Jump to content


  • Posts

  • Joined

  • Last visited


0 Neutral
  1. Well, since I had no replies I thought I'd update things. 1) Removed attachments, because 2) New update came out today and per the readme addresses the issues reported If the issues persist I'll log a support ticket through MWB directly.
  2. Sanitizing my logs for user info. Re-attached. Here is the excerpt from the crash dump file: ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* IRQL_NOT_LESS_OR_EQUAL (a) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If a kernel debugger is available get the stack backtrace. Arguments: Arg1: fffffa801e1fd010, memory referenced Arg2: 0000000000000002, IRQL Arg3: 0000000000000001, bitfield : bit 0 : value 0 = read operation, 1 = write operation bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status) Arg4: fffff80002f88cb6, address which referenced memory Debugging Details: ------------------ TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2 WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80003103100 GetUlongFromAddress: unable to read from fffff800031031c0 fffffa801e1fd010 Nonpaged pool CURRENT_IRQL: 2 FAULTING_IP: nt!MiReleaseConfirmedPageFileSpace+86 fffff800`02f88cb6 480fb328 btr qword ptr [rax],rbp DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT BUGCHECK_STR: 0xA PROCESS_NAME: mbamservice.ex TRAP_FRAME: fffff880077fd2e0 -- (.trap 0xfffff880077fd2e0) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=fffffa800e1fd010 rbx=0000000000000000 rcx=0000000000000000 rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000 rip=fffff80002f88cb6 rsp=fffff880077fd470 rbp=0000000080000000 r8=fffff880077fd4a0 r9=fffffa800efbbb30 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl zr na po nc nt!MiReleaseConfirmedPageFileSpace+0x86: fffff800`02f88cb6 480fb328 btr qword ptr [rax],rbp ds:fffffa80`0e1fd010=00000000055fffdd Resetting default scope LAST_CONTROL_TRANSFER: from fffff80002ecb169 to fffff80002ecbbc0 STACK_TEXT: fffff880`077fd198 fffff800`02ecb169 : 00000000`0000000a fffffa80`1e1fd010 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx fffff880`077fd1a0 fffff800`02ec9de0 : fffffa80`1533d250 fffff880`010d92ec fffffa80`1533d250 00000000`00000000 : nt!KiBugCheckDispatch+0x69 fffff880`077fd2e0 fffff800`02f88cb6 : 00000000`00000001 00000000`00000000 fffffa80`0d5867a0 fffff800`031c6374 : nt!KiPageFault+0x260 fffff880`077fd470 fffff800`02f3cbea : 00000000`000002a0 fffff880`077fd8fa 00000000`0a829000 fffff800`0307dd40 : nt!MiReleaseConfirmedPageFileSpace+0x86 fffff880`077fd4f0 fffff800`02eb83df : fffffa80`00000000 00000000`0a85ffff 00000000`00000000 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x34f16 fffff880`077fd6b0 fffff800`02ecae53 : ffffffff`ffffffff fffff880`077fd988 fffff880`077fd998 fffffa80`00008000 : nt!NtFreeVirtualMemory+0x61f fffff880`077fd7b0 fffff800`02ec7410 : fffff800`031a10aa fffffa80`120a0a50 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 fffff880`077fd948 fffff800`031a10aa : fffffa80`120a0a50 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiServiceLinkage fffff880`077fd950 fffff800`031a1431 : fffff880`00000000 00000000`0a85e100 00000000`7efd5000 00000000`00000000 : nt!PspExitThread+0x5ba fffff880`077fda50 fffff800`031a1539 : fffffa80`120a0a50 00000000`00000000 fffffa80`120a0a50 00000000`00000000 : nt!PspTerminateThreadByPointer+0x4d fffff880`077fdaa0 fffff800`02ecae53 : fffffa80`120a0a50 fffff880`077fdb60 00000000`7efd5000 00000000`7efd5000 : nt!NtTerminateThread+0x45 fffff880`077fdae0 00000000`777a17ea : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 00000000`0a85e1a8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x777a17ea STACK_COMMAND: kb FOLLOWUP_IP: nt!MiReleaseConfirmedPageFileSpace+86 fffff800`02f88cb6 480fb328 btr qword ptr [rax],rbp SYMBOL_STACK_INDEX: 3 SYMBOL_NAME: nt!MiReleaseConfirmedPageFileSpace+86 FOLLOWUP_NAME: MachineOwner MODULE_NAME: nt DEBUG_FLR_IMAGE_TIMESTAMP: 531590fb IMAGE_NAME: memory_corruption FAILURE_BUCKET_ID: X64_0xA_nt!MiReleaseConfirmedPageFileSpace+86 BUCKET_ID: X64_0xA_nt!MiReleaseConfirmedPageFileSpace+86 Followup: MachineOwner ---------
  3. Attached are the scan results from the Malwarebytes tools along with latest BSOD mini dump.
  4. hoping support can help me out with my issue. Long time Malwarebytes user, having issues now with blue screens which occur very randomly, but usually 1-2 times per week. My system specs thus far: - Paid premium version - MSI GE620 laptop - 16gb DDR3 Memory (this occurs regardless of memory installed; happens with factory 8gb as well...ram fully tested with passing results) - 256GB SSD (checked SMART status/health and it's good to go) - Windows 7 x64 Home Premium (fresh install - not factory imaged) - No other antivirus installed This randomly started happening with the latest 2.0 releases. It was never an issue before that. I have attempted to perform a fresh installation of Malwarebytes several times via the cleaning tool, even ensuring all relevant folders in locations such as c:\programdata and even registry entries were erradicated before restarting and re-installing with a freshly downloaded installer from the Malwarebytes site. 1-2 times a week I'll wake my system up (doesn't sleep or hibernate - just let the screen blank out after a while - though I've also tested with sleep mode and the same issues happen), and I'll see that: a) system has restarted due to a blue screen; upon reading the mini dumps Malwarebytes is directly noted to have caused the issue b) once the above BSOD occurs, Malwarebytes reports that the real time protection is now disabled and the database is missing or corrupt, prompting me to update it to resolve Everything is then fine until the next BSOD. I've run various scans in and out of safe mode, everything is clean, system is otherwise in perfect working order, patched, etc. I can't figure out what is causing this to happen all of a sudden. I'll be running the collection tools as soon as I am able tonight and will post them back here. I'm seeing a lot of this issue per web searching but with very little resolutions so I'm really hoping to figure out the root cause of this to resolve. Thanks!
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.