Jump to content

BAD_POOL_CALLER BSOD with v2.2.1.1043


Recommended Posts

Hello,

I'm having an issue with the newest version of Malwarebytes Anti-Malware. After installing the latest update I've been repeatedly getting BSOD errors (BAD_POOL_CALLER). I wasn't having any troubles with the previous version. I'm not sure what's triggering the BSOD, it seems to be random. I ran 'BSODInspector' to gather minidump files, please see attached zip. Based on the minidump it looks like the problem might be related to the network as ndis.sys and netio.sys are highlighted.

-Fully removed MBAM with the removal tool, reinstalled from website - same problem.
-6 BSODs caused by MBAM since I installed the update earlier this afternoon. Uninstalling MBAM resolves the problem.

I had read another forum post that said Bitdefender 2016 might be interfering but everything was working perfectly with the previous version of MBAM (2.2.0). Are there any new Beta versions of MBAM I could try? Or can you please provide me with an installer for the previous version?

Thanks, 
Justin

OS: Windows 10 Pro x64
Antivirus: Bitdefender Internet Security 2016
Malwarebytes Anti Malware v2.2.1.1043
Malwarebytes Anti Exploit v1.08.1.1189

WIN10X64_2016_03_18_11_10_46_PM.zip

protection-log-2016-03-18.7z

CheckResults.txt

Link to post
Share on other sites

The problem is with with Bitdefender and Anti-Malware. I have the very same problem. Malware is aware of the problem and say they are working on it. I had to uninstall Malware bytes to stop the BSOD. I hope they can fix it soon. I want to have both programs working.

Link to post
Share on other sites

That's unfortunate, especially given that it seemed like the previous release of MBAM worked fine with Bitdefender (at least for me it).

I'm not sure if it's against the rules (if so, mods please feel free to remove the link) but I had a copy of the v2.2.0.1024 installer archived on my system in case other people wanted to try rolling back: https://mega.nz/#!DZxHXQiL!mGvmwoj4l9s-zo_GxkwbcOnSkon0yf8R_z77_Vke-r8

Link to post
Share on other sites

Hello and Welcome to Malwarebytes @just_w :) 

Let's try this first....

  1. Please follow the steps in this pinned topic to uninstall your current version of MBAM and reinstall the latest build - MBAM Clean Removal Process 2x
  2. If that does not correct the issue, then please read the following and attach to your next reply the 3 requested logs - Diagnostic Logs (the 3 logs are: FRST.txt, Addition.txt and CheckResults.txt)
  3. NOTE: More info about v2.2.0 HERE; User Guide ONLINE; User Guide PDF; FAQ: Common Questions, Issues, and their Solutions

    Please let us know how it goes. Thank You, Firefox
Link to post
Share on other sites

Hello Firefox, thanks for the response!

1. I have already run the clean removal tool multiple times, it did not resolve the BSOD issue.
2. In my first post I attached the CheckResults.txt file and I believe the .zip archive I attached should have the same information as what this Farbar Recovery Scan tool would provide (probably more because the minidump files are included).

At this point, like Ken123, I have had to uninstall MBAM in order to maintain any sense of system stability. But I have run the tool as requested and attached the log files.

FRST.txt

Addition.txt

Link to post
Share on other sites

 

@just_w you might want to read this topic

127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp
127.0.0.1 practivate.adobe.ipp
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.wip.adobe.com
127.0.0.1 ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip4.adobe.com

 

Link to post
Share on other sites

I imported my hosts file from my last computer which may have had less than legitimate Adobe software installed. As it is, this is a fresh Windows install with nothing sketchy installed - those entries don't affect anything, though I have removed them all the same.

I can appreciate that pirated software is often bundled with malware which makes troubleshooting more difficult (or perhaps this is a policy based on someone else's morals), but I have to ask, will removing those host entries stop MBAM from causing BSODs on my system? I own a legitimate, premium lifetime version of Malwarebytes yet my access to support can be revoked if I have a torrenting client installed? This despite all the normal, completely legal uses of such software (you know something else that gets delivered over P2P these days? Windows updates)? I pay for software I find value in, which is why I gladly paid for Malwarebytes. It's disappointing that my rights as paying customer can be forfeit because of totally unrelated choices I may have made with respect to other software. It's not like I'm asking for support for a pirated version of MBAM.

Link to post
Share on other sites

3 hours ago, just_w said:

As it is, this is a fresh Windows install with nothing sketchy installed - those entries don't affect anything, though I have removed them all the same.

I see that and my apologies.

3 hours ago, just_w said:

but I have to ask, will removing those host entries stop MBAM from causing BSODs on my system?

  No it wont.

3 hours ago, just_w said:

It's disappointing that my rights as paying customer can be forfeit because of totally unrelated choices I may have made with respect to other software. It's not like I'm asking for support for a pirated version of MBAM.

I don't make the rules I just quote them and highlight infractions.

Quote

We will not assist users that are obviously using illegal software.

If any such evidence is found you will be given the benefit of the doubt and the opportunity to completely uninstall and delete any such data from your system.

Since I did not look past the hosts file and you don't have any of the Adobe products you will get support.

Link to post
Share on other sites

  • Root Admin

Please restore the original Windows hosts file then follow the directions below.

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.


Thanks

Link to post
Share on other sites

5 minutes ago, Ken123 said:

Are you suggesting that Bad_Pool_Caller is Malware that got installed on my PC?

Until @AdvancedSetup has a chance to return, I don't think he is saying that Malware got installed. He is asking you to post there because the tools that need to be run to diagnose are not permitted to be run in this section of the forum, only in the section her referred you too. Kindly follow his instructions for further help and analysis.

Link to post
Share on other sites

14 hours ago, Porthos said:

I see that and my apologies.

  No it wont.

I don't make the rules I just quote them and highlight infractions.

Since I did not look past the hosts file and you don't have any of the Adobe products you will get support.

After re-reading my comment in the light of a new day, I feel I should apologize. That came off as more of a personal attack than commentary on the policy, which wasn't my intent. Also, when I have trouble with MBAM I always google my way to the forums instead of the main site. After reviewing the Malwarebytes website support section, I believe I conflated the free support provided here with the support available through a trouble ticket.

I may disagree with the spirit of some forum policies, but I do appreciate people taking the time to help, so thank you.

Link to post
Share on other sites

  • Root Admin

Yes, Firefox is correct. In order to prevent the wild wild west of everyone putting in their two cents we only allow certain scanning or in depth analysis to happen in the removal forum. So many forums have dozens or hundreds of pages of input from well meaning people but in most cases of those hundreds of pages on one reply is correct making it very difficult to find the correct answer.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.