Babylon browser bug Chrome always crashes and IE crashes now and then

Status
Not open for further replies.
Hi 003294,

The log can be found by following these directions:

To view results log:

  • Go to Start - Run and type in eventvwr.msc, and hit enter.
  • When Event Viewer opens, click on "Application", then scroll down to "Winlogon" and double-click on it to open it up.
  • This is the log created after running chkdsk. Click on the icon that looks like two pieces of paper to copy it and then paste it here please.
=========================
 
When event viewer open I get option for 'application and service logs' not an option for 'application' on its own. I can't see winlogon anywhere. If I search 'winlogon' via find it I get exactly the same text as above
 
I think this is it

- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
<EventID Qualifiers="16384">1001</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-11-02T22:14:37.000000000Z" />
<EventRecordID>26780</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>YR-PC</Computer>
<Security />
</System>
- <EventData>
<Data>Checking file system on C: The type of the file system is NTFS. Volume label is System. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 3)... 202240 file records processed. File verification completed. 294 large file records processed. 0 bad file records processed. 0 EA records processed. 43 reparse records processed. CHKDSK is verifying indexes (stage 2 of 3)... 248180 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 3)... 202240 file SDs/SIDs processed. Cleaning up 297 unused index entries from index $SII of file 0x9. Cleaning up 297 unused index entries from index $SDH of file 0x9. Cleaning up 297 unused security descriptors. Security descriptor verification completed. 22971 data files processed. CHKDSK is verifying Usn Journal... 36391248 USN bytes processed. Usn Journal verification completed. Windows has checked the file system and found no problems. 361897983 KB total disk space. 34657216 KB in 93724 files. 90412 KB in 22972 indexes. 0 KB in bad sectors. 316651 KB in use by the system. 65536 KB occupied by the log file. 326833704 KB available on disk. 4096 bytes in each allocation unit. 90474495 total allocation units on disk. 81708426 allocation units available on disk. Internal Info: 00 16 03 00 e3 c7 01 00 33 7b 03 00 00 00 00 00 ........3{...... 4d 01 00 00 2b 00 00 00 00 00 00 00 00 00 00 00 M...+........... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Windows has finished checking your disk. Please wait while your computer restarts.</Data>
</EventData>
</Event>
 
Hi 003294,

That's good. A little hard to read in that format, but it gave me the information I was looking for.

This doesn't appear to be a malware issue, but something related to system files since it happens if you are on the net or opening documents.

How is the computer running?

Let's try SFC again and see if we can get it to complete the scan.

System File Checker (SFC)
  • Click on the Start button and in the Search programs and files box type the following:
    • command
  • Don't press Enter, just let the search results populate above.
  • In the search results, locate the Programs section.
  • Locate the Command Prompt shortcut and right-click on it.
  • Select Run as administrator.
  • Click Yes on the User Account Control window that appears.
  • Important: If you are see a User Account Control window but also a message that says To continue, type an administrator password, and then click Yes, then your user account must be a standard account, not an administrator account. Before you can click Yes and open an elevated command prompt, you'll need to type the password of another user on your Windows 7 computer that has administrator level privileges.
  • Note: You will not see this window at all if your User Account Control settings are turned all the way down. See How To Disable User Account Control in Windows 7 for more information.
  • An elevated Command Prompt window will appear.
    • Type: sfc /scannow (There's a space between sfc and /scannow.) , then hit Enter
  • After the scan runs type exit to close the command prompt window
=========================

In your next post please provide the following:
  • Did SFC complete the scan?
  • Update on performance
 
scan completed mega quick this time but my laptop is still really slow after 10 minutes of it being on. As for the laptop spec asked for in earlier post it is below.

2.2ghz pentium processor
4g ram
Windows 7
500gb hard drive
 
Hi 003294,

  1. Can you tell me the Make & Model of the laptop?
  2. Do you know what program is MCCI? ([2013/01/14 20:04:09 | 000,092,064 | ---- | C] (MCCI) -- C:\Users\YR\mqdmmdm.sys)
  3. What about this file, any ideas what it's related to? ([2013/01/14 20:09:04 | 000,007,201 | ---- | C] () -- C:\Users\YR\1358190544-(null))
  4. When did you first notice the problem (approximate date)
=========================

Show Hidden Files & Folders in Windows 7
  • To show hidden files, just click on the Organize button in any folder, and then select “Folder and Search Options” from the menu.
  • Click the View tab, and then you should select “Show hidden files and folders” in the list.
  • Then click OK.
=========================

VirusTotal

Please go to: VirusTotal

virustotal2-SWI.png


  • Click the Browse button and search for the following files:
    • C:\Users\YR\mqdmmdm.sys
    • C:\Users\YR\1358190544-(null)
  • Click Open
  • Then click Send File
  • Please be patient while the file is scanned.
  • Once the scan results appear, please provide them in your next reply.
If it says already scanned -- click "reanalyze now"

=========================

In your next post please provide the following:
  • Answers to questions asked.
  • VirusTotal results
 
Fujitsu siemens, lifebook ah531 x64
MCCI? I haven't got a clue what this is?
C:\Users\YR\1358190544-(null)) again I am unsure what this is?

The laptop was running great after the very first fix you asked me to run, after that it gradually got worse and it got worse after combofix
 
No, Im still having issues with laptop crashing after 10 minutes from bootup especially when browsing. For 10 minutes it was like a brand new machine super quick and does all tasks as required then it has a serious go slow and I can't figure it out.?
 
Hi,

Reboot in Safe Mode using the F8 Method:

  • Restart your computer.
  • When the computer starts you will see your computer's hardware being listed. When you see this information start to gently tap the F8 key repeatedly until you are presented with the Windows 7 Advanced Boot Options.
  • Select the Safe Mode with Networking option using the arrow keys.
  • Then press the enter key on your keyboard to boot into Windows 7 Safe Mode.
  • When Windows starts you will be at a typical logon screen. Logon to your computer and Windows 7 will enter Safe mode.
=========================

Then try and scan those files with VirusTotal.
 
I scanned both files with virus total and it said 'This file was already analysed by VirusTotal on 2010-05-27 21:47:38.

Detection ratio: 0/41

You can take a look at the last analysis or analyse it again now.
 
Hi 003294,

I scanned both files with virus total and it said 'This file was already analysed by VirusTotal on 2010-05-27 21:47:38.

Detection ratio: 0/41

You can take a look at the last analysis or analyse it again now.
Click to expand...

OCD said:
Hi 003294,

VirusTotal

Please go to: VirusTotal

virustotal2-SWI.png


  • Click the Browse button and search for the following files:
    • C:\Users\YR\mqdmmdm.sys
    • C:\Users\YR\1358190544-(null)
  • Click Open
  • Then click Send File
  • Please be patient while the file is scanned.
  • Once the scan results appear, please provide them in your next reply.
If it says already scanned -- click "reanalyze now" < --- IMPORTANT

=========================
Click to expand...

Did you reanalyze the files?
 
Last edited:
I have re-analysed and the C:\Users\YR\mqdmmdm.sys is motorola usb modem which was pre-installed on laptop when i purchased it


C:\Users\YR\1358190544-(null) on the other hand


MD5 b84c33e9eb112bfe932fc19408efc15c

SHA1 21a925e7be56546c37ceddad5e24ccc4611a5866

SHA256 da5ce09663caf9773afd4c51793b1e959798d7029254d70838a5bde44e7bce9d


ssdeep

96:cJn78eQfhPQPpT1+1HyqcZSrQzMZajvkp5q/1PytN28VDtvfoHk:cJn78eQfhIxxEHyqcZSr75q/8xck


File size 7.0 KB ( 7201 bytes )

File type Text


Magic literal

ASCII text, with CRLF line terminators





TrID

Unknown!



 VirusTotal metadata


First submission 2009-06-16 17:18:42 UTC ( 4 years, 4 months ago )

Last submission 2013-11-11 16:16:51 UTC ( 1 minute ago )




File names

1358190544-(null)

In safe mode the laptop works great, no freezing it works like it should do. Its just in normal mode it keeps playing up.
 
Hi 003294,

In safe mode the laptop works great, no freezing it works like it should do. Its just in normal mode it keeps playing up.
Click to expand...

We have removed all the malware, and your system files appear to be in good shape. Let's try and restore back to before the issue began. But unfortunately, since we ran ComboFix Uninstaller (which removes old restore points) there may not be many restore points to select from. If no suitable restore points are available, skip this step.

Go to Start > All Programs > Accessories > System Tools > System Restore







=========================

MiniToolBox

Please download MiniToolBox, save it to your desktop and run it.
Right click and select "Run as Administrator".

Check-mark the following check-boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

=========================

Farbar Service Scanner

Please download Farbar Service Scanner and save it to your desktop.
  • Right click and select "Run as Administrator"
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
=========================

In your next post please provide the following:
  • System Restore results
  • Result.txt
  • FSS.txt
  • Any change in performance
 
This thread has been closed due to inactivity. If it has been three days or more since your last post it will not be re-opened.

If you still require help, please start a new topic and include fresh DDS and aswMBR logs, along with a link to your previous thread.

Please do not add any logs that might have been requested previously, you would be starting fresh.

Applies only to the original poster, anyone else with similar problems please start your own topic.
-------------------------------------
Admin edit

Thank you OCD. :)

Second topic closed: http://forums.spybot.info/showthrea...me-always-crashes-and-IE-crashes-now-and-then
 
Status
Not open for further replies.
Back
Top