BSOD, How to find information about it?

Hello, my computer is about 2 years old and never had a problem with it until now. I decided to format it and do a clean install of windows. Today I got a BSOD after a shutdown that had 2 updates to be made. It did the updates process where it said to not shutdown the computer but then the BOSD happened. I could get all the information from it, but from what I remember it had something like: "Bad Pool Header".

I'm trying to get more info on this error and that's where I came across this board and decided to ask for help. I have found that a log is saved to windows/minidump but i cant read it =/
I have attached the file here.

Can anyone help me with this problem?

Thank you.

Sorry for my bad english.

Thank you I will try that. Funny you mention it because I had a problem where I lost connection after a system sleep, when it would come back up I did not have internet. So I apply a hot fix and re-download drivers from asus website.

Now why did it said Bad Pool Header on the BSOD and how can I do what you did. I mean check the log and find the problem like you did for use in the future xD.

Thank you once again.

Hi, me again. I did what you said and update the drivers for my network card. So I have not had any problems until now, I set the computer to shut down and again BSOD. It seens to only do that when I set it to shutdown. Same problem "Bad Pool Header" and stop error 0x00000019.

Please help.

This is paged pool memory error. This type of error is hard to trace since the page pool, in this case, is corrupt and the steps (addresses) through the pool are invalid. The last driver (elc62x64.sys) may or may not have been the cause. This can happen if you have multiple drivers attempting to use the same page pool area--Either by accident (outdated drivers) or on purpose (malware).

Page Pool stepping couldn't continue.

Code:

 
kd> !pool fffffa8007f80810
Pool page fffffa8007f80810 region is Unknown
 fffffa8007f80000 size:   c0 previous size:    0  (Free)       EtwR
 fffffa8007f800c0 size:   20 previous size:   c0  (Allocated)  VfIT
 fffffa8007f800e0 size:  170 previous size:   20  (Allocated)  NDpw
 fffffa8007f80250 size:  100 previous size:  170  (Allocated)  MmCa
 fffffa8007f80350 size:  1e0 previous size:  100  (Free)       VadS
 fffffa8007f80530 size:   c0 previous size:  1e0  (Allocated)  FMsl
 fffffa8007f805f0 size:   d0 previous size:   c0  (Free )  NSIr
 fffffa8007f806c0 size:   30 previous size:   d0  (Free)       KsoO
 fffffa8007f806f0 size:  120 previous size:   30  (Free )  IE1Q
GetUlongFromAddress: unable to read from fffff80003028a38
fffffa8007f80810 is not a valid small pool allocation, checking large pool...
unable to get pool big page table - either wrong symbols or pool tagging is disabled
fffffa8007f80810 is freed (or corrupt) pool
Bad allocation size @fffffa8007f80810, zero is invalid
***
*** An error (or corruption) in the pool was detected;
*** Pool Region unknown (0xFFFFFA8007F80810)
***
kd> !poolval fffffa8007f80000
Pool page fffffa8007f80000 region is Unknown
Validating Pool headers for pool page: fffffa8007f80000
Pool page [ fffffa8007f80000 ] is __inVALID.
Analyzing linked list...
[ fffffa8007f806f0 --> fffffa8007f808d0 (size = 0x1e0 bytes)]: Corrupt region

Scanning for single bit errors...
None found

There's a number of drivers that may be outdated. You haven't provided enough info on your system to determine if it is OEM or home-built so you'll need to verify that your motherboard drivers are up to date as well as a few of your hardware drivers and anti-virus. The two at the bottom of the list may be malware.

InfoWatch Encrypt Sector
Image path: \SystemRoot\system32\DRIVERS\CSCrySec.sys
Image name: CSCrySec.sys
Timestamp: Mon Dec 07 02:34:23 2009 (4B1CBE0F)

Image path: \SystemRoot\system32\DRIVERS\CSVirtualDiskDrv.sys
Image name: CSVirtualDiskDrv.sys
Timestamp: Mon Dec 07 02:34:27 2009 (4B1CBE13)


Kaspersky Lab (Anti-Virus)
Timestamp: Mon Nov 02 10:26:06 2009 (4AEF081E) Plus several others!!!!!!

DPL2/EQ Filter Driver from Logitech
Image path: \SystemRoot\system32\DRIVERS\ladfGSCamd64.sys
Image name: ladfGSCamd64.sys
Timestamp: Mon Apr 11 13:41:01 2011 (4DA34B3D)

Image path: \SystemRoot\system32\DRIVERS\ladfGSRamd64.sys
Image name: ladfGSRamd64.sys
Timestamp: Mon Apr 11 13:41:07 2011 (4DA34B43)

GamePanel Software from Logitech Inc.
Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
Image name: LGBusEnum.sys
Timestamp: Mon Nov 23 19:36:48 2009 (4B0B38B0)

Image path: \SystemRoot\System32\Drivers\LGPBTDD.sys
Image name: LGPBTDD.sys
Timestamp: Wed Jul 01 13:47:52 2009 (4A4BAF58)

Image path: \SystemRoot\system32\drivers\LGVirHid.sys
Image name: LGVirHid.sys
Timestamp: Mon Nov 23 19:36:48 2009 (4B0B38B0)

Audio Driver
Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
Image name: RTKVHD64.sys
Timestamp: Tue Nov 02 06:25:59 2010 (4CCFF547)

NEC USB3 Drivers
Image path: \SystemRoot\system32\DRIVERS\nusb3hub.sys
Image name: nusb3hub.sys
Timestamp: Thu Dec 09 22:50:35 2010 (4D01B19B)

Image path: \SystemRoot\system32\DRIVERS\nusb3xhc.sys
Image name: nusb3xhc.sys
Timestamp: Thu Dec 09 22:50:35 2010 (4D01B19B)

These could be a Trojans
Image path: \SystemRoot\System32\Drivers\msrpc.sys
Image name: msrpc.sys
Timestamp: unavailable (00000000)
Image path: \SystemRoot\System32\Drivers\Fs_Rec.sys
Image name: Fs_Rec.sys
Timestamp: unavailable (00000000)

Before doing anything else, run SFC /scannow in an elevated command prompt (Administrator) to make sure the two above drivers are legit. Report back any console messages.

Hello and thank you for your help.

I ran what you asked, and I attached a print screen and a log of the test.

About my computer it's a home-built computer with a ASUS P8P67 PRO REV 3.0 motherboard Link. After the clean install I downloaded most drivers from Asus website Link.
I'm using Kaspersky Pure 2.0 as anti virus program.

If anymore info is needed please let me know.

Thank you.

Did you follow the instructions on the console screen about rebooting? The scan replaced numerous Windows drivers that won't take effect until a reboot occurs. This could indicate that you have malware that is not being caught by Kaspersky.

Do NOT add or remove any software, unless directed, until we make sure your system is stable and checked for malware.

Download and install the free version of MBAM then start it and make sure it is updated. You may need to set your Anti-Virus/Internet-Security to ignore/exclude "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe". Then run a full scan.

If there are no "hits" from the MBAM scan we'll have to go through your list of "Most" updates for your motherboard drivers. Critical items are any hardware drivers (display, audio, USB, Bluetooth, LAN, SATA, etc.), BIOS and chipset INF updates. You do not need the Intel Management Engine or other motherboard utilities.

This time is my laptop. Got it from lenovo about 1 month ago, it was just sitting in my desk idle, then I see BSOD. didnt even have time to read what was on it. I tried installing Windbg according to this thread: BSOD Analysis - Getting Started but cant get it to work.

Can anyone tell me what happened and why I might have gotten this BSOD...


ty