Jump to content

Recommended Posts

i had issues with "mbar build 1.08.3.1004", the latest version of "mbar"..

 

when i run the mbar EXE file, to extract the program's files, the program's files begin to be extracted but, then, at the end of the process, i get a B-S-O-D!!

 

i tried extracting the files again, to see if the BSOD was repeating, and it was..

 

it seems wierd, getting the BSOD, since all that is being done is that files are being extracted..

 

incidentally, it seemed that all of the program's files were successfully extracted, despite the BSOD.. however i didn't try to run the mbar program, after the files had been extracted, since i didn't want to experience another BSOD..

 

i tried installing the "old" version of "mbar" (the previous version), to confirm that i didn't get a BSOD with it, and the files were successfully extracted.. however, when i tried to run the mbar program, it prompted me to "update" the program, and, when i selected "NO!!", the process just closed.. in other words, i was not able to run the "old" version of mbar! my only option was to download the new version, which doesn't work, at least not on my computer..

 

when i ran the mbar EXE file, to extract the mbar program's files, i noticed that a "mbamchameleon.sys" file was created in my "drivers" folder, as well as a couple of "services" regkeys that were associated with the "mbamchameleon.sys" file..

 

i just mention it because, when i ran the EXE file for the "old" version of "mbar", to extract the program's files, the same "mbamchameleon.sys" file, and the associated "services" regkeys, were NOT created (though i was not able to actually run the "old" "mbar" program, as i already mentioned)..

 

incidentally, i just finished "reformatting" my harddrive, doing a "clean" install of "windows xp" et al.. the "mbar" program was the last thing that i had left to install..

 

i am running "windows xpsp3", the "windows firewall", "avira antivirus premium", "system safety monitor", and ghost security's "regdefend".. also, i recently started using "sandboxie", so it also is running on my computer..

 

i always disable all of the realtime-protection on my computer when i am installing programs, so none of the programs that i use for realtime-protection would have interfered with my running the "mbar" EXE file, to extract the mbar program's files..

 

i am attaching the two "minidump" crash dump files that were generated, the two times that i ran the EXE file, to extract the mbar program's files..

Link to post
Share on other sites

  • Staff

Can you download and install 7zip or WinRAR and extract the contents of the MBAR file mbar-1.08.4.1003.exe to another folder, without seeing the BSOD?

 

Also, can you try running the downloaded MBAR file mbar-1.08.4.1003.exe in Safe Mode to see if it will self-extract there without BSOD?

Link to post
Share on other sites

tetonbob, i didn't follow your instructions exactly.. i extracted the "mbar" files within "sandboxie", where i knew "mbar.exe" would not run automatically, causing a BSOD.. then i moved the extracted files to my harddrive.. then i tried running "mbar", but, as soon as i launched the "mbar.exe" file, i got a BSOD..

 

then i booted into "safe mode" and ran "mbar", and it ran successfully!

 

since "sandboxie" was new, on my computer, i thought that maybe there was a conflict with it, so i completely disabled it, where its drivers and services were not running, and tried running "mbar" again, but i got another BSOD.. so "sandboxie" wasn't the problem..

 

then i tried completely disabling the "avira" program, disabling all of its services and drivers, and, THEN, "mbar" ran successfully!

 

so, apparently there is a conflict between the latest version of the "mbar" program and the "avira" program..

 

i am using the latest version of the avira program, the premium version, build 14.0.7.468..

 

i am attaching the two new mini crash-dumps that were generated..

Link to post
Share on other sites

  • Staff

Hi redwolfe_98.

Good work, I did suspect a conflict with one of your security programs.

If you wanted to try something else for us, leave Avira enabled, but run MBAR this way:

•Please run Malwarebytes Anti-Rootkit (MBAR), but we need to run it a special way. Open a command prompt, and CD to the \mbar folder.

You can copy/paste this command assuming mbar folder is on desktop as expected:

cd "%userprofile%\desktop\mbar"

•In the black command prompt box, type in the following and press Enter:

mbar.exe /z

(note - there is a space between mbar.exe and /z)

•MBAR will launch. Update as usual, then click 'Next.

Click Scan.

•If malware is found, do NOT press the Cleanup button when the scan completes. Click EXIT.

Please send me the system-log.txt for review by our developers. You can just attach that log as well. It's in the mbar folder on your desktop.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.