Jump to content

Windows 8.1 - attempted_execute_of_noexecute_memory when running MWB


Recommended Posts

Please run this report collecting tool so that we can provide a complete analysis: (from the pinned topic at the top of the forum):  https://forums.malwarebytes.org/topic/170037-blue-screen-of-death-bsod-posting-instructions-windows-10-81-8-7-vista/

FYI - I don't often use the Perfmon report, so if it doesn't work please just let me know.
NOTE:  On problem systems it can take up to 20 minutes for the log files to complete.  Please be patient and let it run.

If you still have problems with it running, there's an alternate tool here (direct download link):  https://github.com/blueelvis/BSOD-Inspector/releases/download/1.0.5/BSODInspector-1.0.5.exe

NOTE:
Please zip up the (.ZIP) files - do not use .RAR, .7z or other compression utilities.
.ZIP is the type file that can be uploaded to the forums.

Link to post
Share on other sites

Your UEFI/BIOS (version A07) dates from 2012.  Please check at the manufacturer's website to see if there are any UEFI/BIOS updates available for your system.  If you are able to install the update through Windows (without booting from an external drive), then go ahead and update it.  WARNING - if the computer might shut down during this procedure, please don't do it, as this may physically damage the computer and prevent it from booting.
FYI - W8 and W10 communicate more with the UEFI/BIOS than previous versions of Windows, so it's important to ensure that the UEFI/BIOS is kept up to date (and the outdated UEFI/BIOS' may be the cause of some compatibility issues).

Only 210 Windows Update hotfixes installed.  Most systems have more than this  Please visit Windows Update and get ALL available updates (it may take several trips to get them all).
Don't worry about the specific number, it's just important that you have checked and installed any updates that were available (and didn't experience any errors).

Daemon Tools (and Alcohol % software) are known to cause BSOD's on some Windows systems (mostly due to the sptd.sys driver, although I have seen both dtsoftbus01.sys and dtscsibus.sys blamed on several occasions).

Please un-install the program, then use the following free tool to ensure that the troublesome sptd.sys driver is removed from your system (pick the 32 or 64 bit system depending on your system's configuration):  New link (15 Aug 2012): 

http://www.duplexsecure.com/downloads (pick the appropriate version for your system and select "Un-install" when you run it).
Alternate link:  http://www.disc-tools.com/download/sptd
Manual procedure here:  http://daemonpro-help.com/en/problems_and_solutions/registry_and_sptd_problems.html

NOTE:  The uninstaller may not find the SPTD.sys driver.  Don't worry about it, just let us know in your post.


NOTE2:  The latest version has an SPTD2.sys driver - the uninstaller is on the same page as the SPTD.sys driver - just download the version for W10!

Also, please uninstall ACE|Protect Software.  It's drivers date from 2007 and are likely not compatible with W8.1

After removing the above stuff, try MalwareBytes again.
If it still gives a BSOD, please run Driver Verifier according to these instructions:  http://www.carrona.org/verifier.html

Let it run for 36 hours, and if it doesn't crash by then - then run MalwareBytes to help force a crash.

Analysis:
The following is for information purposes only.
The following information contains the relevant information from the blue screen analysis:
**************************Sun Mar 25 16:55:12.264 2018 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\032518-33156-01.dmp]
Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
Built by: 9600.18946.amd64fre.winblue_ltsb_escrow.180302-1800
System Uptime:0 days 23:28:36.148
*** WARNING: Unable to verify timestamp for mbamswissarmy.sys
*** ERROR: Module load completed but symbols could not be loaded for mbamswissarmy.sys
Probably caused by :mbamswissarmy.sys ( mbamswissarmy+ddd1 )
BugCheck FC, {ffffe001410b4000, 800000013937e863, ffffd0002541b380, 2}
BugCheck Info: ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY (fc)
Arguments:
Arg1: ffffe001410b4000, Virtual address for the attempted execute.
Arg2: 800000013937e863, PTE contents.
Arg3: ffffd0002541b380, (reserved)
Arg4: 0000000000000002, (reserved)
BUGCHECK_STR:  0xFC
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
PROCESS_NAME:  MBAMService.ex
FAILURE_BUCKET_ID: 0xFC_mbamswissarmy!unknown_function
CPUID:        "Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz"
MaxSpeed:     1700
CurrentSpeed: 1696
  BIOS Version                  A07
  BIOS Release Date             11/12/2013
  Manufacturer                  Dell Inc.
  Product Name                  Inspiron 3537
  Baseboard Product             0MJNYC
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Mar 18 23:20:51.915 2018 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\031818-32953-01.dmp]
Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
Built by: 9600.18931.amd64fre.winblue_ltsb.180201-0600
System Uptime:5 days 2:50:12.635
*** WARNING: Unable to verify timestamp for mbamswissarmy.sys
*** ERROR: Module load completed but symbols could not be loaded for mbamswissarmy.sys
Probably caused by :mbamswissarmy.sys ( mbamswissarmy+ddd1 )
BugCheck FC, {ffffe00038eb4000, 8000000092ebf863, ffffd00021812380, 2}
BugCheck Info: ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY (fc)
Arguments:
Arg1: ffffe00038eb4000, Virtual address for the attempted execute.
Arg2: 8000000092ebf863, PTE contents.
Arg3: ffffd00021812380, (reserved)
Arg4: 0000000000000002, (reserved)
BUGCHECK_STR:  0xFC
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
PROCESS_NAME:  MBAMService.ex
FAILURE_BUCKET_ID: 0xFC_mbamswissarmy!unknown_function
CPUID:        "Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz"
MaxSpeed:     1700
CurrentSpeed: 1696
  BIOS Version                  A07
  BIOS Release Date             11/12/2013
  Manufacturer                  Dell Inc.
  Product Name                  Inspiron 3537
  Baseboard Product             0MJNYC
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


3rd Party Drivers:
The following is for information purposes only.
My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:
**************************Sun Mar 25 16:55:12.264 2018 (UTC - 4:00)**************************
acehlp10.sys                Wed Jul 11 04:16:22 2007 (469491D6)
acedrv10.sys                Wed Jul 11 04:22:20 2007 (4694933C)
DellRbtn.sys                Fri Aug  3 17:32:54 2012 (501C4386)
btath_lwflt.sys             Fri Nov  2 01:35:44 2012 (50935BB0)
btath_hcrp.sys              Tue Dec 18 04:54:54 2012 (50D03D6E)
btath_bus.sys               Mon Jan 21 04:18:42 2013 (50FD07F2)
btath_rcp.sys               Fri Jun 21 05:11:54 2013 (51C418DA)
Rt630x64.sys                Fri Jun 21 05:29:10 2013 (51C41CE6)
RtsUVStor.sys               Tue Jul  9 02:33:53 2013 (51DBAED1)
iwdbus.sys                  Wed Jul 24 21:06:12 2013 (51F07A04)
iaStorA.sys                 Thu Aug  1 21:39:52 2013 (51FB0DE8)
Smb_driver_Intel.sys        Mon Aug 12 00:22:01 2013 (520862E9)
SynTP.sys                   Mon Aug 12 01:51:05 2013 (520877C9)
athwbx.sys                  Thu Aug 15 23:13:28 2013 (520D98D8)
igdkmd64.sys                Mon Aug 19 19:08:25 2013 (5212A569)
RTKVHD64.sys                Wed Aug 21 00:48:22 2013 (52144696)
intelppm.sys                Thu Aug 22 04:46:35 2013 (5215CFEB)
btath_avdt.sys              Thu Aug 22 23:43:41 2013 (5216DA6D)
btath_flt.sys               Thu Aug 22 23:46:29 2013 (5216DB15)
btfilter.sys                Tue Sep  3 06:02:07 2013 (5225B39F)
btath_a2dp.sys              Tue Sep  3 06:03:36 2013 (5225B3F8)
TeeDriverx64.sys            Thu Sep  5 14:02:18 2013 (5228C72A)
dtlitescsidrv.SYS           Thu Nov 27 07:14:42 2014 (547715B2)
sptd.sys                    Thu Dec 11 09:52:44 2014 (5489AFBC)
VBoxUSBMon.sys              Tue Sep 15 23:25:39 2015 (55F8E133)
XQHDrv.sys                  Tue Sep 15 23:29:39 2015 (55F8E223)
dtlitescsibus.sys           Thu Sep 24 16:17:21 2015 (56045A51)
dtliteusbbus.sys            Mon Dec 28 08:05:52 2015 (568133B0)
DDDriver64Dcsa.sys          Wed Jan 11 10:28:26 2017 (58764F1A)
mbae64.sys                  Wed Jan 11 12:08:00 2017 (58766670)
DellProf.sys                Mon Apr  3 14:48:04 2017 (58E298E4)
mbam.sys                    Thu Dec  7 12:35:31 2017 (5A297BE3)
MbamChameleon.sys           Thu Dec 21 12:39:17 2017 (5A3BF1C5)
mbamswissarmy.sys           Fri Dec 22 12:33:47 2017 (5A3D41FB)
farflt.sys                  Thu Feb  8 12:51:34 2018 (5A7C8E26)
avgbidsdrivera.sys          Thu Feb 22 14:50:40 2018 (5A8F1F10)
avgbuniva.sys               Thu Feb 22 14:50:48 2018 (5A8F1F18)
avgbidsha.sys               Thu Feb 22 14:50:49 2018 (5A8F1F19)
avgbloga.sys                Thu Feb 22 14:50:52 2018 (5A8F1F1C)
avgbdiska.sys               Thu Feb 22 14:51:07 2018 (5A8F1F2B)
avgArPot.sys                Tue Feb 27 06:28:46 2018 (5A9540EE)
avgMonFlt.sys               Tue Feb 27 06:28:52 2018 (5A9540F4)
avgRvrt.sys                 Tue Feb 27 06:29:06 2018 (5A954102)
avgVmm.sys                  Tue Feb 27 06:29:10 2018 (5A954106)
avgRdr2.sys                 Tue Feb 27 06:29:18 2018 (5A95410E)
avgSP.sys                   Tue Feb 27 06:29:23 2018 (5A954113)
avgSnx.sys                  Tue Feb 27 06:29:45 2018 (5A954129)
avgStm.sys                  Tue Feb 27 06:44:07 2018 (5A954487)
mwac.sys                    Thu Mar  1 12:25:14 2018 (5A98377A)


acehlp10.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
acedrv10.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=DellRbtn.sys
http://www.carrona.org/drivers/driver.php?id=btath_lwflt.sys
http://www.carrona.org/drivers/driver.php?id=btath_hcrp.sys
http://www.carrona.org/drivers/driver.php?id=btath_bus.sys
http://www.carrona.org/drivers/driver.php?id=btath_rcp.sys
http://www.carrona.org/drivers/driver.php?id=Rt630x64.sys
http://www.carrona.org/drivers/driver.php?id=RtsUVStor.sys
http://www.carrona.org/drivers/driver.php?id=iwdbus.sys
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=Smb_driver_Intel.sys
http://www.carrona.org/drivers/driver.php?id=SynTP.sys
http://www.carrona.org/drivers/driver.php?id=athwbx.sys
http://www.carrona.org/drivers/driver.php?id=igdkmd64.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=btath_avdt.sys
http://www.carrona.org/drivers/driver.php?id=btath_flt.sys
http://www.carrona.org/drivers/driver.php?id=btfilter.sys
http://www.carrona.org/drivers/driver.php?id=btath_a2dp.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
dtlitescsidrv.SYS - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=sptd.sys
http://www.carrona.org/drivers/driver.php?id=VBoxUSBMon.sys
XQHDrv.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=dtlitescsibus.sys
http://www.carrona.org/drivers/driver.php?id=dtliteusbbus.sys
http://www.carrona.org/drivers/driver.php?id=DDDriver64Dcsa.sys
http://www.carrona.org/drivers/driver.php?id=mbae64.sys
http://www.carrona.org/drivers/driver.php?id=DellProf.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=MbamChameleon.sys
http://www.carrona.org/drivers/driver.php?id=mbamswissarmy.sys
http://www.carrona.org/drivers/driver.php?id=farflt.sys
avgbidsdrivera.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgbuniva.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgbidsha.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgbloga.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgbdiska.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgArPot.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgMonFlt.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgRvrt.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgVmm.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgRdr2.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgSP.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgSnx.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
avgStm.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=mwac.sys

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.