Executable search path is:
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`0325e000 PsLoadedModuleList = 0xfffff800`0349be50
Debug session time: Thu Feb 17 18:59:38.949 2011 (UTC + 0:00)
System Uptime: 0 days 4:30:31.043
Loading Kernel Symbols
...............................................................
................................................................
...........................................
Loading User Symbols
Loading unloaded module list
........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 19, {20, fffffa800443a000, fffffa800443a7e0, 47e0000}
Unable to load image \SystemRoot\system32\DRIVERS\fortidrv.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for fortidrv.sys
*** ERROR: Module load completed but symbols could not be loaded for fortidrv.sys
Probably caused by : fortidrv.sys ( fortidrv+31f2 )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: fffffa800443a000, The pool entry we were looking for within the page.
Arg3: fffffa800443a7e0, The next pool entry.
Arg4: 00000000047e0000, (reserved)
Debugging Details:
------------------
BUGCHECK_STR: 0x19_20
POOL_ADDRESS: GetPointerFromAddress: unable to read from fffff800035060e0
fffffa800443a000
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: svchost.exe
CURRENT_IRQL: 2
LAST_CONTROL_TRANSFER: from fffff800034016d3 to fffff800032ce740
STACK_TEXT:
fffff880`033756d8 fffff800`034016d3 : 00000000`00000019 00000000`00000020 fffffa80`0443a000 fffffa80`0443a7e0 : nt!KeBugCheckEx
fffff880`033756e0 fffff880`0143f695 : 00000000`00000001 00000000`00000000 fffffa80`32303061 00000000`00000000 : nt!ExDeferredFreePool+0x12c4
fffff880`03375790 fffff880`048131f2 : 00000000`00000001 00000000`00000000 00000000`000007ff 00000000`00000050 : ndis!NdisFreeMemory+0x15
fffff880`033757c0 00000000`00000001 : 00000000`00000000 00000000`000007ff 00000000`00000050 fffffa80`05d313f0 : fortidrv+0x31f2
fffff880`033757c8 00000000`00000000 : 00000000`000007ff 00000000`00000050 fffffa80`05d313f0 00000000`00000000 : 0x1
STACK_COMMAND: kb
FOLLOWUP_IP:
fortidrv+31f2
fffff880`048131f2 ?? ???
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: fortidrv+31f2
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: fortidrv
IMAGE_NAME: fortidrv.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4b3b8e5a
FAILURE_BUCKET_ID: X64_0x19_20_fortidrv+31f2
BUCKET_ID: X64_0x19_20_fortidrv+31f2
Followup: MachineOwner