Jump to content

Malwarebytes was unable to load the Anti-Rootkit DDA Driver


Recommended Posts

Hi, several weeks ago I upgraded from MBAM (Premium) 1.x to 2.x. I'm currently using v2.0.2.1012 on Windows 8 x64. Occasionally my laptop computer will become unresponsive since this upgrade and I can't think of anything else that's changed that could be causing that problem.

 

In the event logs there aren't any clues. The only way to recover is to turn the computer off and then back on. Here's a basic overview of what it looks like in the event logs, in reverse chronological order:

10:46amThe last shutdown's success status was false. The last boot's success status was true.10:46amThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.10:46amThe operating system started at system time ?2014?-?05?-?30T14:46:46.499419800Z.10:44amThe kernel power manager has initiated a shutdown transition.10:43amThe system has returned from a low power state.Sleep Time: ?2014?-?05?-?29T23:16:03.452855100ZWake Time: ?2014?-?05?-?30T14:43:18.061922900ZWake Source: Power Button

After reading about this problem in other threads I downloaded and ran mbam-check-2.1.0.0002.exe. CheckResults.txt is attached. I notice that Farbar recovery is recommended as well however I'm not going to download it because I can't seem to find hardly any information on who's behind it, and I don't trust it.

 

I am a C++ computer programmer. If you have a debug mode for MBAM that records all significant calls, or a debug build, or something like that, I would be willing to try it to figure out if there is a freeze or lock somewhere.

 

Thanks

 

Link to post
Share on other sites

I'm using MBAM (Premium) v2.0.2.1012 on Windows 8 x64. Occasionally I will see the error message "Malwarebytes was unable to load the Anti-Rootkit DDA Driver, this error may be caused by rootkit activity." I did have the rootkit driver and self protection enabled but since then I reset all my preferences to the default and yet I still get that message.

 

I would really like to have both the self protection and rootkit driver options enabled but I will leave them disabled for now until this is worked out.

 

Also, I have a separate support thread I started 15 min ago because of a problem I have where my computer has been unresponsive since upgrading MBAM. I don't know if this is related or not so that's why I posted it separately, but if this thread should be merged as a post into my other thread feel free.

 

A screenshot of the error message is attached. Thanks

Link to post
Share on other sites

I can't edit my original post so I will add this information here. I have since started three other threads here that have information that may or may not be related to this problem:

Mbamchameleon Failed to obtain file name information

Malwarebytes was unable to load the Anti-Rootkit DDA Driver

Failed to verify the digital signature for \??\C:\Windows\system32\igfxsrvc.exe

 

Link to post
Share on other sites

  • Root Admin

Hello and :welcome:

  1. Please uninstall your current version of MBAM and reinstall the latest version. MBAM Clean Removal Process 2x
  2. If that does not correct the issue then please read the following and post back the requested logs. - Diagnostic Logs
  3. NOTE: There is an FAQ section with valuable information located here: - Common Questions, Issues, and their Solutions


Thank You
 

Link to post
Share on other sites

 

Ok I followed the clean removal process and reinstalled Premium according to the directions. I ran a scan and no malware was found except for a false positive. I will report back and try step #2 if necessary after I have a chance to determine whether or not the problem still exists.

Link to post
Share on other sites

  • 3 weeks later...

This is an update on the issue described in the first two posts (they were originally separate threads that were merged), a freezing issue and failing to load the anti-rootkit driver.

 

As noted several weeks ago I followed the clean removal process (mbam-clean-2.0.2.0.exe) and reinstalled Premium (mbam-setup-2.0.2.1012.exe) according to the directions. I did not modify the settings and left them at the default. Monitoring over the last few weeks I can tell you that the issue was partially solved. Not once since I reinstalled did the computer permanently freeze or did MBAM give me that error message about being unable to load the anti-rootkit driver. Based on the change in behavior I'm fairly confident that the MBAM upgrade had at least something to do with my computer freezing.

 

Unfortunately this has led me to uninstall MBAM. I tried to install 1.x but it tried to force me to upgrade to 2.x. Is 1.x still supported, and if so how long will it be supported? Is it vulnerable in any way?

 

I would really like to help solve this. As I said I'm a computer programmer. I'm familiar with the Windows API. If you can get me a debug build, or you have some sort of debug setting or environment variable that causes MBAM to timestamp every action it's taking then hopefully I can make a determination what exactly is happening at the moment the computer freezes.

 

I'm not running Farbar Recovery Scan Tool. I can't verify its origin and it isn't digitally signed. I ran the mbam-check twice. Once when I was experiencing the freezes (before the reinstall) and the second time after the most recent uninstall. I do not have a mbam-check from when the freezes were not occurring (after the reinstall but before the most recent uninstall). I am very careful what I run on this computer and am willing to run anything that could help as long as I can verify its origin, the company behind it or the source (so I can build it myself).

 

Thanks!

CheckResults__Before_Reinstall__Freeze.txt

CheckResults__After_Removal.txt

Link to post
Share on other sites

  • 2 weeks later...

Not once since I reinstalled did the computer permanently freeze or did MBAM give me that error message about being unable to load the anti-rootkit driver. Based on the change in behavior I'm fairly confident that the MBAM upgrade had at least something to do with my computer freezing.

 

Unfortunately this has led me to uninstall MBAM. I tried to install 1.x but it tried to force me to upgrade to 2.x. Is 1.x still supported, and if so how long will it be supported? Is it vulnerable in any way?

 

I would really like to help solve this. As I said I'm a computer programmer. I'm familiar with the Windows API. If you can get me a debug build, or you have some sort of debug setting or environment variable that causes MBAM to timestamp every action it's taking then hopefully I can make a determination what exactly is happening at the moment the computer freezes.

 

Can someone from MBAM get back to me on this, thanks.

Link to post
Share on other sites

  • 1 month later...
  • Root Admin

Can someone from MBAM get back to me on this, thanks.

 

Not sure there is anything we can do to help you. You don't trust running other tools we've requested which pretty much leaves us at a stalemate. As your topic is not well over a month old I'll go ahead and close it.

 

If you do decide  you wish to obtain further assistance you can either open a new topic or open a ticket with the help desk. Please be aware though that the forum and help desk both will want you to run scans with 3rd party tools to obtain information. If you're a programmer then you have to be well acquainted with Google search where you will that the FRST program comes back with about 2.5 million hits and is always used to track down issues and is safe.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.