Dwm.exe has stopped working
Solved
koukougnon@1973
Posted messages
8
Status
Membre
-
Snorski Posted messages 2 Status Membre -
Snorski Posted messages 2 Status Membre -
Hello,
After trying to install a crack, I keep getting the message ("dwm.exe has stopped working") that displays constantly. I can't even use my computer properly anymore.
I followed resolved posts on this issue and after completing this tutorial (Follow the FRST tutorial https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/ I obtained the 3 files (FRST, Additional, and Shortcut) that I make available to you:
https://pjjoint.malekal.com/files.php?id=FRST_20161029_c12k13c10h9o7
https://pjjoint.malekal.com/files.php?id=20161029_o5w11t6e15m9
https://pjjoint.malekal.com/files.php?id=20161029_w9r5e6p9o14
I don't understand anything. I need your help, thank you for considering my request.
After trying to install a crack, I keep getting the message ("dwm.exe has stopped working") that displays constantly. I can't even use my computer properly anymore.
I followed resolved posts on this issue and after completing this tutorial (Follow the FRST tutorial https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/ I obtained the 3 files (FRST, Additional, and Shortcut) that I make available to you:
https://pjjoint.malekal.com/files.php?id=FRST_20161029_c12k13c10h9o7
https://pjjoint.malekal.com/files.php?id=20161029_o5w11t6e15m9
https://pjjoint.malekal.com/files.php?id=20161029_w9r5e6p9o14
I don't understand anything. I need your help, thank you for considering my request.
6 réponses
Hello,
You downloaded a crack that infected you with a Trojan.Bitcoin and possibly some adware.
I'm reviewing the reports.
--
Please press any key to continue the disinfection...
You downloaded a crack that infected you with a Trojan.Bitcoin and possibly some adware.
I'm reviewing the reports.
--
Please press any key to continue the disinfection...
Here is the correction to be made with FRST. You can refer to this explanatory note with screenshots.
Open Notepad: Press Windows + R,
In the "Run" field, type notepad and click OK.
Copy/Paste the following into it:
Once the text is pasted into Notepad,
Go to the "File" menu then "Save as",
On the left, select Desktop,
In the field at the bottom, for the file name enter: fixlist.txt
Click "Save", this will create fixlist.txt on the Desktop.
Restart FRST and click the "Fix" button
A restart may be necessary (not mandatory)
A text file will appear, copy/paste its content here in a new message.
--
Please press any key to continue the disinfection...
Open Notepad: Press Windows + R,
In the "Run" field, type notepad and click OK.
Copy/Paste the following into it:
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3231882397-510709814-1551296817-1001\...\Run: [tsiVideo] => C:\Users\LaGratitude\AppData\Local\Temp\mdi164.dll [1495040 2016-10-29] () <===== ATTENTION
Hosts:
EmptyTemp:
RemoveProxy:
CreateRestorePoint:
Reboot:
Once the text is pasted into Notepad,
Go to the "File" menu then "Save as",
On the left, select Desktop,
In the field at the bottom, for the file name enter: fixlist.txt
Click "Save", this will create fixlist.txt on the Desktop.
Restart FRST and click the "Fix" button
A restart may be necessary (not mandatory)
A text file will appear, copy/paste its content here in a new message.
--
Please press any key to continue the disinfection...
Results of Farbar Recovery Scan Tool (x64) Version: 29-10-2016
Executed by LaGratitude (29-10-2016 13:59:27) Run:1
Executed from C:\Users\LaGratitude\Desktop
Loaded profiles: LaGratitude & MSSQLFDLauncher$GRATITUDESERVER & ReportServer$GRATITUDESERVER & MSSQL$GRATITUDESERVER (Available profiles: LaGratitude & MSSQLFDLauncher$GRATITUDESERVER & ReportServer$GRATITUDESERVER & MSSQL$GRATITUDESERVER)
Boot mode: Normal
==============================================
fixlist content:
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3231882397-510709814-1551296817-1001\...\Run: [tsiVideo] => C:\Users\LaGratitude\AppData\Local\Temp\mdi164.dll [1495040 2016-10-29] () <===== ATTENTION
Hosts:
EmptyTemp:
RemoveProxy:
CreateRestorePoint:
Reboot:
The restore point was created successfully.
Processes closed successfully.
HKU\S-1-5-21-3231882397-510709814-1551296817-1001\Software\Microsoft\Windows\CurrentVersion\Run\\tsiVideo => value removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3231882397-510709814-1551296817-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3231882397-510709814-1551296817-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
The restore point was created successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 884455 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 78855980 B
Java, Flash, Steam htmlcache => 779 B
Windows/system/drivers => 59657106 B
Edge => 138562345 B
Chrome => 504027455 B
Firefox => 190652790 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 76264 B
NetworkService => 4040 B
LaGratitude => 2312026053 B
MSSQLFDLauncher$GRATITUDESERVER => 0 B
ReportServer$GRATITUDESERVER => 0 B
MSSQL$GRATITUDESERVER => 0 B
RecycleBin => 42656281 B
EmptyTemp: => 3.1 GB of temporary data deleted.
================================
The system had to restart.
Executed by LaGratitude (29-10-2016 13:59:27) Run:1
Executed from C:\Users\LaGratitude\Desktop
Loaded profiles: LaGratitude & MSSQLFDLauncher$GRATITUDESERVER & ReportServer$GRATITUDESERVER & MSSQL$GRATITUDESERVER (Available profiles: LaGratitude & MSSQLFDLauncher$GRATITUDESERVER & ReportServer$GRATITUDESERVER & MSSQL$GRATITUDESERVER)
Boot mode: Normal
==============================================
fixlist content:
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3231882397-510709814-1551296817-1001\...\Run: [tsiVideo] => C:\Users\LaGratitude\AppData\Local\Temp\mdi164.dll [1495040 2016-10-29] () <===== ATTENTION
Hosts:
EmptyTemp:
RemoveProxy:
CreateRestorePoint:
Reboot:
The restore point was created successfully.
Processes closed successfully.
HKU\S-1-5-21-3231882397-510709814-1551296817-1001\Software\Microsoft\Windows\CurrentVersion\Run\\tsiVideo => value removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3231882397-510709814-1551296817-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3231882397-510709814-1551296817-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
The restore point was created successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 884455 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 78855980 B
Java, Flash, Steam htmlcache => 779 B
Windows/system/drivers => 59657106 B
Edge => 138562345 B
Chrome => 504027455 B
Firefox => 190652790 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 76264 B
NetworkService => 4040 B
LaGratitude => 2312026053 B
MSSQLFDLauncher$GRATITUDESERVER => 0 B
ReportServer$GRATITUDESERVER => 0 B
MSSQL$GRATITUDESERVER => 0 B
RecycleBin => 42656281 B
EmptyTemp: => 3.1 GB of temporary data deleted.
================================
The system had to restart.
End of Fixlog 14:07:40
You're welcome =)
Finish with a cleanup using Malwarebytes - Malwarebytes Anti-Malware Free Version Tutorial
and be careful what you download.
--
Please press any key to continue the disinfection...
Finish with a cleanup using Malwarebytes - Malwarebytes Anti-Malware Free Version Tutorial
and be careful what you download.
--
Please press any key to continue the disinfection...