Solved BSOD referencing FLTMGR.SYS when install/uninstall various programs

[Navtex]

This started, maybe coincidentally, after a recent Windows update; tried restoring to a previous date but no change; when I try to run various programs, including BlueScreen View, I get the BSOD. Same when I try to run my Logitech Webcam program or try to install a Registry Cleanup program. Hoping someone can help me identify the culprit and recommend a fix.
DM Log file attached.

Okay - just tried to open msinfo32.nfo from within the DM Log zip file. Produced another BSOD.

 

[Navtex]

Update 12/17/2016 10:43pm CST

UPDATE: Just tried to run Malwarebytes Anti-Malware and...BSOD. Attaching the dump files from the BSOD when opening the .nfo file mentioned earlier and this last one.

I was starting to panic that although I had 118 views to this post, no one appeared to be taking up the challenge of identifying the culprit by reviewing the zip file. However, I now see that 2 of you have at least reviewed the DM zip file for clues. Thank you both so much for taking the time and making the effort to assist me. It is very, very much appreciated.

I will add that I run Outlook with no issues, and my Chrome browser with no issues, which is 90% of what I typically keep open 24/7. Programs running in the background don't appear the have an issue, like antivirus MSE, Malware Anti-Ransomware, etc. However, if I actively launch a new process as opposed to opening a process that is already running in the background...BSOD is more than likely the result.

 

[ICIT2LOL]

Hello mate and welcome now for starters can you get into safe mode ? if so then run these to get us moving eh?
SFC /SCANNOW Command - System File Checker
Disk Check < if necessary include the /f and /r in the command line as per Option2
Run these in safe mode and the sfc often best run for two to three runs – you can leave out the /r switch in ckdsk if you feel it not necessary

In the meantime I will have a look at the dumps.

 

[Navtex]

Good morning, and thank you for your recommendations! I ran both in Safe mode and both came back clean with no violations or errors reported.

 

[ICIT2LOL]

Ok mate now looking at the dumps I did find this and it seems that there is something going awry with that software you have on board - Malwarebytes Anti Ransomware

DEFAULT_BUCKET_ID:  [COLOR="red"]WIN7_DRIVER_FAULT[/COLOR]

BUGCHECK_STR:  0x3B

PROCESS_NAME:  WinRAR.exe

CURRENT_IRQL:  0

ANALYSIS_SESSION_HOST:  DESKTOP-9I73FSG

ANALYSIS_SESSION_TIME:  12-19-2016 09:27:39.0522

ANALYSIS_VERSION: 10.0.10586.567 amd64fre

LAST_CONTROL_TRANSFER:  from fffff8800113c4bf to fffff88001106516

STACK_TEXT:  
fffff880`0905d980 fffff880`0113c4bf : 00000000`00000001 00000000`00000000 fffff880`0905da88 00000000`0000001e : fltmgr!FltAllocateCallbackData+0x16
fffff880`0905d9c0 fffff880`0705e695 : 00000000`00000000 fffffa80`07cde990 fffff880`0905da38 00000000`00000001 : fltmgr!FltQueryInformationFile+0x1f
fffff880`0905da00 00000000`00000000 : fffffa80`07cde990 fffff880`0905da38 00000000`00000001 fffff880`00000005 : farflt+0x8695


THREAD_SHA1_HASH_MOD_FUNC:  e4950f5a4de4f54411a1d75922efe1ed0ac9ee00

THREAD_SHA1_HASH_MOD_FUNC_OFFSET:  4caa803e6fb67e18e77f5a6ef675624f02e6919f

THREAD_SHA1_HASH_MOD:  5130d138cf47fa18f93bd863d4c1e7985c0f3267

FOLLOWUP_IP: 
farflt+8695
fffff880`0705e695 ??              ???

SYMBOL_STACK_INDEX:  2

SYMBOL_NAME:  farflt+8695

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: farflt

IMAGE_NAME:  [COLOR="red"]farflt.sys[/COLOR]

DEBUG_FLR_IMAGE_TIMESTAMP:  58515c47

STACK_COMMAND:  .cxr 0xfffff8800905cfa0 ; kb

FAILURE_BUCKET_ID:  X64_0x3B_farflt+8695

BUCKET_ID:  X64_0x3B_farflt+8695

PRIMARY_PROBLEM_CLASS:  X64_0x3B_farflt+8695

TARGET_TIME:  2016-12-17T19:29:15.000Z

OSBUILD:  7601

OSSERVICEPACK:  1000

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

SUITE_MASK:  272

PRODUCT_TYPE:  1

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 7

OSEDITION:  Windows 7 WinNt (Service Pack 1) TerminalServer SingleUserTS

OS_LOCALE:  

USER_LCID:  0

OSBUILD_TIMESTAMP:  2016-10-12 01:57:55

BUILDDATESTAMP_STR:  161011-0600

BUILDLAB_STR:  win7sp1_ldr

BUILDOSVER_STR:  6.1.7601.23572.amd64fre.win7sp1_ldr.161011-0600

ANALYSIS_SESSION_ELAPSED_TIME: 2ed

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  [COLOR="Red"]km:x64_0x3b_farflt+8695[/COLOR]

FAILURE_ID_HASH:  {869b20c3-a39e-3685-e79b-918ea7ffd7e4}

Followup:     MachineOwner

Now I cannot find a solution for it right now in the dump file analysis site although this might shed soem light on the issue
What is farflt.sys from Malwarebytes? (id:38837092) so I would suggest at least disabling the software or uninstalling it - I take it you have bought this software or was it free? as you can see it may conflict with the security stuff you have installed

 

[Navtex]

My Aussie friend, it appears that you have nailed it! Removed the anti-ransomware program, rebooted, and launched several of the processes that before had resulted in a BSOD. Nothing happened. Without your help I would have never suspected the anti-ransomware program because, although it was a free Beta download, (which admittedly they do not recommend for production deployment), I've had it installed since last March with absolutely no issues....until this last week.

My hat is off to you!! I can't thank you enough!!

 

[ICIT2LOL]

That's good mate sometimes it turns out to be something you would never have even guessed about.

For an example I had all the USB ports go down on my main desktop a while ago and the cause was the Samsung Magician software (for SSD's) being the culprit and one of the other members saw my thread and bingo uninstalled the Samsung stuff and back came the USB ports

Plus some security stuff is often the cause of issues like yours - always good to check out those things when problems arise. I use the disable function to start with and if that doesn't work then I uninstall it. But it isn't very often I have problems with my security but keep it in mind for the future

If you are worried about ransomware anyway a good security suite is probably the best answer for that.