Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Cannot remove certstore.dat + APPCRASH error

  • Please log in to reply
1 reply to this topic

#1 ScottieB


  • Members
  • 3 posts
  • Local time:02:55 PM

Posted 28 April 2010 - 01:16 PM


After a gnarly set of malware and trojans and hijacks,
I used a combo of HiJack This, Spybot SD, AVG Free, RKill, and Malwarebytes to get my computer functional.
Now, it finally boots up to a normal-looking Windows Vista, but I suffer form the following 2 issues:

1) Malwarebytes finds C:\\Windows\System32\certstore.dat

2) I get a Microsoft random error:
Problem Event Name: APPCRASH
Application Name: svchost.exe
Application Version: 6.0.6001.18000
Application Timestamp: 4b18b14e
Fault Module Name: svchost.exe
Fault Module Version: 6.0.6001.18000
Fault Module Timestamp: 4b18b14e
Exception Code: c0000005
Exception Offset: 000019fc
OS Version: 6.0.6001.
Locale ID: 1033
Additional Information 1: e3cf
Additional Information 2: d42237859197873da486d40409b96ff9
Additional Information 3: 49ce
Additional Information 4: f92c4ab1e924b858d3b8926ed7793d80


Other items of importance:
1) My computer: Windows Vista, 32 bit, SP1
This was a built computer from Sweetwater Sounds, used for music recording and such
2) In safe mode, the appcrash does not occur.
3) I did install RKill and Malwarebytes via the Bleeping computer instructions.
4) I used the most up to date versions of all software mentioned
5) I also uninstalled my only background running virus program (AVG) in case that was causing a false (+), but that did nothing.
6) When I use Malwarebytes to remove the certstore.dat, it says it's gone, but shows up again after reboot.
7) What started all this: I got some crazy thing that took over my computer, demanding payment for a court lawsuit of illegal downloading. I also had Antimalware Doctor and Paladin fraud virus crap, Win32.Zbot, Sysguard fraud software


EDIT: Moved from Vista forum to more appropriate Am I Infected ~ Hamluis.

Edited by hamluis, 28 April 2010 - 06:23 PM.

BC AdBot (Login to Remove)


#2 ScottieB

  • Topic Starter

  • Members
  • 3 posts
  • Local time:02:55 PM

Posted 04 May 2010 - 01:24 PM

Here's an update:

After use of a few programs, it's mostly cleared up.

In safe mode, the following programs detect no infection:
* Malwarebytes (paid version)
* Superantispyware (free)
* AVG (free) but doesn't work so great in safe mode
* Spybot Search and Destroy

However, in regular running mode, with Malware bytes running in the background, it's blocking random websites from opening up, but I can't figure out where the infection is.....

Any ideas?

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users