Jump to content

Search the Community

Showing results for tags 'bsod'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 46 results

  1. danxnad


    Every time when i start Malwarebytes BSOD appiers. In safe mode it runs. Tried support tool, but if i run it, it causes BSOD. ADWcleaner, and another malwarebytes production works OK. Win7 home basic; 8gb RAM; intel pentium g2030 14d premium version.
  2. MBAM 3.5.1 Premium for Windows 7 on a 32-bit Dell laptop worked fine. Tried to install MBAM 3.6.1 days ago first without clean install and BSOD upon reboot. Did a clean install today using the MBAM Support Tool and after rebooting and almost at the end of the reinstalling, a blue screen of death again. I have attached logs. I also have the MEMORY.DMP file zipped, but its 139 MB, so if you need, please let know how to send. I also ran a full drive security scan with MBAM v3.5.1 just prior to the 3.6.1 clean install and no malware found. Other security software on this machine Zone Alarm Firewall and Anti-Virus Pro v15.3.060.17669 and SpyShelter Premium v11.2, both latest versions. I have reverted back to MBAM v3.5.1 until this issue is resolved. mbst-grab-results.zip mbst-clean-results.txt
  3. Bonjour Je viens vous demander de l'aide concernant un BSOD a chaque analyse personnalisée avec l'option "recherche de Rootkit". En effet, a chaque fois que je lance une analyse avec cette option cochée, un BSOD surviens après 10 secondes . Lorsque je lance une analyse personnalisée sans l'option rootkit, l'analyse réussit. J'ai une version premium a vie (la dernière version 3.4.4) depuis 5 ans, et c'est la première fois que cela arrive... Tout est ok sur mon PC (RAM, DRIVERS, ZERO INFECTION, MATERIEL OK, TESTE CPU OK .....) Je suis Helper, donc j'ai déjà fais toutes les recherches d'infection ou matériel .... Le BSOD surviens uniquement en lançant l'analyse MBAM Pourriez-vous me dire si cela concerne un bug de MBAM SVP? I come to ask you for help regarding a BSOD with each analysis personalized with the option "search of Rootkit". Indeed, every time I run a scan with this option checked, a BSOD will occur after 10 seconds. When I run a custom scan without the rootkit option, the scan succeeds. I have a premium version for 5 years (Version 3.4.4), and this is the first time it happens ... Everything is OK on my PC (RAM, DRIVERS, ZERO INFECTION, HARDWARE OK, TEST CPU OK) I am a Helper, so I have already done all the research of infection or equipment .... The BSOD only happen by launching the MBAM analysis Could you tell me if this concerns an MBAM bug please ? Merci pour vos réponse et votre aide jmi
  4. I'm getting the BSOD with farflt.sys listed as the cause. I've seen that others have had the same problem, but the topics were fairly old so I thought it best to start a new one. The machine is an HP Compaq PC. I reinstalled Windows 7 Pro 32-bit yesterday and put all the software on top, including MB Premium. I had to install MB twice because it errored, but it went on okay second time and I was using the PC for a few hours without problems last night. As well as installing software like Office, and setting up Outlook, I've run Windows Update and installed all the updates it wanted, including SP1. This morning it started BSOD on boot, with farflt.sys given as the culprit. Windows runs okay in Safe Mode but not in normal mode. Following instructions given in other posts I ran mb-clean in Safe Mode, which seemed to work okay, rebooted into Normal Mode, which came up okay, then re-installed MB. It seemed to install okay but didn't even wait until I rebooted before it went BSOD. I've run FRST and MB-Check and attached the zip file, and also attached the minidump file from one of the BSOD's, so I'm hoping someone will be able to tell me what's wrong. I'm running AVG Free - does MB "fight" with AVG? The built-in Windows virus checker is running as well, so is there a problem there? I've also installed Trusteer Rapport, which my bank recommends, but it's created by IBM so should be safe. I don't want to have to turn off anti-ransomware in MB, as the main reason I bought MB was because I was the victim of a ransomware attack a few years ago, which fortunately didn't cause much damage as I saw what was happening very early and stopped it. If anyone can tell me what's happening and how to stop it I'd be grateful. mb-check-results.zip 090118-29406-01.dmp
  5. Just had to uninstall Malwarebytes. I kept getting BSoD on farflt.sys. Although my machine was supposedly writing a dmp file there is none to be found. No idea why it's just started (literally today 25/8) as there haven't been any updates either hardware or software to my machine. mbst-grab-results.zip
  6. Hello, For the past week i've been having trouble with BSODs, "Bad_Pool_Caller" i tried reading the dump files and all i could understand from them is that malwarebytes could be causing them. The files are attached in the form of a rar file Any help is much appreciated Minidump.rar
  7. Greetings, I am representing a client of mine in which they have a problem with your Antimalware product. The client is experiencing numerous blue screens that seem to be related to your "mbamchamelon.sys" kernel-mode driver causing a Blue Screen of Death upon boot up. However, on the second boot up, there is a very high chance it'll boot up normally. My client installed MalwareBytes for protection against malware in conjuction with his security software, Total Defense Total Security. Yes I know what you're thinking, but apparently it is a real product using the BitDefender Antivirus Product Engine and the company is apparently based in the USA. I use BitDefender myself but that is besides the point. Client Computer Configuration AMD AM4 Platform with a AMD A10 Quad Core Processor ASUS PRIME A320M-K Motherboard 4GB DDR4 System Memory Windows 10 32Bit* (more on that in a bit) 120GB System SSD Total Defense™ Total Security MalwareBytes Home Edition 3.5 (Licensed) Microsoft Office 2013 - might be 2016 or Office 365. Cannot confirm right now. I cannot provide you the installed product list because my client has given me instructions to keep that information private as it is a business machine, but the reason why this machine is running Windows 10 32bit is because it was an emergency migration from a older Intel Core 2 Duo machine that had severe problems. No, a fresh installation of Windows 10 is not possible at this point in time as it is a production machine and downtime must be kept to a minimum. All drivers are up to date, as well as latest BIOS updates. Is this a BSOD? Yes. Windows 10 BSOD says "UNEXPECTED_KERNEL_MODE_TRAP" (0x7F) WinDBG Preview for Windows 10 on my workstation where I analyze these crash dumps says: Microsoft (R) Windows Debugger Version 10.0.17674.1000 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [S:\ClientAnalysis\[REDACTED]\MEMORY.DMP] Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available. ************* Path validation summary ************** Response Time (ms) Location Deferred srv* Symbol search path is: srv* Executable search path is: Windows 10 Kernel Version 17134 MP (4 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 17134.1.x86fre.rs4_release.180410-1804 Machine Name: [REDACTED] Kernel base = 0x81a69000 PsLoadedModuleList = 0x81ce8938 Debug session time: Fri Jun 22 06:59:57.499 2018 (UTC + 10:00) System Uptime: 0 days 23:55:39.731 WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 Loading Kernel Symbols ............................................................... ................................................................ .................................................... Loading User Symbols PEB address is NULL ! Loading unloaded module list ........ ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 7F, {8, 8075bc00, 0, 0} Page 4e8d8 not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] Page bf7f not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] Page 4e8d8 not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] Page bf7f not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] *** ERROR: Module load completed but symbols could not be loaded for MbamChameleon.sys *** ERROR: Module load completed but symbols could not be loaded for farflt.sys Page 4e8d8 not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] Page bf7f not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] [ rinse and repeat this for a good couple dozen lines ] Probably caused by : MbamChameleon.sys ( MbamChameleon+6131 ) Followup: MachineOwner --------- WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 eax=8075bc00 ebx=00000000 ecx=8075b850 edx=00000000 esi=00000000 edi=8075b800 eip=81baf11c esp=81cdd390 ebp=00000000 iopl=0 ov up di ng nz ac pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000896 nt!KiBugCheck2: 81baf11c 55 push ebp When asking the debugger for more info: ****************************************************************************** * * * Bugcheck Analysis * * * ******************************************************************************* UNEXPECTED_KERNEL_MODE_TRAP (7f) This means a trap occurred in kernel mode, and it's a trap of a kind that the kernel isn't allowed to have/catch (bound trap) or that is always instant death (double fault). The first number in the bugcheck params is the number of the trap (8 = double fault, etc) Consult an Intel x86 family manual to learn more about what these traps are. Here is a *portion* of those codes: If kv shows a taskGate use .tss on the part before the colon, then kv. Else if kv shows a trapframe use .trap on that value Else .trap on the appropriate frame will show where the trap was taken (on x86, this will be the ebp that goes with the procedure KiTrap) Endif kb will then show the corrected stack. Arguments: Arg1: 00000008, EXCEPTION_DOUBLE_FAULT Arg2: 8075bc00 Arg3: 00000000 Arg4: 00000000 Debugging Details: ------------------ (lots of repeated messages about 2 page locations not being available) KEY_VALUES_STRING: 1 STACKHASH_ANALYSIS: 1 TIMELINE_ANALYSIS: 1 DUMP_CLASS: 1 DUMP_QUALIFIER: 401 BUILD_VERSION_STRING: 17134.1.x86fre.rs4_release.180410-1804 SYSTEM_MANUFACTURER: System manufacturer SYSTEM_PRODUCT_NAME: System Product Name SYSTEM_SKU: SKU SYSTEM_VERSION: System Version BIOS_VENDOR: American Megatrends Inc. BIOS_VERSION: 4011 BIOS_DATE: 04/19/2018 BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC. BASEBOARD_PRODUCT: PRIME A320M-K BASEBOARD_VERSION: Rev X.0x DUMP_TYPE: 1 BUGCHECK_P1: 8 BUGCHECK_P2: ffffffff8075bc00 BUGCHECK_P3: 0 BUGCHECK_P4: 0 BUGCHECK_STR: 0x7f_8 TSS: 00000028 -- (.tss 0x28) eax=b66a1120 ebx=00000000 ecx=b66a1520 edx=92d42110 esi=b66a1520 edi=00000000 eip=891d711e esp=b66a0f94 ebp=b66a10a4 iopl=0 nv up ei ng nz na po nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010282 Ntfs!NtfsLookupRealAllocation+0x1e: 891d711e 53 push ebx Resetting default scope CPU_COUNT: 4 CPU_MHZ: da5 CPU_VENDOR: AuthenticAMD CPU_FAMILY: 15 CPU_MODEL: 65 CPU_STEPPING: 1 BLACKBOXBSD: 1 (!blackboxbsd) BLACKBOXPNP: 1 (!blackboxpnp) DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT PROCESS_NAME: Registry CURRENT_IRQL: 0 ANALYSIS_SESSION_HOST: DESKTOP-8K174LE ANALYSIS_SESSION_TIME: 06-27-2018 13:02:15.0843 ANALYSIS_VERSION: 10.0.17674.1000 amd64fre TRAP_FRAME: b66a194c -- (.trap 0xffffffffb66a194c) ErrCode = 00000000 eax=00000000 ebx=b66a19f4 ecx=0000001c edx=b98bd8c0 esi=024a9000 edi=00000360 eip=81d688c4 esp=b66a19c0 ebp=b66a19cc iopl=0 nv up ei pl nz na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206 nt!HvpGetCellPaged+0x84: 81d688c4 8b043e mov eax,dword ptr [esi+edi] ds:0023:024a9360=???????? Resetting default scope LAST_CONTROL_TRANSFER: from 891d6f2b to 891d711e BAD_STACK_POINTER: 81cdd390 STACK_OVERFLOW: Stack Limit: b66a1000. Use (kF) and (!stackusage) to investigate stack usage. STACK_TEXT: b66a19cc 81d67eb7 95459008 02278360 b66a19f4 nt!HvpGetCellPaged+0x84 b66a1a3c 81d5c322 b66a1ab8 b66a1a88 b66a1adf nt!CmpWalkOneLevel+0x227 b66a1b94 81d61e02 48077500 00000240 b66a1e1c nt!CmpDoParseKey+0x822 b66a1cac 81d5e362 8800efd0 87f7a9a0 c3bc7418 nt!CmpParseKey+0x232 b66a1dbc 81d64da8 00000240 87f7a9a0 00000000 nt!ObpLookupObjectName+0x3d2 b66a1e44 81d64b80 b66a206c 87f7a9a0 00000000 nt!ObOpenObjectByNameEx+0x118 b66a1fb0 81d66ff8 b66a206c 00000000 00000000 nt!CmOpenKey+0x240 b66a1fc8 81bc0b2f b66a208c 000f003f b66a206c nt!NtOpenKey+0x18 b66a1fc8 81badfb5 b66a208c 000f003f b66a206c nt!KiSystemServicePostCall b66a204c 98406131 b66a208c 000f003f b66a206c nt!ZwOpenKey+0x11 WARNING: Stack unwind information not available. Following frames may be wrong. b66a2090 98401e27 44fda755 00000000 a4f461b8 MbamChameleon+0x6131 b66a20e0 81d7dc49 98421e28 b66a213c 00021410 MbamChameleon+0x1e27 b66a2124 81d62a8c b66a2190 87eb2040 b66a24cc nt!ObpCallPreOperationCallbacks+0xd9 b66a2214 81d76a0e 00000000 b66a24cc 00000000 nt!ObpCreateHandle+0x89c b66a2398 81d761ba 9e56fa00 00000200 b66a24cc nt!ObOpenObjectByPointer+0xce b66a2564 81d76039 b66a2624 b66a263c 00000000 nt!PsOpenProcess+0x17a b66a2584 81bc0b2f b66a265c 80020000 b66a2624 nt!NtOpenProcess+0x2d b66a2584 81badf15 b66a265c 80020000 b66a2624 nt!KiSystemServicePostCall b66a260c 9840bbec b66a265c 80020000 b66a2624 nt!ZwOpenProcess+0x11 b66a2644 9840ab6f 000003c8 80020000 b66a265c MbamChameleon+0xbbec b66a2668 984083b6 81bb0760 00008013 b66a2780 MbamChameleon+0xab6f b66a2678 98402de8 be2f1580 44fda035 00000000 MbamChameleon+0x83b6 b66a2780 81d5fa13 00000000 0000001c b66a28d0 MbamChameleon+0x2de8 b66a2834 81d61db4 b66a2878 00000001 0000001d nt!CmpCallCallBacksEx+0x313 b66a2944 81d5e362 8800efd0 87f7a9a0 c3f87820 nt!CmpParseKey+0x1e4 b66a2a54 81d64da8 00000240 87f7a9a0 00000000 nt!ObpLookupObjectName+0x3d2 b66a2adc 81d64b80 b66a2d04 87f7a9a0 00000000 nt!ObOpenObjectByNameEx+0x118 b66a2c48 81d66ff8 b66a2d04 00000000 00000000 nt!CmOpenKey+0x240 b66a2c60 81bc0b2f b66a2d24 000f003f b66a2d04 nt!NtOpenKey+0x18 b66a2c60 81badfb5 b66a2d24 000f003f b66a2d04 nt!KiSystemServicePostCall b66a2ce4 98406131 b66a2d24 000f003f b66a2d04 nt!ZwOpenKey+0x11 b66a2d28 98401e27 44fdaacd 00000000 a4f461b8 MbamChameleon+0x6131 b66a2d78 81d7dc49 98421e28 b66a2dd4 001fffff MbamChameleon+0x1e27 b66a2dbc 81d62a8c b66a2e28 87eb2040 b66a3168 nt!ObpCallPreOperationCallbacks+0xd9 b66a2eac 81d76a0e 00000000 b66a3168 00000000 nt!ObpCreateHandle+0x89c b66a3034 81d761ba 9e56fa00 00000200 b66a3168 nt!ObOpenObjectByPointer+0xce b66a3200 81d76039 b66a32cc b66a32e4 00000000 nt!PsOpenProcess+0x17a b66a3220 81bc0b2f b66a32f8 001fffff b66a32cc nt!NtOpenProcess+0x2d b66a3220 81badf15 b66a32f8 001fffff b66a32cc nt!KiSystemServicePostCall b66a32a8 ad005791 b66a32f8 001fffff b66a32cc nt!ZwOpenProcess+0x11 b66a3310 81d71997 000003c8 000028ec 87f68901 farflt+0x5791 b66a333c 81d4e4f0 00000000 48075bf3 00000000 nt!PspCallThreadNotifyRoutines+0x97 b66a33b4 81d4e033 b66a3894 b66a3410 001fffff nt!PspInsertThread+0x3a4 b66a3584 81d4a831 b66a3aec 80000b70 00000000 nt!PspCreateThread+0x211 b66a3a08 81bc0b2f b66a3b10 001fffff b66a3aec nt!NtCreateThreadEx+0x161 b66a3a08 81bae861 b66a3b10 001fffff b66a3aec nt!KiSystemServicePostCall b66a3aac 81e00150 b66a3b10 001fffff b66a3aec nt!ZwCreateThreadEx+0x11 b66a3b3c 81b704c5 00000000 00000000 00040000 nt!RtlpCreateUserThreadEx+0xc2 b66a3b90 81ab1dbf 9e4f2cb0 9e521140 9e580e80 nt!ExpWorkerFactoryCreateThread+0xb1 b66a3bb4 81ab1b96 00000000 000005c0 0320f668 nt!ExpWorkerFactoryCheckCreate+0x13f b66a3c08 81bc0b2f 000005c0 0320f6b0 77410750 nt!NtReleaseWorkerFactoryWorker+0x266 b66a3c08 77410750 000005c0 0320f6b0 77410750 nt!KiSystemServicePostCall 0320f6b0 00000000 00000000 00000000 00000000 0x77410750 STACK_COMMAND: .trap 0xffffffffb66a194c ; kb THREAD_SHA1_HASH_MOD_FUNC: 7c84cad4e395a6ac6b9cbc45a29ffdca7fb29c4b THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 91cea10d87227341343679aaa708d3737ba0d688 THREAD_SHA1_HASH_MOD: a168ef793a0dbedb24c03939f290ba65f52710ce FOLLOWUP_IP: MbamChameleon+6131 98406131 8b3dc0e04198 mov edi,dword ptr [MbamChameleon+0x1e0c0 (9841e0c0)] FAULT_INSTR_CODE: e0c03d8b SYMBOL_STACK_INDEX: a SYMBOL_NAME: MbamChameleon+6131 FOLLOWUP_NAME: MachineOwner MODULE_NAME: MbamChameleon IMAGE_NAME: MbamChameleon.sys DEBUG_FLR_IMAGE_TIMESTAMP: 5ae0d958 BUCKET_ID_FUNC_OFFSET: 6131 FAILURE_BUCKET_ID: 0x7f_8_STACKPTR_ERROR_MbamChameleon!unknown_function BUCKET_ID: 0x7f_8_STACKPTR_ERROR_MbamChameleon!unknown_function PRIMARY_PROBLEM_CLASS: 0x7f_8_STACKPTR_ERROR_MbamChameleon!unknown_function TARGET_TIME: 2018-06-21T20:59:57.000Z OSBUILD: 17134 OSSERVICEPACK: 0 SERVICEPACK_NUMBER: 0 OS_REVISION: 0 SUITE_MASK: 272 PRODUCT_TYPE: 1 OSPLATFORM_TYPE: x86 OSNAME: Windows 10 OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS OS_LOCALE: USER_LCID: 0 OSBUILD_TIMESTAMP: 2018-06-08 18:55:45 BUILDDATESTAMP_STR: 180410-1804 BUILDLAB_STR: rs4_release BUILDOSVER_STR: 10.0.17134.1.x86fre.rs4_release.180410-1804 ANALYSIS_SESSION_ELAPSED_TIME: 221c ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:0x7f_8_stackptr_error_mbamchameleon!unknown_function FAILURE_ID_HASH: {b9ae5be3-18b3-bd8f-2c30-bdfcaf14819a} Followup: MachineOwner --------- WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 Memory Dump for debugging team available upon request. Simply notify me with email and I'll get it to you within a few hours. This is a semi-urgent request so I appreciate if I could have this issue placed on high priority.
  8. So I have a problem I downloaded a hack for a free to play game and censoreded up the guy has like thousand subs but wtf? So the problem is I disabled windows update but the svchost still has 50% I also have tried other ways but nothing worked, I get bsods, sometimes when turning off , Restarting, My pc is normal in safe mode anyone could help me fix this ty
  9. Had this for the last couple of days. I am assuming the BSOD happens when malwarebytes scans late at night when I am asleep: Unable to rename mbamswissarmy.sys (I guess you don't want the bad guys renaming it or elevating permissions either.) any idea on a fix? BSOD 150218.docx
  10. I got a notice that there was a new Malwarebytes Pro program to install. Cool! Left, and came back and Malwarebytes wanted to install AGAIN. Hmmm... So I did it... and got a BSOD...and my Malwarebytes is now the FREE version instead of the Pro version... What to do next???
  11. Twice now in the last week, my system has crashed for no apparent reason giving me the BSOD. In one case, I was typing an email. The other case occurred while the computer was idle. I have Windows 10 Pro and am using the latest paid version of Malwarebytes - Premium 3.4.4. Windows gave me the following message: "Stop code: SYSTEM SCAN AT RAISED IRQL CAUGHT IMPROPER DRIVER UPLOAD. What failed: mwac.sys". As far as I can tell, everything is up to date. If you require additional information, please let me know. Thanks.
  12. i was prompted to upgrade to the latest version of MBAM Premium the other night, and then today as i was sitting in front of my PC doing something else, my system suddenly went BSOD. or would that be GSOD (green screen of death)? the error on the crash screen, was "System scan at raised IRQL caught improper driver unload. caused by: MWAC.SYS it hasn't happened again, yet. but this seemed like an unusual enough error that i should report it.
  13. I had this BSOD happen to me as well. I also have ESET. Only happened once so far, but I have been having extremely long shut down issues in excess of ten min. Once I removed malwarebytes, shutdowns are back to normal.
  14. Hi, Recently we have been experiencing random and spiking plague of the BSOD on our Dell systems (all latitude E7470 + very recently some OptiPlex AIO). For almost all of the machines it is related to either Intel WiFi or Graphic driver (Widi). Some are Kernel_data_inpage and other. Recently we were able to narrow plenty of those errors to malwarebytes. For example, one of the machines was restored to factory image. Some basic software was installed. It looked to be fine until Malwareybtes was installed - instant crash right and left. You would boot computer, login and every few minutes it would result in blue screen. Once malwarebytes was removed BSOD would stop. We have reinstalled it and it seems to be fine now. It is really puzzling. We are using endpoint + anti-exploit. I know dell puts a lot of crap software on their images but this is what we have to live with. Maybe something gets in conflict? Does anyone else experience similar problems? I would say it started around those updates for Intel processors. Any chance malwarebytes has problem with it? I am more than happy to answer any questions.
  15. Title says it all. The most common ones I see pop up are Critical_Structure_Error and Memory_Management. I haven't seen the last one in forever, but I had the Critical Structure Error not too long ago, twice in one night. Here is everything required: OS:Windows 10 64 bit Original OS was Windows 10 Full Retail Version All the hardware is 3 months old OS has been reinstalled so many times it is slightly unreal, actually installed Windows 7 at one point to see if it work and it didn't. CPU:AMD - Athlon X4 845 3.5 GHz Quad-Core Processor Video Card:XFX - Raedon RX 550 4GB Video Card Motherboard:ASRock - A88M-G/3.1 Micro ATX FM2+ Motherboard Power Supply:Corsair CX series CX550 550W ATX12V 80 Plus Bronze Custom Build PC I'm not sure exactly where to find the model number. Desktop perform.zip SysnativeFileCollectionApp.zip
  16. Hi all, In the past weeks I have had a surplus of different BSOD's. 0x00000024 - ntfs.sys 0x00000001 - tcp1p.sys (2 times) 0x0000003B - Ironx64.sys 0x0000007E - at1kmdag.sys 0x0000007F I am unable to run malwarebytes, neither as an admin nor in safe mode nor from the file itself. When I change the name of the executable file it immediately says that MBAM stopped working. I removed it just now and the file mbshlext.dll remains. I am unable to open sysnative bsod collection app even if I disable my Norton security. I have been able to scan with FRST and the files are attached. I have run chdsk and scannow in cmd and there is nothing wrong here. It mostly crashes on high performance games like Elder Scrolls Online or Rust, but also sometimes randomly. I have updated all my drivers and cleaned out all the hardware to rule out overheating, fans are working fine as well. I have already cleaned the registry with Eusing Free Registry Cleaner. Addition.txt FRST.txt
  17. I'm having a problem when I try to install the latest updated version of Malwarebytes 3. Every time I try to install it -- even in Safe Mode -- it triggers a BSOD crash (Kernel Security Check Failure). I have a Lenovo ThinkPad X220 Tablet, with Windows 10 Professional 64-bit. Here is the relevant crash info, as compiled by WhoCrashed: * * * Crash dump directory: C:\WINDOWS\Minidump Crash dumps are enabled on your computer. On Sun 7/16/2017 1:46:34 PM your computer crashed crash dump file: C:\WINDOWS\Minidump\071617-92406-01.dmp This was probably caused by the following module: ntoskrnl.exe (nt+0x14ECE0) Bugcheck code: 0x139 (0x3, 0xFFFFC280E178B930, 0xFFFFC280E178B888, 0x0) Error: KERNEL_SECURITY_CHECK_FAILURE file path: C:\WINDOWS\system32\ntoskrnl.exe product: Microsoft® Windows® Operating System company: Microsoft Corporation description: NT Kernel & System Bug check description: The kernel has detected the corruption of a critical data structure. The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time. On Sun 7/16/2017 1:46:34 PM your computer crashed crash dump file: C:\WINDOWS\memory.dmp This was probably caused by the following module: mbamswissarmy.sys (MBAMSwissArmy+0x389F6) Bugcheck code: 0x139 (0x3, 0xFFFFC280E178B930, 0xFFFFC280E178B888, 0x0) Error: KERNEL_SECURITY_CHECK_FAILURE file path: C:\WINDOWS\system32\drivers\mbamswissarmy.sys product: Malwarebytes SwissArmy company: Malwarebytes description: Malwarebytes SwissArmy Bug check description: The kernel has detected the corruption of a critical data structure. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: mbamswissarmy.sys (Malwarebytes SwissArmy, Malwarebytes). Google query: Malwarebytes KERNEL_SECURITY_CHECK_FAILURE Conclusion 2 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers: mbamswissarmy.sys (Malwarebytes SwissArmy, Malwarebytes) If no updates for these drivers are available, try searching with Google on the names of these drivers in combination with the errors that have been reported for these drivers. Include the brand and model name of your computer as well in the query. This often yields interesting results from discussions on the web by users who have been experiencing similar problems. Read the topic general suggestions for troubleshooting system crashes for more information. Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further. * * * Based on the above information, any solution to this problem will be greatly appreciated.
  18. For three days in a row I have experienced a BSOD on my new Win10 laptop with a Stop code of PAGE_FAULT_IN_NONPAGED_AREA caused by mwac.sys Attached is my MB check file. Please tell me what to do? mb-check-results.zip
  19. Hi, On a new XPS 15 (about a week old). Just had a couple browsers open, a couple RDC sessions. Windows 10. This is actually the second occurrence. The first the laptop simply froze up entirely. NOTE: the system did not actually restart automatically after the blue screen. Files: 1. Sysnative BSOD Dump - how long is this supposed to take? Been running 25min+ with "Waiting for Tasks to complete" message. 2. Permon - attached 3. BSOD screen shot - attached I'll run the other the other tests you suggested in the posting rules and add to this if any updates / errors are found / fixed. Thanks! perfmon.zip
  20. Hi, this is the second system (my main Desktop PC) with what seems to be an identical issue, at least from what I can gather from "Who Crashed". It has Malwarebytes and Microsoft Security Essentials running at the same time, and I've attempted to add the exclusions after I started getting the BSOD's. It seems to have started around the time that I upgraded to Malwarebytes 3.0, but I was never really sure because it was around that time that I did a Security Only windows update. Who Crashed is telling me it's the IRST driver iastora.sys (iaStorA+0x877B8). I have upgraded to all the available IRST drivers for my chipset, and still the BSOD's continued. So I eventually went back to the original IRST drivers that had been fine for years. I have the most current MoBo BIOS installed. SFC scans come up clean. Every few days I get some Event ID 2001 "Microsoft Antimalware has encountered an error trying to update signatures". The system restarts randomly every few days. It almost always happens in the morning between 7:00am - 8:00am, which is around when Malwarebytes is doing it's automatic scan. Please, any help will be much appreciated. I built, and have maintained this systems since the end of 2013 with no BOSD's or issues whatsoever. until this past July. perfmon report Main Desktop PC.zip SysnativeFileCollectionApp.zip
  21. Hello! I just bought a MSI notebook two days ago. Today I must admit, I was trying to download and crack MS Office using the Office Toolkit program. As soon as I opened the toolkit and selected activate, my laptop turned off and then I got the BSOD with a "critical error" message. My notebook rebooted automatically but is running noticeabily slower since the incident a couple of hours ago. I bought the Bit Defender antivirus along with the notebook so I performed a scan but found nothing. Nevertheless, as minutes went by I received 2 notifications of intends of infections by trojans. I have uninstalled the Office exe file I downloaded along with the Toolkit, deleted all the files I could in Temp. I have also noticed that when I enter the security section in the control panel I can read that it says: "Bit Defender firewall is not active" and "Bit Defender antivirus is not active". I pressed "activate" in both of those options but didn't get a response. When I open the Bit Defender it states that my notebook is protected, so that's weird. Please help me fix this issue!!!
  22. For about a month, I have been getting messages that Malwarebytes web protection is turned off. When I try to turn it on, it will not turn on. The computer has to be restarted. I have also been getting Blue Screens of Death. I have scanned the computer with Malwarebytes, AdwCleaner, Kaspersky, Windows Defender, and Sophos. Of these, only Sophos detected anything at all; a PUP called Softonic. First, Malwarebytes is, according to Malwarebytes, supposed to detect Softonic. So it's really disturbing to find that it isn't. Second, any suggestions as to what to do? Thanks.
  23. Hi, I've been getting BSOD's on two of my Win7 machines since about July. It seems to have started around the time that I upgraded to Malwarebytes 3.0, but I was never really sure because it was around that time that I did a Security Only windows update. Both systems of mine that are getting these sporadic BSOD's have Malwarebytes 3.+ and Microsoft Security Essentials. The BSOD's almost always happen around 7:30am - 8:00am. Which is the same time Malwarbytes does it's daily scan. The only thing I have been able to find out through "Who Crashed" is that it's a driver that is triggering the BSOD's (probably the IRST driver). "Who Crashed" says this is the case for both of my systems. I have tried every IRST update available, and still after a few days I wake up to one of my systems having been restarted because of a BSOD. I finally just went back to IRST version I had originally. Also, I have the most current BIOS available on both systems. Lastly, every few days (on both systems) I get some Event ID 2001 "Microsoft Antimalware has encountered an error trying to update signatures". Oh, and I already tried adding exclusions in both Malwarebytes & MSE. I will make this thread about the first one which is my HTPC then open another thread for my other main Desktop. I didn't want to mention both systems in the same thread at first, but the problems/symptoms are exactly the same for both, and the BSOD's started happening at the same time. Any help will be much appreciated. Thanks perfmon report HTPC.zip SysnativeFileCollectionApp.zip
  24. Again I have experienced a BSOD crash on my Windows10 64bit system, Page Fault in Non-Paged Area, file Mbamswissarmy.sys . I am currently using MWB, Component pkg v1.0.236, Update 1.0.3293 . These crashes only seem to occur on or near 2am. mb-check-results_2017-11-19.zip
  25. Hello, I have been using Malwarebytes for a long time now and also adwcleaner here and there but recently within the last 2 weeks i have been given BSOD crashes via farflt.sys which is a registered ransom ware system file for malwarebytes, Now i would like to know if Malwarebytes will continue to work if i delete this file and stay deleted not replicate itself upon reboot of the software/update as being a savvy user i dont have a need for the ransom ware protection anyway, but i dont want to have to go elsewhere for my malware protection as i much prefer to keep what im used to. Thanks Martyn

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.