BSOD - Pool_Corruption etc...

S

SAPStar

New member
Local time
6:04 AM
Messages
2
Hello,

Im quite new to debug NT dumps so I'm looking for little help with BSOD on w7 ent. x64 edition.

In short, problem is recurring when i try to sleep notebook or eventually when its restoring from sleep mode.

Ive checked some debug tutorials but got little problem with loading symbols...but even so I got this output of the last mini-dump:

Code: 
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\hojstric\Desktop\061511-16161-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17592.amd64fre.win7sp1_gdr.110408-1631
Machine Name:
Kernel base = 0xfffff800`02a54000 PsLoadedModuleList = 0xfffff800`02c99650
Debug session time: Wed Jun 15 17:15:38.851 2011 (UTC + 2:00)
System Uptime: 0 days 10:00:02.609
Loading Kernel Symbols
...............................................................
................................................................
......................................................
Loading User Symbols
Loading unloaded module list
..............................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {3, fffff80002c5b7b0, 0, fffff80002c5b7b0}

Unable to load image \SystemRoot\system32\drivers\mfetdik.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for mfetdik.sys
*** ERROR: Module load completed but symbols could not be loaded for mfetdik.sys
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+a53 )

Followup: Pool_corruption
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000003, the pool freelist is corrupt.
Arg2: fffff80002c5b7b0, the pool entry being checked.
Arg3: 0000000000000000, the read back flink freelist value (should be the same as 2).
Arg4: fffff80002c5b7b0, the read back blink freelist value (should be the same as 2).

Debugging Details:
------------------


BUGCHECK_STR:  0x19_3

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  2

LAST_CONTROL_TRANSFER:  from fffff80002bfe4b3 to fffff80002ad3d00

STACK_TEXT:  
fffff880`0b1adb78 fffff800`02bfe4b3 : 00000000`00000019 00000000`00000003 fffff800`02c5b7b0 00000000`00000000 : nt!KeBugCheckEx
fffff880`0b1adb80 fffff880`011c0542 : fffff880`00000000 fffffa80`044d4b80 fffffa80`06bc2cc0 fffffa80`00000000 : nt!ExDeferredFreePool+0xa53
fffff880`0b1adc70 fffff880`011c0d56 : fffffa80`044d4b80 fffffa80`073f9070 00000000`00000000 00000000`00000000 : tdx!TdxCreateTransportAddress+0x122
fffff880`0b1add00 fffff880`011ef3f1 : fffffa80`00000000 fffff8a0`0032f550 fffffa80`06bc2c50 fffff880`0b1aded0 : tdx!TdxTdiDispatchCreate+0x496
fffff880`0b1adda0 fffffa80`00000000 : fffff8a0`0032f550 fffffa80`06bc2c50 fffff880`0b1aded0 00000000`00000000 : mfetdik+0x73f1
fffff880`0b1adda8 fffff8a0`0032f550 : fffffa80`06bc2c50 fffff880`0b1aded0 00000000`00000000 fffffa80`06bc2c50 : 0xfffffa80`00000000
fffff880`0b1addb0 fffffa80`06bc2c50 : fffff880`0b1aded0 00000000`00000000 fffffa80`06bc2c50 00000000`00060000 : 0xfffff8a0`0032f550
fffff880`0b1addb8 fffff880`0b1aded0 : 00000000`00000000 fffffa80`06bc2c50 00000000`00060000 fffff880`0b1addd8 : 0xfffffa80`06bc2c50
fffff880`0b1addc0 00000000`00000000 : fffffa80`06bc2c50 00000000`00060000 fffff880`0b1addd8 fffff880`0b1addd8 : 0xfffff880`0b1aded0


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExDeferredFreePool+a53
fffff800`02bfe4b3 cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!ExDeferredFreePool+a53

FOLLOWUP_NAME:  Pool_corruption

IMAGE_NAME:  Pool_Corruption

DEBUG_FLR_IMAGE_TIMESTAMP:  0

MODULE_NAME: Pool_Corruption

FAILURE_BUCKET_ID:  X64_0x19_3_nt!ExDeferredFreePool+a53

BUCKET_ID:  X64_0x19_3_nt!ExDeferredFreePool+a53

Followup: Pool_corruption
---------
From upper mentioned output i suspect that one of the "MCAfee" security components is responsible, but ill be thankful for any advice or help someone could offer.

Thank you in advance.
J
 

My Computer

OS
Windows 7 Eterprise x64
SAPStar said:
Hello,

Im quite new to debug NT dumps so I'm looking for little help with BSOD on w7 ent. x64 edition.

In short, problem is recurring when i try to sleep notebook or eventually when its restoring from sleep mode.

Ive checked some debug tutorials but got little problem with loading symbols...but even so I got this output of the last mini-dump:

Code: 
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\hojstric\Desktop\061511-16161-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17592.amd64fre.win7sp1_gdr.110408-1631
Machine Name:
Kernel base = 0xfffff800`02a54000 PsLoadedModuleList = 0xfffff800`02c99650
Debug session time: Wed Jun 15 17:15:38.851 2011 (UTC + 2:00)
System Uptime: 0 days 10:00:02.609
Loading Kernel Symbols
...............................................................
................................................................
......................................................
Loading User Symbols
Loading unloaded module list
..............................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {3, fffff80002c5b7b0, 0, fffff80002c5b7b0}

Unable to load image \SystemRoot\system32\drivers\mfetdik.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for mfetdik.sys
*** ERROR: Module load completed but symbols could not be loaded for mfetdik.sys
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+a53 )

Followup: Pool_corruption
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000003, the pool freelist is corrupt.
Arg2: fffff80002c5b7b0, the pool entry being checked.
Arg3: 0000000000000000, the read back flink freelist value (should be the same as 2).
Arg4: fffff80002c5b7b0, the read back blink freelist value (should be the same as 2).

Debugging Details:
------------------


BUGCHECK_STR:  0x19_3

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  2

LAST_CONTROL_TRANSFER:  from fffff80002bfe4b3 to fffff80002ad3d00

STACK_TEXT:  
fffff880`0b1adb78 fffff800`02bfe4b3 : 00000000`00000019 00000000`00000003 fffff800`02c5b7b0 00000000`00000000 : nt!KeBugCheckEx
fffff880`0b1adb80 fffff880`011c0542 : fffff880`00000000 fffffa80`044d4b80 fffffa80`06bc2cc0 fffffa80`00000000 : nt!ExDeferredFreePool+0xa53
fffff880`0b1adc70 fffff880`011c0d56 : fffffa80`044d4b80 fffffa80`073f9070 00000000`00000000 00000000`00000000 : tdx!TdxCreateTransportAddress+0x122
fffff880`0b1add00 fffff880`011ef3f1 : fffffa80`00000000 fffff8a0`0032f550 fffffa80`06bc2c50 fffff880`0b1aded0 : tdx!TdxTdiDispatchCreate+0x496
fffff880`0b1adda0 fffffa80`00000000 : fffff8a0`0032f550 fffffa80`06bc2c50 fffff880`0b1aded0 00000000`00000000 : mfetdik+0x73f1
fffff880`0b1adda8 fffff8a0`0032f550 : fffffa80`06bc2c50 fffff880`0b1aded0 00000000`00000000 fffffa80`06bc2c50 : 0xfffffa80`00000000
fffff880`0b1addb0 fffffa80`06bc2c50 : fffff880`0b1aded0 00000000`00000000 fffffa80`06bc2c50 00000000`00060000 : 0xfffff8a0`0032f550
fffff880`0b1addb8 fffff880`0b1aded0 : 00000000`00000000 fffffa80`06bc2c50 00000000`00060000 fffff880`0b1addd8 : 0xfffffa80`06bc2c50
fffff880`0b1addc0 00000000`00000000 : fffffa80`06bc2c50 00000000`00060000 fffff880`0b1addd8 fffff880`0b1addd8 : 0xfffff880`0b1aded0


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExDeferredFreePool+a53
fffff800`02bfe4b3 cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!ExDeferredFreePool+a53

FOLLOWUP_NAME:  Pool_corruption

IMAGE_NAME:  Pool_Corruption

DEBUG_FLR_IMAGE_TIMESTAMP:  0

MODULE_NAME: Pool_Corruption

FAILURE_BUCKET_ID:  X64_0x19_3_nt!ExDeferredFreePool+a53

BUCKET_ID:  X64_0x19_3_nt!ExDeferredFreePool+a53

Followup: Pool_corruption
---------
From upper mentioned output i suspect that one of the "MCAfee" security components is responsible, but ill be thankful for any advice or help someone could offer.

Thank you in advance.
J
Click to expand...


Yep McAffee strikes again. Remove and replace with Microsoft Security Essentials

How to uninstall or reinstall supported McAfee consumer products using the McAfee Consumer Products Removal tool (MCPR.exe)

http://www.microsoft.com/security_essentials/

I would also run memtest to verify your ram.

Download a copy of Memtest86 and burn the ISO to a CD using Iso Recorder or another ISO burning program.

Boot from the CD, and leave it running for at least 5 or 6 passes.

Just remember, any time Memtest reports errors, it can be either bad RAM or a bad motherboard slot.

Test the sticks individually, and if you find a good one, test it in all slots.



Code: 
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\K\Desktop\Windows_NT6_BSOD_jcgriff2\061511-16161-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols;srv*e:\symbols
*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17592.amd64fre.win7sp1_gdr.110408-1631
Machine Name:
Kernel base = 0xfffff800`02a54000 PsLoadedModuleList = 0xfffff800`02c99650
Debug session time: Wed Jun 15 11:15:38.851 2011 (GMT-4)
System Uptime: 0 days 10:00:02.609
Loading Kernel Symbols
...............................................................
................................................................
......................................................
Loading User Symbols
Loading unloaded module list
..............................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {3, fffff80002c5b7b0, 0, fffff80002c5b7b0}

Unable to load image \SystemRoot\system32\drivers\mfetdik.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for mfetdik.sys
[B]*** ERROR: Module load completed but symbols could not be loaded for mfetdik.sys[/B]
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+a53 )

Followup: Pool_corruption
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000003, the pool freelist is corrupt.
Arg2: fffff80002c5b7b0, the pool entry being checked.
Arg3: 0000000000000000, the read back flink freelist value (should be the same as 2).
Arg4: fffff80002c5b7b0, the read back blink freelist value (should be the same as 2).

Debugging Details:
------------------


BUGCHECK_STR:  0x19_3

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  2

LAST_CONTROL_TRANSFER:  from fffff80002bfe4b3 to fffff80002ad3d00

STACK_TEXT:  
fffff880`0b1adb78 fffff800`02bfe4b3 : 00000000`00000019 00000000`00000003 fffff800`02c5b7b0 00000000`00000000 : nt!KeBugCheckEx
fffff880`0b1adb80 fffff880`011c0542 : fffff880`00000000 fffffa80`044d4b80 fffffa80`06bc2cc0 fffffa80`00000000 : nt!ExDeferredFreePool+0xa53
fffff880`0b1adc70 fffff880`011c0d56 : fffffa80`044d4b80 fffffa80`073f9070 00000000`00000000 00000000`00000000 : tdx!TdxCreateTransportAddress+0x122
fffff880`0b1add00 fffff880`011ef3f1 : fffffa80`00000000 fffff8a0`0032f550 fffffa80`06bc2c50 fffff880`0b1aded0 : tdx!TdxTdiDispatchCreate+0x496
fffff880`0b1adda0 fffffa80`00000000 : fffff8a0`0032f550 fffffa80`06bc2c50 fffff880`0b1aded0 00000000`00000000 : mfetdik+0x73f1
fffff880`0b1adda8 fffff8a0`0032f550 : fffffa80`06bc2c50 fffff880`0b1aded0 00000000`00000000 fffffa80`06bc2c50 : 0xfffffa80`00000000
fffff880`0b1addb0 fffffa80`06bc2c50 : fffff880`0b1aded0 00000000`00000000 fffffa80`06bc2c50 00000000`00060000 : 0xfffff8a0`0032f550
fffff880`0b1addb8 fffff880`0b1aded0 : 00000000`00000000 fffffa80`06bc2c50 00000000`00060000 fffff880`0b1addd8 : 0xfffffa80`06bc2c50
fffff880`0b1addc0 00000000`00000000 : fffffa80`06bc2c50 00000000`00060000 fffff880`0b1addd8 fffff880`0b1addd8 : 0xfffff880`0b1aded0


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExDeferredFreePool+a53
fffff800`02bfe4b3 cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!ExDeferredFreePool+a53

FOLLOWUP_NAME:  Pool_corruption

IMAGE_NAME:  Pool_Corruption

DEBUG_FLR_IMAGE_TIMESTAMP:  0

MODULE_NAME: Pool_Corruption

FAILURE_BUCKET_ID:  X64_0x19_3_nt!ExDeferredFreePool+a53

BUCKET_ID:  X64_0x19_3_nt!ExDeferredFreePool+a53

Followup: Pool_corruption
---------
 

My Computer

Computer Manufacturer/Model Number
HP Pavillion dv-7 1005 Tx
OS
Win 8 Release candidate 8400
CPU
[email protected]
Memory
4 gigs
Graphics Card(s)
Nvidia 9600M
Sound Card
HD built-in
Monitor(s) Displays
17" Wxga
Screen Resolution
1440x900
Cooling
none
Internet Speed
45Mb down 5Mb up
Thanks and my regards.....


Yep McAffee strikes again. Remove and replace with Microsoft Security Essentials

How to uninstall or reinstall supported McAfee consumer products using the McAfee Consumer Products Removal tool (MCPR.exe)

Virus, Spyware & Malware Protection | Microsoft Security Essentials

I would also run memtest to verify your ram.

Download a copy of Memtest86 and burn the ISO to a CD using Iso Recorder or another ISO burning program.

Boot from the CD, and leave it running for at least 5 or 6 passes.

Just remember, any time Memtest reports errors, it can be either bad RAM or a bad motherboard slot.

Test the sticks individually, and if you find a good one, test it in all slots.
Click to expand...

Arghhh.. I thought that it is that nasty crap.
picnic.gif

Ive been testing memory when i received clean machine as well as other parts but Ill try to test it once again. :)

Unlucky Im not allowed to remove McAfee as this corporate machine with mandatory security software. But ill pass this to our person in charge.

Anyway, thank you very much.
 

My Computer

OS
Windows 7 Eterprise x64
You must log in or register to reply here.

Similar threads

First BSOD after years of use (IRQL_NOT_LESS_OR_EQUAL)
Replies
10
Views
25K
AlexanderABson
AlexanderABson
BSOD watching video in Firefox.
Replies
2
Views
1K
ElgarL
E
BSOD playing Genshin Impact, Bugcheck 1e
Replies
3
Views
3K
axe0
A
BSOD while browsing in Chrome - BAD POOL HEADER
2
Replies
20
Views
6K
axe0
A
BSOD - DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Replies
1
Views
1K
zbook
Z
Back
Top