Jump to content

swgiles

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Here's an update... For more than two weeks now, I've had Malwarebytes running with all protections enabled, and no BSODs. Just before I re-enabled, I noticed that Windows Update was calling for over 1 GB of updates (over 100 updates), even though I always have Windows Update set to auto, and always update dutifully on Microsoft's bidding. Possibly something got reset on one of the previous crashes. Though I can't tell for sure anymore, I'm quite sure that my system was in that state during some of the more recent crashes, but I'm certain it wasn't when my system first started crashing (though running an earlier version of Malwarebytes 2) I ran all the updates (took most of the day), and then turned on all Malwarebytes Premium real-time protections. So, all is well at this point. Before this, crashes were approximately once per day, or every other day. My guess at causation - latest Malwarebytes release (2.0.2.1012) must have fixed whatever was the initial problem causing the BSODs, but when I updated Malwarebytes to the latest, it didn't interact well with my OS that was needing a bunch of Win 7 updates. Thanks once again @AdvancedSetup for your help.
  2. BSOD Minidump files and MBAM logs are attached. Thanks again for your help. Minidump.zip MBAM_Logs.zip
  3. Thanks, Ron. No disrespect meant at all. In my specific instance, I see where all the evidence is pointing, but I'm also well aware that finding the actual cause can be very elusive. I also checked the usual culprits about a month ago when BSODs mysteriously surfaced - re-seated memory, ran memory diagnostics, updated video and network drivers, etc. I wasn't suspecting Malwarebytes. Malwarebytes has a hard-earned and well-deserved reputation at the top of the heap of the malware-fighting community, and the patient work of many staff and volunteers in these forums is truly appreciated. I had another BSOD last night. Again, OSROnline points at mwac as the culprit. My solution right now, not my preferred one, but necessary, is to turn off Malicious Website Protection, the main reason I have Malwarebytes. I need to protect the integrity of my system. I will zip up all of the minidump files shortly and post them.
  4. @anachromat, well said. I also have many years of professional software development experience, and I agree the evidence on this issue is pointing in an obvious direction. @AdvancedSetup, I also have minidumps still from all BSODs. Happy to share them, if Malwarebytes thinks they would be helpful.
  5. Ron, All recommended actions have been done. Malwarebytes Premium is now reinstalled at 2.0.2.1012. Attached is the chkdsk results and JavaRra.log. Note that when the BSODs started about a month ago, I did a chkdsk at that time, as well as sfc/scannow, as well as updating all system drivers (through Thinkpad System Update). I wasn't suspecting Malwarebytes at the time and WhoCrashed only told me it was tcpip.sys, not the actual cause. So I'm guessing that the reparse records from the chkdsk had more to do with the BSODs I've had subsequently. BSODs are rough on the stability of a Windows installation. I really do appreciate your help, and I don't doubt your expertise, but with all due respect, I'm having a hard time believing that issues such as out-of-date Java (yes, it's a security issue, agreed) could be linked to Malwarebytes BSODs. I've turned on real-time Malware Protection and Malicious Website Protection for now, but one more BSOD attributed to Malwarebytes and they're off until some more definitive bug fixes or information. I wish I was more optimistic...basic troubleshooting procedure would suggest that (1) before Malwarebytes 2, no crashes for more than 1 year (with previous version of Malwarebytes running), (2) after Malwarebytes 2, several crashes, with crash analysis pointing to Malwarebytes every time, (3) cause is Malwarebytes 2. I hope you pinpoint the actual cause of the BSODs and fix it real soon! Malwarebytes has been a great product, and I'd like to stick with it, but not at the risk of system stability. Cheers Chkdsk Jun 5 2014.txt JavaRa.log
  6. Ron, Requested files are attached. Addition.txt FRST.txt CheckResults.txt
  7. I've had recurring BSOD (once or twice a week) that I've finally tracked down to MalwareBytes (Premium - been long time with Malwarebytes). Seems it started with version 2 on May 1, when I was upgraded to 2.0.xxx. I tried upgrading ot 2.0.2.1012, and still a problem. I'm running Win 7 Pro SP1, and Microsoft Security Essentials for Antivirus. Often, crash happens while running Google Chrome (presently 35.0.1916.114 m) I'm not at all happy with Malwarebytes at this point - it's been a great tool for many years, but I can't abide a utility that routinely BSODs. I'm turning off real-time protection until I can get something resolved. Please help...I'm happy to send minidump files if you wish. ------------------------------------------ OSROnline gives the following BSOD analysis info: Crash Dump Analysis provided by OSR Open Systems Resources, Inc. (http://www.osr.com) Online Crash Dump Analysis Service See http://www.osronline.com for more information Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.18113.amd64fre.win7sp1_gdr.130318-1533 Machine Name: Kernel base = 0xfffff800`03a19000 PsLoadedModuleList = 0xfffff800`03c5c670 Debug session time: Tue Jun 3 22:27:32.451 2014 (UTC - 4:00) System Uptime: 0 days 1:00:43.685 ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* BAD_POOL_HEADER (19) The pool is already corrupt at the time of the current request. This may or may not be due to the caller. The internal pool links must be walked to figure out a possible cause of the problem, and then special pool applied to the suspect tags or the driver verifier to a suspect driver. Arguments: Arg1: 0000000000000020, a pool block header size is corrupt. Arg2: fffffa800aea1830, The pool entry we were looking for within the page. Arg3: fffffa800aea1850, The next pool entry. Arg4: 0000000004020008, (reserved) Debugging Details: ------------------ TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2 BUGCHECK_STR: 0x19_20 POOL_ADDRESS: GetPointerFromAddress: unable to read from fffff80003cc6100 GetUlongFromAddress: unable to read from fffff80003cc61c0 fffffa800aea1830 Nonpaged pool DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT PROCESS_NAME: mbamservice.ex CURRENT_IRQL: 0 LAST_CONTROL_TRANSFER: from fffff80003bc1cae to fffff80003a8ec00 STACK_TEXT: fffff880`0d5ed258 fffff800`03bc1cae : 00000000`00000019 00000000`00000020 fffffa80`0aea1830 fffffa80`0aea1850 : nt!KeBugCheckEx fffff880`0d5ed260 fffff880`01f290bd : 00000000`00000008 00000000`00000004 00000000`676e7049 fffff880`04e790b2 : nt!ExDeferredFreePool+0x12da fffff880`0d5ed310 fffff880`011a004a : 00000000`00000000 fffff880`0119c0c3 00000000`00000000 fffffa80`0b786010 : tcpip!IppInspectBuildHeaders+0x65d fffff880`0d5ed5f0 fffff880`090c4109 : 00000000`00000000 00000000`00000014 00000000`00000000 fffffa80`06949790 : fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+0x20a fffff880`0d5ed690 00000000`00000000 : 00000000`00000014 00000000`00000000 fffffa80`06949790 fffffa80`069497a4 : mwac+0x6109 STACK_COMMAND: kb FOLLOWUP_IP: fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+20a fffff880`011a004a 85c0 test eax,eax SYMBOL_STACK_INDEX: 3 SYMBOL_NAME: fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+20a FOLLOWUP_NAME: MachineOwner MODULE_NAME: fwpkclnt IMAGE_NAME: fwpkclnt.sys DEBUG_FLR_IMAGE_TIMESTAMP: 50e4f5c8 FAILURE_BUCKET_ID: X64_0x19_20_fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+20a BUCKET_ID: X64_0x19_20_fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+20a
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.