BAD_POOL_HEADER caused by ntoskrnl.exe and tcpip.sys

[emilyan2015]

Hello,

 

I have had some problems with Windows 10 and this BSOD. My main thread is http://www.tenforums.com/bsod-crashes-debugging/17630-bad_pool_header-caused-ntoskrnl-exe-tcpip-sys.html, but you can post your answer in any of these 2 places (here or tenforums forum).

 

I have a desktop PC, Windows 10 PRO 64 bit, no original installed OS as this PC was made by buying each part separately. This is a full retail version. Age of hardware: 6 years. Age of OS: around 15 days. CPU: Intel Core 2 Duo E8400 @3GHz, videocard: AMD Radeon HD 7700 series, motherboard (same as system model): EP31-DS3L, system manufacturer: Gigabyte Technology Co., Ltd., and a 600W power supply (I don't know more info about this).

 

Thanks for your help!

perfmon.zip

SysnativeFileCollectionApp.zip

[jcgriff2]

Hi. . .
 
All I can guarantee you is that you're getting the best help available for your BSOD problem here at MBAM by me  and the rest of the BSOD Analyst staff.  I used to post at the other forum you mentioned, but I and dozens of others had our accounts closed back in 2012.  We do prefer that you don't have >1 active thread at various forums, but in this case I have no objections as your BSODs seem pretty straight forward to me.
 
All 7 dumps had the same bugcheck - 0x19 - - corrupt pool header (pool refers to memory). 
 
The probable cause on all is listed as MBAM driver mwac.sys

mwac.sys     Tue Jun 17 22:07:00 2014 (53A0F444)

http://www.sysnative.com/drivers/driver.php?id=mwac.sys

Make sure that your MBAM installation is up to date (go ahead and install most recent version, even if already installed).

0x19 BSOD's are often associated with RAM issues. I would suggest that you run memtest86+ one stick at a time and alternate the slots.

 

http://www.sysnative.com/forums/hardware-tutorials/3909-test-ram-memtest86.html

Regards. . .

jcgriff2

[jcgriff2]

Apologies for the second post here, but I wanted to address the drivers in your thread title.

 

ntoskrnl.exe  is the Windows NT Kernel and is never the cause of a BSOD.  It is merely listed as a default.

 

tcpip.sys - a Microsoft Windows networking related driver

 

http://www.sysnative.com/drivers/driver.php?id=ntoskrnl.exe

http://www.sysnative.com/drivers/driver.php?id=tcpip.sys

 

I found neither listed in any of your 7 BSODs.  Where did you see them (specifically tcpip.sys)?

 

If in fact tcpip.sys showed up somewhere, my best guess would be that your networking drivers need to be updated as it is very likely that MBAM encountered issues while "phoning home"; hence the reason MBAM ended up being listed as the probable cause of your BSODs when in fact the real cause may be outdated networking drivers.

 

The system files show the following for your networking set up:

Ethernet - Realtek PCIe GBE Family Controller - not currently being used.  I don't see the driver loaded in RAM at the time of the BSODs

wifi - a "generic" (for lack of a better term) 802.11n USB Wireless LAN Card - I don't know the manufacturer, but it may be a Ralink based on the driver (Ralink also writes drivers for other wifi manufacturers)

 

Your wifi driver as found in the dumps:

netr28ux.sys Thu Jun 05 22:14:29 2014

 

http://www.sysnative.com/drivers/driver.php?id=netr28ux.sys

 

Try and find an update for your wifi driver.  These days, a 14 month old wifi driver is considered very old, especially in a Windows 10 RTM system environment

 

Regards. . .

 

jcgriff2

[emilyan2015]

Thank you for your answer!

 

First, I have http://www.tenda.cn/uk/product/W326U.htmlas wireless USB (as I have a router in my home and I am working at a PC). This USB, when inserted, contains some files with the drivers. After I install them, this USB disappears from the File Explorer and instead becomes a wireless device (and not a storage device anymore). I am using the latest version, as the creators of this device did not bother to update it anymore for some years.

 

Second, the I thought ntoskrnl.exe and tcpip.sys were the cause of errors because I used a program called BlueScreenView and posted the screenshot on my first post on tenforums.com, in the link I provided in my first post here.

 

Third and last, I am using the latest Malwarebytes Antimalware version, 2.1.8, updated to the day (just that for now it is disabled to prevent future BSODs and I am using it only for on-demand scans); and regarding the memory, I will but these days a CD/DVD (because I have high capacity USB sticks and I don't want to format them just for that). When I am done, which will be in some days, I will post the results of my memory test.

 

Again, thanks for answer, and I will keep you posted!

[jcgriff2]

Thanks for your detailed reply.

 

I highly doubt that MBAM is the actual cause of your BSODs because millions of others are running it without issue; hence the reason that I gave my theory on a secondary cause involving your wifi device. If BSODs continue citing tcpip.sys or other Microsoft networking drivers, you may need to purchase a newer wifi device (or one with updated drivers).

 

However, it seems you have the issue contained for now.

 

Regards. . .

 

jcgriff2