Jump to content

Search the Community

Showing results for tags 'windows 10'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 119 results

  1. Hello, a few weeks ago my brother had downloaded a "csgo hack" onto my PC. I allowed him to play. I had this application open and ready to use. Windows kept sending me a warning and of it automatically quarantining the Trojans. But it wasnt helping. There were 2 applications called "letsee1.0" and the same name but in a 2.0 variant. I deleted the 1.0 I believe, but upon deleting the other, my PC crashed. I loaded back up normally, but tool a bit longer than usual. Signed in and it gave me a black screen then blue screen sayin "checking updates". After that I knew I was screwed. I know the virus basics and how to retract them, i.e going into safe mode and using antivirus apps. Completely wiping my HDD(s) and using another computer for an OS boot. But I cant do any of those. Scenario 1. I would go to wipe my hard drives but every time whether it was full wipe or restore back to last known download, it would always say "there isnt enough storage in your harddrive" or "process could not be completed" I have two 2TB hard drives and a 500gb ssd as well as a 250gb M.2. Scenario 2. I go to any of the safe mode options and it would try to boot it up but it always says "failed to boot into safe mode, try using another boot method" And I have that much storage, more than your average person whomst has a PC. My OS is valid and not pirated, so to me this makes no sense. To be more clear if you didnt get what I said I will be more in depth here: When I turn on my PC it loads MSI bios screen, then goes to running windows, THEN running diagnostics. Which from there goes to the options/troubleshooting area of the diagnostics. This happens EVERY time I turn my PC on. I've tried to do the download the OS on another PC and redo all that, but that dosnt work at all. And I cant boof info safe mode. I wanna fix this PC before I make the decision to buy a new one, instead of wasting money on something that can be fixed. I believe there is a way. I hope there are gonna be a lot of people responding and trying to help cause using the windows forums was the worst. Takes for ever to respond and when someone does, it's a stupid troubleshoot I already know about then when explained they leave it there as if im not there. As of the matter, I would try to use another PC or laptop get a USB and download a bootable virus cleaner but I cant get into safe mode to do that. Thanks for your help if any!
  2. I just downloaded Malwarebytes Premium Trial. I scanned my PC then it found 10 threats. Some of my applications giving an error message which gives code 0xc0000005. I attached a screenshot. I did research about it and saw some solutions. I clicked control panel on Windows 10. It opened but Malwarebytes said trojan blocked. I didn't get it first because I closed pop up. Then I closed the Control Panel and restarted my PC. After logging in, I saw a pop-up from Malwarebytes again. Then I started seeing it frequently. (Now, again. I opened Malwarebytes for taking SS's then, pop-up again...) And I can make mistakes while writing because I learning English still. Sorry if I made mistakes.
  3. Windows 10 Pro 17763.168 (1809) - i7-7700k. This issue occurs only in Pro, not Free. After boot and display of the Welcome screen, there is a noticeable lag at the Welcome screen. Startup sound is delayed by at least 2 seconds. Clicking or pressing enter to get the sign-on box does not appear for several seconds. After entering PW/PIN, there is a lengthy process displayed of "Waiting for Initialize Profile" (not exact words), "Preparing Desktop", etc. Finally goes to Desktop. None of this happened prior to 1.0.508, it was all nearly instantaneous. Setting delay of 15 seconds removes the issue and all was as before this CU. Setting the service to Auto(delayed start) also removes the issue. Both are workarounds. This did not occur on the previous CU. I did have the Beta prior to all this, and it, too, had the same issues. I reverted to Public Release and the issues resolved. But when this CU was installed, the issues returned. I have done clean installs using the mb-clean-3.1.0.1035.1 and the mb-support-1.3.1.553. I have also completely uninstalled it using Revo Uninstaller Pro 4.0.1 and re-installed clean using the latest downloaded today mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211, which has the 1.0.508 incorporated. All to no avail. There do not appear to be any other side effects, except this startup issue. Attached is the clean log and mbst-grab-results. Thank you for your help. mbst-clean-results.txt mbst-grab-results.zip
  4. The latest version of Malwarebytes Home seems to be incompatible with the Windows 10 Insider Preview Build (18323-19H1). All services except Exploit Protection are turned off and you can't turn them back on. Restart does nothing. Uninstall hangs until one of the Malwarebytes processes is manually terminated. Re-install works then the services turn themselves off again seconds later. Anyone else having this issue?
  5. I see a lot of posts about Malwarebytes 3 causing Windows 7 to become unresponsive. I want to join those reporting this problem on Windows 10 as well. In recent months, I noticed my laptop feeling sluggish, occasionally becoming unresponsive for > 10 seconds. I blamed Windows and soldiered on. In December 2018, Chrome suddenly became unusable with every control and website freezing for 20 seconds or more before finally responding. I went through recommended troubleshooting steps all the way up to complete reset/reinstall. Nothing helped. Edge and Firefox were usually responsive, but not entirely free of this issue. Checked system performance/resources, network speed, etc. No obvious issues found. Then, I tried turning off Malwarebytes Real Time Protection. Not only Chrome, but all apps and Windows 10 itself immediately become snappy and responsive again. After more testing, I discovered Malware protection is the problem layer. I can leave all other Real-Time protection layers on and have excellent response time as long as Malware protection remains off. Until recent months, I had all Real-Time protection layers on since version 3 was released with little or no significant sluggishness. Freezing was evident in multiple apps. I noticed it first in apps such as Chrome, Firefox and Clatter because I use them a lot. Chrome was by far the worst, with all websites and app controls being consistently unresponsive for long periods. Surprisingly, even though it's frequently used and my default browser, Edge was least impacted by this issue (after being the problem child in previous years). Information below is probably included in the logs, but I'm adding it here so others can easily see/compare to their own configurations: This PC is not running any other malware solutions other than Windows Defender and Malwarebytes. Malwarebytes Premium version: 3.6.1.2711; component package: 1.0.508; update package: 1.0.8698 Windows 10 1809 (build 17763.195) Device: HP Spectre x360 i7, 16GB RAM, storage: 476 GB SSD (286 GB free) Chrome version 71.0.3578.98 (64-bit) mbst-grab-results.zip
  6. Ok so this issue has been running for a while and each time we've not found a reason as to why. sometimes soon after Startup, Malwarebytes will pop up with this error message. "Malwarebytes is unable to load the Anti-Rootkit DDA Driver" it then requests a restart, runs a threat scan and... were clean, this wouldn't be a problem if not for the fact that it's happening more oftern. the system this keeps happening on dose not go to new site, has been clean for years, and every virus scan we do comes back clean. at this stage i wounder if it needs a freash install of malwarebytes to sort itself out. will send Malwarebytes Support Tool info once restarted and the threat scan comes back clean.
  7. Today I noticed there is no try icon for Malwarebytes app, so I open the installation folder to try to start mbam.exe manually. Nothing happened - no app screen, no error messages, as if I did not start anything. I did try to fix it my self, but no result so here I'm looking for professional diagnose and help. What I did when trying to fix it myself: - download and run Malwarebytes Support Tool (mb-support-1.3.1.553.exe) - "Repair" does not work, it gets stuck on second step "Saving settings" - downloaded and run adwcleaner_7.2.5.0.exe - it found some hola.org related files and removed it, but it did not solved my problem - cleaned and reinstalled using Malwarebytes Support Tool - it cleaned ok, but was stuck on installing (like 30 mins or so and still did not finished), so I restarted in Windows in safe mode and installed from there (mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211.exe). It did lunched so I restarted in normal mode and... the problem still persist: no try icon and can;t start main app window. At this stage I give up and posted here. mbst zip attached, looking for some help. mbst-grab-results.zip
  8. I was using Yahoo mail in Mozilla Firefox when a warning popped up saying, "Your Windows 10 is infected with 3 viruses" The link in the address bar changed to: https://www.mscheck002.club/sk/fa9ff2ca/us/?clid=c45693d5bc364beb8cffa6e9f15eff8d9ca7&p1=74070&p2=&pre_tpl=6 Is this malware? The last time it happened I ran Malwarebytes and found nothing. Thanks
  9. trying to find out a way to completely uninstall windows defender from my windows 10 OS . but there is no option to uninstall it . and I want to remove it because windows defender AV isn’t working and an error while I try to update it’s malware databases ! and I want to replace it with KASPERSKY.
  10. Since my latest windows 10 update (May 2018) my windows 10 laptop has been hanging when it tries to update Malwarebytes. I have seen it suggested that I uninstall and reinstall MB. Unfortunately, I have no access to make the machine do anything. It won't even start Task Manager. The mouse will mover around and I can type in fill boxes but all to no avail if it is an attempt to run a program or application. It won't start file explorer, browser, it won't restart. The only control I have is to hold the power button for a while until it does a forced reboot. When I sign in, it is still in a hung state.
  11. I installed MBAM a long time ago and all seemed well. Then discovered Chameleon and thought I'd install it to be on the safe side. Now when I try to open MBAM, nothing happens. Windows 10 PC. Not sure what else might be relevant to the issue...
  12. I'm not very computer savvy, so these are probably stupid questions. I work with a Windows 10 PC at a small business which is part of a network. The files I work with are all saved on a "shared drive" on the server computer". Sometimes I save files to my Desktop or download files to my Downloads folder on the C:\ Drive, before saving an updated copy to the "shared drive" at the end of the week. When I right-click and view properties for C:\ and view the "Sharing" tab, it says this drive is "Not Shared". Questions: 1) Does "Not Shared" mean that C:\ is not a part of the company's network and can't be accessed /viewed from the other computers? 2) If it's not shared, does that mean that all the work I've been saving to C:\ hasn't been getting backed-up? 3) Sometimes during my break, I create and work on documents (I write a lot) that aren't company related. Before my break ends, I copy the file to a USB flash drive and delete the original from the C:\ drive. Sometimes I also access files on the USB flash drive, and save changes I make to them. Since all the work is happening on C:\ and the USB flash drive, will it show up on any network event logs / file audits? It was nothing illegal and I've done this a few times now without any incident, but I want to avoid any trouble this might cause. 4) If I download a PDF file off the internet and it gets saved to the "Downloads" folder on C:\, will it get automatically backed up to the company "shared drive", or would I have to manually make a copy to the "shared drive" to make sure that it gets backed up too? Thanks, T-Ruth
  13. My ransomeware protection has turned off and I can't get it back on. Support tool log attached. mbst-grab-results.zip
  14. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 8/21/18 Protection Event Time: 8:20 AM Log File: 9389a30a-a53c-11e8-a92a-f44d3003d71e.json -Software Information- Version: 3.5.1.2522 Components Version: 1.0.421 Update Package Version: 1.0.6439 License: Premium -System Information- OS: Windows 10 (Build 17134.228) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0 -Exploit Data- Affected Application: Microsoft Office Word Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\Users\obe7\AppData\Roaming\Grammarly\Updates\GrammarlyAddInSetup6.7.139.exe C:\Users\obe7\AppData\Roaming\Grammarly\Updates\GrammarlyAddInSetup6.7.139.exe \detectmode URL: (end)
  15. I have a case of the goppel. I have included a scan report of my latest Malwarebytes virus scan. I have tried numerous ways to get rid of the virus - to no avail. Please help me... Use_This_Goppel_Sux.txt
  16. For the past several months, Malwarebytes has been flagging Onedrive as an exploit and disabling it on my Surface Pro 4. After it is disabled it no longer syncs to the cloud so any changes made to my files are lost. This has been going on for months and nothing I do seems to change it, even after performing a clean install of Windows 10. I have attached a picture of the notification I get when Onedrive is flagged and disabled.
  17. The browser extension has 2 buttons 1: GO BACK, 2: CONTINUE TO SITE (I'm not 100% sure about this as it is not visible) The GO BACK button is a NOOP (doesn't do anything) on Windows 10 all updates applied.
  18. Hello,  Just installed new version 3 of MBAM on my computer, over a v2 that I had since years. Installed this V3 yesterday, reboot today, and no more boot, win stops & blocked just after powering up, on win logo. (win 10 x64 pro) At first, didn't even made a relation between no boot and MBAM, but, after I tried win tools to fix, with no success, I booted on Malekal liveCd USB key to have a look at "srtTrail.txt" in c:\windows\system32\logfiles\Srt, then I found an error with the bootres.dll. I googled a few, and found a thread here related to MBAM, srttrail, and bootres.dll. Now, it seems evident that the fresh MBAM installation (yesterday) is linked to my non-boot today, my Win10 is clean, and never caused me any boot neither stability trouble. So, I need, please, help...? What i've done, first, is using a restore point, didn't solve anything. Then, may be it was not intelligent, was to use the "fixlist.txt" you attached to the thread mentioned above. (of course ?) didn't solve my problem...? ... So, what I can do is to attach my original FRST log, done before using the fixlist > file "FRST_1.txt" I also attach the fixlist I used, given on the thread above mentioned > file "Fixlog.txt" I also attach the second FRST log, the lastest a actual, done after I used the Fixlog > file "FRST_2.txt". Done nothing else since, except rebooting on my Malekal LiveCD, to post on this forum. So the FRST_2.txt is my actual report. Hoping you'll be able to build me an efficient fixlog, or any other solution... THX ? FRST_1.txt Fixlog.txt FRST_2.txt
  19. Windows 10 Fall Creators Update Settings > Gaming > Xbox Networking Xbox Live Multiplayer Server Connectivity will show as BLOCKED unless you close Malwarebytes or disable Web Protection in Malwarebytes. Is there a way to white-list this service? MBAM 3.2.2.2029 Package 1.0.212 Update 1.0.3042 Windows 10 x64 Pro 1709 16299.19
  20. when i download something on google chrome my files always corrupt , please help . i have a new harddisk and it runs windows 10 . i havent change or download anything from my computer .
  21. Hello, Talking with Support yesterday, it was discovered that Malwarebytes does NOT support the Windows 10 redirection of Desktop, Documents, Downloads, Pictures, Videos or 3D Objects to another partition. For those of us that use a SSD for the OS or routinely perform a fresh install to cleanup and optimize Windows 10 it is a MAJOR advantage to not have EVERYTHING on the same physical drive as the OS. Windows 10 FULLY supports redirection. This is one of several methods to redirecting them: 1. Open File Explorer 2. In the Quick Access area or you can go under This PC if you , right click for example Desktop and choose Properties 3. Choose the Location Tab 4. Enter the new path (complete all the way to the drive letter) 5. Click Apply 6. Choose Yes to Move all items to the new location. Now your SSD drive has much more free space for installed applications etc. Here is the problem: When you download to any of these new locations Malwarebytes 3 does not do any checks AND MORE IMPORTANTLY, the Threat Scan "Our most comprehensive scan" does not scan these areas. Therefore I say that there is a HOLE in the security. Here's hoping for a quick resolution!
  22. Friend came over to help me with an issue I was having with Office 2016. Recently had it and now it wasn't working. He told me about KMS and as I was looking it up seeing if it was safe, legal, etc... he installs it from the zip and I've never seen a virus/malware/ransomware act like this. All of a sudden programs start opening up: a radio program streaming podcasts or online radio, took control of Firefox, installed their own version of IE, and I noticed the mouse moving on it's own and that's when I just freaked and shut it down. Tried to start in advanced options, the safe mode, but now it's giving me an SrtTrail logfile missing error message. When it boots up AT ALL and tries to access windows, it shows the dell boot up logo, "prepairing automatic repair," two (what looks like) cmd windows flash for a millisecond, then "diagnosing your pic" "repairing files (sometimes) and then says "automatic repair couldn't repair your PC" Bc of c:\windows\system32\logfiles\srt\srttrail.txt AND a system reset to factory settings AND factory image restore don't seem to work because of "not enough space" I've tried to fix the logfile issue in cmd promt, I've tried to delete the KMS file in cmd prompt but couldn't find it I don't mind resetting, reverting or reformatting the computer (as long as I keep windows) as it's only a few months old.... is there a way to either rid the virus OR just "freeing up space" IF that's even true? Could the virus be filling up the hard drive for THAT main reason?
  23. BTW its my FIRST TIME here....... I'm having a problem with the proxy server being set to 127.0.0.1 7272 and adware on my browser. I have used malwarebytes adware and still its not fixed so i need help. Addition.txt FRST.txt
  24. Greetings, I am representing a client of mine in which they have a problem with your Antimalware product. The client is experiencing numerous blue screens that seem to be related to your "mbamchamelon.sys" kernel-mode driver causing a Blue Screen of Death upon boot up. However, on the second boot up, there is a very high chance it'll boot up normally. My client installed MalwareBytes for protection against malware in conjuction with his security software, Total Defense Total Security. Yes I know what you're thinking, but apparently it is a real product using the BitDefender Antivirus Product Engine and the company is apparently based in the USA. I use BitDefender myself but that is besides the point. Client Computer Configuration AMD AM4 Platform with a AMD A10 Quad Core Processor ASUS PRIME A320M-K Motherboard 4GB DDR4 System Memory Windows 10 32Bit* (more on that in a bit) 120GB System SSD Total Defense™ Total Security MalwareBytes Home Edition 3.5 (Licensed) Microsoft Office 2013 - might be 2016 or Office 365. Cannot confirm right now. I cannot provide you the installed product list because my client has given me instructions to keep that information private as it is a business machine, but the reason why this machine is running Windows 10 32bit is because it was an emergency migration from a older Intel Core 2 Duo machine that had severe problems. No, a fresh installation of Windows 10 is not possible at this point in time as it is a production machine and downtime must be kept to a minimum. All drivers are up to date, as well as latest BIOS updates. Is this a BSOD? Yes. Windows 10 BSOD says "UNEXPECTED_KERNEL_MODE_TRAP" (0x7F) WinDBG Preview for Windows 10 on my workstation where I analyze these crash dumps says: Microsoft (R) Windows Debugger Version 10.0.17674.1000 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [S:\ClientAnalysis\[REDACTED]\MEMORY.DMP] Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available. ************* Path validation summary ************** Response Time (ms) Location Deferred srv* Symbol search path is: srv* Executable search path is: Windows 10 Kernel Version 17134 MP (4 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 17134.1.x86fre.rs4_release.180410-1804 Machine Name: [REDACTED] Kernel base = 0x81a69000 PsLoadedModuleList = 0x81ce8938 Debug session time: Fri Jun 22 06:59:57.499 2018 (UTC + 10:00) System Uptime: 0 days 23:55:39.731 WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 Loading Kernel Symbols ............................................................... ................................................................ .................................................... Loading User Symbols PEB address is NULL ! Loading unloaded module list ........ ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 7F, {8, 8075bc00, 0, 0} Page 4e8d8 not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] Page bf7f not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] Page 4e8d8 not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] Page bf7f not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] *** ERROR: Module load completed but symbols could not be loaded for MbamChameleon.sys *** ERROR: Module load completed but symbols could not be loaded for farflt.sys Page 4e8d8 not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] Page bf7f not present in the dump file. Type ".hh dbgerr004" for details [... last message repeats for a while - cutting ... ] [ rinse and repeat this for a good couple dozen lines ] Probably caused by : MbamChameleon.sys ( MbamChameleon+6131 ) Followup: MachineOwner --------- WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 eax=8075bc00 ebx=00000000 ecx=8075b850 edx=00000000 esi=00000000 edi=8075b800 eip=81baf11c esp=81cdd390 ebp=00000000 iopl=0 ov up di ng nz ac pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000896 nt!KiBugCheck2: 81baf11c 55 push ebp When asking the debugger for more info: ****************************************************************************** * * * Bugcheck Analysis * * * ******************************************************************************* UNEXPECTED_KERNEL_MODE_TRAP (7f) This means a trap occurred in kernel mode, and it's a trap of a kind that the kernel isn't allowed to have/catch (bound trap) or that is always instant death (double fault). The first number in the bugcheck params is the number of the trap (8 = double fault, etc) Consult an Intel x86 family manual to learn more about what these traps are. Here is a *portion* of those codes: If kv shows a taskGate use .tss on the part before the colon, then kv. Else if kv shows a trapframe use .trap on that value Else .trap on the appropriate frame will show where the trap was taken (on x86, this will be the ebp that goes with the procedure KiTrap) Endif kb will then show the corrected stack. Arguments: Arg1: 00000008, EXCEPTION_DOUBLE_FAULT Arg2: 8075bc00 Arg3: 00000000 Arg4: 00000000 Debugging Details: ------------------ (lots of repeated messages about 2 page locations not being available) KEY_VALUES_STRING: 1 STACKHASH_ANALYSIS: 1 TIMELINE_ANALYSIS: 1 DUMP_CLASS: 1 DUMP_QUALIFIER: 401 BUILD_VERSION_STRING: 17134.1.x86fre.rs4_release.180410-1804 SYSTEM_MANUFACTURER: System manufacturer SYSTEM_PRODUCT_NAME: System Product Name SYSTEM_SKU: SKU SYSTEM_VERSION: System Version BIOS_VENDOR: American Megatrends Inc. BIOS_VERSION: 4011 BIOS_DATE: 04/19/2018 BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC. BASEBOARD_PRODUCT: PRIME A320M-K BASEBOARD_VERSION: Rev X.0x DUMP_TYPE: 1 BUGCHECK_P1: 8 BUGCHECK_P2: ffffffff8075bc00 BUGCHECK_P3: 0 BUGCHECK_P4: 0 BUGCHECK_STR: 0x7f_8 TSS: 00000028 -- (.tss 0x28) eax=b66a1120 ebx=00000000 ecx=b66a1520 edx=92d42110 esi=b66a1520 edi=00000000 eip=891d711e esp=b66a0f94 ebp=b66a10a4 iopl=0 nv up ei ng nz na po nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010282 Ntfs!NtfsLookupRealAllocation+0x1e: 891d711e 53 push ebx Resetting default scope CPU_COUNT: 4 CPU_MHZ: da5 CPU_VENDOR: AuthenticAMD CPU_FAMILY: 15 CPU_MODEL: 65 CPU_STEPPING: 1 BLACKBOXBSD: 1 (!blackboxbsd) BLACKBOXPNP: 1 (!blackboxpnp) DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT PROCESS_NAME: Registry CURRENT_IRQL: 0 ANALYSIS_SESSION_HOST: DESKTOP-8K174LE ANALYSIS_SESSION_TIME: 06-27-2018 13:02:15.0843 ANALYSIS_VERSION: 10.0.17674.1000 amd64fre TRAP_FRAME: b66a194c -- (.trap 0xffffffffb66a194c) ErrCode = 00000000 eax=00000000 ebx=b66a19f4 ecx=0000001c edx=b98bd8c0 esi=024a9000 edi=00000360 eip=81d688c4 esp=b66a19c0 ebp=b66a19cc iopl=0 nv up ei pl nz na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206 nt!HvpGetCellPaged+0x84: 81d688c4 8b043e mov eax,dword ptr [esi+edi] ds:0023:024a9360=???????? Resetting default scope LAST_CONTROL_TRANSFER: from 891d6f2b to 891d711e BAD_STACK_POINTER: 81cdd390 STACK_OVERFLOW: Stack Limit: b66a1000. Use (kF) and (!stackusage) to investigate stack usage. STACK_TEXT: b66a19cc 81d67eb7 95459008 02278360 b66a19f4 nt!HvpGetCellPaged+0x84 b66a1a3c 81d5c322 b66a1ab8 b66a1a88 b66a1adf nt!CmpWalkOneLevel+0x227 b66a1b94 81d61e02 48077500 00000240 b66a1e1c nt!CmpDoParseKey+0x822 b66a1cac 81d5e362 8800efd0 87f7a9a0 c3bc7418 nt!CmpParseKey+0x232 b66a1dbc 81d64da8 00000240 87f7a9a0 00000000 nt!ObpLookupObjectName+0x3d2 b66a1e44 81d64b80 b66a206c 87f7a9a0 00000000 nt!ObOpenObjectByNameEx+0x118 b66a1fb0 81d66ff8 b66a206c 00000000 00000000 nt!CmOpenKey+0x240 b66a1fc8 81bc0b2f b66a208c 000f003f b66a206c nt!NtOpenKey+0x18 b66a1fc8 81badfb5 b66a208c 000f003f b66a206c nt!KiSystemServicePostCall b66a204c 98406131 b66a208c 000f003f b66a206c nt!ZwOpenKey+0x11 WARNING: Stack unwind information not available. Following frames may be wrong. b66a2090 98401e27 44fda755 00000000 a4f461b8 MbamChameleon+0x6131 b66a20e0 81d7dc49 98421e28 b66a213c 00021410 MbamChameleon+0x1e27 b66a2124 81d62a8c b66a2190 87eb2040 b66a24cc nt!ObpCallPreOperationCallbacks+0xd9 b66a2214 81d76a0e 00000000 b66a24cc 00000000 nt!ObpCreateHandle+0x89c b66a2398 81d761ba 9e56fa00 00000200 b66a24cc nt!ObOpenObjectByPointer+0xce b66a2564 81d76039 b66a2624 b66a263c 00000000 nt!PsOpenProcess+0x17a b66a2584 81bc0b2f b66a265c 80020000 b66a2624 nt!NtOpenProcess+0x2d b66a2584 81badf15 b66a265c 80020000 b66a2624 nt!KiSystemServicePostCall b66a260c 9840bbec b66a265c 80020000 b66a2624 nt!ZwOpenProcess+0x11 b66a2644 9840ab6f 000003c8 80020000 b66a265c MbamChameleon+0xbbec b66a2668 984083b6 81bb0760 00008013 b66a2780 MbamChameleon+0xab6f b66a2678 98402de8 be2f1580 44fda035 00000000 MbamChameleon+0x83b6 b66a2780 81d5fa13 00000000 0000001c b66a28d0 MbamChameleon+0x2de8 b66a2834 81d61db4 b66a2878 00000001 0000001d nt!CmpCallCallBacksEx+0x313 b66a2944 81d5e362 8800efd0 87f7a9a0 c3f87820 nt!CmpParseKey+0x1e4 b66a2a54 81d64da8 00000240 87f7a9a0 00000000 nt!ObpLookupObjectName+0x3d2 b66a2adc 81d64b80 b66a2d04 87f7a9a0 00000000 nt!ObOpenObjectByNameEx+0x118 b66a2c48 81d66ff8 b66a2d04 00000000 00000000 nt!CmOpenKey+0x240 b66a2c60 81bc0b2f b66a2d24 000f003f b66a2d04 nt!NtOpenKey+0x18 b66a2c60 81badfb5 b66a2d24 000f003f b66a2d04 nt!KiSystemServicePostCall b66a2ce4 98406131 b66a2d24 000f003f b66a2d04 nt!ZwOpenKey+0x11 b66a2d28 98401e27 44fdaacd 00000000 a4f461b8 MbamChameleon+0x6131 b66a2d78 81d7dc49 98421e28 b66a2dd4 001fffff MbamChameleon+0x1e27 b66a2dbc 81d62a8c b66a2e28 87eb2040 b66a3168 nt!ObpCallPreOperationCallbacks+0xd9 b66a2eac 81d76a0e 00000000 b66a3168 00000000 nt!ObpCreateHandle+0x89c b66a3034 81d761ba 9e56fa00 00000200 b66a3168 nt!ObOpenObjectByPointer+0xce b66a3200 81d76039 b66a32cc b66a32e4 00000000 nt!PsOpenProcess+0x17a b66a3220 81bc0b2f b66a32f8 001fffff b66a32cc nt!NtOpenProcess+0x2d b66a3220 81badf15 b66a32f8 001fffff b66a32cc nt!KiSystemServicePostCall b66a32a8 ad005791 b66a32f8 001fffff b66a32cc nt!ZwOpenProcess+0x11 b66a3310 81d71997 000003c8 000028ec 87f68901 farflt+0x5791 b66a333c 81d4e4f0 00000000 48075bf3 00000000 nt!PspCallThreadNotifyRoutines+0x97 b66a33b4 81d4e033 b66a3894 b66a3410 001fffff nt!PspInsertThread+0x3a4 b66a3584 81d4a831 b66a3aec 80000b70 00000000 nt!PspCreateThread+0x211 b66a3a08 81bc0b2f b66a3b10 001fffff b66a3aec nt!NtCreateThreadEx+0x161 b66a3a08 81bae861 b66a3b10 001fffff b66a3aec nt!KiSystemServicePostCall b66a3aac 81e00150 b66a3b10 001fffff b66a3aec nt!ZwCreateThreadEx+0x11 b66a3b3c 81b704c5 00000000 00000000 00040000 nt!RtlpCreateUserThreadEx+0xc2 b66a3b90 81ab1dbf 9e4f2cb0 9e521140 9e580e80 nt!ExpWorkerFactoryCreateThread+0xb1 b66a3bb4 81ab1b96 00000000 000005c0 0320f668 nt!ExpWorkerFactoryCheckCreate+0x13f b66a3c08 81bc0b2f 000005c0 0320f6b0 77410750 nt!NtReleaseWorkerFactoryWorker+0x266 b66a3c08 77410750 000005c0 0320f6b0 77410750 nt!KiSystemServicePostCall 0320f6b0 00000000 00000000 00000000 00000000 0x77410750 STACK_COMMAND: .trap 0xffffffffb66a194c ; kb THREAD_SHA1_HASH_MOD_FUNC: 7c84cad4e395a6ac6b9cbc45a29ffdca7fb29c4b THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 91cea10d87227341343679aaa708d3737ba0d688 THREAD_SHA1_HASH_MOD: a168ef793a0dbedb24c03939f290ba65f52710ce FOLLOWUP_IP: MbamChameleon+6131 98406131 8b3dc0e04198 mov edi,dword ptr [MbamChameleon+0x1e0c0 (9841e0c0)] FAULT_INSTR_CODE: e0c03d8b SYMBOL_STACK_INDEX: a SYMBOL_NAME: MbamChameleon+6131 FOLLOWUP_NAME: MachineOwner MODULE_NAME: MbamChameleon IMAGE_NAME: MbamChameleon.sys DEBUG_FLR_IMAGE_TIMESTAMP: 5ae0d958 BUCKET_ID_FUNC_OFFSET: 6131 FAILURE_BUCKET_ID: 0x7f_8_STACKPTR_ERROR_MbamChameleon!unknown_function BUCKET_ID: 0x7f_8_STACKPTR_ERROR_MbamChameleon!unknown_function PRIMARY_PROBLEM_CLASS: 0x7f_8_STACKPTR_ERROR_MbamChameleon!unknown_function TARGET_TIME: 2018-06-21T20:59:57.000Z OSBUILD: 17134 OSSERVICEPACK: 0 SERVICEPACK_NUMBER: 0 OS_REVISION: 0 SUITE_MASK: 272 PRODUCT_TYPE: 1 OSPLATFORM_TYPE: x86 OSNAME: Windows 10 OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS OS_LOCALE: USER_LCID: 0 OSBUILD_TIMESTAMP: 2018-06-08 18:55:45 BUILDDATESTAMP_STR: 180410-1804 BUILDLAB_STR: rs4_release BUILDOSVER_STR: 10.0.17134.1.x86fre.rs4_release.180410-1804 ANALYSIS_SESSION_ELAPSED_TIME: 221c ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:0x7f_8_stackptr_error_mbamchameleon!unknown_function FAILURE_ID_HASH: {b9ae5be3-18b3-bd8f-2c30-bdfcaf14819a} Followup: MachineOwner --------- WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 WARNING: Process directory table base E4B7D020 doesn't match CR3 001A8000 Memory Dump for debugging team available upon request. Simply notify me with email and I'll get it to you within a few hours. This is a semi-urgent request so I appreciate if I could have this issue placed on high priority.
  25. Hi, I installed Malwarebytes few days ago to wipe out adware. This morning I started my PC and before the login screen all I got was a black screen and a blinking cursor. I tried everything but its unresponsive. I think it has happened because Malwarebyte accidentally deleted something important. Please tell me how to solve this problem. I've read countless threads but I'm not getting anything. Please help as soon as possible. And if its that process of loading log.txt and another txt file, please explain thoroughly. Help!
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.