Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue Screen - Help Please!


  • Please log in to reply
17 replies to this topic

#1 ssheppard

ssheppard

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 21 October 2014 - 06:33 AM

Hi guys.

I have an issue and can't seem to find any solutions on the web so I hope someone here can help me.

When I start my computer up it will crash within 3 minutes or so, giving me a blue screen that reads exactly this:

"Your PC ran into a problem and needs to restart. We're just collecting some error info, and then we'll restart for you. If you'd like to know more, you can search online later for this error: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (usbmp364.sys)"

It crashes in safe mode also. So I only have 2-3 minutes to do any maintenance necessary before it crashes.

Help with this problem would be much appreciated, as my computer is totally useless at the moment. Thankyou

Edit: Moved topic from Windows 8 to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:41 AM

Posted 21 October 2014 - 08:35 AM

I realize that you have a limited amount of running time, but we need more information.  It would help if you could post the exception code,  Ex.: 0x80000002
 
 
Please download and install Speccy to provide us with information about your computer.  When  FileHippo opens, click on Download latest version in the upper right pane.
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.
 
 

Please download MiniToolBox, save it to your desktop and run it.
 
Checkmark the following checkboxes:
 
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files
 
Click on Go to start the scan.  Once it is finished highlight the text, copy it and paste it in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 ssheppard

ssheppard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 21 October 2014 - 06:27 PM

Hi dc3.

Thanks for the reply. I'll do this once I get home from work tonight.

#4 ssheppard

ssheppard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 22 October 2014 - 12:50 PM

*deleted*


Edited by ssheppard, 22 October 2014 - 05:13 PM.


#5 ssheppard

ssheppard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 22 October 2014 - 12:53 PM

*deleted*


Edited by ssheppard, 22 October 2014 - 05:13 PM.


#6 ssheppard

ssheppard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 22 October 2014 - 01:41 PM

I do have access to another OS via external harddrive if that helps, because I know you can access windows files from it. Seeing as I only have a couple of minutes in windows.

#7 ssheppard

ssheppard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 22 October 2014 - 01:53 PM

Update: Well I just deleted the "usbmp364.sys" file and It's not crashing anymore. Gives me time to clean up atleast

#8 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:41 AM

Posted 22 October 2014 - 01:56 PM

You have the updates and your antivirus disabled.  You need to be running both of these.  There are important security updates which need to be installed.  You are have Utorrent installed, so I can only assume you are downloading torrents.  This is one of the fastest ways I know to become infected.  But doing this without an antivirus is just plain asking for it.

 

Your C: drive only has 28.7GB (7%) free space left.  This is getting close to being problematic.

 

Open Services and make sure the following are set to start automatically.
 
Task Scheduler
 
DCOM Server Process Launcher
 
Remote Call Procedure (RPC)
 
 
Open Windows explorer and navigate to the following file.
 
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking.
 
 Delete all of the files in this folder, the restart your computer.

Can you boot into Safe Mode?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#9 ssheppard

ssheppard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 22 October 2014 - 02:15 PM

I have Malewarebyte Anti-Malware installed and running with real time protection, seems Windows won't recognize it as an antivirus though. Not sure why updates are disabled, I will enable.

 

I do download torrents but I'm very paticular, I won't download anything that looks suspicious and/or hasn't been approved in comments section.

 

Those two services are set to automatic.

 

Would you suggest any programs to help me free up some space?

 

Update: Well I just deleted the "usbmp364.sys" file and It's not crashing anymore. Gives me time to clean up atleast

 

 

Thanks dc3.



#10 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:41 AM

Posted 22 October 2014 - 02:19 PM

Malwarebytes is not an antivirus, it is an antimalware.  You need to have an antivirus.

 

Everything I found related to usbmp364.sys involves computer that are infected.
 
This is enough to make me suspicious enough to suggest run the following scans.

 

Edit:  Added instructions.

 

Please download and run RKill
 
RKill is an easy to use tool that kills known processes and removes Windows Registry entries that stop a user from using their normal security applications.  These settings will remain until the computer is rebooted, for this reason you must run the security application before the computer is rebooted.  
 
Please download RKill and install it.
 
When RKill is run it will display a console screen similar to the one below:
 
RKill_zps2e34d4b8.png
 
When RKill has finished running a log will be displayed showing all of the processes that were terminated by RKill.
 
Attention:  At this time you need to run your security applications listed below.
 
While RKill is running you may see a message from the malware stating that the program could not be run because it is a virus or is infected.  This is the malware trying to protect itself.  Two methods that you can try to get past this and allow RKill to run are:
 
1)  Rename Rkill so that it has a .com extension.
 
2)  Download a version that is already renamed as files that are commonly white-listed by malware. The main Rkill download page contains individual links to renamed versions.  
 
After the application has run successfully you should reboot the computer to restore the processes and Windows Registry entries.

 
Please run the following scans.  These scans can not be run in the Windows forums, so I will request that this topic be moved to the Am I Infected forum.

Please run Malwarebytes AntiMalware

 
Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
malwarerun_zps9abd4ef1.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.
 
 
Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
tdss1_zps90132559.png
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
tdsskillermultiple_zps472c18eb.png
 
3.  Click Start Scan and allow the scan process to run.
 
tdss4_zps6792a13c.png
 
4.  If threats are detected select Skip or Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!
 
Click on Continue.
 
tdss5_zps98fc5887.png
 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.

Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to have the time to allow this to run till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need to download the Eset Smartinstaller.***

  • Click on this link to open ESET OnlineScan in a new window.
  • The ESET Online Scanner page will open, click on Yes, I agree to the trems of use, then click on Start, the scan will now begine.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Edited by dc3, 22 October 2014 - 02:26 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#11 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:41 AM

Posted 22 October 2014 - 02:24 PM

I am going to edit my previous post.  Wait and do what is suggested after the edit.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#12 ssheppard

ssheppard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 22 October 2014 - 03:26 PM

*deleted*


Edited by ssheppard, 22 October 2014 - 05:14 PM.


#13 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:41 AM

Posted 22 October 2014 - 03:36 PM

Please post the requested logs.

 

Did you run the scan after installing RKill without restarting the computer?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#14 ssheppard

ssheppard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 22 October 2014 - 03:43 PM

I actually had RKill installed already, along with TDSS... due to a previous problem.



#15 ssheppard

ssheppard
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 22 October 2014 - 04:06 PM

At this rate it doesn't look like the ESET scan will be finished before I go to work. If not I will post the log later tonight, in 10 hours or so.

 

I appreciate the help, thank you.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users