Constant 0xc0000005 Errors (Floxit.E virus)
- Thread starter PhsMu
- Start date
- Status
Windows 10 User (again3)
aka Malaria, you never get rid of it.
Do you know what may be causing the USB boot problem?
Windows 10 User (again3)
aka Malaria, you never get rid of it.
I know this is OT but how can I get back the calendar after clicking in the date in the bottom right corner? Nothing happens after clicking it and I don't want to have notifications again, just the calendar. Did removing something about the notifications/action center caused this?
Hellbovine
Well-Known Member
I'm assuming you mean the C++ redistributable? If so, this can happen because some applications are written for a very specific version, which can include the security updates too. To clarify, take this made up example: C++ 2005 might be version 1.0, but there could be 2 security updates making it version 1.1 and 1.2, and then a service pack update making it version 1.3 -- some finicky applications that work on one version won't work on another, even though they're all 2005. I've come across this a few times while playing games over the years. The other culprit might be that you installed only the 32 or 64 bit version, and may need to install the other too. What is the specific program that has the problem?
Also, make sure you get your redistributables from official sources to avoid malware:
https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist?view=msvc-170
Hellbovine
Well-Known Member
I've had the same experience with W10, and I tried every solution on this forum and elsewhere, went through all the rufus stuff, etcetera, with no clear fix. I ended up finding a workaround for my issue by tweaking various bios options, such as disabling Secure Boot, disable UEFI, messing with boot order stuff, and so forth. But there's still clearly a bug in my bios that gives me grief during the install process and so my boot order for USB and SSD drives gets ignored in several circumstances, requiring me to manually override it in a similar manner that you are having to do too. I didn't have this problem in the past, but that was because I was always using an optical drive to install via a DVD. I think for some people like myself, the newer Windows are just exposing pre-existing bugs now that installing from USB is more popular.
Windows 10 User (again3)
aka Malaria, you never get rid of it.
OfficeRTool. I don't think this doesn't have to do with not having C++ Redistributable installed but with Office's setup.exe since it's also a EXE file. I think I got the infected Visual Basic 5.0 from Microsoft and it's also a EXE file. What I don't understand is if this has to do with EXE files, then why am I currently having this problem with OfficeRTool's setup.exe only and not with all EXE files like before?
I don't know if this has to do with NTLite, i.e., if not using a modded Windows 11 22H2 version, I don't know if I'd still have this problem.
Attachments
Last edited:
Hellbovine
Well-Known Member
I think you misread my replies. I quoted the questions I was replying too. I wasn't trying to solve the 000005 error. It is probably best if you make new threads for these other issues, because it's all starting to get jumbled, too many different questions in one thread.
Windows 10 User (again3)
aka Malaria, you never get rid of it.
But it has to do with this thread since it's caused by the infection. It's even the proper thread's title.
This is weird. Malwarebytes says I'm infected again and I didn't install a single program.
Last edited:
Hellbovine
Well-Known Member
I want to save you time and headache. Just backup your important documents, do a clean install using an official, untweaked ISO, then see how everything else goes from there. Trying to work backwards is only going to take longer and be more difficult. Delete the partitions during the Windows Setup phase and your infection issues should go away.
Don't attempt to put your potentially infected files back again, until you're sure the computer is clean and in working order, then go scan those files while they reside on an external drive, or via the cloud like crypticus suggested, etcetera.
I think the main issue here, is you've got multiple issues, and so you have to hack away at them in layers, but in order to do that efficiently you need to start fresh first since it sounds like malware is going to fight you the whole way if you don't.
Don't attempt to put your potentially infected files back again, until you're sure the computer is clean and in working order, then go scan those files while they reside on an external drive, or via the cloud like crypticus suggested, etcetera.
I think the main issue here, is you've got multiple issues, and so you have to hack away at them in layers, but in order to do that efficiently you need to start fresh first since it sounds like malware is going to fight you the whole way if you don't.
Windows 10 User (again3)
aka Malaria, you never get rid of it.
It looks like the virus infects the EXE files run from the external HDD and that's why I was always being reinfected after reinstalling Windows since many EXE files were infected and I was running them to install or run programs. I had to replace them and some of the them were hard to find. It looks like the virus infected VB Runtime's installer, Edge, Chrome, Malwarebytes' installer, OfficeRTool, Rufus, YUMI, UUP Dump's downloaded file, etc. It looks like the EXE files were only infected after I manually ran them.
l had to reinstall Windows, delete every infected EXE file from my external HDD after scanning them with VirusTotal and redownload them. Some of the programs were hard to find. Anyway, I still don't get why was I only having this problem with OfficeRTool the last time and not with all programs that use EXE like OfficeRTool itself, Malwarebytes' installer, Edge and Chrome, YUMI, Rufus, etc.
Last edited:
Windows 10 User (again3)
aka Malaria, you never get rid of it.
It looks like the virus also infected the USB flash drive where I burned the Windows 11 installer but this time it's not an EXE file but a DLL one. I formatted it, scanned the ISO with Malwarebytes just to be sure and burned it to the USB flash drive.
Finally, I got rid of this nasty virus and I'm not having the 0xc0000005 error when running EXE files or programs that use/should use them (like OfficeRTool, UUP Dump's Windows 11 installer's downloader, Rufus, YUMI, Edge and Chrome).
Last edited:
Windows 10 User (again3)
aka Malaria, you never get rid of it.
But I never had this issue and I've been installing Windows from USB for years. Also, I don't have this problem with an untouched Windows 11 image so is it NTLite's fault? Weird, because even so, I wasn't having it until very recently and I've done some installs using NTLite modded Windows 11 images.
EDIT: Maybe it's Rufus' fault since I use it to burn Windows 11 ISOs to USB but it's the first time I have this issue and I've been using Rufus to burn them to USB for some time.
Last edited:
NTLite doesn't have any viruses, you wouldn't be the only one to experience it, there are literally thousands of active users, since 2014.
You can use virustotal.com to scan it.
Btw, if you used a cracked version at any point, I cannot guarantee it wasn't tampered with. Always download only from the official page (ntlite.com/download) and confirm the SHA-256 hash if in doubt.
I would not expect Rufus to have any viruses either.
Keep searching, use some antivirus to scan your computer, make an ISO on another clean PC and reinstall yours to begin with, then run nothing without an antivirus for some time.
You can use virustotal.com to scan it.
Btw, if you used a cracked version at any point, I cannot guarantee it wasn't tampered with. Always download only from the official page (ntlite.com/download) and confirm the SHA-256 hash if in doubt.
I would not expect Rufus to have any viruses either.
Keep searching, use some antivirus to scan your computer, make an ISO on another clean PC and reinstall yours to begin with, then run nothing without an antivirus for some time.
Floxif can infect other EXEs (and as far as I know, only EXEs, no media files), and from my experience with it, it starts by the MRU list. In my case it infected Intel GPU drivers, among others. The solution I used, and which worked for me was to backup everything, install linux, scan all files and delete the infected files then reinstall the system. Nothing else worked, and I spent nearly a month on it. So it isn't NTLite or Rufus fault, even if the files you have are infected, they were infected IN YOUR SYSTEM. Its just how floxif viruses work (I had E, H and I variants).
Internet nasties can infect a usb keys own control software so any infected drive is junk and should be binned.
Backup your important files, .exe's zips etc to dvd/bluray media or a data disc iso.
On a number of occasions dvd backups have gotten me out of crap creek.
Windows 10 User (again3)
aka Malaria, you never get rid of it.
Thanks. I used VirusTotal and got rid of the virus. Like I said, this virus infects EXE files, hence why NTLite, Rufus, etc., showed a message with an error after being run. Like you said, I must have a got this virus from a crack downloaded using uTorrent, but don't worry, since I pay your program and never tried to crack it.
What's worrying me is that Malwarebytes still detects malware, although some of it is apparently a policy set by NTLite (disable MRT) and a GPO policy I manually set, exported and integrated in the image created by NTLite so they're actually not real malware. The other detected malware regards uTorrent (I think even a non-cracked uTorrent version is considered malware by Malwarebytes) and some cracks so they might be false-positives but after running the latter when installing programs, Malwarebytes detects new malware and that's the ones which are worrying me even though I don't notice a difference in normal behavior like the one caused by the previous virus since it was obvious. It looks like I'll have to install each program, use the cracks and scan afterwards with Malwarebytes to know which cracks created the virus since for some reason Malwarebytes only detects the virus after using the cracks, not before when scanning them. Also, when removing these malware, uTorrent stops working and the cracked programs remain activated, which might be weird.
Regarding, the USB boot problem, it's not caused by the virus and I don't know what causes it, NTLite, Rufus or maybe a combination of them.
I fixed it by reinstalling Windows, redownloading the EXE files, deleting the previous EXE from the external HDD and copying the new ones to it.
It looks like this virus infected a DLL from a Windows 11 created by NTLite and burned by Rufus so I formatted the USB flash drive, scanned the image with Malwarebytes just to be sure, burned it and it was no longer infected.
What about the USB boot problem which I was having before all of this started?
I know this is OT but how can I get back the calendar after clicking in the date in the bottom right corner? Nothing happens after clicking it and I don't want to have notifications again, just the calendar. Did removing something about the notifications/action center caused this?
Windows 10 User (again3)
aka Malaria, you never get rid of it.
Nuhi, I have a question.
Like you know, when installing a CU, the components removed by NTLite come back (and possibly the policies and maybe other things too set by NTLite are removed too).
What would happen if one installs a CU and forgot to use NTLite's Remove Reinstalls feature to remove the returning components, then installs a newly released CU and finally uses NTLite's Remove Reinstalls feature? Would the components still be removed or should one always use Remove Reinstalls after installing each CU?
EDIT: This time I copy pasted the Windows 11 image's content to the USB flash drive and I still have this problem so is it NTLite's fault?
Last edited:
crypticus
Well-Known Member
this was discussed, u might want to use search for your questions
How does Remove Reinstalls know what to remove?
If it's not a Trade Secret, a question for nuhi. How does Remove Reinstalls know what I had removed previously using NTLite? Is there a log file that I need to keep that it looks at? I ask because 1) I've always been curious about it, and 2) after just now installing KB4592438 (to bring me up...
www.ntlite.com
- Status