Jump to content

Bad Pool Header crash


Recommended Posts

Please run this report collecting tool so that we can provide a complete analysis: (from the pinned topic at the top of the forum):  https://forums.malwarebytes.org/topic/170037-blue-screen-of-death-bsod-posting-instructions-windows-10-81-8-7-vista/

FYI - I don't often use the Perfmon report, so if it doesn't work please just let me know.
NOTE:  On problem systems it can take up to 20 minutes for the log files to complete.  Please be patient and let it run.

If you still have problems with it running, there's an alternate tool here (direct download link):  https://github.com/blueelvis/BSOD-Inspector/releases/download/1.0.5/BSODInspector-1.0.5.exe

NOTE:
Please zip up the (.ZIP) files - do not use .RAR, .7z or other compression utilities.
.ZIP is the type file that can be uploaded to the forums.

Link to post
Share on other sites

Your UEFI/BIOS (version 0401) dates from 2015.  Please check at the manufacturer's website to see if there are any UEFI/BIOS updates available for your system.  If you are able to install the update through Windows (without booting from an external drive), then go ahead and update it.  WARNING - if the computer might shut down during this procedure, please don't do it, as this may physically damage the computer and prevent it from booting.
FYI - W8 and W10 communicate more with the UEFI/BIOS than previous versions of Windows, so it's important to ensure that the UEFI/BIOS is kept up to date (and that outdated UEFI/BIOS' may be the cause of some compatibility issues).

Although you appear to have a reasonable number of Windows Update hotfixes for this version of your OS, please double check for any new Windows Updates.  It only takes one update to cause a problem, so it's essential that you have all of them.  The actual number is not important.  Rather it's important that you checked manually, installed any available updates, and didn't experience any errors when checking or updating.
Lot's of Windows Updates failures in the WER section of the MSINFO32 report - please be sure that you verify that Windows Update is working properly.

You have a TP-LINK Wireless USB Adapter
in the past, these devices have caused problems - but I haven't seen as many problems with them on W10 as long as the drivers were W10 compatible.
Here's my canned speech from back when they were a problem:

Quote

I do not recommend using wireless USB network devices.


These wireless USB devices have many issues with Win7 and later systems - using older drivers with them is almost certain to cause a BSOD.
Should you want to keep using these devices, be sure to have the latest W7/8/8.1/10 drivers - DO NOT use older drivers!!!
An installable wireless PCI/PCIe card that's plugged into your motherboard is much more robust, reliable, and powerful.

The drivers for your Microsoft LifeCam VX-6000 Webcam date from 2009 and may not be compatible with W10.
Please uninstall the software for the device from Control Panel...Programs and Features, then physically remove (unplug) the device from your system
Then test to see if that helps stop the BSOD's

You also have a Samsung device of some sort that uses the SSPORT.sys driver.
This driver dates from 2005 and may not e compatible w/W10.  Please uninstall the software for this device from Control Panel...Programs and Features

Please also update your wired and wireless network drivers, along with the Creative sound drivers as those drivers are dated from before the release of W10 (29 July 2015).

I would also suggest trying these free hardware diagnostics (as a couple of the BSOD's show errors that are sometimes caused by hardware problems):  http://www.carrona.org/hwdiag.html
Please start with the MemTest and Prime95 tests - but complete ALL of them and let us know the results.

In the event that none of this shows the exact cause of the problem, please run Driver Verifier according to these instructions:  http://www.carrona.org//verifier.html

 

 

Link to post
Share on other sites

These are the results of the analysis of the dump files:

Analysis:
The following is for information purposes only. The following information contains the relevant information from the blue screen analysis:
**************************Sat Feb  4 08:43:43.596 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\020417-24031-01.dmp]
Windows 10 Kernel Version 14393 MP (4 procs) Free x64
Built by: 14393.693.amd64fre.rs1_release.161220-1747
System Uptime:1 days 3:00:10.215
*** ERROR: Module load completed but symbols could not be loaded for tcpip.sys
*** WARNING: Unable to verify timestamp for mwac.sys
*** ERROR: Module load completed but symbols could not be loaded for mwac.sys
Probably caused by :fwpkclnt.sys ( fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+1dd )
BugCheck 19, {20, ffffe1890b4432d0, ffffe1890b4432f0, 402000a}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: ffffe1890b4432d0, The pool entry we were looking for within the page.
Arg3: ffffe1890b4432f0, The next pool entry.
Arg4: 000000000402000a, (reserved)
BUGCHECK_STR:  0x19_20
PROCESS_NAME:  MBAMService.exe
FAILURE_BUCKET_ID: 0x19_20_fwpkclnt!FwpsConstructIpHeaderForTransportPacket0
CPUID:        "Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz"
MaxSpeed:     3700
CurrentSpeed: 3696
  BIOS Version                  0401
  BIOS Release Date             07/09/2015
  Manufacturer                  System manufacturer
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  System Product Name
  Baseboard Product             H170M-E D3
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Fri Feb  3 05:42:56.469 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\020317-23109-01.dmp]
Windows 10 Kernel Version 14393 MP (4 procs) Free x64
Built by: 14393.693.amd64fre.rs1_release.161220-1747
System Uptime:0 days 3:00:20.088
*** ERROR: Module load completed but symbols could not be loaded for tcpip.sys
*** WARNING: Unable to verify timestamp for mwac.sys
*** ERROR: Module load completed but symbols could not be loaded for mwac.sys
Probably caused by :memory_corruption
BugCheck 19, {20, ffff8082c593ddc0, ffff8082c593dde0, 4020012}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: ffff8082c593ddc0, The pool entry we were looking for within the page.
Arg3: ffff8082c593dde0, The next pool entry.
Arg4: 0000000004020012, (reserved)
BUGCHECK_STR:  0x19_20
PROCESS_NAME:  MBAMService.exe
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_ONE_BYTE
CPUID:        "Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz"
MaxSpeed:     3700
CurrentSpeed: 3696
  BIOS Version                  0401
  BIOS Release Date             07/09/2015
  Manufacturer                  System manufacturer
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  System Product Name
  Baseboard Product             H170M-E D3
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
The rest of the memory dump summaries are hidden in the Spoiler tag below.  Click on "Reveal hidden contents" to reveal them.

 


**************************Fri Feb  3 02:41:58.678 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\020317-22453-01.dmp]
Windows 10 Kernel Version 14393 MP (4 procs) Free x64
Built by: 14393.693.amd64fre.rs1_release.161220-1747
System Uptime:0 days 6:54:56.297
*** ERROR: Module load completed but symbols could not be loaded for tcpip.sys
*** WARNING: Unable to verify timestamp for mwac.sys
*** ERROR: Module load completed but symbols could not be loaded for mwac.sys
Probably caused by :fwpkclnt.sys ( fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+1dd )
BugCheck 19, {20, ffff9589c9cab120, ffff9589c9cab140, 4020012}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: ffff9589c9cab120, The pool entry we were looking for within the page.
Arg3: ffff9589c9cab140, The next pool entry.
Arg4: 0000000004020012, (reserved)
BUGCHECK_STR:  0x19_20
PROCESS_NAME:  MBAMService.exe
FAILURE_BUCKET_ID: 0x19_20_fwpkclnt!FwpsConstructIpHeaderForTransportPacket0
CPUID:        "Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz"
MaxSpeed:     3700
CurrentSpeed: 3696
  BIOS Version                  0401
  BIOS Release Date             07/09/2015
  Manufacturer                  System manufacturer
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  System Product Name
  Baseboard Product             H170M-E D3
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Feb  2 19:46:25.978 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\020317-25718-01.dmp]
Windows 10 Kernel Version 14393 MP (4 procs) Free x64
Built by: 14393.693.amd64fre.rs1_release.161220-1747
System Uptime:0 days 0:02:30.597
*** ERROR: Module load completed but symbols could not be loaded for tcpip.sys
*** WARNING: Unable to verify timestamp for mwac.sys
*** ERROR: Module load completed but symbols could not be loaded for mwac.sys
Probably caused by :memory_corruption
BugCheck 19, {20, ffffb582de3750c0, ffffb582de3750e0, 402000c}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: ffffb582de3750c0, The pool entry we were looking for within the page.
Arg3: ffffb582de3750e0, The next pool entry.
Arg4: 000000000402000c, (reserved)
BUGCHECK_STR:  0x19_20
PROCESS_NAME:  MBAMService.exe
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
CPUID:        "Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz"
MaxSpeed:     3700
CurrentSpeed: 3696
  BIOS Version                  0401
  BIOS Release Date             07/09/2015
  Manufacturer                  System manufacturer
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  System Product Name
  Baseboard Product             H170M-E D3
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Feb  2 19:43:17.319 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\020317-31593-01.dmp]
Windows 10 Kernel Version 14393 MP (4 procs) Free x64
Built by: 14393.693.amd64fre.rs1_release.161220-1747
System Uptime:1 days 13:56:48.938
*** ERROR: Module load completed but symbols could not be loaded for tcpip.sys
*** WARNING: Unable to verify timestamp for mwac.sys
*** ERROR: Module load completed but symbols could not be loaded for mwac.sys
Probably caused by :fwpkclnt.sys ( fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+1dd )
BugCheck 19, {20, ffffc68062f12520, ffffc68062f12540, 4020019}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: ffffc68062f12520, The pool entry we were looking for within the page.
Arg3: ffffc68062f12540, The next pool entry.
Arg4: 0000000004020019, (reserved)
BUGCHECK_STR:  0x19_20
PROCESS_NAME:  MBAMService.exe
FAILURE_BUCKET_ID: 0x19_20_fwpkclnt!FwpsConstructIpHeaderForTransportPacket0
CPUID:        "Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz"
MaxSpeed:     3700
CurrentSpeed: 3696
  BIOS Version                  0401
  BIOS Release Date             07/09/2015
  Manufacturer                  System manufacturer
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  System Product Name
  Baseboard Product             H170M-E D3
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


3rd Party Drivers:
The following is for information purposes only. My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:

**************************Sat Feb  4 08:43:43.596 2017 (UTC - 5:00)**************************

	SSPORT.sys                   Thu Aug 11 19:07:32 2005 (42FBDA34)

	VX6KCamd.sys                 Tue Oct  6 21:52:44 2009 (4ACBF46C)

	VX6000Xp.sys                 Tue Oct  6 22:09:25 2009 (4ACBF855)

	AsIO.sys                     Wed Aug 22 05:54:47 2012 (5034AC67)

	rt640x64.sys                 Tue May  5 12:21:03 2015 (5548EDEF)

	netr28ux.sys                 Thu May 28 10:28:52 2015 (55672624)

	iaStorA.sys                  Wed Jun  3 05:38:57 2015 (556ECB31)

	ctxusbm.sys                  Fri Jun 12 02:28:15 2015 (557A7BFF)

	RTKVHD64.sys                 Tue Jun 23 07:26:04 2015 (5589424C)

	AtihdWT6.sys                 Tue Jul  7 21:28:10 2015 (559C7CAA)



**Windows 10 released on 29 July 2015**


TeeDriverW8x64.sys           Mon Aug 31 15:49:07 2015 (55E4AFB3)
dc3d.sys                     Fri Nov  6 14:14:22 2015 (563CFC0E)
mbae64.sys                   Fri Apr 29 06:10:09 2016 (57233301)
WirelessKeyboardFilter.sys   Sat Jun 25 03:13:14 2016 (576E2F0A)
intelppm.sys                 Fri Jul 15 22:10:43 2016 (578997A3)
mbam.sys                     Wed Sep 28 11:45:44 2016 (57EBE5A8)
farflt.sys                   Wed Nov  2 10:29:12 2016 (5819F838)
MBAMSwissArmy.sys            Wed Nov  9 09:21:05 2016 (582330D1)
mwac.sys                     Thu Nov 17 20:02:05 2016 (582E530D)
atikmpag.sys                 Mon Nov 21 16:45:49 2016 (58336B0D)
atikmdag.sys                 Mon Nov 21 17:05:13 2016 (58336F99)
[/CODE]


http://www.carrona.org/drivers/driver.php?id=SSPORT.sys
http://www.carrona.org/drivers/driver.php?id=VX6KCamd.sys
http://www.carrona.org/drivers/driver.php?id=VX6000Xp.sys
http://www.carrona.org/drivers/driver.php?id=AsIO.sys
http://www.carrona.org/drivers/driver.php?id=rt640x64.sys
http://www.carrona.org/drivers/driver.php?id=netr28ux.sys
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=ctxusbm.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=AtihdWT6.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys
http://www.carrona.org/drivers/driver.php?id=dc3d.sys
http://www.carrona.org/drivers/driver.php?id=mbae64.sys
WirelessKeyboardFilter.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
farflt.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=MBAMSwissArmy.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys
http://www.carrona.org/drivers/driver.php?id=atikmpag.sys
http://www.carrona.org/drivers/driver.php?id=atikmdag.sys

 

Edited by usasma
Link to post
Share on other sites

  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.