Resolved Weird Windows issue (0xc0000005)

[coopervid]

You are a hopeless case until life teaches you otherwise. Experience can't be told as I now see again. You have to make your own.

 

[DQ]

You are a hopeless case until life teaches you otherwise. Experience can't be told as I now see again. You have to make your own.

If there was but one way to live life, life would be a very boring repetitive ritual. At any point if we think we have it right and we are beyond questioning then we are closed off to new information and growth.

 

[cartman0208]

But as explained, I am the one that has to deal with a hacked PC if something should happen.

Actually, that is only half the truth...
There's always a chance your devices can be compromised and you won't even notice.
The those devices can then be used by others to start attacks on other people around the world. So you would be part of a wide spread DDOS and wouldn't even know about it.
Defender would help against that... Any halfway good protection Software would.
I don't want to convince you, just to think about it.

 

[goncal]

And what about all the email recipients, Some virus use your email info to spread

 

[tectpro]

Here are a few lines regarding antivirus programs and how they compare to built-in solutions like Windows Defender.
No disrespect to Defender – it's a pretty good guardian, keeping our systems safe from nasties like malware, phishing attacks, and system vulnerabilities.
But sometimes, it might only provide some of the protection we need.

Enter standalone antivirus programs.
They're like a Swiss army knife for cyber safety.
They often have extra features like VPNs for safe browsing, advanced ransomware protection, and tougher firewall settings.
They're also the early birds when it comes to updates, considering how fast and frequently cyber threats evolve.

Now, picture a PC with no antivirus.
It's like a goldmine for hackers. Without protection, malware can sneak in, steal data, corrupt files, or even take control of your entire system. And if your Defender (or any other antivirus) is compromised, the situation goes from bad to worse.

Bottom line? It's a smart move to support Defender with top-notch antivirus software. It's like equipping your system with an extra layer of armour against the relentless onslaught of cyber threats.


I am switching gears now to talk about RAM defects.

Manufacturing RAM (Random Access Memory) is a complex process, and sometimes, things can go awry.
Especially when modules come from the same batch, there can be defects due to minor variations or impurities in the manufacturing process.
That means if one module from a batch is defective, there's a slight but real chance that others from the same batch could also have issues.

The best way to check for these defects is by using a RAM testing tool.
One such tool is MemTest86. It's a free, reliable tool that thoroughly checks your RAM for defects or faults.
Keep in mind, though, even if it's a slight chance, it's still possible for a whole batch to have defects.
So, if your systems start acting up after a RAM upgrade, it's worth running a test.

I hope this info helps!

 

[DeepSpace]

The those devices can then be used by others to start attacks on other people around the world.

Oh yeah, I heard about it. A Botnet, mostly with poorly secured devices like Security Cams, Printers etc that then can launch DDOS attacks. That actually never came into my mind.
Either way, I already decided not to tinker with Defender anymore and only exclude everything if I need to but never touch the script again. Because then it is not possible to reactivate Defender anymore in case I need it or should decide to protect myself aganst being part of a botnet.
When I just exclude it, I can reactivate it at any time.



I just had the 0xc happen again with MakeMKV, and the AppInit was in the registry again. So it appears that not Defender was the cause for all the issues, as it was even disabled on my previous Windows installation, but I had the AppInit there as well... Why didn't I notice. So I still have to figure out how the AppInit entry comes to life, but I won't do that today. Luckily, it is easily removable, so MakeMKV started again just fine and still does. So I will post again when I found the cause for that.
Yes of course I can just activate Defender to see if it detects the AppInit and removes it, but I want to find the actual cause so it doesn't even appear on the system anymore.
So Defender would remove the file, but not identify the source.

And what about all the email recipients, Some virus use your email info to spread

I also haven't thought about this as well, as I barely ever send mails and only use it in my browser, I don't have a full client like Outlook. But of course a virus could install an extention that sneeks into my mail tab and sends mails, or modifys my send emails.

how they compare to built-in solutions like Windows Defender

I heard Defender got better with W10 and is now pretty good, but when last I looked, it was not on the top of the list. And I haven't looked for some years now, so I cannot say how good it compares now.

One such tool is MemTest86

I also heard about this and I am going to make RAM tests some time in the future. But for now it appears AppInit is the culprit even behind 0xc and so it has a higher priority to find it and get rid of it for good. As it is more likely to be the cause than multiple devices having defective RAM.




@coopervid I think I understand now, I shouldn't only use AV to protect myself, but also to protect others when my PC is infected with a Botnet virus or sends weird emails. And thinking I don't need AV was selfish. If that is what you tried to say... then why haven't you done it? Thinking back about your posts, I always agreed not using AV is a risk, but I cannot see any line that would indicate that this is selfish thinking and I should also use it to protect others. Can you please confirm if I got it now?

 

[coopervid]

To me it was just too obvious and essential. No PC with an internet connection should be used with an older OS, w/o firewall and w/o AV software. To protect yourself and the rest of the internet world from you.

 

[goncal]

I use Defender and don't have any issues, did have to whitelist a couple of apps originally
UAC is another story, limited that as it was to overbearing
Check out this link

https://www.av-comparatives.org/comparison/

 

[DeepSpace]

To me it was just too obvious and essential. No PC with an internet connection should be used with an older OS, w/o firewall and w/o AV software. To protect yourself and the rest of the internet world from you.

Ok, then rest assured that I am going to use Defender as soon as the AppInit issue has been taken care of.

And please keep that in mind for the future and always say what you mean if I don't get something. But I can't point at you as I have this issue as well. When I try to explain something to someone else who is not as familiar with Windows as I am. For me it is obvious to click there as I just know it, but the other person has never seen the page I am talking about. So I get annoyed when that person asks hundreds of times instead of just doing it. And I suppose you had the same feeling when I said I am not going to use Defender instead of just doing it.

I use Defender and don't have any issues

I just had another thought: What if Defender never did false positives on the installed programs (yes the .exe files are still false positives), as these files also got affected by AppInit. So Defender rightfully flagged them. But since Defender also flagged the installer files without reason, I always thought these program files are false positives as well. I will see that when I let Defender running after AppInit has been taken care of. If it then still flags them or not.

 

[coopervid]

...and why don't you try what I posted in #148???? Defender is a PITA when you try e.g. hacking tool etc.

 

[DeepSpace]

...and why don't you try what I posted in #148???? Defender is a PITA when you try e.g. hacking tool etc.

I used Defender as a synonyme for AV software in the last comment. I am going to try another AV software like Avira if Defender still throws too much false positives. But I don't have the time to try either software today, so I just said I will use Defender.

 

[TubeBar]

coopervid knows his stuff, I'd listen to him and have him help you. This is a mess

 

[DeepSpace]

coopervid knows his stuff, I'd listen to him and have him help you. This is a mess

Since I now know what he was trying to say (but hasn't), I am going to listen to him as I already said. I just was in a rush when writing the comment, so I haven't told him that I am also going to take a look at Avira, which might've avoided his second comment.

 

[DQ]

PC/network (yes they go hand in hand) security is not a one size fits all things nor is it a one and done situation. Essentially anyone can be gotten but the entire goal is to make is as difficult to be gotten as possible. You accomplish this through overlapping layers of security and of course by making wise decisions.

Since we are on the topic and we are just talking about security bits and pieces lets talk about the whole thing so no one gets the wrong idea.

How to secure your network/PC the DQ way:

I.) The Edge
- do not use your ISP modem as your "router", buy your own device that you trust and put it behind the ISP device
- when possible don't use a simple "router", use an actual firewall that allows you to control and filter your traffic
- as far as firewalls run away from anything with the term "gaming" in it and stick with things like pFsense, Untangle, ClearOS

II) DNS
- there are many ways to filter your DNS queries and this is a great way of securing and filtering your traffic for security and for kids
- great options here range from simple to complex but some examples are OpenDNS, Quad9, Cloudflare and of course PiHole
(my personal favorite here is to use PiHole combined with OpenDNS)
- another reason for using your own DNS server is to obfuscate from your ISP what you are doing so they are not datamining your activity

III) The PC (from a Windows perspective as Linux is another whole topic)
- A/V is not the end all be all of security it once was but it is still an important layer and while there are free options here I think a person is best served by paying for something that has a number of functions it performs, my preference is Bitdefender
- do not turn off any security services in windows unless you have a very specific reason to do so, their is normally almost nothing to be gained by doing so
- go through the privacy settings in Windows and turn off the obvious stuff that reports back to Microsoft or allows websites to read info from your PC
(now you might be thinking well what about all that telemetry BS and whatnot Windows does, well if you setup your DNS correctly it will get stopped there)
- one of the very overlooked ways of securing your PC is to secure the thing that opens a window to the internet on it, the browser... the browser is like a vampire it cannot hurt you unless you invite it in... Here I prefer Brave and even then I go through the settings and turn off all the extra crap and crank up the security settings
- another thing overlooked, the search engine. Engines like Google and Bing love to track you and serve you BS ads that often end up being malicious because anyone can buy an ad. Here I prefer Brave search engine or Startpage, Qwaint is decent too

IV) The Human
You can have all the security in the world but , like the vampire scenario, if you invite it in you are rendered powerless. Make good decisions, don't open silly garbage or click on silly links. Don't download things from nefarious places or use mysterious torrent stuff. HOWEVER, if you find yourself in a situation where you get a suspicious link you have to click on or open a weird file or torrent do it in a VM. Use VMware Workstation or VirtualBox. Make a garbage VM and run your stuff there so that in the event it is malicious you don't torch your main PC.

Finally, back your critical data up. I am not a fan of backing up an OS but for sure backup your data and do it to 2 places. I use a cloud service and an external drive. This way if you get ransomewared or your PC gets hosed you have your data.

 

[coopervid]

PC/network (yes they go hand in hand) security is not a one size fits all things nor is it a one and done situation. Essentially anyone can be gotten but the entire goal is to make is as difficult to be gotten as possible. You accomplish this through overlapping layers of security and of course by making wise decisions.

Since we are on the topic and we are just talking about security bits and pieces lets talk about the whole thing so no one gets the wrong idea.

How to secure your network/PC the DQ way:

I.) The Edge
- do not use your ISP modem as your "router", buy your own device that you trust and put it behind the ISP device
- when possible don't use a simple "router", use an actual firewall that allows you to control and filter your traffic
- as far as firewalls run away from anything with the term "gaming" in it and stick with things like pFsense, Untangle, ClearOS

II) DNS
- there are many ways to filter your DNS queries and this is a great way of securing and filtering your traffic for security and for kids
- great options here range from simple to complex but some examples are OpenDNS, Quad9, Cloudflare and of course PiHole
(my personal favorite here is to use PiHole combined with OpenDNS)
- another reason for using your own DNS server is to obfuscate from your ISP what you are doing so they are not datamining your activity

III) The PC (from a Windows perspective as Linux is another whole topic)
- A/V is not the end all be all of security it once was but it is still an important layer and while there are free options here I think a person is best served by paying for something that has a number of functions it performs, my preference is Bitdefender
- do not turn off any security services in windows unless you have a very specific reason to do so, their is normally almost nothing to be gained by doing so
- go through the privacy settings in Windows and turn off the obvious stuff that reports back to Microsoft or allows websites to read info from your PC
(now you might be thinking well what about all that telemetry BS and whatnot Windows does, well if you setup your DNS correctly it will get stopped there)
- one of the very overlooked ways of securing your PC is to secure the thing that opens a window to the internet on it, the browser... the browser is like a vampire it cannot hurt you unless you invite it in... Here I prefer Brave and even then I go through the settings and turn off all the extra crap and crank up the security settings
- another thing overlooked, the search engine. Engines like Google and Bing love to track you and serve you BS ads that often end up being malicious because anyone can buy an ad. Here I prefer Brave search engine or Startpage, Qwaint is decent too

IV) The Human
You can have all the security in the world but , like the vampire scenario, if you invite it in you are rendered powerless. Make good decisions, don't open silly garbage or click on silly links. Don't download things from nefarious places or use mysterious torrent stuff. HOWEVER, if you find yourself in a situation where you get a suspicious link you have to click on or open a weird file or torrent do it in a VM. Use VMware Workstation or VirtualBox. Make a garbage VM and run your stuff there so that in the event it is malicious you don't torch your main PC.

Finally, back your critical data up. I am not a fan of backing up an OS but for sure backup your data and do it to 2 places. I use a cloud service and an external drive. This way if you get ransomewared or your PC gets hosed you have your data.

The Eagles would sing: Take it to the limit. But basics are missing here. And RIP Randy Meisner!