Jump to content

Search the Community

Showing results for tags 'kernel'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 4 results

  1. My computer sometimes totally crashes. Not even a blue screen, I get a no screen: the screen is black, the power is off. The last 3 times this happened were on 2021-03-20, 2021-07-02, and 2021-07-03. I have configured my computer to try to generate a memory dump (C:\Windows\MEMORY.DMP) file so that maybe the problem can be traced down. Unfortunately, that memory dump file is not always created, nor do I really know how to do Windows debugging. So, I am posting this thread seeking insight from anyone who is a Windows expert. Below are highlights from using windbg to analyse the MEMORY.DMP file from the last (2021-07-03) crash: KERNEL_SECURITY_CHECK_FAILURE (139) A kernel component has corrupted a critical data structure. The corruption could potentially allow a malicious user to gain control of this machine. ... BUGCHECK_CODE: 139 ... BLACKBOXWINLOGON: 1 PROCESS_NAME: System ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application. EXCEPTION_CODE_STR: c0000409 EXCEPTION_PARAMETER1: 000000000000001d EXCEPTION_STR: 0xc0000409 ... SYMBOL_NAME: nt!KiFastFailDispatch+d0 MODULE_NAME: nt IMAGE_NAME: ntkrnlmp.exe STACK_COMMAND: .thread ; .cxr ; kb BUCKET_ID_FUNC_OFFSET: d0 FAILURE_BUCKET_ID: 0x139_1d_INVALID_BALANCED_TREE_nt!KiFastFailDispatch Attached as a text file is the full windbg result of analysing that MEMORY.DMP file. The results above are exactly what I also saw on 2021-03-20, while the 2021-07-02 crash failed to produce a MEMORY.DMP file. Does anyone have an insight into what is going on here? I note this previous post which reported a KERNEL_SECURITY_CHECK_FAILURE, however, its details seem to be different than mine. That previous did have an intriguing reply by Porthos who suggested that other security software can interfere with MBAM. He gave a link which specifically mentions several VPNs. I use Torguard VPN's Windows client, which is not mentioned. So, does anyone see any indication in the windbg result that MBAM and Torguard may be conflicting? I will not hesitate to turn off MBAM's Web Protection if if is problematic. I have had a couple of other strange MBAM issues recently (link1, link2), and in the second one Porthos and I had some discussion about MBAM, Torguard, OpenVPN, and Wireguard. 2021-07-03_windbg_analysis.txt
  2. After years of satisfactory use of Malwarebytes (even on Win and on my phone), I've recently switched to Premium subscription. It's a top tier app and all that. But a few weeks ago my Macbook started acting strange: after 1-2 hours of normal use the CPU reach the stars, and the kernel_task process even top 500%, making the device unusable. I looked for a malware (my fist thought) but MB says system was clean and other scanners as well. So I ran EtreCheckPro that gave me interesting results. 1) Antivirus software problems - Antivirus software is causing performance problem. (The other "av" is Adguard, but stay off most of the time. Malwarebytes Real-time protection is always active.) 2) An app that continously crashing: 2019-07-24 01:12:28 SIMBL Agent.app - Crash (14 times) Executable: /Library/ScriptingAdditions/SIMBL.osax/Contents/Resources/SIMBL Agent.app Details: dyld: launch, running initializers /usr/lib/libSystem.B.dylib Any help? I have no idea what app excites SIMBL Agent.app.. EtreCheck version: 6.0.2 (6A004) Report generated: 2019-07-24 13:18:01 Download EtreCheck from https://etrecheck.com Runtime: 14:57 Performance: Poor Problem: Computer is too slow Major Issues: Anything that appears on this list needs immediate attention. Battery failure - Your battery is reporting that it needs to be serviced. Poor performance - EtreCheck report shows poor performance. This is unusual. Antivirus software problems - Antivirus software is causing performance problems. More than one antivirus app - This machine has multiple antivirus apps installed. Minor Issues: These issues do not need immediate attention but they may indicate future problems or opportunities for improvement. High battery cycle count - Your battery may be losing capacity. Apps crashing - There have been numerous app crashes. Unsigned files - There are unsigned software files installed. They appear to be legitimate but should be reviewed. System modifications - There are a large number of system modifications running in the background. Hardware Information: MacBook Pro (Retina, 15-inch, Late 2013) MacBook Pro Model: MacBookPro11,3 1 2,3 GHz Intel Core i7 (i7-4850HQ) CPU: 4-core 16 GB RAM - Not upgradeable BANK 0/DIMM0 - 8 GB DDR3 1600 ok BANK 1/DIMM0 - 8 GB DDR3 1600 ok Battery: Health = Service Battery - Cycle count = 908 Video Information: Intel Iris Pro - VRAM: 1536 MB Color LCD 2880 x 1800 NVIDIA GeForce GT 750M - VRAM: 2 GB Drives: disk0 - APPLE SSD SM0512F 500.28 GB (Solid State - TRIM: Yes) Internal PCI 5.0 GT/s x2 Serial ATA disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB disk0s2 [APFS Container] 452.00 GB disk1 [APFS Virtual drive] 452.00 GB (Shared by 4 volumes) disk1s1 - Macintosh HD (APFS) (Shared - 379.55 GB used) disk1s2 - Preboot (APFS) [APFS Preboot] (Shared - 46 MB used) disk1s3 - Recovery (APFS) [Recovery] (Shared - 510 MB used) disk1s4 - VM (APFS) [APFS VM] (Shared - 1.07 GB used) disk0s3 - B******P (MS-DOS FAT12) 48.07 GB (29.29 GB used) Mounted Volumes: disk0s3 - B******P 48.07 GB (29.29 GB used - 18.78 GB free) MS-DOS FAT12 Mount point: /Volumes/B******P disk1s1 - Macintosh HD 452.00 GB (Shared - 379.55 GB used - 70.66 GB free) APFS Mount point: / Encrypted disk1s4 - VM [APFS VM] 452.00 GB (Shared - 1.07 GB used - 70.66 GB free) APFS Mount point: /private/var/vm Network: Interface en0: Wi-Fi 802.11 a/b/g/n/ac Interface en4: Bluetooth PAN Interface bridge0: Thunderbolt Bridge Interface bridge0: Ethernet Interface en3: Thunderbolt Ethernet iCloud Quota: 4.79 GB available System Software: macOS Mojave 10.14.5 (18F132) Time since boot: About 11 hours Configuration Files: /etc/hosts - Count: 1 Notifications: (Deleted) one notification /Applications/Telegram.app 9 notifications /Applications/Flume.app 2 notifications /Applications/Slack.app 13 notifications /Applications/Windscribe.app 16 notifications /Applications/Adguard.app one notification /Applications/EtreCheckPro.app 2 notifications /Applications/Amphetamine.app one notification /Applications/Airmail 2.app one notification Security: Gatekeeper: App Store and identified developers System Integrity Protection: Enabled Antivirus apps: AdGuard and MalwareBytes Unsigned Files: Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Helper-Tool.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool Details: Exact match found in the whitelist - probably OK Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Java-Updater.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchAgents/com.oracle.java.Java-Updater.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck Details: Exact match found in the whitelist - probably OK Launchd: ~/Library/LaunchAgents/com.skype.skype.shareagent.plist Executable: /Applications/Skype.app/Contents/Library/LaunchServices/com.skype.skype.shareagent.bundle/Contents/MacOS/com.skype.skype.shareagent Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/com.disconnect.networklistener.plist Executable: /Library/Application Support/disconnect/changednetwork.sh Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchAgents/net.culater.SIMBL.Agent.plist Executable: /Library/ScriptingAdditions/SIMBL.osax/Contents/Resources/SIMBL Agent.app/Contents/MacOS/SIMBL Agent Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool Details: Exact match found in the whitelist - probably OK Kernel Extensions: /Library/Application Support/Malwarebytes/MBAM/Kext [Loaded] MB_MBAM_Protection.kext (Malwarebytes Corporation, 3.8 - SDK 10.14) /Library/Application Support/com.adguard.mac.adguard/kext [Not Loaded] com.adguard.nfext.kext (Adguard Software Limited, 1.0.25 - SDK 10.14) /Library/Extensions [Not Loaded] NIUSBGuitarRigMobile.kext (Native Instruments GmbH, 2.6.0 (R82) - SDK 10.8) [Not Loaded] NIUSBAudioDriver.kext (Native Instruments GmbH, 2.6.0 (R82) - SDK 10.8) [Not Loaded] Dropbox.kext (Dropbox, Inc., 1.8.1 - SDK 10.11) System Launch Agents: [Not Loaded] 16 Apple tasks [Loaded] 168 Apple tasks [Running] 117 Apple tasks System Launch Daemons: [Not Loaded] 36 Apple tasks [Loaded] 185 Apple tasks [Running] 116 Apple tasks Launch Agents: [Running] com.bjango.istatmenus.agent.plist (Bjango Pty Ltd - installed 2018-11-24) [Running] com.bjango.istatmenus.status.plist (Bjango Pty Ltd - installed 2018-11-24) [Loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2019-05-08) [Loaded] com.google.keystone.xpcservice.plist (Google, Inc. - installed 2019-05-08) [Running] com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2019-05-10) [Loaded] com.microsoft.update.agent.plist (Microsoft Corporation - installed 2019-07-19) [Not Loaded] com.oracle.java.Java-Updater.plist (? 52024455 - installed 2019-07-04) [Loaded] com.radiosilenceapp.agent.plist (Juuso Salonen - installed 2017-09-24) [Not Loaded] com.teamviewer.teamviewer.plist (TeamViewer GmbH - installed 2019-06-05) [Not Loaded] com.teamviewer.teamviewer_desktop.plist (TeamViewer GmbH - installed 2019-06-05) [Not Loaded] net.culater.SIMBL.Agent.plist (? 850e6250 - installed 2014-11-14) Launch Daemons: [Loaded] com.BlueStacks.AppPlayer.bstservice_helper.plist (BlueStack Systems, Inc. - installed 2015-07-05) [Running] com.aaa.windscribe.OVPNHelper.plist (Windscribe Limited - installed 2018-12-08) [Loaded] com.adobe.fpsaud.plist (Adobe Systems, Inc. - installed 2019-06-22) [Loaded] com.audirvana.SysOptimizerTool.plist (Audirvana - installed 2019-04-28) [Loaded] com.audirvana.audirvana-plus.SysOptimizerTool.plist (Audirvana - installed 2018-07-30) [Running] com.bjango.istatmenus.daemon.plist (Bjango Pty Ltd - installed 2018-11-24) [Running] com.bjango.istatmenus.fans.plist (? 9a713d46 - installed 2018-11-24) [Loaded] com.bjango.istatmenus.installerhelper.plist (Bjango Pty Ltd - installed 2017-09-27) [Loaded] com.disconnect.networklistener.plist (? 5d49b512 - installed 2015-06-02) [Loaded] com.google.keystone.daemon.plist (Google, Inc. - installed 2019-05-08) [Loaded] com.malwarebytes.HelperTool.plist (Malwarebytes Corporation - installed 2018-01-09) [Running] com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2019-05-18) [Running] com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2019-05-10) [Loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2019-07-19) [Loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2017-10-10) [Not Loaded] com.oracle.java.Helper-Tool.plist (? e3fefdd2 - installed 2019-07-04) [Loaded] com.radiosilenceapp.nke.plist (Apple - installed 2019-05-04) [Loaded] com.teamviewer.Helper.plist (TeamViewer GmbH - installed 2019-06-05) [Not Loaded] com.teamviewer.teamviewer_service.plist (TeamViewer GmbH - installed 2019-06-05) User Launch Agents: [Loaded] com.dropbox.DropboxMacUpdate.agent.plist (Dropbox, Inc. - installed 2019-02-14) [Loaded] com.skype.skype.shareagent.plist (? 0 - installed 2018-09-17) [Loaded] com.valvesoftware.steamclean.plist (Valve Corporation - installed 2019-07-20) User Login Items: 1Password Extension Helper (AgileBits Inc. - installed 2019-06-27) (Modern Login Item - /Applications/1Password 7.app/Contents/Library/LoginItems/1Password Extension Helper.app) 1Password Launcher (AgileBits Inc. - installed 2019-06-27) (Modern Login Item - /Applications/1Password 7.app/Contents/Library/LoginItems/1Password Launcher.app) Airmail 2.app (App Store - installed 2019-07-06) (Application - /Applications/Airmail 2.app) AmphetamineLoginHelper (App Store - installed 2019-06-11) (Modern Login Item - /Applications/Amphetamine.app/Contents/Library/LoginItems/AmphetamineLoginHelper.app) AppCleaner SmartDelete (Julien Ramseier - installed 2018-11-23) (Modern Login Item - /Applications/AppCleaner.app/Contents/Library/LoginItems/AppCleaner SmartDelete.app) Backup and Sync.app (Google, Inc. - installed 2019-06-27) (Application - /Applications/Backup and Sync.app) Dropbox.app (Dropbox, Inc. - installed 2019-07-18) (Application - /Applications/Dropbox.app) Magnet.app (App Store - installed 2019-06-16) (Application - /Applications/Magnet.app) NepTunesHelperApp (App Store - installed 2018-10-28) (Modern Login Item - /Applications/NepTunes.app/Contents/Library/LoginItems/NepTunesHelperApp.app) Slack.app (App Store - installed 2019-07-15) (Application - /Applications/Slack.app) Telegram.app (TELEGRAM MESSENGER LLP - installed 2019-07-10) (Application - /Applications/Telegram.app) TickTick.app (App Store - installed 2019-06-20) (Application - /Applications/TickTick.app) Track-o-Bot.app (Steven Schmid - installed 2017-12-27) (Application - /Applications/Track-o-Bot.app) Internet Plug-ins: Silverlight: 5.1.50901.0 (? - installed 2016-10-27) FlashPlayer-10.6: (Adobe Systems, Inc. - installed 2019-07-10) Flash Player: (Adobe Systems, Inc. - installed 2019-07-10) JavaAppletPlugin: Java 8 Update 221 build 11 (? - installed 2019-07-23) SharePointBrowserPlugin: 14.4.8 (? - installed 2015-02-12) Audio Plug-ins: AppleTimeSyncAudioClock: 1.0 (Apple - installed 2019-05-25) BluetoothAudioPlugIn: 6.0.12 (Apple - installed 2019-05-25) AirPlay: 2.0 (Apple - installed 2019-05-25) AppleAVBAudio: 740.1 (Apple - installed 2019-05-25) BridgeAudioSP: 5.46 (Apple - installed 2019-05-25) iSightAudio: 7.7.3 (Apple - installed 2019-05-25) Safari Extensions: 1Password - App Store (installed 2019-06-25) Open in IINA - App Store (installed 2019-05-27) 3rd Party Preference Panes: Flash Player (installed 2019-06-22) Java (installed 2019-07-23) Native Instruments USB Audio (installed 2015-04-11) Time Machine: Skip System Files: No Auto backup: Yes Volumes being backed up: Macintosh HD: Disk size: 452.00 GB - Disk used: 381.34 GB Destinations: T**********e [Local] (Last used) Total size: 799.55 GB Total number of backups: 19 Oldest backup: 2019-05-28 03:40:12 Last backup: 2019-07-24 12:26:55 6 local snapshots Oldest local snapshot: 2019-07-15 16:00:00 Last local snapshot: 2019-07-24 10:59:34 Performance: System Load: 13.84 (1 min ago) 16.50 (5 min ago) 16.55 (15 min ago) Nominal I/O speed: 1.34 MB/s File system: 120.54 seconds (timed out) Write speed: 257 MB/s Read speed: 266 MB/s CPU Usage Snapshot: Type Overall System 63 % User 6 % Idle 30 % Top Processes Snapshot by CPU: Process (count) CPU (Source - Location) WindowServer 16.46 % (Apple) EtreCheckPro 12.16 % (Etresoft, Inc.) kernel_task 9.72 % (Apple) sandboxd 5.48 % (Apple) Track-o-Bot 5.14 % (Steven Schmid) Top Processes Snapshot by Memory: Process (count) RAM usage (Source - Location) EtreCheckPro 689 MB (Etresoft, Inc.) kernel_task 542 MB (Apple) Airmail 3 368 MB (App Store) Dropbox (3) 311 MB (Dropbox, Inc.) Dropbox Web Helper (3) 311 MB (Dropbox, Inc.) Top Processes Snapshot by Network Use: Process Input / Output (Source - Location) Dropbox 81 KB / 785 KB (Dropbox, Inc.) mDNSResponder 37 KB / 24 KB (Apple) Slack 21 KB / 13 KB (App Store) Telegram 8 KB / 3 KB (TELEGRAM MESSENGER LLP) apsd 4 KB / 5 KB (Apple) Top Processes Snapshot by Energy Use: Process (count) Energy (0-100) (Source - Location) WindowServer 7 (Apple) sandboxd 3 (Apple) iStat Menus Status 1 (Bjango Pty Ltd) airportd 1 (Apple) RTProtectionDaemon 0 (Malwarebytes Corporation) Virtual Memory Information: Physical RAM: 16 GB Free RAM: 4.71 GB Used RAM: 6.91 GB Cached files: 4.38 GB Available RAM: 9.09 GB Swap Used: 0 B Software Installs (past 30 days): Install Date Name (Version) 2019-06-26 Evernote (7.11) 2019-07-06 Kiwi for Gmail (2.0.22) 2019-07-06 Airmail (3.6.71) 2019-07-10 Adobe Flash Player ( 2019-07-15 Slack (4.0.0) 2019-07-16 VirusBarrier Scanner (1.1.1) 2019-07-17 Microsoft PowerPoint (16.27.19071500) 2019-07-17 Microsoft Outlook (16.27.19071500) 2019-07-17 Microsoft Excel (16.27.19071500) 2019-07-17 Microsoft Word (16.27.19071500) 2019-07-19 Microsoft AutoUpdate (4.13.19071800) 2019-07-19 MRTConfigData (1.47) 2019-07-20 ClamXAV v3.0.12 2019-07-20 ClamXav Uninstaller (1) 2019-07-23 Java 8 Update 221 (1.0) 2019-07-23 Gatekeeper Configuration Data (173) 2019-07-23 Radio Silence (2.3.0) Diagnostics Information (past 7 days): 2019-07-24 01:12:28 SIMBL Agent.app - Crash (14 times) Executable: /Library/ScriptingAdditions/SIMBL.osax/Contents/Resources/SIMBL Agent.app Details: dyld: launch, running initializers /usr/lib/libSystem.B.dylib 2019-07-22 09:01:23 1Password 7.app - Crash (3 times) Executable: /Applications/1Password 7.app 2019-07-20 15:31:45 signpost_reporter - High CPU Use Executable: /usr/libexec/signpost_reporter 2019-07-20 08:19:06 Slack.app - Crash Executable: /Applications/Slack.app 2019-07-20 08:14:39 Uninstall.app - Crash Executable: /usr/local/ClamXAV3/bin/Uninstall.app Details: *** Terminating app due to uncaught exception 'NSGenericException', re ason: 'NSRunAlertPanel may only be invoked from the main thread. Behav ior on other threads is undefined.' terminating with uncaught exception of type NSException abort() called 2019-07-19 15:50:54 Discord.app - Crash Executable: /Applications/Discord.app 2019-07-17 21:20:06 Scrivener.app - High CPU Use Executable: /Applications/Scrivener.app End of report Thank you.
  3. On a cleanly installed (not upgraded from a previous install) Windows 10 Pro (64-bit) with Malwarebytes Pro I am seeing this error: Event ID: 5 {Registry Hive Recovered} Registry hive (file): '\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-3788415297-386881794-3068972913-1001-0-ntuser.dat' was corrupted and it has been recovered. Some data might have been lost. This error coincides daily with the MBAM scheduled scan times. A search of the internet and this forum provided limited information on the error, one of which was uninstalling and reinstalling Malwatebytes Anti-Malware. I accomplished that using the Malwarebytes Clean Uninstall Tool but the issue persists. I have completed a system integrity check and CHKDSK without errors. Any assistance appreciated.
  4. Love the idea and added protection is great so tried the beta program. Problem is few min later blue screen with "Unexpected Kernel Mode Trap" error. Then upon every reboot I would get this bluescreen before the computer finished loading the desktop. Tried 10 times to load the computer and tried various disk checks and repairs only to find no issues. Booted into safe mode and uninstalled the program and computer booted fine again. OS: Windows 10 Build: 10.0.14279.1000 (rs1_release.160229-1700) Malwarebytes Anti-Ransomware Ver: beta5 - build Antivirus: Eset Smart Security 9 Ver: 9.0.349.0 When I look at the dump files each time using a dump analysis tool it lists: em006_64.dat or eamonm.sys as the culprit. Both related to Eset... I'm guessing something in Eset does not like your program or vice a versa. I have attached three of the mini dumps in a zip file if it helps. I love betas of new products, but this one definitely didn't like my computer. I look forward to trying the next beta or full product when released. minidump.zip
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.