Jump to content

BSOD's, can't run malware scanner of diagnostics scanners

Recommended Posts

Hi all,

In the past weeks I have had a surplus of different BSOD's.

0x00000024 - ntfs.sys

0x00000001 - tcp1p.sys (2 times)

0x0000003B - Ironx64.sys

0x0000007E - at1kmdag.sys


I am unable to run malwarebytes, neither as an admin nor in safe mode nor from the file itself. When I change the name of the executable file it immediately says that MBAM stopped working.

I removed it just now and the file mbshlext.dll remains.

I am unable to open sysnative bsod collection app even if I disable my Norton security.

I have been able to scan with FRST and the files are attached.

I have run chdsk and scannow in cmd and there is nothing wrong here.

It mostly crashes on high performance games like Elder Scrolls Online or Rust, but also sometimes randomly.

I have updated all my drivers and cleaned out all the hardware to rule out overheating, fans are working fine as well.

I have already cleaned the registry with Eusing Free Registry Cleaner.



Link to post
Share on other sites

UPDATE: I have been able to download Malwarebytes Chameleon from this website as it would not work from my desktop. Cmd says that it doesn't detect any malwarebytes software installed while it clearly should be. It then installs version 2 of malwarebytes and I'm able to scan, detect and quarantine 32 different threats, which I can't post here for some reason.

If I then restart my pc and run MBAM it asks me to update to version 3.3, which I do but then it won't run as before.


Edited by CHANSON
Link to post
Share on other sites

Please run this report collecting tool so that we can provide a complete analysis: (from the pinned topic at the top of the forum):  https://forums.malwarebytes.org/topic/170037-blue-screen-of-death-bsod-posting-instructions-windows-10-81-8-7-vista/

FYI - I don't often use the Perfmon report, so if it doesn't work please just let me know.
NOTE:  On problem systems it can take up to 20 minutes for the log files to complete.  Please be patient and let it run.

If you still have problems with it running, there's an alternate tool here (direct download link):  https://github.com/blueelvis/BSOD-Inspector/releases/download/1.0.5/BSODInspector-1.0.5.exe

Please zip up the (.ZIP) files - do not use .RAR, .7z or other compression utilities.
.ZIP is the type file that can be uploaded to the forums.

Link to post
Share on other sites

Hi thank you, this time I was able to use sysnative bsod collection app, had to turn off my norton security.

The zip file is attached below.

When I try to run perfmon in cmd (admin) it says after a few seconds that "the data collector set or one of its dependencies is already in use."

I ran it succesfully after a clean boot and the file is also attached below.

PS: in Service Manager I see MBAMservice is running but I can't stop the service and MBAM still doesn't start up.

I also booted with BitDefender on a formatted USB drive last night and it was able to find and remove one infected item.



Edited by CHANSON
Link to post
Share on other sites

Ensure that your BIOS is updated.  This is not as critical w/W7 as it is with Windows 8 or 10.

Please visit Windows Update and get ALL available updates (it may take several trips to get them all).
The actual number is not important.  Rather it's important that you checked manually, installed any available updates, and didn't experience any errors when checking or updating.

I suspect that the system might still be infected.
I am not familiar with malware removal and suggest that you post in the Malware Removal forums to ensure that everything has been removed and repaired:  https://forums.malwarebytes.com/forum/7-malware-removal-for-windows/


C: drive only has about 9% free space.  Windows likes 15% free space in order to perform stuff "behind the scenes" without adversely affecting the system's performance.  Please free up 15% on ALL hard drives (you can get away with 10% on larger drives and won't notice a large performance penalty).  Low free space can cause BSOD's - but the actual amount depends on the files being used by the system.

Please do not use registry cleaners.  At best they just aren't needed.  At worst, they can damage the registry and even render your system unbootable.

MSI Afterburner and Riva Tuner (along with EVGA Precision) are known to cause BSOD's in some Windows systems (it's driver is usually RTCore64.sys).  Please un-install them immediately!

If you're overclocking, please stop the overclock while we're troubleshooting.  Feel free to resume the overclock once the system has been stabilized.

Beyond this, there's no sign of BSOD's on your system (in the reports I looked at).
Most often BSOD's like this are from hardware problems - but can be caused by malware operating at low levels within the system.

1)  First be sure to have the Malware Removal experts look at the system
2)  Then have the MalwareBytes experts help with getting it running:  https://forums.malwarebytes.com/forum/41-malwarebytes-3/

3)  Then, if the BSOD's continue, perform this procedure to rule out hardware problems:


My suggested way to diagnose a hardware problem (3 steps):


Step #1)  Please run these free hardware diagnostics: 

    Please run ALL of the tests and let us know the results.  (If you can't run all the tests, then at least run these free, bootable diagnostics:  http://www.carrona.org/initdiag.html )
    FYI - These are the tests and what we usually see for the reports:  SEE QUOTE BOX 1 below

Step #2)  If all the tests pass, then try to perform a clean install of Windows:  SEE QUOTE BOX 2 below

Step #3)  Then, if the clean install confirms the hardware problem, try this procedure to isolate the problem device(s):  http://www.carrona.org/strpdown.html

        1 - Antivirus/antimalware scans:  In short, if there are Trojans or other serious malware - start over in the Am I Infected forums

        2 - Memory diagnostics:  Run MemTest86+ for at least 3 passes.  If booting from UEFI, run MemTest86 instead.  Let us know if there were any errors reported
        3 - Hard Drive diagnostics:  Don't sweat the details here.  In short, run the Seagate Seatools Long/Extended test from a bootable disk.  If unable to run it from a bootable disk (UEFI and some others), then run the Seagate Seatools for Windows from within Windows.  There are no diagnostics for SSD's, just run the Crystal Mark tests and let us know if there were any failures
        4 - Furmark:  run the test until the temperature stabilizes.  Don't let it get much over 90ºC.  Let us know the temp it stabilizes at and if there were any problems running the test (other than slowness).
        5 - Prime95:  run the Blend test for 24 hours (this may not be possible, but run it as long as you can.  Look for errors in the output, or for problems running the test (freezes/crashes)
        6 - Video 2 (other video tests):  there's several tests here.  Run all of them.  I'm especially interested in the Video Memory Test.  Let us know the results of the test(s)
          - A - simtek.org memtest
          - B - Video memory stress test
          - C - Artifact Locator
          - D - OCCT - 4 built in tests for CPU, GPU, PSU
          - E - Video Memory Stress Test
        7 - CPU tests:  run at least one test on your CPU and let us know the result.
A clean install is:

        - Windows is installed to a freshly partitioned hard drive with legitimate installation media (W10:  https://www.microsoft.com/en-us/software-download/windows10 ).
        - The installation media is only a copy of Windows, not the OEM recovery disks that you can make on some systems.
        - Windows is fully updated after it's installed.  That's ALL updates - none excepted.
        - NO 3rd party software is installed.
        - There are no errors in Device Manager (if you find any, post back for suggestions).
         - The BIOS/UEFI is updated to the latest available version (this presumes that the system is compatible w/Windows 10 also).

        This will wipe everything off of the computer, so it's advisable to backup your stuff first.
        Also, it will wipe out all the special software that the OEM added to the system, so if you rely on any of that - let us know what it is so we can figure out a way to save/download it (the easiest way is to create/obtain the OEM;s recovery media)

        If unable to find recovery media that has the software (or if you suspect that this is a hardware problem), you can make an image of your system that'll preserve everything in the state that it was in when you made the image.  You can also do this if you don't want to try another hard drive - yet you want to be able to return to the current system state.
        One drawback to this is that you're making an image of a malfunctioning system - so, if there are errors in the system software, you'll have a nice copy of them [:(]
        Another drawback is that the image of the system will be very large - so you'll most likely need a large external drive to store it on.
        But, this will allow you to save everything on the hard drive (although you'll need an image viewer to get things out of the image).
        The point here is that, if it's a hardware problem, then you can restore the system to the point it was when you made the image - after you repair the hardware problem.
        You can obtain more info on imaging in the Backup/Imaging/DiskMgmt forums located here:  http://www.bleepingcomputer.com/forums/f/238/backup-imaging-and-disk-management-software/

        The point of doing this (the clean install) is to:
        - rule out Windows as a problem (if the problem continues, it's not a Windows problem as you completely replaced Windows
        - rule out 3rd party software (if the problem continues, it's not a 3rd party software problem as you didn't install any 3rd party software)
        - so, if the problem continues, it must be a hardware problem.

        OTOH, if the problem stops, then it was either a Windows or 3rd party software problem.  If the problem doesn't come back, then you've fixed it.  Then all that remains is setting the computer back up the way that you'd like it and importing your data from the backup you made.


Edited by usasma
Link to post
Share on other sites

Alright I have shored up space in my C drive to almost 20% free space. I also removed RivaTuner, Eusing registry cleaner and MSI Afterburner and any other registry cleaners that were still clinging on somewhere.

However when I attempt to download a BIOS update from Acer's own website https://www.acer.com/ac/nl/NL/content/support-product/3445?b=1 Norton Security tells me they removed the file as it contained a Trojan.Gen.8!Cloud virus. I don't overclock my system by the way.

For the malware problem I will post in the given link.

Edited by CHANSON
Link to post
Share on other sites

If you're certain of the legitimacy of the download link from Acer, then you can tell Norton to either allow the download or you can pause protection while you download it.

Once you're cleared by the anti-malware folks, you may want to post in the General Windows PC Help forum (as that's most likely where you're find the Windows Update experts)
If you get no response there, then try http://www.sysnative.com  Create an account then post in their Windows Update forums.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.