Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD page fault in non paged area MBAMswiss army.sys


  • Please log in to reply
4 replies to this topic

#1 Seanosborne66

Seanosborne66

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 07 November 2016 - 01:26 PM

HI,

I am trying to remove some rootkit viruses that Spybot reported, as well as a trojan reported by windows defender.

 

I cannot run malwarebytes or MBAR as they both cause a BSOD with the message "page fault in non paged area" MBAMswissarmy.sys

 

I tried running ESET on line scanner that found 4 infections and then crashed.

 

I am running Windows 10 Insider preview 14959

 

I tried to run Sysnative.exe but it would not create an output zip file.

 

I also ran perfmon and created the file but I get

 

"You aren't permitted to upload this kind of file" on both files

 

WHat am I doing wrong and can anybody help?


Edited by Seanosborne66, 07 November 2016 - 01:27 PM.


BC AdBot (Login to Remove)

 


#2 Seanosborne66

Seanosborne66
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 07 November 2016 - 01:32 PM

· OS - Windows 8.1, 8, 7, Vista ?​    WIndows 10 insider preview 14959
· x86 (32-bit) or x64 ? x64
· What was original installed OS on system? windows 7
· Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? original download (upgrade)
· Age of system (hardware) 3 years
· Age of OS installation - have you re-installed the OS? Updated regularly by Microsoft

· CPU i7-2600
· Video Card GeForce 650Ti Boost
· MotherBoard - (if NOT a laptop) ASUS
· Power Supply - brand & wattage (skip if laptop) Alpine 850W

· System Manufacturer ASUS
· Exact model number (if laptop, check label on bottom) ESSENTIO 6830

· Laptop or Desktop? Desktop


Edited by Seanosborne66, 07 November 2016 - 01:33 PM.


#3 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:07:25 PM

Posted 09 November 2016 - 08:38 AM

You must zip up the reports.
The system will accept .zip files, it won't accept .html or others

 

I would first try uninstalling MalwareBytes.  There were BSOD issues with it and the latest Fast Ring Insider builds

There is rumor that it's fixed in the latest build:  https://forums.malwarebytes.org/topic/190286-win-10-insider-preview-build-14959-fixed/

 

Finally, if you can't run the Sysnative app, try this alternative:  BSOD Inspector (direct download):  https://github.com/blueelvis/BSOD-Inspector/releases/download/1.0.5/BSODInspector-1.0.5.exe

If that doesn't work, then I'd like to see these reports:

 

Upload Dump Files:
NOTE:  If using a disk cleaning utility, please stop using it while we are troubleshooting your issues.
Please go to C:\Windows\Minidump and zip up the contents of the folder.  Then upload/attach the .zip file with your next post.
Left click on the first minidump file.
Hold down the "Shift" key and left click on the last minidump file.
Right click on the blue highlighted area and select "Send to"
Select "Compressed (zipped) folder" and note where the folder is saved.
Upload that .zip file with your next post.

If you have issues with "Access Denied" errors, try copying the files to your desktop and zipping them up from there.  If it still won't let you zip them up, post back for further advice.

If you don't have anything in that folder, please check in C:\Windows for a file named MEMORY.DMP.  If you find it, zip it up and upload it to a free file hosting service.  Then post the link to it in your topic so that we can download it.

Also, search your entire hard drive for files ending in .dmp, .mdmp, and .hdmp.  Zip up any that you find and upload them with your next post.

Then, follow the directions here to set your system for Minidumps (much smaller than the MEMORY.DMP file):  http://www.carrona.org/setmini.html
More info on dump file options here: http://support.microsoft.com/kb/254649

MSINFO32:
Please go to Start and type in "msinfo32.exe" (without the quotes) and press Enter
Save the report as an .nfo file, then zip up the .nfo file and upload/attach the .zip file with your next post.
Also, save a copy as a .txt file and include it also (it's much more difficult to read, but we have greater success in getting the info from it).

If you're having difficulties with the format, please open an elevated (Run as administrator) Command Prompt and type (or copy/paste) "msinfo32 /nfo %USERPROFILE%\Desktop\TEST.NFO" (without the quotes) and press Enter.  Then navigate to Desktop to retrieve the TEST.NFO file.  If you have difficulties with making this work, please post back.  Then zip up the .nfo file and upload/attach the .zip file with your next post.

systeminfo:
Please open an elevated (Run as administrator) Command Prompt and type (or copy/paste) "systeminfo.exe >%USERPROFILE%\Desktop\systeminfo.txt" (without the quotes) and press Enter.  Then navigate to Desktop to retrieve the syteminfo.txt file.  If you have difficulties with making this work, please post back.  Then zip up the .txt file and upload/attach the .zip file with your next post.
NOTE:    Will not work with Windows XP


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#4 Seanosborne66

Seanosborne66
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 09 November 2016 - 03:52 PM

Well I have managed to zip up the files

 

I have uninstalled MBAM and reinstalled it and it is now running ok.

 

I have uninstalled Malwarebytes Ransomware BETA

 

:) 

Attached Files



#5 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:07:25 PM

Posted 09 November 2016 - 04:53 PM

Let us know if the BSOD's return.  If so, then I'll run the full analysis.
I'm travelling right now and don't have a lot of time.

 

If the BSOD's return, all you have to do is zip up and upload the contents of C:\Windows\Minidump folder

If you can't zip it up there, copy it to your Desktop and zip it up there.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users