06/2010 12:48:10

Type: Warning Category: 1

Event: 100 Source: CVHSVC

Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [softGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:872]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 02/06/2010 14:59:12

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/05/2010 15:12:34

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/05/2010 13:25:38

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 11/05/2010 22:08:09

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 11/05/2010 21:48:03

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 10/05/2010 17:01:39

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 10/05/2010 01:21:41

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 09/05/2010 19:26:04

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 05/05/2010 21:31:09

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 03/05/2010 20:57:18

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 02/05/2010 23:51:15

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 01/05/2010 18:35:40

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 23/04/2010 21:35:43

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 16/04/2010 18:44:55

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 03/06/2010 16:30:42

Type: Error Category: 0

Event: 8003 Source: bowser

The master browser has received a server announcement from the computer ANONYMOUS that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7B14D5A7-DDFF-4790-BD64-01902DE1. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 03/06/2010 16:12:35

Type: Error Category: 0

Event: 8003 Source: bowser

The master browser has received a server announcement from the computer ANONYMOUS that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7B14D5A7-DDFF-4790-BD64-01902DE1. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 03/06/2010 15:40:00

Type: Error Category: 0

Event: 8003 Source: bowser

The master browser has received a server announcement from the computer ANONYMOUS that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7B14D5A7-DDFF-4790-BD64-01902DE1. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 02/06/2010 14:59:23

Type: Error Category: 0

Event: 6008 Source: EventLog

The previous system shutdown at 3:57:45 PM on ?6/?2/?2010 was unexpected.

Log: 'System' Date/Time: 29/05/2010 18:06:11

Type: Error Category: 0

Event: 7007 Source: Service Control Manager

The system reverted to its last known good configuration. The system is restarting....

Log: 'System' Date/Time: 29/05/2010 18:06:00

Type: Error Category: 0

Event: 4 Source: sptd

Driver detected an internal error in its data structures for .

Log: 'System' Date/Time: 29/05/2010 18:05:24

Type: Error Category: 0

Event: 7007 Source: Service Control Manager

The system reverted to its last known good configuration. The system is restarting....

Log: 'System' Date/Time: 29/05/2010 18:05:13

Type: Error Category: 0

Event: 4 Source: sptd

Driver detected an internal error in its data structures for .

Log: 'System' Date/Time: 29/05/2010 18:04:27

Type: Error Category: 0

Event: 7007 Source: Service Control Manager

The system reverted to its last known good configuration. The system is restarting....

Log: 'System' Date/Time: 29/05/2010 18:04:14

Type: Error Category: 0

Event: 4 Source: sptd

Driver detected an internal error in its data structures for .

Log: 'System' Date/Time: 27/05/2010 13:36:54

Type: Error Category: 0

Event: 6008 Source: EventLog

The previous system shutdown at 2:31:03 PM on ?5/?27/?2010 was unexpected.

Log: 'System' Date/Time: 26/05/2010 13:51:15

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The AMD External Events Utility service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 26/05/2010 13:51:15

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the AMD External Events Utility service to connect.

Log: 'System' Date/Time: 26/05/2010 12:30:29

Type: Error Category: 42

Event: 43029 Source: atikmdag

Display is not active

Log: 'System' Date/Time: 26/05/2010 12:30:29

Type: Error Category: 51

Event: 52236 Source: atikmdag

CPLIB :: General - Invalid Parameter

Log: 'System' Date/Time: 25/05/2010 22:56:01

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 25/05/2010 22:56:01

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Log: 'System' Date/Time: 25/05/2010 15:47:13

Type: Error Category: 42

Event: 43029 Source: atikmdag

Display is not active

Log: 'System' Date/Time: 25/05/2010 15:47:13

Type: Error Category: 51

Event: 52236 Source: atikmdag

CPLIB :: General - Invalid Parameter

Log: 'System' Date/Time: 25/05/2010 15:22:27

Type: Error Category: 42

Event: 43029 Source: atikmdag

Display is not active

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 05/06/2010 16:24:56

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 05/06/2010 14:55:33

Type: Warning Category: 0

Event: 27 Source: e1yexpress

Intel® 82567V-2 Gigabit Network Connection Link has been disconnected.

Log: 'System' Date/Time: 05/06/2010 14:34:22

Type: Warning Category: 0

Event: 27 Source: e1yexpress

Intel® 82567V-2 Gigabit Network Connection Link has been disconnected.

Log: 'System' Date/Time: 05/06/2010 12:48:06

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 04/06/2010 22:47:54

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name www.tinypic.ca timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 04/06/2010 22:43:41

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 04/06/2010 22:41:20

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 04/06/2010 22:27:14

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 04/06/2010 21:06:04

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name www.myfmcv.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 04/06/2010 21:00:05

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 04/06/2010 14:20:31

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 04/06/2010 08:37:41

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 03/06/2010 21:21:49

Type: Warning Category: 0

Event: 27 Source: e1yexpress

Intel® 82567V-2 Gigabit Network Connection Link has been disconnected.

Log: 'System' Date/Time: 03/06/2010 20:59:48

Type: Warning Category: 0

Event: 27 Source: e1yexpress

Intel® 82567V-2 Gigabit Network Connection Link has been disconnected.

Log: 'System' Date/Time: 03/06/2010 20:31:20

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 03/06/2010 10:24:42

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name www.ssdownloads.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 03/06/2010 09:44:01

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 03/06/2010 09:26:16

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 03/06/2010 09:10:47

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 02/06/2010 23:30:17

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Link to post
Share on other sites

That's a lot of errors, but none related to MBAM unfortunately :P.

Please do the following so I can get a bit more info as to what's running on your system:

Create an Autoruns Log:

  • Please download Sysinternals Autoruns from here and save it to your desktop.
    • Note: If using Windows Vista or Windows 7 then you also need to do the following:
      1. Right-click on Autoruns.exe and select Properties
      2. Click on the Compatibility tab
      3. Under Privilege Level check the box next to Run this program as an administrator
      4. Click on Apply then click OK

    [*]Double-click Autoruns.exe to run it.

    [*]Once it starts, please press the Esc key on your keyboard.

    [*]Now that scanning is stopped, click on the Options button at the top of the program and select Verify Code Signatures

    [*]Once that's done press the F5 key on your keyboard, this will start the scan again, this time let it finish.

    [*]When it's finished, please click on the File button at the top of the program and select Save and save the Autoruns.arn file to your desktop and close Autoruns.

    [*]Right click on the Autoruns.arn file on your desktop and hover your mouse over Send To and select Compressed (zipped) Folder

    [*]Attach the Autoruns.zip folder you just created to your next reply

Thanks :)

Link to post
Share on other sites

  • 4 years later...

Hi:

Excellent Noknojon - have been trying to get MWB working for a week. It wouldn't even load. I uninstalled using Revo, but no difference. The MWB clean file you suggested obviously got rid of whatever was blocking it as my new install worked first time. Thanks

 
Welcome, @jonrichco:
 
This forum topic is over 4 years old!
That's "prehistoric" in security software terms. :)
 
We're glad things are working OK for you now.

For future reference (and for others reading this topic), the *current* clean reinstall steps are explained here: MBAM Clean Removal Process 2x
 
And if you have future issues or problems, please start a NEW, SEPARATE topic using the cjfj.png button.
The staff and experts will be able to more easily provide you with individual help to get you up and running.

 

Thanks!

Link to post
Share on other sites

I guess I will add a bit more to my post above. Pity you can't edit.

 

I was concerned about MWB failing to load ("MWB has stopped working" - the nasty window in Win8), as I thought it was very likely caused by a virus or malware. However I ran ESET, Spybot and my regular F-Secure scan all of which tested clean. However until I could get MWB running, I could not be sure. So I am posting this in case others are in a similar position to me. There was obviously something lurking in my registry that stopped the program running, and that even a full uninstall using Revo Unistaller could not remove. However <mbam-clean-2.1.1.1001.exe> got rid of whatever it was in about 2 seconds. See second post on this thread - Noknojon.

Link to post
Share on other sites

Ok daledoc - no need to repost as it is working. But please note that this thread came up second on a Bing search for "malwarebytes anti-malware has stopped working"  the message we get. The top ranked result is irrelevant as it refers to a search that stops in the middle. But thanks for advice. I will look at the date on the thread before my next post!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.