Jump to content

BSOD possibly related to MBAM_Chameleon.sys


JoelS

Recommended Posts

To test if it's MBAM_Chameleon.sys - uninstall MalwareBytes and see if that stops the errors.

Your UEFI/BIOS (version F6) dates from 2012.  Please check at the manufacturer's website to see if there are any UEFI/BIOS updates available for your system.  If you are able to install the update through Windows (without booting from an external drive), then go ahead and update it.  WARNING - if the computer might shut down during this procedure, please don't do it, as this may physically damage the computer and prevent it from booting.
FYI - W8 and W10 communicate more with the UEFI/BIOS than previous versions of Windows, so it's important to ensure that the UEFI/BIOS is kept up to date (and the outdated UEFI/BIOS' may be the cause of some compatibility issues).

Although you appear to have a reasonable number of Windows Update hotfixes for this version of your OS, please double check for any new Windows Updates.  It only takes one update to cause a problem, so it's essential that you have all of them.  The actual number is not important.  Rather it's important that you checked manually, installed any available updates, and didn't experience any errors when checking or updating.

You have 3 hard drives.  What is the make/model/wattage and age of your Power Supply?
The purpose of this question is to get you to evaluate your PSU.
- PSU's tend to get less efficient with age
- adding components over time may decrease the ability of the PSU to support the entire system (Maybe remove some stuff to see if that helps?)
- while you can measure the output of a PSU with a multimeter, the readings may change dramatically when the PSU is put under load.  PSU testing instructions (by dc3) here:  https://www.bleepingcomputer.com/forums/t/654994/pc-is-crashingfreezing-up-multiple-times-daily/page-2#entry4341756
- there's a free PSU test in the OCCT program at http://www.ocbase.com/

While this is most likely a software problem, a hardware problem is a possibility.
For the software problem, please run Driver Verifier according to these instructions:  http://www.carrona.org/verifier.html
For the hardware possibilty, please run these free hardware diagnostics:  http://www.carrona.org/hwdiag.html
Please run ALL of the tests and let us know the results.

Please update these older drivers.  Links are provided in order to assist you with looking up the source of the drivers.  
If unable to find an update, please uninstall the program that is responsible for that driver.  

DO NOT manually delete/rename the driver as it may make the system unbootable!!!:
L1C63x64.sys                Sun Mar 31 23:15:17 2013 (5158FBC5)
Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) Official site: http://www.qualcomm.com/drivers [br] Unofficial site: http://www.atheros.cz
http://www.carrona.org/drivers/driver.php?id=L1C63x64.sys
 
semav6msr64.sys             Fri Jan 24 14:22:40 2014 (52E2BD80)
SEMA Software Driver Download () - http://sema-soft.com/en/start.php
http://www.carrona.org/drivers/driver.php?id=semav6msr64.sys
 
klmouflt.sys                Tue Jun  2 08:36:12 2015 (556DA33C)
KLMOUFLT Mouse Device Filter [fre_wlh_x86] (Kaspersky) Support: http://usa.kaspersky.com/support [br]Downloads: http://usa.kaspersky.com/downloads [br]Unable to get links from the Global website - sorry!
http://www.carrona.org/drivers/driver.php?id=klmouflt.sys
 
viahduaa.sys                Tue Jun 16 04:06:10 2015 (557FD8F2)
VIA High Definition Audio Function Driver http://www.via.com.tw/en/support/drivers.jsp
http://www.carrona.org/drivers/driver.php?id=viahduaa.sys
 
TeeDriverW8x64.sys          Tue Jul  7 13:43:32 2015 (559C0FC4)
Intel Management Engine Interface (MEI) driver OEM or http://downloadcenter.intel.com[br][br]Installation instructions - http://www.sysnative.com/forums/windows-10-a/18573-windows-10-error-0x800f081f-source-file-not-found.html#post144391
http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys
 
 


Analysis:
The following is for information purposes only.
The following information contains the relevant information from the blue screen analysis:
**************************Fri Dec 15 22:57:04.774 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\121517-5531-01.dmp]
Windows 10 Kernel Version 16299 MP (8 procs) Free x64
Built by: 16299.15.amd64fre.rs3_release.170928-1534
System Uptime:0 days 11:38:00.196
Probably caused by :Unknown_Image ( ANALYSIS_INCONCLUSIVE )
BugCheck 109, {a3a0075c73c8b4e8, b3b713e2c64b82a7, c0000082, 7}
BugCheck Info: CRITICAL_STRUCTURE_CORRUPTION (109)
Arguments:
Arg1: a3a0075c73c8b4e8, Reserved
Arg2: b3b713e2c64b82a7, Reserved
Arg3: 00000000c0000082, Failure type dependent information
Arg4: 0000000000000007, Type of corrupted region, can be
    0   : A generic data region
    1   : Modification of a function or .pdata
    2   : A processor IDT
    3   : A processor GDT
    4   : Type 1 process list corruption
    5   : Type 2 process list corruption
    6   : Debug routine modification
    7   : Critical MSR modification
    8   : Object type
    9   : A processor IVT
    a   : Modification of a system service function
    b   : A generic session data region
    c   : Modification of a session function or .pdata
    d   : Modification of an import table
    e   : Modification of a session import table
    f   : Ps Win32 callout modification
    10  : Debug switch routine modification
    11  : IRP allocator modification
    12  : Driver call dispatcher modification
    13  : IRP completion dispatcher modification
    14  : IRP deallocator modification
    15  : A processor control register
    16  : Critical floating point control register modification
    17  : Local APIC modification
    18  : Kernel notification callout modification
    19  : Loaded module list modification
    1a  : Type 3 process list corruption
    1b  : Type 4 process list corruption
    1c  : Driver object corruption
    1d  : Executive callback object modification
    1e  : Modification of module padding
    1f  : Modification of a protected process
    20  : A generic data region
    21  : A page hash mismatch
    22  : A session page hash mismatch
    23  : Load config directory modification
    24  : Inverted function table modification
    25  : Session configuration modification
    26  : An extended processor control register
    27  : Type 1 pool corruption
    28  : Type 2 pool corruption
    29  : Type 3 pool corruption
    101 : General pool corruption
    102 : Modification of win32k.sys
BUGCHECK_STR:  0x109
DEFAULT_BUCKET_ID:  BAD_STACK_0x109
PROCESS_NAME:  csrss.exe
FAILURE_BUCKET_ID: BAD_STACK_0x109
CPUID:        "Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz"
MaxSpeed:     3400
CurrentSpeed: 3403
  BIOS Version                  F6
  BIOS Release Date             08/20/2012
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77M-D3H-MVP
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
 


3rd Party Drivers:
The following is for information purposes only.
My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:
[*************************Fri Dec 15 22:57:04.774 2017 (UTC - 5:00)**************************
intelppm.sys                Thu Sep 22 06:43:11 2011 (4E7B113F)
L1C63x64.sys                Sun Mar 31 23:15:17 2013 (5158FBC5)
semav6msr64.sys             Fri Jan 24 14:22:40 2014 (52E2BD80)
klmouflt.sys                Tue Jun  2 08:36:12 2015 (556DA33C)
viahduaa.sys                Tue Jun 16 04:06:10 2015 (557FD8F2)
TeeDriverW8x64.sys          Tue Jul  7 13:43:32 2015 (559C0FC4)
kldisk.sys                  Fri Dec 25 02:47:51 2015 (567CF4A7)
kl1.sys                     Fri Apr  1 10:20:28 2016 (56FE83AC)
klpd.sys                    Mon Apr 11 10:25:19 2016 (570BB3CF)
klbackupdisk.sys            Fri Apr 22 09:25:48 2016 (571A265C)
klkbdflt.sys                Fri May 13 16:10:05 2016 (5736349D)
kltap.sys                   Mon May 16 17:04:28 2016 (573A35DC)
klbackupflt.sys             Thu May 19 11:15:06 2016 (573DD87A)
cm_km.sys                   Wed May 25 05:00:10 2016 (5745699A)
klwfp.sys                   Mon Jun 13 05:29:14 2016 (575E7CEA)
klim6.sys                   Fri Sep 30 09:35:20 2016 (57EE6A18)
klflt.sys                   Thu Dec 29 06:26:07 2016 (5864F2CF)
mbae64.sys                  Wed Jan 11 12:08:00 2017 (58766670)
klwtp.sys                   Thu Jan 12 04:21:38 2017 (58774AA2)
klupd_klif_kimul.sys        Mon Feb  6 06:09:33 2017 (5898596D)
kneps.sys                   Thu May 25 05:29:31 2017 (5926A3FB)
farflt.sys                  Tue Sep  5 19:44:07 2017 (59AF36C7)
mwac.sys                    Thu Sep  7 12:04:14 2017 (59B16DFE)
nvhda64v.sys                Thu Sep 14 05:55:42 2017 (59BA521E)
klids.sys                   Fri Sep 29 18:14:48 2017 (59CEC5D8)
klif.sys                    Sat Sep 30 06:08:25 2017 (59CF6D19)
klhk.sys                    Sat Sep 30 06:14:39 2017 (59CF6E8F)
mbam.sys                    Thu Oct 12 11:23:13 2017 (59DF88E1)
mbamswissarmy.sys           Fri Oct 13 14:58:51 2017 (59E10CEB)
klupd_klif_klark.sys        Mon Oct 23 10:50:34 2017 (59EE01BA)
klupd_klif_klbg.sys         Mon Oct 23 10:50:36 2017 (59EE01BC)
klupd_klif_mark.sys         Mon Oct 23 11:03:14 2017 (59EE04B2)
klupd_klif_arkmon.sys       Mon Oct 23 11:08:37 2017 (59EE05F5)
nvlddmkm.sys                Tue Nov 14 14:50:10 2017 (5A0B48F2)
MbamChameleon.sys           Tue Nov 28 23:17:27 2017 (5A1E34D7)
 


http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=L1C63x64.sys
http://www.carrona.org/drivers/driver.php?id=semav6msr64.sys
http://www.carrona.org/drivers/driver.php?id=klmouflt.sys
http://www.carrona.org/drivers/driver.php?id=viahduaa.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys
http://www.carrona.org/drivers/driver.php?id=kldisk.sys
http://www.carrona.org/drivers/driver.php?id=kl1.sys
http://www.carrona.org/drivers/driver.php?id=klpd.sys
http://www.carrona.org/drivers/driver.php?id=klbackupdisk.sys
http://www.carrona.org/drivers/driver.php?id=klkbdflt.sys
kltap.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=klbackupflt.sys
http://www.carrona.org/drivers/driver.php?id=cm_km.sys
http://www.carrona.org/drivers/driver.php?id=klwfp.sys
http://www.carrona.org/drivers/driver.php?id=klim6.sys
http://www.carrona.org/drivers/driver.php?id=klflt.sys
http://www.carrona.org/drivers/driver.php?id=mbae64.sys
http://www.carrona.org/drivers/driver.php?id=klwtp.sys
klupd_klif_kimul.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=kneps.sys
http://www.carrona.org/drivers/driver.php?id=farflt.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
klids.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=klif.sys
http://www.carrona.org/drivers/driver.php?id=klhk.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=mbamswissarmy.sys
klupd_klif_klark.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
klupd_klif_klbg.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
klupd_klif_mark.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
klupd_klif_arkmon.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
http://www.carrona.org/drivers/driver.php?id=MbamChameleon.sys

 


 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.