Bad Pool Header Error, occurs randomly

I've been experiencing the Bad Pool Header BSOD about every other day. It occurs randomly and without warning. I'm running Windows 7 on a unit on which Windows Vista was originally installed. Perhaps a driver conflict is the problem? I've tried restoring to factory settings and reinstalling Windows 7 to no avail.

System specs:
-Windows 7 Ultimate 32bit
-not the original OS (OEM was Windows Vista)
-system is approximately 3 years old
-reinstalled Win7 12/29/11

Thanks in advance.

Code:

Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\natyan\Windows_NT6_BSOD_jcgriff2\123011-106143-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\users\mike\documents\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16905.x86fre.win7_gdr.111025-1503
Machine Name:
Kernel base = 0x8280a000 PsLoadedModuleList = 0x82952810
Debug session time: Fri Dec 30 07:04:04.814 2011 (UTC - 7:00)
System Uptime: 0 days 11:34:22.921
Loading Kernel Symbols
...............................................................
................................................................
................................
Loading User Symbols
Loading unloaded module list
................
1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 00000020, a pool block header size is corrupt.
Arg2: 8520d000, The pool entry we were looking for within the page.
Arg3: 8520d300, The next pool entry.
Arg4: 08600000, (reserved)

Debugging Details:
------------------

Unable to load image \SystemRoot\system32\DRIVERS\athr.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for athr.sys
*** ERROR: Module load completed but symbols could not be loaded for athr.sys

BUGCHECK_STR:  0x19_20

POOL_ADDRESS: GetPointerFromAddress: unable to read from 82972718
Unable to read MiSystemVaType memory at 82952160
 8520d000 

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  SynTPEnh.exe

CURRENT_IRQL:  2

LAST_CONTROL_TRANSFER:  from 8aa07df9 to 829291b6

STACK_TEXT:  
807e3ce8 8aa07df9 8520d008 00000000 00000040 nt!ExFreePoolWithTag+0x1b1
807e3d00 8aa07ad5 8520d018 87579840 87579800 ndis!ndisFreeToNPagedPool+0x39
807e3d1c 8aa07b77 87579800 00000040 8520d018 ndis!ndisPplFree+0x4a
807e3d38 822c3834 8520d018 85e2aae0 807e3d60 ndis!NdisFreeNetBufferList+0x3f
807e3d48 822c67fd 807e3d68 852f4318 852f4318 nwifi!Dot11FreeSendPacket+0x4e
807e3d60 822c363d 8520d018 00000000 874ff008 nwifi!Dot11EnterRoamingWithLock+0x157
807e3d84 822c5810 8757b910 8520d018 00000000 nwifi!Dot11SendCompletion+0x2d
807e3d9c 8aa085e2 8757b910 8520d018 00000001 nwifi!Pt6SendComplete+0x1e
807e3db0 9050c6cf 86205e00 8520d018 00000001 ndis!NdisFSendNetBufferListsComplete+0x3a
807e3dd0 8aa6cf0a 87027008 00000000 00000001 vwififlt!FilterSendNetBufferListsComplete+0x93
807e3df4 94c3e7d2 860320e0 87bab470 00000001 ndis!NdisMSendNetBufferListsComplete+0xa4
WARNING: Stack unwind information not available. Following frames may be wrong.
807e3e6c 94c29d6e 00000000 00000001 00000000 athr+0x2a7d2
807e3e8c 94c2a09d 86bb2028 00000001 00000002 athr+0x15d6e
807e3ea0 94c8c424 86bb2028 807e3ec8 94c915ff athr+0x1609d
807e3eac 94c915ff 86bb4020 807e3ed8 8a72d81c athr+0x78424
807e3ec8 94c30dfd 86bb4020 807e3ee4 94c15791 athr+0x7d5ff
807e3ed4 94c15791 86203020 86bb2028 807e3f20 athr+0x1cdfd
807e3ee4 8aa5a309 86bb2028 00000000 807e3f10 athr+0x1791
807e3f20 8aa059f4 87003174 00003160 00000000 ndis!ndisMiniportDpc+0xe2
807e3f48 828724f5 87003174 87003160 00000000 ndis!ndisInterruptDpc+0xaf
807e3fa4 82872358 807c3120 85331b60 00000000 nt!KiExecuteAllDpcs+0xf9
807e3ff4 82871b1c 991e355c 00000000 00000000 nt!KiRetireDpcList+0xd5
807e3ff8 991e355c 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x2c
82871b1c 00000000 0000001a 00d6850f bb830000 0x991e355c


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nwifi!Dot11FreeSendPacket+4e
822c3834 832700          and     dword ptr [edi],0

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  nwifi!Dot11FreeSendPacket+4e

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nwifi

IMAGE_NAME:  nwifi.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc89f

FAILURE_BUCKET_ID:  0x19_20_nwifi!Dot11FreeSendPacket+4e

BUCKET_ID:  0x19_20_nwifi!Dot11FreeSendPacket+4e

Followup: MachineOwner
---------

Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\natyan\Windows_NT6_BSOD_jcgriff2\010212-93912-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\users\mike\documents\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17713.x86fre.win7sp1_gdr.111025-1505
Machine Name:
Kernel base = 0x82847000 PsLoadedModuleList = 0x829904d0
Debug session time: Mon Jan  2 21:04:18.166 2012 (UTC - 7:00)
System Uptime: 0 days 12:44:38.273
Loading Kernel Symbols
...............................................................
................................................................
.................................
Loading User Symbols
Loading unloaded module list
............
0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 00000020, a pool block header size is corrupt.
Arg2: 8520d000, The pool entry we were looking for within the page.
Arg3: 8520d300, The next pool entry.
Arg4: 08600000, (reserved)

Debugging Details:
------------------

GetPointerFromAddress: unable to read from 829b0848
Unable to read MiSystemVaType memory at 8298fe20

BUGCHECK_STR:  0x19_20

POOL_ADDRESS: GetPointerFromAddress: unable to read from 829b0848
Unable to read MiSystemVaType memory at 8298fe20
 8520d000 

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  TCrdMain.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 82a69879 to 82967c6b

STACK_TEXT:  
ba5d0b5c 82a69879 8520d008 c3504c41 8520d008 nt!ExFreePoolWithTag+0x1b1
ba5d0b80 82a6961e 8520d038 8520d020 00000000 nt!ObpFreeObject+0x24f
ba5d0b94 828bfd40 00000000 85ab9d48 8520d020 nt!ObpRemoveObjectRoutine+0x5e
ba5d0ba8 828bfcb0 8520d038 82a8c3c6 accbf028 nt!ObfDereferenceObjectWithTag+0x88
ba5d0bb0 82a8c3c6 accbf028 85ab9d48 accbf028 nt!ObfDereferenceObject+0xd
ba5d0bf0 82abac69 abe70de8 accbf028 8502abb8 nt!ObpCloseHandleTableEntry+0x21d
ba5d0c20 82aa3044 abe70de8 ba5d0c34 acc5f3b8 nt!ExSweepHandleTable+0x5f
ba5d0c40 82ab0726 9c06b7f8 85ab9d48 40010004 nt!ObKillProcess+0x54
ba5d0cb4 82ac4111 40010004 864a5198 00000001 nt!PspExitThread+0x5db
ba5d0ccc 828f88a0 864a5198 ba5d0cf8 ba5d0d04 nt!PsExitSpecialApc+0x22
ba5d0d1c 828852d4 00000001 00000000 ba5d0d34 nt!KiDeliverApc+0x28b
ba5d0d1c 76df70b4 00000001 00000000 ba5d0d34 nt!KiServiceExit+0x64
WARNING: Frame IP not in any known module. Following frames may be wrong.
0444ff88 00000000 00000000 00000000 00000000 0x76df70b4


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExFreePoolWithTag+1b1
82967c6b cc              int     3

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!ExFreePoolWithTag+1b1

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4ea76eb4

FAILURE_BUCKET_ID:  0x19_20_nt!ExFreePoolWithTag+1b1

BUCKET_ID:  0x19_20_nt!ExFreePoolWithTag+1b1

Followup: MachineOwner
---------

Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\natyan\Windows_NT6_BSOD_jcgriff2\010512-110979-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\users\mike\documents\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17713.x86fre.win7sp1_gdr.111025-1505
Machine Name:
Kernel base = 0x82848000 PsLoadedModuleList = 0x829914d0
Debug session time: Thu Jan  5 13:32:40.759 2012 (UTC - 7:00)
System Uptime: 0 days 7:10:06.882
Loading Kernel Symbols
...............................................................
................................................................
...................................
Loading User Symbols
Loading unloaded module list
...................
0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MEMORY_MANAGEMENT (1a)
    # Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 00041287, The subtype of the bugcheck.
Arg2: 64536d59
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR:  0x1a_41287

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  msiexec.exe

CURRENT_IRQL:  0

TRAP_FRAME:  a07f5c00 -- (.trap 0xffffffffa07f5c00)
ErrCode = 00000000
eax=64536d4d ebx=a07f5ce0 ecx=64536d4d edx=00075c99 esi=873bebb8 edi=75c99349
eip=828e3f88 esp=a07f5c74 ebp=a07f5c74 iopl=0         nv up ei pl nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010206
nt!MiFindNodeOrParent+0x17:
828e3f88 3b510c          cmp     edx,dword ptr [ecx+0Ch] ds:0023:64536d59=????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from 82889408 to 828d640f

STACK_TEXT:  
a07f5be8 82889408 00000000 64536d59 00000000 nt!MmAccessFault+0x106
a07f5be8 828e3f88 00000000 64536d59 00000000 nt!KiTrap0E+0xdc
a07f5c74 828e3b73 a07f5c84 c03ae4c8 851267d8 nt!MiFindNodeOrParent+0x17
a07f5c88 828e3bc8 87752760 c03ae4c8 00000000 nt!MiLocateAddress+0x41
a07f5ca0 828d8108 a07f5ce0 a07f5cd8 75c99349 nt!MiCheckVirtualAddress+0x42
a07f5d1c 82889408 00000008 75c99349 00000001 nt!MmAccessFault+0x1dfd
a07f5d1c 75c99349 00000008 75c99349 00000001 nt!KiTrap0E+0xdc
WARNING: Frame IP not in any known module. Following frames may be wrong.
0140f0bc 00000000 00000000 00000000 00000000 0x75c99349


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!KiTrap0E+dc
82889408 85c0            test    eax,eax

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!KiTrap0E+dc

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4ea76eb4

FAILURE_BUCKET_ID:  0x1a_41287_nt!KiTrap0E+dc

BUCKET_ID:  0x1a_41287_nt!KiTrap0E+dc

Followup: MachineOwner
---------

Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\natyan\Windows_NT6_BSOD_jcgriff2\010712-91915-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\users\mike\documents\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17713.x86fre.win7sp1_gdr.111025-1505
Machine Name:
Kernel base = 0x82817000 PsLoadedModuleList = 0x829604d0
Debug session time: Sat Jan  7 11:50:09.984 2012 (UTC - 7:00)
System Uptime: 1 days 5:33:55.091
Loading Kernel Symbols
...............................................................
................................................................
.....................................
Loading User Symbols
Loading unloaded module list
...........................
0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 00000020, a pool block header size is corrupt.
Arg2: 8520d000, The pool entry we were looking for within the page.
Arg3: 8520d300, The next pool entry.
Arg4: 08600000, (reserved)

Debugging Details:
------------------

GetPointerFromAddress: unable to read from 82980848
Unable to read MiSystemVaType memory at 8295fe20

BUGCHECK_STR:  0x19_20

POOL_ADDRESS: GetPointerFromAddress: unable to read from 82980848
Unable to read MiSystemVaType memory at 8295fe20
 8520d000 

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 82a39879 to 82937c6b

STACK_TEXT:  
8c93fc4c 82a39879 8520d008 e56c6946 8520d008 nt!ExFreePoolWithTag+0x1b1
8c93fc70 82a3961e 8520d028 8520d010 00000000 nt!ObpFreeObject+0x24f
8c93fc84 8288fd40 00000000 000c0000 00000000 nt!ObpRemoveObjectRoutine+0x5e
8c93fc98 8288fcb0 8520d028 82a3eff9 8515e340 nt!ObfDereferenceObjectWithTag+0x88
8c93fca0 82a3eff9 8515e340 8515e368 829829c0 nt!ObfDereferenceObject+0xd
8c93fccc 82878f04 8515e340 00000000 00000000 nt!MiSegmentDelete+0x191
8c93fd28 82879225 84eed638 00000000 10020020 nt!MiProcessDereferenceList+0xdb
8c93fd50 82a1ffda 00000000 a8b26fd5 00000000 nt!MiDereferenceSegmentThread+0xc5
8c93fd90 828c81f9 8287915e 00000000 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExFreePoolWithTag+1b1
82937c6b cc              int     3

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!ExFreePoolWithTag+1b1

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4ea76eb4

FAILURE_BUCKET_ID:  0x19_20_nt!ExFreePoolWithTag+1b1

BUCKET_ID:  0x19_20_nt!ExFreePoolWithTag+1b1

Followup: MachineOwner
---------

Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\natyan\Windows_NT6_BSOD_jcgriff2\010812-71417-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\users\mike\documents\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17713.x86fre.win7sp1_gdr.111025-1505
Machine Name:
Kernel base = 0x8280e000 PsLoadedModuleList = 0x829574d0
Debug session time: Sat Jan  7 20:37:31.585 2012 (UTC - 7:00)
System Uptime: 0 days 5:24:56.583
Loading Kernel Symbols
...............................................................
................................................................
....................................
Loading User Symbols
Loading unloaded module list
......
0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 00000020, a pool block header size is corrupt.
Arg2: 8520d000, The pool entry we were looking for within the page.
Arg3: 8520d300, The next pool entry.
Arg4: 08600000, (reserved)

Debugging Details:
------------------

GetPointerFromAddress: unable to read from 82977848
Unable to read MiSystemVaType memory at 82956e20

BUGCHECK_STR:  0x19_20

POOL_ADDRESS: GetPointerFromAddress: unable to read from 82977848
Unable to read MiSystemVaType memory at 82956e20
 8520d000 

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 8a83ff3a to 8292ec6b

STACK_TEXT:  
e2f80adc 8a83ff3a 8520d008 00000000 828d1d6d nt!ExFreePoolWithTag+0x1b1
e2f80af4 8a836748 8520d008 e2f80b18 8a8ca5ec Ntfs!NtfsFreeNonpagedDataFcb+0x28
e2f80b00 8a8ca5ec 8a863300 8520d008 86d88128 Ntfs!ExFreeToNPagedLookasideList+0x1e
e2f80b18 8a8bb199 8520d008 00000000 85b49240 Ntfs!NtfsDeleteNonpagedFcb+0x3c
e2f80b40 8a835b29 86d88128 e2f80b70 e2f80b7a Ntfs!NtfsDeleteFcb+0xd5
e2f80b94 8a8ca372 86d88128 85b490d8 ab463c88 Ntfs!NtfsTeardownFromLcb+0x24f
e2f80be4 8a83a2cb 86d88128 ab463d78 01463f20 Ntfs!NtfsTeardownStructures+0xf3
e2f80c0c 8a8ce341 86d88128 ab463d78 ab463f20 Ntfs!NtfsDecrementCloseCounts+0xaf
e2f80c6c 8a8d2424 86d88128 ab463d78 ab463c88 Ntfs!NtfsCommonClose+0x4f2
e2f80d00 8288ba6b 00000000 00000000 853ada68 Ntfs!NtfsFspClose+0x118
e2f80d50 82a16fda 80000000 c6d9977f 00000000 nt!ExpWorkerThread+0x10d
e2f80d90 828bf1f9 8288b95e 80000000 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExFreePoolWithTag+1b1
8292ec6b cc              int     3

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!ExFreePoolWithTag+1b1

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4ea76eb4

FAILURE_BUCKET_ID:  0x19_20_nt!ExFreePoolWithTag+1b1

BUCKET_ID:  0x19_20_nt!ExFreePoolWithTag+1b1

Followup: MachineOwner
---------

First step should be to remove all Symantec software running on your machine as these are known to cause BSODs on some systems.

Code:

rtvscan.exe	c:\program files\symantec\symantec endpoint protection\rtvscan.exe	2056	8	200	1380	1/8/2012 9:44 AM	11.0.6300.541	1.75 MB (1,839,888 bytes)	7/21/2011 1:42 PM
smc.exe		c:\program files\symantec\symantec endpoint protection\smc.exe	1220	8	200	1380	1/8/2012 9:44 AM	11.0.6300.552	1.81 MB (1,893,840 bytes)	7/21/2011 1:42 PM
smcgui.exe	c:\program files\symantec\symantec endpoint protection\smcgui.exe	3432	8	200	1380	1/8/2012 9:45 AM	11.0.6300.552	1.39 MB (1,459,616 bytes)	7/21/2011 1:42 PM

Second step is to update the following drivers using the steps in Installing and updating drivers in 7 and information from Driver Reference for drivers and Drivers and Downloads for drivers' manufacturers.

Code:

mchInjDrv	a63eb000	a63eba00	Wed Jan 11 00:07:52 2006 (43c4aec8)	000017a5		mchInjDrv.sys
FwLnk		9a78b000	9a793000	Sun Nov 19 07:11:12 2006 (45606600)	00002c0b		FwLnk.sys
SynTP		9a7a9000	9a7d9000	Thu Aug 14 20:02:22 2008 (48a4e3ae)	00032a65		SynTP.sys
AGRSM		a2432000	a2538000	Mon Nov 10 07:56:37 2008 (49184ba5)	0010b850		AGRSM.sys
dsNcAdpt	9a7d9000	9a7e4000	Mon Mar 30 20:39:02 2009 (49d18246)	00008e2a		dsNcAdpt.sys

writhziden said:

First step should be to remove all Symantec software running on your machine as these are known to cause BSODs on some systems.

Code:

rtvscan.exe    c:\program files\symantec\symantec endpoint protection\rtvscan.exe    2056    8    200    1380    1/8/2012 9:44 AM    11.0.6300.541    1.75 MB (1,839,888 bytes)    7/21/2011 1:42 PM
smc.exe    c:\program files\symantec\symantec endpoint protection\smc.exe    1220    8    200    1380    1/8/2012 9:44 AM    11.0.6300.552    1.81 MB (1,893,840 bytes)    7/21/2011 1:42 PM
smcgui.exe    c:\program files\symantec\symantec endpoint protection\smcgui.exe    3432    8    200    1380    1/8/2012 9:45 AM    11.0.6300.552    1.39 MB (1,459,616 bytes)    7/21/2011 1:42 PM

Second step is to update the following drivers using the steps in Installing and updating drivers in 7 and information from Driver Reference for drivers and Drivers and Downloads for drivers' manufacturers.

Code:

mchInjDrv    a63eb000    a63eba00    Wed Jan 11 00:07:52 2006 (43c4aec8)    000017a5        mchInjDrv.sys
FwLnk    9a78b000    9a793000    Sun Nov 19 07:11:12 2006 (45606600)    00002c0b        FwLnk.sys
SynTP    9a7a9000    9a7d9000    Thu Aug 14 20:02:22 2008 (48a4e3ae)    00032a65        SynTP.sys
AGRSM    a2432000    a2538000    Mon Nov 10 07:56:37 2008 (49184ba5)    0010b850        AGRSM.sys
dsNcAdpt    9a7d9000    9a7e4000    Mon Mar 30 20:39:02 2009 (49d18246)    00008e2a        dsNcAdpt.sys

Unfortunately, in order to access my school's network services, I need to have Symantec installed. (It's a university-wide requirement.) Is it likely that Symantec is the principal cause of my problem? Or are the other drivers to blame?

natyan said:

Unfortunately, in order to access my school's network services, I need to have Symantec installed. (It's a university-wide requirement.) Is it likely that Symantec is the principal cause of my problem? Or are the other drivers to blame?

Alright, keep Symantec installed since it is required by your university. Update the drivers listed in the third set of code. The drivers may already be the latest, so if you cannot find an update, do not worry too much about it. You may want to install the drivers in compatibility mode for Vista if the newest are still prior to July 13, 2009. Drivers - Install Vista Drivers on Windows 7 may be a useful resource.

You may use the following sites as references for finding drivers. We recommend finding the manufacturer of the driver and downloading drivers directly from the manufacturer or software developer. If you have trouble finding a driver or driver manufacturer, let us know and we will do our best to assist you. If you need help, please provide the device name, manufacturer, and the driver .sys file that you are looking for.

1. Driver Reference is a good site to find the driver .sys files, their descriptions, and the site most likely to contain an update.
2. Driver Search Methods provides driver manufacturers and links to their homepages.

There are a few methods for updating drivers.

1. Installing and updating drivers in 7
2. Driver Install - Add Hardware Wizard
3. Driver Install - Device Manager

To fully re-install a driver, use the following steps.

1. Click Start Menu
2. Right Click My Computer/Computer
3. Click Manage
4. Click Device Manager from the list on the left
5. Find the device you are trying to uninstall by expanding the appropriate set of devices
6. Right click the device
7. Click Uninstall (do not click OK in the dialog box that pops up after hitting Uninstall)
8. Put a tick in Delete driver software for this device (if this option is available, otherwise just hit OK) and hit OK
9. Restart your computer
10. Install the latest driver for the device once Windows starts.

Alternatively:

1. Login as an adminstrative user.
2. Click Start Menu
3. Click Control Panel
4. Click Hardware and Sound
5. Click Device Manager (the last link under Devices and Printers)
6. Find the device you are trying to uninstall by expanding the appropriate set of devices
7. Right click the device
8. Click Uninstall (do not click OK in the dialog box that pops up after hitting Uninstall)
9. Put a tick in Delete driver software for this device (if this option is available, otherwise just hit OK) and hit OK
10. Restart your computer
11. Install the latest driver for the device once Windows starts.

I did uninstall Symantec, but I've continued to get BSODs, so I know that's not the (only) issue.

I enabled Driver Verifier and rebooted. During the reboot, my system BSODed, then tried to restart. This happened three times. The fourth time (BAD_POOL_CALLER), I caught mchinjdrv.sys as the cause. I then restarted in Safe Mode and disabled the verifier.

I'll upload the minidump files again.
If mchinjdrv.sys is the cause, where can I go to update it? I couldn't find it on the Driver Methods/Driver Search pages writhziden linked.

Code:

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\BSODDmpFiles\natyan\BSOD reports 1-31-12\Windows_NT6_BSOD_jcgriff2\013112-26426-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17713.x86fre.win7sp1_gdr.111025-1505
Machine Name:
Kernel base = 0x82a07000 PsLoadedModuleList = 0x82b504d0
Debug session time: Tue Jan 31 11:37:35.240 2012 (GMT-7)
System Uptime: 0 days 0:00:45.378
Loading Kernel Symbols
...............................................................
................................................................
.......................
Loading User Symbols
Loading unloaded module list
.....
1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_CALLER (c2)
The current thread is making a bad pool request.  Typically this is at a bad IRQL level or double freeing the same allocation, etc.
Arguments:
Arg1: 0000009b, Attempt to allocate pool with a tag of zero.  This would make the pool untrackable and worse, corrupt the existing tag tables.
Arg2: 00000001, Pool type
Arg3: 00000971, Size of allocation in bytes
Arg4: 9bbfc341, Caller's address.

Debugging Details:
------------------

Unable to load image \??\C:\Windows\system32\Drivers\mchInjDrv.sys, Win32 error 0n2
*** ERROR: Module load completed but symbols could not be loaded for mchInjDrv.sys

BUGCHECK_STR:  0xc2_9b

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP

PROCESS_NAME:  services.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 82d3df03 to 82ae5ef4

STACK_TEXT:  
807b1444 82d3df03 000000c2 0000009b 00000001 nt!KeBugCheckEx+0x1e
807b1464 82d4d9ae 00000001 00000000 00000001 nt!VerifierBugCheckIfAppropriate+0x30
807b147c 82d39b7b 00000081 00000971 807b14c0 nt!ExAllocatePoolSanityChecks+0x2f
807b14b0 82d3974f 00000081 00000971 00000000 nt!VeAllocatePoolWithTagPriority+0x68
807b14cc 9bbfc341 00000001 00000971 00000000 nt!VerifierExAllocatePoolWithTag+0x1e
WARNING: Stack unwind information not available. Following frames may be wrong.
807b150c 9bbfc3a7 00000023 82b489c0 9b325308 mchInjDrv+0x341
807b153c 82c6e82c 00000244 000009b4 00000001 mchInjDrv+0x3a7
807b15f4 82c76859 9bffa330 01ffa030 807b1650 nt!PspInsertThread+0x5c0
807b1d00 82a4521a 0018f43c 0018f418 02000000 nt!NtCreateUserProcess+0x742
807b1d00 76e57094 0018f43c 0018f418 02000000 nt!KiFastCallEntry+0x12a
0018f75c 00000000 00000000 00000000 00000000 0x76e57094


STACK_COMMAND:  kb

FOLLOWUP_IP: 
mchInjDrv+341
9bbfc341 a340c7bf9b      mov     dword ptr [mchInjDrv+0x740 (9bbfc740)],eax

SYMBOL_STACK_INDEX:  5

SYMBOL_NAME:  mchInjDrv+341

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: mchInjDrv

IMAGE_NAME:  mchInjDrv.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  43c4aec8

FAILURE_BUCKET_ID:  0xc2_9b_VRF_mchInjDrv+341

BUCKET_ID:  0xc2_9b_VRF_mchInjDrv+341

Followup: MachineOwner
---------

Caused by mchInjDrv.sys, which may be spyware or part of anti-spyware software. Do you have any anti-spyware software on your computer?

Yes; since uninstalling Symantec, I've been using Avast!

Other than Symantec Endpoint Protection? No.