sychost.ese app error
in [Windows XP]
|
From: GMG on 21 Jan 2010 11:34 Event Type: Error Event Source: Application Error Event Category: (100) Event ID: 1000 Date: 1/21/2010 Time: 8:44:54 AM User: N/A Computer: YOUR-F78BF48CE2 Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x0280f7a0. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 41 70 70 6c 69 63 61 74 Applicat 0008: 69 6f 6e 20 46 61 69 6c ion Fail 0010: 75 72 65 20 20 73 76 63 ure svc 0018: 68 6f 73 74 2e 65 78 65 host.exe 0020: 20 35 2e 31 2e 32 36 30 5.1.260 0028: 30 2e 35 35 31 32 20 69 0.5512 i 0030: 6e 20 75 6e 6b 6e 6f 77 n unknow 0038: 6e 20 30 2e 30 2e 30 2e n 0.0.0. 0040: 30 20 61 74 20 6f 66 66 0 at off 0048: 73 65 74 20 30 32 38 30 set 0280 0050: 66 37 61 30 f7a0
From: PA Bear [MS MVP] on 21 Jan 2010 12:51 There is a very good chance that you are seeing the effects of a hijackware infection! NB: If you had no anti-virus application installed or the subscription had expired *when the machine first got infected* and/or your subscription has since expired and/or the machine's not been kept fully-patched at Windows Update, don't waste your time with any of the below: Format & reinstall Windows. A Repair Install will NOT help! Microsoft PCSafety provides home users (only) with no-charge support in dealing with malware infections such as viruses, spyware (including unwanted software), and adware. https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1 Also available via... Consumer Security Support home page https://consumersecuritysupport.microsoft.com/ Otherwise... 1. See if you can download/run the MSRT manually: http://www.microsoft.com/security/malwareremove/default.mspx NB: Run the FULL scan, not the QUICK scan! You may need to download the MSRT on a non-infected machine, then transfer MRT.EXE to the infected machine and rename it to SCAN.EXE before running it. 2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!) in Safe Mode with Networking, if need be: http://onecare.live.com/site/en-us/center/howsafe.htm 2b. Vista or Win7=> Run this scan instead: http://onecare.live.com/site/en-us/center/whatsnew.htm 3. Now run a thorough check for hijackware, including posting requested logs in an appropriate forum, not here. Checking for/Help with Hijackware: � http://mvps.org/winhelp2002/unwanted.htm � http://inetexplorer.mvps.org/tshoot.html � http://www.mvps.org/sramesh2k/Malware_Defence.htm � http://www.elephantboycomputers.com/page2.html#Removing_Malware **Chances are you will need to seek expert assistance in http://spywarehammer.com/simplemachinesforum/index.php?board=10.0, http://www.spywarewarrior.com/viewforum.php?f=5, http://www.dslreports.com/forum/cleanup, http://www.bluetack.co.uk/forums/index.php, http://aumha.net/viewforum.php?f=30 or other appropriate forums.** If these procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a local, reputable and independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop. GMG wrote: > I have been seeing... > > AXWIN Frame Window: sychost.exe app error > > 0x02b7f7ao referenced memory 0x02b7f7ao , could not be written > > OK or cancel to debug > > when I click cancel the computer reboots > > I click OK and the computer freezes with a still active cursor
From: whwtow on 21 Jan 2010 15:36 This started with one of our computers yesterday. The McAfee total protection was up to date, all MS updates current. At the time I began working on this (yesterday afternoon) , there was one related post on Google with no replies. Malwarebytes does not find it. Now there are beginning to be many post on this identical problem, so obviuopsly this virus is spreading. One post metioned "combofix", but I have not tried it yet as I am not familiar with it. Any help is appreciated. "PA Bear [MS MVP]" wrote: > There is a very good chance that you are seeing the effects of a hijackware > infection! > > NB: If you had no anti-virus application installed or the subscription had > expired *when the machine first got infected* and/or your subscription has > since expired and/or the machine's not been kept fully-patched at Windows > Update, don't waste your time with any of the below: Format & reinstall > Windows. A Repair Install will NOT help! > > Microsoft PCSafety provides home users (only) with no-charge support in > dealing with malware infections such as viruses, spyware (including unwanted > software), and adware. > https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1 > > Also available via... > > Consumer Security Support home page > https://consumersecuritysupport.microsoft.com/ > > Otherwise... > > 1. See if you can download/run the MSRT manually: > http://www.microsoft.com/security/malwareremove/default.mspx > > NB: Run the FULL scan, not the QUICK scan! You may need to download the > MSRT on a non-infected machine, then transfer MRT.EXE to the infected > machine and rename it to SCAN.EXE before running it. > > 2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!) > in Safe Mode with Networking, if need be: > http://onecare.live.com/site/en-us/center/howsafe.htm > > 2b. Vista or Win7=> Run this scan instead: > http://onecare.live.com/site/en-us/center/whatsnew.htm > > 3. Now run a thorough check for hijackware, including posting requested logs > in an appropriate forum, not here. > > Checking for/Help with Hijackware: > • http://mvps.org/winhelp2002/unwanted.htm > • http://inetexplorer.mvps.org/tshoot.html > • http://www.mvps.org/sramesh2k/Malware_Defence.htm > • http://www.elephantboycomputers.com/page2.html#Removing_Malware > > **Chances are you will need to seek expert assistance in > http://spywarehammer.com/simplemachinesforum/index.php?board=10.0, > http://www.spywarewarrior.com/viewforum.php?f=5, > http://www.dslreports.com/forum/cleanup, > http://www.bluetack.co.uk/forums/index.php, > http://aumha.net/viewforum.php?f=30 or other appropriate forums.** > > If these procedures look too complex - and there is no shame in admitting > this isn't your cup of tea - take the machine to a local, reputable and > independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop. > > GMG wrote: > > I have been seeing... > > > > AXWIN Frame Window: sychost.exe app error > > > > 0x02b7f7ao referenced memory 0x02b7f7ao , could not be written > > > > OK or cancel to debug > > > > when I click cancel the computer reboots > > > > I click OK and the computer freezes with a still active cursor > > . >
From: PA Bear [MS MVP] on 21 Jan 2010 20:07 Do Steps #1 thru #3 in my previous reply. whwtow wrote: > This started with one of our computers yesterday. The McAfee total > protection was up to date, all MS updates current. At the time I began > working on this (yesterday afternoon) , there was one related post on > Google with no replies. Malwarebytes does not find it. Now there are > beginning to be many post on this identical problem, so obviuopsly this > virus is spreading. One post metioned "combofix", but I have not tried it > yet as I am not familiar with it. Any help is appreciated. > > "PA Bear [MS MVP]" wrote: > >> There is a very good chance that you are seeing the effects of a >> hijackware >> infection! >> >> NB: If you had no anti-virus application installed or the subscription >> had >> expired *when the machine first got infected* and/or your subscription >> has >> since expired and/or the machine's not been kept fully-patched at Windows >> Update, don't waste your time with any of the below: Format & reinstall >> Windows. A Repair Install will NOT help! >> >> Microsoft PCSafety provides home users (only) with no-charge support in >> dealing with malware infections such as viruses, spyware (including >> unwanted software), and adware. >> https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1 >> >> Also available via... >> >> Consumer Security Support home page >> https://consumersecuritysupport.microsoft.com/ >> >> Otherwise... >> >> 1. See if you can download/run the MSRT manually: >> http://www.microsoft.com/security/malwareremove/default.mspx >> >> NB: Run the FULL scan, not the QUICK scan! You may need to download the >> MSRT on a non-infected machine, then transfer MRT.EXE to the infected >> machine and rename it to SCAN.EXE before running it. >> >> 2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan >> (only!) >> in Safe Mode with Networking, if need be: >> http://onecare.live.com/site/en-us/center/howsafe.htm >> >> 2b. Vista or Win7=> Run this scan instead: >> http://onecare.live.com/site/en-us/center/whatsnew.htm >> >> 3. Now run a thorough check for hijackware, including posting requested >> logs in an appropriate forum, not here. >> >> Checking for/Help with Hijackware: >> • http://mvps.org/winhelp2002/unwanted.htm >> • http://inetexplorer.mvps.org/tshoot.html >> • http://www.mvps.org/sramesh2k/Malware_Defence.htm >> • http://www.elephantboycomputers.com/page2.html#Removing_Malware >> >> **Chances are you will need to seek expert assistance in >> http://spywarehammer.com/simplemachinesforum/index.php?board=10.0, >> http://www.spywarewarrior.com/viewforum.php?f=5, >> http://www.dslreports.com/forum/cleanup, >> http://www.bluetack.co.uk/forums/index.php, >> http://aumha.net/viewforum.php?f=30 or other appropriate forums.** >> >> If these procedures look too complex - and there is no shame in admitting >> this isn't your cup of tea - take the machine to a local, reputable and >> independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair >> shop. >> >> GMG wrote: >>> I have been seeing... >>> >>> AXWIN Frame Window: sychost.exe app error >>> >>> 0x02b7f7ao referenced memory 0x02b7f7ao , could not be written >>> >>> OK or cancel to debug >>> >>> when I click cancel the computer reboots >>> >>> I click OK and the computer freezes with a still active cursor >> >> .
From: GMG on 23 Jan 2010 08:46 Jose: I have not had a response from you, since I sent all the info you asked for.
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 Prev: need administrator...but no administrator Next: svchost.exe app error |