Jump to content

Malwarebytes Crashes while scanning


Recommended Posts

Hi,
For a while now, everytime I scan checking the option to check for rootkits, while scanning (always on the object 437) my computer freeze and go to a BSOD that say "kernel_data_inpage_error" theoretically caused by cdd.dll.
I have done a clean reinstall using the tool provided by malwarebytes with the same result. I've scanned using tddskiller, malwarebytes anti-rootkit and roguekiller with no issues and coming out clean. I have uninstalled the antivirus in case it was the issue with no change. 

I renewed my license not even a month ago and I would like to fix it rather than do a refund. How can I fix this situation?
Thanks in advance for your help.

Link to post
Share on other sites

Hello and Welcome

Lets try this new tool called Malwarebytes Support Tool to gather some logs.

  1. Download Malwarebytes Support Tool
  2. Once the file is downloaded, open your Downloads folder/location of the downloaded file
  3. Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  4. Place a checkmark next to Accept License Agreement and click Next
  5. You will be presented with a page stating, "Welcome to the Malwarebytes Support Tool!"
  6. Click the Advanced Options link
  7. The Advanced Options page has two options, please choose one:
    • Gather Logs: Collects troubleshooting information from the computer using Check and Grab functionality. As part of this process, Farbar Recovery Scan Tool (FRST) is also run to perform a complete diagnosis of the computer. The troubleshooting information is saved to a file on the Desktop named mbst-grab-results.zip. This file can be added as an email attachment or uploaded to a forum post and will assist your Malwarebytes Support agent with troubleshooting the issue currently being experienced.
    • Clean: Performs an automated uninstallation of all Malwarebytes products currently installed to the computer and prompts to install the latest version of Malwarebytes for Windows afterwards. This process may require a reboot of the computer, which must be manually consented to.
  8. To provide logs for review click the Gather Logs button
  9. A progress bar will appear and the program will proceed to gather troubleshooting information from your computer
  10. Upon completion, click OK
  11. A file named mbst-grab-results.zip will be saved to your Desktop
  12. Please attach the file in your next reply.

Link to post
Share on other sites

:welcome:  Hello Hayasa.

Thanks for relaying the support-report-file.  This pc has Malwarebytes version Malwarebytes version 3.4.5

Let's get it upgraded to our latest release 3.5.1

In preparation, first please close and save any open work.  Close what is not in use ( programs opened) so that you have a clear view all around.


Please use this link 

download and save the setup file . It will automatically download. Just SAVE first.
 

  1. Double-click mb3-setup-consumer-3.5.1.2522 to start the Malwarebytes for Windows setup.
  2. Follow the installation instructions to complete setup.


Watch all of the process. Have lots of patience.
When setup has completed, my suggestion is always to do a Windows Restart.

Sincerely,

Link to post
Share on other sites

Hi Maurice,

Thanks for answering. I installed the new version after a clean install with the expected result of BSOD on the rootkit scan. This time the message for the BSOD was unexpected_store_exception instead of the usual kernel_data_inpage_error.
After crashing I had to reset a couple of times since MB refused to initialize all the shields. But other than that, basically the same result.

Link to post
Share on other sites

A memory dump of this issue would be very helpful. To enable memory dumps, please follow the instructions below:

  1. Press the Windows Key to bring up the start menu
  2. Type view advanced system settings and click the top option
  3. In the window that comes up, under the Startup and Recovery section, click Settings...
  4. In the System Failure section, please make sure your options match the ones in the screenshot below
    image.png.0b08cf636df8a2867d452fcb9b0e99d6.png
  5. Click Ok twice and reboot the computer

Now reinstall Malwarebytes and trigger the crash again. Once it happens, please get back into Windows, and follow the instructions below:

  1. Navigate to C:\Windows
  2. Move the file memory.dmp from this folder to your desktop
  3. Right click memory.dmp and choose "Send to -> Compressed (Zipped) folder"
  4. Once this is done, please use wetransfer.com to upload the file and generate a download link

Thanks in advance, I understand this is quite a bit of configuration, but this should allow us to figure out what's going on with your rootkit scans

Link to post
Share on other sites

You might also try the special build of Malwarebytes Anti-Rootkit as detailed in this topic to see if it is able to complete a scan.  If it is, go ahead and have it remove any detected items and reboot if prompted to complete the removal process and post back the logs from the scan so that we can take a look.

If it crashes the system as Malwarebytes 3 does, then please provide the memory dump as described above in addition to a dump from a Malwarebytes scan so that we might take a look at them.

Thanks

Link to post
Share on other sites

Hey, 
Thanks for the answers. MBAR runs fine with no issues again.
While trying to get the blue screen doing the scan with rootkit on, this time it froze the computer without giving the BSOD. I waited 7 hours and nothing happened having to force a shut down and there's no .dmp file to share. Also the system got unstable but doing a sfc looks like is stable again. 

Since I work with this computer and I'm not economically in a position to delay more work or risk not having the computer to work every day, Is there any other thing I can do to check what's happening other than trying to get the BSOD again? 

Thanks again for your help.
 

Link to post
Share on other sites

I passed ADWCleaner and came out with 2 detections that have been cleaned. One was a chrome extension (avira safe search) and a registry key that i don't know (hklm/software/wow6432node/classes/clsid/{8bf0126f-a5b7-4720-abb2-2414a0af5474})

Thanks again for the help!

Link to post
Share on other sites

Sorry for the delay, couldn't answer in the weekend. 
Again got frozen and unable to do anything with no memory dump due to force shutdown. I'm kind of worried for my computer having to force a shutdown, is there something else I can do like the support tool to check what might be causing it?

Link to post
Share on other sites

On 5/8/2018 at 1:18 AM, Hayasa said:

Hi,
For a while now, everytime I scan checking the option to check for rootkits, while scanning (always on the object 437) my computer freeze and go to a BSOD that say "kernel_data_inpage_error" theoretically caused by cdd.dll.
I have done a clean reinstall using the tool provided by malwarebytes with the same result. I've scanned using tddskiller, malwarebytes anti-rootkit and roguekiller with no issues and coming out clean. I have uninstalled the antivirus in case it was the issue with no change. 

I renewed my license not even a month ago and I would like to fix it rather than do a refund. How can I fix this situation?
Thanks in advance for your help.

That cdd.dll has caused issues with other people as well and gets used by different programs. Is there software that you're aware of that is using that cdd.dll? Some kind of video game comes to mind or even a office type program, perhaps a recent installation. Anyways, would it be possible to disable this DLL or uninstall a specific program, so that this dll isn't loaded at bootup and see if this makes a difference with Rootkit scans/freezes and see if it stops then?

Link to post
Share on other sites

52 minutes ago, Hayasa said:

Hi plb4333,

I'm not aware of other software using it or which programs use it. Is there any way to check it out?

Thanks for answering

Hello! This file named cdd.dll stands for Canonical Display Driver. Microsoft is known to use it in their programs. But it might be better to do other mainenance than find the program that's using it, since you mentioned also another error. Both of these errors can be caused by your disk drive or SSD. I would run a scandisk and check for bad sectors. Also make sure your windows is getting the updates. Microsoft has seen alot of errors with the ccd.dll but, after seeing your other error too, it might just be your Hard drive/SSD thats having trouble. I was going to mention sometimes an anti-virus program can cause this error, (your 1st error mentioned) but it would only be a symptom and not the software and since you have already uninstalled and reinstalled MBAM, that's not it. Since you were doing rootkit scans, this goes deep in OS and any sector errors on disk would certainly show up as errors, BSOD's..You might also want to do a command line instruction of  sfc /scannow  to check for system files corruption. I don't know what windows version you have, but some users have seen your 2nd error on Win10, when 'Fast startup' is enabled.

Edited by plb4333
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.