Jump to content

[Question] Malwarebytes causing BSODs: mbam-service.exe VS fwpkclnt.sys


Recommended Posts

Hi everyone :)

 

So I'm a technical support helper on both GeeksToGo and BleepingComputer (not part of the Staff, I just assist there as a normal member), and lately I've noticed a few threads where BSODs are caused by the mbam-service.exe process, which causes fwpkclnt.sys to crash. There's at least 4-5 threads in which it happened, for now I can only find 2 but I'll link the others as I find them. Is it possible to know if this is a "known" issue or is something else causing this?

 

Here's the two threads, in both of them I asked the OP to attach their minidump files if you want to take a look at them.

GeeksToGo thread:

http://www.geekstogo.com/forum/topic/347346-bsod-help-needed/

BleepingComputer thread:

http://www.bleepingcomputer.com/forums/t/567297/blue-screen-related-to-tcpipsys-driver/

I don't really want to tell these people to stop using Malwarebytes since it's in my opinion one of the best, if not the best Antimalware program there is and I always recommend to install it. So if it's possible to explain me what's happening so I can offer better support when encountering that particuliar issue, it would be appreciated.

Thank you :)

Link to post
Share on other sites

  • Root Admin

From the dump file analysis in the first one.

 

The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.

Could be the computer is infected. If possible I'd like the user to post here for malware removal help.

 

Running a FRST scan can sometimes provide more information on what might be causing it. Getting a full system dump could as well but that often can be a couple GB and often difficult to get uploaded back.

 

 

The second link does not have any dump file that I saw to check on unless I  missed it so not sure. Basically need much more information to know what's going on. In "most" cases the computer is infected (not all cases) or is using older drivers sometimes. Just not enough information in the 2nd one either. Again wold love to have them post here for malware detection and clean up. Then if the issue remains and we have to we can force a full dump and trace it back.

 

Wish I could help you more but just not enough to go on with what is posted so far.

 

Thanks

Link to post
Share on other sites

For the second thread, the minidump files are posted on post #5 here:

http://www.bleepingcomputer.com/forums/t/567297/blue-screen-related-to-tcpipsys-driver/#entry3630360

They are displayed at the end of the sentence, on the right of the post, I missed it as well when the OP posted them. And I'll go back in the first thread and ask the OP to sign up here. Should I tell him/her to post in this thread and then you'll redirect him/her to the malware removal section, or should I just link him/her the instructions to open a thread in the malware removal section here?

Link to post
Share on other sites

  • Root Admin

Here is the advice we give users to get their system checked for malware

 

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

 

They can also put a note in their topic saying I've asked them to post and let me know and I'll review the topic.  Thank you again

Link to post
Share on other sites

  • Root Admin

Dumps from 2nd one pretty much the same thing.

 

The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.

 

Basically looks like possibly our service tried to read a memory location but was unable to read it. Could be antivirus blocked it or an infection or even possibly a hardware issue. Just not enough information in the small dump to tell for sure. Thus would like to rule out an infection as the cause. Then as with the other one if the crash keeps happening when clean then we can look at getting a full memory dump to analyze the root cause.

 

Thank you again

 

Ron

Link to post
Share on other sites

Hi everyone :)

 

So I'm a technical support helper on both GeeksToGo and BleepingComputer (not part of the Staff, I just assist there as a normal member), and lately I've noticed a few threads where BSODs are caused by the mbam-service.exe process, which causes fwpkclnt.sys to crash. There's at least 4-5 threads in which it happened, for now I can only find 2 but I'll link the others as I find them. Is it possible to know if this is a "known" issue or is something else causing this?

 

Here's the two threads, in both of them I asked the OP to attach their minidump files if you want to take a look at them.

GeeksToGo thread:

http://www.geekstogo.com/forum/topic/347346-bsod-help-needed/

BleepingComputer thread:

http://www.bleepingcomputer.com/forums/t/567297/blue-screen-related-to-tcpipsys-driver/

I don't really want to tell these people to stop using Malwarebytes since it's in my opinion one of the best, if not the best Antimalware program there is and I always recommend to install it. So if it's possible to explain me what's happening so I can offer better support when encountering that particuliar issue, it would be appreciated.

Thank you :)

Hi all.

I'm one of the OPs in the threads mentioned above.  I've done a clean uninstall of Malwarebytes and a re-install.  Since that time, there have been no crashes. 

 

If it starts happening again, I will post back here.

 

Thanks again to the OP of THIS thread and all for past and future help!

Link to post
Share on other sites

Hi all.

I'm one of the OPs in the threads mentioned above.  I've done a clean uninstall of Malwarebytes and a re-install.  Since that time, there have been no crashes. 

 

If it starts happening again, I will post back here.

 

Thanks again to the OP of THIS thread and all for past and future help!

Hello and Welcome Fixitmum

Thanks for coming by the Malwarebytes Forum and letting us know that a clean re-install has helped your issue.

If you have any further issues, let us know by starting your own topic though that way you can get one on one help with your issue, as everyone's computer is different, and if you like you can reference this topic in your new post.

Thanks for understanding.

Link to post
Share on other sites

Well, I'm b-a-c-c-k-k-k-.  :(

 

Everything's been running smoothly until today.  The blue screens with the "Bad Pool Header" started up again, exactly like before.  I did a clean uninstall and reinstalled the Malwarebytes software.  We'll see what happens.

 

Sure would be good if the technical support team checked these symptoms.  I cannot be the only person experiencing them, I don't think.

 

I'm wondering if this sudden reappearance may have something to do with McAfee updates?  There have been two so far today.

 

I'll return if my computer crashes again.

 

Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.