# *RESOLUTION FOUND*Malwarebytes crashing on Win10 insider Bld. Rootkit related errors?



## jboydgolfer (Nov 1, 2016)

TPU,

As it says above, Malwarebyte ( hereafter referred to as MB) has been crashing as of today, every time i try to do a scan. I got an error "SDKDatabase Failed to load defaults code #20012"
then it told me to run MB anti rootkit (MBAR) so i tried, and got a different error code which i didnt get to copy, since after closing each of these errors my Pc blue screens, and crashes...

I am currently running MRT (malicious software removal tool) and Windows defender...but I am concerned since i dont know if this crashing is related to my being an Windows insider , and the OS build is just pissing off MB, or Vice Versa.

Any idea's would be appreciated, or if anyone else is experiencing a similar situation, i appreciate hearing about it.I titled Rootkit because i have seen that term in the errors a few times, meaning rootkit failed to load, etc...sorry the crashing makes it hard to get the exact messages sometimes.
_*
Windows 10 64bit.
Version 1607
build 14955.1000

*edit*
if it comes to it, i DO have 2 backups from over a month ago, entire system copies, so its not the end of the world, but I'd prefer to avoid that step if possible.
MB's has not shown ANY signs of Malware, or the likes...but i cant run an actual scan. *

ill check back as soon as i can, my kids are getting home from school soon, and i have to take my daughter to dance class tonight..

defender says....




_


----------



## Kursah (Nov 1, 2016)

I'm running MBAM Premium on all my work and home Windows 10 (non-insider) workstations with 0 issues, with that said I'm really curious about this issue you're facing should I ever see it.

I would verify your system integrity with SFC /Scannow and Windows Updates to make sure that you're all good on that respect. 

That's an odd issue...but I would almost certainly attribute it to something corrupted with the OS or something in the Insider Build that isn't jiving with MBAM atm. 

Then again, there could be a bigger issue looming...and if so I hope SFC fixes or at least points it out...


----------



## JayCan73 (Nov 1, 2016)

I've found spybot search and destroy is a good free tool for finding things that get past MB. ad-aware generaly works pretty well also, hope either of those two can help you.


----------



## GoFigureItOut (Nov 1, 2016)

Maybe Windows Defender is causing a conflict. Disable it and try to run a scan again


----------



## jboydgolfer (Nov 1, 2016)

Kursah said:


> I'm running MBAM Premium on all my work and home Windows 10 (non-insider) workstations with 0 issues, with that said I'm really curious about this issue you're facing should I ever see it.
> 
> I would verify your system integrity with SFC /Scannow and Windows Updates to make sure that you're all good on that respect.
> 
> ...



still running SFC currently, I wasnt able to on the most recent insider build for some reason, but now it seems fine again....part of the insider deal is this kind of shit, ive reported it to Microflacid, and once, or IF i find a cause, ill certainly report it here as well....oh, and MRT found This........








GoFigureItOut said:


> Maybe Windows Defender is causing a conflict. Disable it and try to run a scan again



Just enabled it for the purpose of scanning since MB wouldnt work, it has been disabled up until now...



*update* @Kursah    its beginning to look more like a Insider issue than anything else... I also noticed today that in the "reminders" section of Windows 10 calendar, when you go to create a reminder, it works until I get to the description box at the bottom, but once i try to type anything it that box, it crashes reminders entirely...damn M$


----------



## jboydgolfer (Nov 2, 2016)

I finally grabbed the Blue screen it gives , it ONLY happens once the MB scan begins...not during MB's updates, pre scan operations, ONLY once the scan begins..it shows the "effected file name"
_*"MBAMSwissArmy.sys" *_ submitted to M$ for evaluation, HOPEFULLY.


----------



## Solaris17 (Nov 2, 2016)

got it. did you run a build while mbam was installed? try removing and reinstalling with clean reboots inbetween.


----------



## jboydgolfer (Nov 2, 2016)

Solaris17 said:


> got it. did you run a build while mbam was installed? try removing and reinstalling with clean reboots inbetween.




Ill try tomorrow am.
Aside from OS reinstall, your suggestion is one of the only steps I haven't taken yet.

Im gonna get some sleep and come at this with a fresh head tomorrow 

Thanks everyone


----------



## qubit (Nov 2, 2016)

jboydgolfer said:


> Im gonna get some sleep and come at this with a fresh head tomorrow


Oh yeah, surprising how often that helps! 

I'm not really sure what's causing it either, but you could try a couple of things.

- Reinstall the video driver. It really shouldn't be this, but you never know. Try disabling the sound card too to take it out of the equation
- Grab another HDD, install everything fresh and update it. Well, we don't get a choice any more, do we?  It will still activate from just a HDD change. Make sure to disconnect any other drives when installing so that the installer doesn't interfere with them.

If the second option fixes it, then it might just be easier to migrate your installation (programs, data etc) to that and be done with it. You'll then have to move the new installation back to the original HDD/SSD of course. I've got the excellent Paragon Hard Disc Manager for this. It's not free software though so you might to use a free alternative.

Finally, Kaspersky also do a free malware scanner, so it won't hurt to try that too, first.


----------



## jboydgolfer (Nov 2, 2016)

Kaspersky found nothing,  but the whole machine is acting up with freezing intermittently with what seems to be variable causes from fire fox running and the system will hang with just ff open,  and also freezing during win 10 settings  navigation

 Before any recovery from back ups I'm gonna try rolling back My os build,  on the windows 10 insider hub I was able to find other Malwarebytes and security program related issues,  reported by other users


----------



## Caring1 (Nov 2, 2016)

Is that due to the insider build having Windows Defender running also?


----------



## jboydgolfer (Nov 2, 2016)

Caring1 said:


> Is that due to the insider build having Windows Defender running also?



nope, already tried that one, just enabled it as a replacement for this issue, since i wasnt able to run MBAM...
im thinking that this is a Windows issue, and not so much a malware , or MBAM problem. 
Ive noticed many glitches in this build, (as can be expected with the insider program)


----------



## Kursah (Nov 2, 2016)

gboy4u said:


> Inferior program, not worth anything



Proof? Otherwise your spouting an unfounded opinion which is of no help.

MBAM is more effective in my experience than MS Defender, Vipre, Sophos, McAfee, and many other free and paid solutions at catching and removing malware, and preventing it when using premiums real time scanning. So I find it hard to take your statement with any kind of seriousness. Feel free to help in this thread, or even expand on your original comment if it'll help the OP. 

I've had no issues running Defender and MBAM Premium side-by-side in 10, tends to work pretty well because neither is a huge load on system resources. And while I feel MBAM is still better, Defender has improved and is better than running nothing.


----------



## jboydgolfer (Nov 2, 2016)

so to anyone who is either following this issue, cares because they too are experiencing it, or just likes to watch me flounder, i have singled out what I THINK is the cause and or am now closer to the cause of the issue at hand.

So I decided that I would run MBAM again to see if it would work, and still no go, but i noticed it was rootkit scan enabled, so i tried again with NO rootkit scan enabled, and Viola!! no blue screen system crash. BUT......

there is Still a problem, i still get a crash, but now its MBAM that is crashing and NOT my PC, so it looks like it might NOT be a windows 10 insider issue, but instead a MBAM issue, or a conflict between the two, thats what im hoping You people can help me out with....

Now i get a new error, it is....
*SDKDatabaseLoadDefaults failed with code: 20012*


I found this program, and wondering if anyone knows about it, and if its "safe" to use? safe meaning not malware , etc..seems to be to me.
 _*MBAMCleanremovaltool*_


----------



## Kursah (Nov 2, 2016)

Yep I've used it before, works great when you need to use it. Haven't needed to in some time, maybe a year or two ago. 

I am curious what's going on...run the cleaner and re-install MBAM, report back!


----------



## Solaris17 (Nov 2, 2016)

That kind of goes back to what I was saying, if you did a build upgrade or a heavy update with mbam installed its hooks might be damaged. This causes all sorts of issues. I remember to this day windows will warn consumers if they are doing a build upgrade to remove certain AV programs.


----------



## jboydgolfer (Nov 2, 2016)

Kursah said:


> Yep I've used it before, works great when you need to use it. Haven't needed to in some time, maybe a year or two ago.
> 
> I am curious what's going on...run the cleaner and re-install MBAM, report back!



done, still no go 

I CAN scan my system now, as long as Rootkit detection/scans are disabled...so it seems like i was right when titling this thread, i got a Rootkit related crash message once, and now it works as long as rootkit scans are switched off....i think ill submit the issue to the Malwarebytes team if there is a way for me to do so. certainly cant hurt

still also unable to use the dedicated MBAR either ...i either have a VERY well egineered rootkit, or a VERY specific security issue. i definitely prefer the latter to the former.


*update*
I have submitted a claim/issue notice with MB's support team. I own Several licenses For Pro MBAM, and i use MBAR as well, so I figure for the money i paid its worth reaching out.....plus if it IS indeed a issue with MB's software conflicting with Win10, or the other way around, it needs to be resolved, and i cant do the resolving.

ill update when i know more.


----------



## jboydgolfer (Nov 2, 2016)

Got an AMAZINGLY fast reply from the MBAM support team, only took about 45 minutes or so, and the response was as follows.......
*for TLDR's..... update will be released in next MBAM update, fix will be included, you can either run the trial unactivated for now,roll back to official WIN10 version, or wait.*

_NOV 02, 2016  |  03:36PM PDT _
_*T.E.* replied:_


_Hi jboydgolfer. Welcome to Malwarebytes support, my name is T.E. and I’ll be assisting you today._


_Our Developers are aware and have found the cause of this in these recent Beta builds of Win 10._


_Since the MBAM Premium works fine on the official Windows 10 Build, the fix for this will be rolled out with our next software upgrade MBAM 3.0 which is scheduled to be released in the upcoming months._


_In the meantime, the Free version of Malwarebytes Anti-Malware will work fine on this beta build:_


_• Download and run “mbam-clean.exe” from here: http://downloads.malwarebytes.org/file/mbam_clean_
_• It will ask to restart your computer, please allow it to do so (this is very important)_


_Next, download and reinstall the latest version of Malwarebytes Anti-Malware via the link below:_


_http://downloads.malwarebytes.org/file/mbam_


_Save the file to your desktop then double-click it to begin installation._


_At the end, be sure to Uncheck Free Trial_
_Click ‘Finish’._


_Do NOT activate your license, or the Free Trial – leave it as the Free version_


_Let me know if you have any questions._


_Thanks,_
_-T.E._


----------



## Solaris17 (Nov 2, 2016)

Seems like it has an issue with persistence! good going @jboydgolfer this is what beta testing is all about! Report those bugs!


----------



## jboydgolfer (Nov 2, 2016)

Solaris17 said:


> Seems like it has an issue with persistence! good going @jboydgolfer this is what beta testing is all about! Report those bugs!



ty , i try my best to report to M$ too, but those seem to go unnoticed .....

misspelled words in settings on Win10, broken Reminder function in calendar on Win10, and several other issues..hopefully this helps anyone else who might run into the issue before it is fixed



*now i just need to figure out why CrossyRoad wont get past the loading Screen on my iphone5, or even install on MY Samsung galaxy tab4  *


----------



## qubit (Nov 3, 2016)

Nice troubleshooting there jboyd.


----------

