Jump to content

Recommended Posts

Hi there,

Whilst none of my BSODs/minidumps specifically point to MBAM, I did come across some forum threads where it was the culprit. Can anyone please help me verify?

Unfortunately I have had to install MBAM just to be able to use my PC, but I can tell you I only updated yesterday so it would have been the most recent version. Here are some dumps (see attached).

For now, I haven't had any BSODs since uninstalling, that said I only uninstalled about 10 mins ago.

Please help! Thank you.

Dumps.zip

Link to post
Share on other sites

Please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

 

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thanks

Link to post
Share on other sites

54 minutes ago, Porthos said:

Please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

 

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thanks

Thank you, I have uninstalled MBAM though, will it still work?

Link to post
Share on other sites

3 minutes ago, cinder said:

as I will remove from this public post for privacy

No one but you and authorized people can access them in this section of the forum.

But I see what the problem probably was. Malwarebytes and Bit Defender products have compatibility issues.

Please refer to this support article which lists several known applications which conflict with the Web Protection in Malwarebytes currently

Link to post
Share on other sites

1 minute ago, Porthos said:

No one but you and authorized people can access them in this section of the forum.

But I see what the problem probably was. Malwarebytes and Bit Defender products have compatibility issues.

Please refer to this support article which lists several known applications which conflict with the Web Protection in Malwarebytes currently

Ok thanks for that.

Yeah, I know about the MBAM and BD incompatibility, that said they've been running side by side for years with no issues, and are currently running on another PC I have with no issues.

Are you able to help me diagnose a bit more please? As I really like having a layered defence to my security. MBAM has some features I like, as does BD. I don't think there is one product that completely covers everything.

I have had no more reoccurrences with MBAM uninstalled.

Link to post
Share on other sites

Just now, cinder said:

that said they've been running side by side for years with no issues, and are currently running on another PC I have with no issues.

That compatibility can come and go depending on updates from BOTH products.

2 minutes ago, cinder said:

As I really like having a layered defence to my security.

I and 100's my clients cover the layers with Windows Defender and Malwarebytes.

3 minutes ago, cinder said:

I have had no more reoccurrences with MBAM uninstalled.

The only true test is to fully uninstall Bit Defender (not just disable it) and reinstall Malwarebytes.

Link to post
Share on other sites

You have numerous system errors going on as well

==================== Event log errors: ========================

Application errors:
==================
Error: (06/09/2023 02:42:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NAT-PCV4)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (06/09/2023 02:41:34 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (06/09/2023 02:36:09 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NAT-PCV4)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (06/09/2023 02:23:04 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NAT-PCV4)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (06/09/2023 02:11:57 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NAT-PCV4)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (06/09/2023 01:59:29 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NAT-PCV4)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (06/09/2023 01:58:38 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Windows Modules Installer). Additional information: 0xc0000022.

Error: (06/09/2023 01:58:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcPowerNotification.exe, version: 1.0.6.3, time stamp: 0x88363697
Faulting module name: KERNELBASE.dll, version: 10.0.19041.2965, time stamp: 0xf18c1c30
Exception code: 0xe0434352
Fault offset: 0x0013d6c2
Faulting process ID: 0x3f78
Faulting application start time: 0x01d99a86a5e7e727
Faulting application path: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report ID: 67e186d6-f103-4ed8-bdcb-84f0b9dc5c3f
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (06/09/2023 04:05:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NBLGGH4RV3K-Microsoft.VCLibs.140.00.UWPDesktop.

Error: (06/09/2023 02:38:32 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x000000c2 (0x000000000000000d, 0xffffab06d8385798, 0x00000000ffffab06, 0x87244dea51d20727). A dump was saved in: c:\windows\minidump\060923-7125-01.dmp. Report Id: 6a07a6dc-e4c8-4407-97fb-fc336031c72a.

Error: (06/09/2023 02:38:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:37:47 PM on ‎9/‎06/‎2023 was unexpected.

Error: (06/09/2023 02:31:48 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x000000c2 (0x0000000000000099, 0xffff8a82a233a778, 0x0000000000000000, 0x0000000000000000). A dump was saved in: c:\windows\minidump\060923-7937-01.dmp. Report Id: 15b71801-6f02-43a3-ad82-a2496dbead72.

Error: (06/09/2023 02:31:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:18:40 PM on ‎9/‎06/‎2023 was unexpected.

Error: (06/09/2023 02:18:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Energy Server Service queencreek service terminated unexpectedly. It has done this 1 time(s).

Error: (06/09/2023 02:18:03 PM) (Source: DCOM) (EventID: 10010) (User: NAT-PCV4)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (06/09/2023 02:09:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

 

Link to post
Share on other sites

  • Root Admin

Hello @cinder

 

Why don't we do the following. Remove some software temporarily and do some clean up. Once the system is working well again, then you can reinstall as you see fit?

I would recommend to get started to make a new System Restore Point, then do the following

 

Please go to Control Panel, Programs, Programs and Features, Uninstall a program

Then right-click and uninstall the following

  • Bitdefender Agent
  • Bitdefender Total Security
  • Bitdefender VPN
  • Bonjour
  • HitmanPro 3.8
  • RogueKiller version 15.10.0.0

 

Restart the computer again and create a new System Restore Point

 

Then get us a new set of logs from MBST to review and go from there.

 

Cheers

 

 

Link to post
Share on other sites

16 hours ago, AdvancedSetup said:

Then right-click and uninstall the following

  • Bitdefender Agent
  • Bitdefender Total Security
  • Bitdefender VPN
  • Bonjour
  • HitmanPro 3.8
  • RogueKiller version 15.10.0.0

That is done. Do you want me now to reinstall MBAM which will then be the only security product running? For now I have Defender on. Thanks.

mbst-grab-results.zip

Link to post
Share on other sites

  • Root Admin

Please run the following fix @cinder

 

NOTE: Please read all of the information below before running this fix.

  • NOTICE: This script was written specifically for this user, for use on this particular machine.
  • Running this on another machine may cause damage to your operating system that cannot be undone.

Once the fix has been completed, please attach the file FIXLOG.TXT to your next reply

Farbar program:   FRSTEnglish.exe

Save the attached file:  FIXLIST.TXT to this folder C:\Users\LocalUser\Downloads\

NOTE. It's important that both files, FRSTEnglish.exe, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real-time antivirus or security software before running this script. Once completed, make sure you re-enable it.

 

 

Run the Farbar program with Admin rights and press the Fix button just once and wait.

The fix may possibly take up to 60 minutes to complete

If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log named Fixlog.txt in the same folder you ran the Farbar program from. Please attach that log on your next reply.

 

  1. NOTE:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity.
  2. NOTE: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications may be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed in most, but not all cases.
  3. NOTE: As part of this fix, it will also reset the network to default settings including the firewall. If you have custom firewall rules you need to save please export or save them first before running this fix.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome, and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Discord cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt

Thanks

 

Link to post
Share on other sites

  • Root Admin

Great, that looks good.

Please run the following

 

SecurityCheck by glax24              

I would like you to run a tool named SecurityCheck to inquire about the current security update status of some applications.

  • Download SecurityCheck by glax24: https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
  • If Microsoft SmartScreen blocks the download, click through to save the file
  • This tool is safe.   Smartscreen is overly sensitive.
  • If SmartScreen blocks the file from running click on More info and Run anyway
  • Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"  and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open a text file named SecurityCheck.txt Close the file.  Attach it with your next reply.
  • You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

 

image.png

image.png

image.png

 

Thank you

 

 

Link to post
Share on other sites

  • Root Admin

Many programs don't fully uninstall.

 

The elevation prompt for administrators disabled
^It is recommended to enable (default): Win+R typing UserAccountControlSettings and Enter^

 

Please update the following programs

Discord v.1.0.9011 Warning! Download Update
Slack v.4.31.155 Warning! Download Update
Microsoft Teams v.1.6.00.6754 Warning! Download Update

 

Then get me a new set of Farbar scan logs, please.

 

 

 

Link to post
Share on other sites

1 hour ago, AdvancedSetup said:

Discord v.1.0.9011 Warning! Download Update > Done
Slack v.4.31.155 Warning! Download Update > Said it was up to date
Microsoft Teams v.1.6.00.6754 Warning! Download Update > Done

As I use ThreatLocker Zero Trust, that may be why elevation prompt is disabled, for some programs it takes care of elevation for me. Am I to use the same fixlist.txt as before? 

Link to post
Share on other sites

  • Root Admin

Not a fixlist.

Run Farbar to scan and provide new logs. You shouldn't need to download again, but if so the link is below.

I want to get new

  • FRST.TXT
  • ADDITION.TXT

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.