[ndu.sys BSOD issue on my system]

I'm worried about these entries in Addition.txt report of FRST. Two of them are about emule (so I've asked about it in a previous post), and de second is about MBAMservice.exe. But it all them the modul with errors is C:\Windows\SYSTEM32\ntdll.dll

Error: (09/20/2021 05:01:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: emule.exe, versión: 0.60.2.1, marca de tiempo: 0x60998137
Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.20090, marca de tiempo: 0x60e91208
Código de excepción: 0xc0000029
Desplazamiento de errores: 0x000a078e
Identificador del proceso con errores: 0x1808
Hora de inicio de la aplicación con errores: 0x01d7adf807941a3e
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\eMule\emule.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Identificador del informe: 967bfdff-1a23-11ec-900a-fd0268711344
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:

Error: (09/20/2021 04:58:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MBAMService.exe, versión: 3.2.0.994, marca de tiempo: 0x61241ecf
Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.20090, marca de tiempo: 0x60e9188b
Código de excepción: 0xc0000008
Desplazamiento de errores: 0x00000000000ed1a0
Identificador del proceso con errores: 0x8ac
Hora de inicio de la aplicación con errores: 0x01d7adf70f4981a1
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Identificador del informe: 3cadc68d-1a23-11ec-900a-fd0268711344
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:

Error: (09/20/2021 04:56:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: emule.exe, versión: 0.60.2.1, marca de tiempo: 0x60998137
Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.20090, marca de tiempo: 0x60e91208
Código de excepción: 0xc0000029
Desplazamiento de errores: 0x000a078e
Identificador del proceso con errores: 0x1808
Hora de inicio de la aplicación con errores: 0x01d7adf807941a3e
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\eMule\emule.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Identificador del informe: e3720edf-1a22-11ec-900a-fd0268711344

[ndu.sys BSOD issue on my system]

OK. Anyhow, after doing the changes I've explained, I'm checking if the ramdom BSOD and system blockings have been solved.

I'll report results in some days.

Thank you.

[ndu.sys BSOD issue on my system]

No. Im sorry. Both files are also in C:\Windows\SysWow64.

[ndu.sys BSOD issue on my system]

OK. Thank you.

About divxdec.ax, curiously it is with divx.dll in C:\Windows/System32. However in the registry appears that it must be in C:\Windows\SysWow64, and here aren't such files.

Perhaps copyiing this two files manually in C:\Windows\SysWow64 could solve WMP faults?

[ndu.sys BSOD issue on my system]

Good morning and thank you for your help.

I've uninstalled Bonjour (and I've detected some interaction between it and Firefox; I've must to close Firefox to be able of uninstall Bonjour) and changed locations of AutoHideMouseCursor_x64.exe and  SpyDetectFree64.exe.

I don't find any application related with Divx, but I've uninstalled a Xvid codec that probably wasn't necessary. I dont' know how uninstall divxdec.ax correctly.

In my PC is still installed Nero 8, althoug Iuse it rarely, but all the services; NBService.exe and NMIndexingService.exe, are stopped.

I find Ccleaner useful (specially the registry cleaner) and I won't like uninstall it if it isn't absolutely necessary.

Could be any problem with emule?

I'll try if I can enable again web protection and see what happens.

Thank you again.

[ndu.sys BSOD issue on my system]

My OS is Windows 8.1 64 bits.

Attaching FRST logs:

FRST.txt Addition.txt

[ndu.sys BSOD issue on my system]

Yes, I'm running MBAM and Avast AV, and randomly I get BSOD or system blockings. Disabling MBAM real time protection solves the problem, but now I'm seeing if only turning off web protection is enough for solving the issue.

[ndu.sys BSOD issue on my system]

There is any possibility that these conflicts  with some applications could be solved in  future releases?

[Malwarebytes System Tray Icon Missing After Latest Update]

Finally I think I've found a solution that works for me.

I've put a direct link to mbamtray.exe at the start menu, and I've established a 90 seconds delay on "Delay Real-Time Protection when Malwarebytes starts".

Since then I've had various boots up of the system without any trouble. First appears the icon of Malwarebytes in the task bar whit protections disabled,  but after the 90 seconds delay they all turn on enabled.

[Malwarebytes System Tray Icon Missing After Latest Update]

Ok, but in my case there isn't a crash of mbamtray.exe. Simply, it don't loads. When I manually run mbamtray.exe the icon tray appears and all is fine then.

[Malwarebytes System Tray Icon Missing After Latest Update]

Thank you for your answers.

Obviously, none of these two problems are "big problems", as they can be solved  easily when appear. But what's more surprising is their randomly appearance. As is proposed somewhere in this  threat, perhaps it would be related with the boot loading order of services and programs, that seems changing from boot to boot (as could be see by the order of appearance of tray icons).

Perhaps problems will be solved with next updates.

 

[Malwarebytes System Tray Icon Missing After Latest Update]

Yes. I've Fast Startup feature disabled and I've created scan exclusions in Avast , and the problems persist occasionally.

[Malwarebytes System Tray Icon Missing After Latest Update]

I've same problem in my PC with Windows 8.1 and Avast antivirus. Sometimes icon tray don't appear and I' ve to load it manually through mbamtray.exe

Also, sometimes, the icon tray appears but anyone of protections are no activated. If I turn off MBAM and on again, all protections are activated.

[DRVAGENT64.SYS not existing]

Yes, SpaceXMan, I've also the file named DrvAgent64.SYS at C:\Windows\SysWOW64\drivers.

But it's a system file ant it's a safe file.

I attach the file in case someone want to look at it, but , in any case it's not in the path found by AdwCleaner

DrvAgent64.zip

[DRVAGENT64.SYS not existing]

I'm sorry, I can't  attach the file DRVAGENT64.SYS because it's not in my system. This is the problem, and this is my question; why  Malwarebytes Adwcleaner fins this file if it isn't in the system at it neither appears in windows registry?

[DRVAGENT64.SYS not existing]

Thank you.

But Malwarebytes Adwcleaner goes on showing PUP.Optional.DriverAgent, C:\Windows\System32\drivers\DRVAGENT64.SYS

 

What could I do?

[DRVAGENT64.SYS not existing]

Thank you for your answer.

Here's MB3 logfile.

MB3.txt

[DRVAGENT64.SYS not existing]

After running Malwarebytes Adwcleaner on my system, it finds:

***** [ Files ] *****

PUP.Optional.DriverAgent, C:\Windows\System32\drivers\DRVAGENT64.SYS

However this file doesn't exist in this location.

If I choose to clean it, after rebooting the advertisement persists, as the file couldn't be cleaned.

What could be the problem and the solution?

I adds the scanning report

AdwCleaner[S5].txt