Solved BSOD while surfing web: Error 0x0000000019 BAD_POOL_HEADER

[dayleedumped]

Hey everyone,
I first want to say Thank you for this community, you guys are a great help throughout my life. This is the first time I actually had to post for some help because this BSOD seem to have many different causes. Usually I could find the answer through the search option.

I just need some help, i just recently received a BSOD in class and lost all the notes i was taking in class. Frustrated, and sad, I am seeking for some help for this to never happen again. I rarely download anything on this laptop and use it for strictly school. I blame Sony laptops... but noneoftheless, can someone help me? Attached is the minidump. Thank you guys!

 

[koolkat77]

Welcome to the forum.

Please install service pack one: Learn how to install Windows 7 Service Pack 1 (SP1)

Looks like Malwarebytes is creating the BSOD's. If they persist after installing service pack one, then uninstall malwarebytes to test.

[FONT="Lucida Console"]
Microsoft (R) Windows Debugger Version 6.3.9600.16384 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\YUSRA\Downloads\010615-31683-01\010615-31683-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.17273.amd64fre.win7_gdr.130318-1532
Machine Name:
Kernel base = 0xfffff800`02e5e000 PsLoadedModuleList = 0xfffff800`0309ae70
Debug session time: Wed Jan  7 00:37:59.335 2015 (UTC + 6:00)
System Uptime: 14 days 7:16:57.771
Loading Kernel Symbols
.

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

..............................................................
................................................................
............................................
Loading User Symbols
Loading unloaded module list
..................................................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {20, fffffa8018f630c0, fffffa8018f630e0, 402000c}

*** WARNING: Unable to verify timestamp for mwac.sys
*** ERROR: Module load completed but symbols could not be loaded for mwac.sys
Probably caused by : fwpkclnt.sys ( fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+20a )

Followup: MachineOwner
---------

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: fffffa8018f630c0, The pool entry we were looking for within the page.
Arg3: fffffa8018f630e0, The next pool entry.
Arg4: 000000000402000c, (reserved)

Debugging Details:
------------------


BUGCHECK_STR:  0x19_20

POOL_ADDRESS: GetPointerFromAddress: unable to read from fffff800031050e0
GetUlongFromAddress: unable to read from fffff80003105198
 fffffa8018f630c0 Nonpaged pool

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

PROCESS_NAME:  mbamservice.ex

CURRENT_IRQL:  0

ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) x86fre

LAST_CONTROL_TRANSFER:  from fffff800030006d3 to fffff80002ecd880

STACK_TEXT:  
fffff880`0c5e3358 fffff800`030006d3 : 00000000`00000019 00000000`00000020 fffffa80`18f630c0 fffffa80`18f630e0 : nt!KeBugCheckEx
fffff880`0c5e3360 fffff880`01b26a2d : 00000000`00000008 00000000`0000000c 00000000`676e7049 fffff880`0518c0a2 : nt!ExFreePoolWithTag+0x18b4
fffff880`0c5e3410 fffff880`0180a04e : 00000000`00000000 fffff880`018060c3 00000000`00000000 fffffa80`1612e880 : tcpip!IppInspectBuildHeaders+0x65d
fffff880`0c5e36f0 fffff880`0ade012d : 00000000`00000000 00000000`00000014 00000000`00000000 fffffa80`1a97daa0 : fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+0x20a
fffff880`0c5e3790 00000000`00000000 : 00000000`00000014 00000000`00000000 fffffa80`1a97daa0 fffffa80`1a97dab4 : mwac+0x612d


STACK_COMMAND:  kb

FOLLOWUP_IP: 
fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+20a
fffff880`0180a04e 85c0            test    eax,eax

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+20a

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: fwpkclnt

IMAGE_NAME:  fwpkclnt.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  50e645d2

IMAGE_VERSION:  6.1.7600.17206

FAILURE_BUCKET_ID:  X64_0x19_20_fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+20a

BUCKET_ID:  X64_0x19_20_fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+20a

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:x64_0x19_20_fwpkclnt!fwpsconstructipheaderfortransportpacket0+20a

FAILURE_ID_HASH:  {863e217f-0693-d7a3-6d21-a4c5a3f57698}

Followup: MachineOwner
---------

[/FONT]