Random BSOD / After waking from Sleep! PLZ HELP!

[iMarcintosh]

Hello All, Here is my crash Dump from my PC of the last BSOD I Had.


Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\100109-21668-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*Symbol information
Executable search path is:
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.x86fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0x82a47000 PsLoadedModuleList = 0x82b8f810
Debug session time: Thu Oct 1 17:12:38.632 2009 (GMT-4)
System Uptime: 0 days 0:30:39.614
Loading Kernel Symbols
...............................................................
................................................................
....................................
Loading User Symbols
Loading unloaded module list
......
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 00000020, a pool block header size is corrupt.
Arg2: 8560d000, The pool entry we were looking for within the page.
Arg3: 8560d300, The next pool entry.
Arg4: 08600000, (reserved)

Debugging Details:
------------------

*** WARNING: Unable to verify timestamp for PCTCore.sys
*** ERROR: Module load completed but symbols could not be loaded for PCTCore.sys

BUGCHECK_STR: 0x19_20

POOL_ADDRESS: GetPointerFromAddress: unable to read from 82baf718
Unable to read MiSystemVaType memory at 82b8f160
8560d000

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: CFIWmxSvcs.exe

CURRENT_IRQL: 1

LAST_CONTROL_TRANSFER: from 837dd3dc to 82b661b6

STACK_TEXT:
97e13b90 837dd3dc 8560d008 00000000 97e13bb4 nt!ExFreePoolWithTag+0x1b1
WARNING: Stack unwind information not available. Following frames may be wrong.
97e13ba0 837de05a 8560d008 837e502c 855b3558 TfSysMon+0x13dc
97e13bb4 837de174 855b3558 8b91c3a0 85616d48 TfSysMon+0x205a
97e13bc8 82cb8b97 00000268 000013b4 00000000 TfSysMon+0x2174
97e13bf4 82c8fc37 00000001 015e97d0 b1b87499 nt!PspExitProcess+0xa3
97e13c70 82ca8d37 00000000 837ac614 ffffffff nt!PspExitThread+0x598
97e13c98 837e27ee ffffffff 00000000 00002000 nt!NtTerminateProcess+0x1fa
97e13cd0 8379d7bf ffffffff 00000000 ffffffff TfSysMon+0x67ee
97e13d24 82a8a42a ffffffff 00000000 0012fed8 PCTCore+0x97bf
97e13d24 76ef64f4 ffffffff 00000000 0012fed8 nt!KiFastCallEntry+0x12a
0012fed8 00000000 00000000 00000000 00000000 0x76ef64f4


STACK_COMMAND: kb

FOLLOWUP_IP:
TfSysMon+13dc
837dd3dc ?? ???

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: TfSysMon+13dc

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: TfSysMon

IMAGE_NAME: TfSysMon.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 49d25a58

FAILURE_BUCKET_ID: 0x19_20_TfSysMon+13dc

BUCKET_ID: 0x19_20_TfSysMon+13dc

Followup: MachineOwner
---------

ALL HELP IS APPRECIATED!!!

 

[H2SO4]

TfSysMon.sys = "ThreatFire anti-virus"?

You'd probably want to start with updating that AV package. If that doesn't resolve the crashes, removing it would be the next step.

 

[iMarcintosh]

I do not have ThreatFire AV. I have Spyware Doctor + Microsoft Security Essentials. Would that file be part of Spyware Doctor?

 

[H2SO4]

I do not have ThreatFire AV. I have Spyware Doctor + Microsoft Security Essentials. Would that file be part of Spyware Doctor?

Type this into the debugger and it'll tell you what it knows about that driver: lmvm TfSysMon

The driver is most definitely there on your machine. Perhaps somebody else installed ThreatFire? It was already on the machine when you bought it? It's malware masquerading under the name of another (well known) driver? Only you can do that type of investigation on your PC.

 

[iMarcintosh]

I uninstalled Spyware Doctor, all seem okay. I also typed

lmvm TfSysMon

into my debugger and got the following output.

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\100109-21668-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.x86fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0x82a47000 PsLoadedModuleList = 0x82b8f810
Debug session time: Thu Oct  1 17:12:38.632 2009 (GMT-4)
System Uptime: 0 days 0:30:39.614
Loading Kernel Symbols
...............................................................
................................................................
....................................
Loading User Symbols
Loading unloaded module list
......
1: kd> lmvm TfSysMon
start    end        module name
837dc000 837e9000   TfSysMon T (no symbols)           
    Loaded symbol image file: TfSysMon.sys
    Image path: \SystemRoot\system32\drivers\TfSysMon.sys
    Image name: TfSysMon.sys
    Timestamp:        Tue Mar 31 14:00:56 2009 (49D25A58)
    CheckSum:         000147F1
    ImageSize:        0000D000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4

 

[jcgriff2]

I agree w/ H2SO4 -

tfsysmon.sys = ThreatFire antivirus

It is installed somewhere on that system.

Try Revo uninstaller and see if you can find it -

Download Revo Uninstaller Freeware - Free and Full Download

Regards. . .

jcgriff2


.

 

[iMarcintosh]

After uninstalling Spyware Doctor, that file is no longer present. I will see how it works the next little bit. If it BSOD's again then I WILL post the dump here, so please make sure that you check back often. I thank each and every one of you all for the help. -iMarcintosh

 

[jcgriff2]

Hi -

So the driver in question was part of Spyware Doctor?? If it was in quarantine, I would not expect to find it loaded into RAM at the time of a system crash.

Good Luck to you.

jcgriff2

.

 

[iMarcintosh]

Here is the Dump of a BSOD that happened just moments ago. Can you all help me on it?


Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\100409-22120-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*Symbol information
Executable search path is:
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.x86fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0x82a1e000 PsLoadedModuleList = 0x82b66810
Debug session time: Sun Oct 4 23:12:47.468 2009 (GMT-4)
System Uptime: 1 days 5:24:28.591
Loading Kernel Symbols
...............................................................
................................................................
...........................
Loading User Symbols
Loading unloaded module list
..........
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 00000020, a pool block header size is corrupt.
Arg2: 8520d000, The pool entry we were looking for within the page.
Arg3: 8520d300, The next pool entry.
Arg4: 08600000, (reserved)

Debugging Details:
------------------

GetPointerFromAddress: unable to read from 82b86718
Unable to read MiSystemVaType memory at 82b66160

BUGCHECK_STR: 0x19_20

POOL_ADDRESS: GetPointerFromAddress: unable to read from 82b86718
Unable to read MiSystemVaType memory at 82b66160
8520d000

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: svchost.exe

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from 82c3f97a to 82b3d1b6

STACK_TEXT:
9ba3dc44 82c3f97a 8520d008 c3504c41 00000148 nt!ExFreePoolWithTag+0x1b1
9ba3dc68 82c3f6f9 8520d038 8520d020 00000000 nt!ObpFreeObject+0x275
9ba3dc7c 82a86f60 00000000 853d0350 8520d020 nt!ObpRemoveObjectRoutine+0x5e
9ba3dc90 82a86ed0 8520d038 82c6378c 8c605710 nt!ObfDereferenceObjectWithTag+0x88
9ba3dc98 82c6378c 8c605710 853d0350 00000334 nt!ObfDereferenceObject+0xd
9ba3dcdc 82c64f72 8c605710 8c716668 871d6750 nt!ObpCloseHandleTableEntry+0x21d
9ba3dd0c 82c650ea 871d6750 853d0301 0110f604 nt!ObpCloseHandle+0x7f
9ba3dd28 82a6142a 00000334 0110f610 77a564f4 nt!NtClose+0x4e
9ba3dd28 77a564f4 00000334 0110f610 77a564f4 nt!KiFastCallEntry+0x12a
WARNING: Frame IP not in any known module. Following frames may be wrong.
0110f610 00000000 00000000 00000000 00000000 0x77a564f4


STACK_COMMAND: kb

FOLLOWUP_IP:
nt!ExFreePoolWithTag+1b1
82b3d1b6 cc int 3

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: nt!ExFreePoolWithTag+1b1

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc007

FAILURE_BUCKET_ID: 0x19_20_nt!ExFreePoolWithTag+1b1

BUCKET_ID: 0x19_20_nt!ExFreePoolWithTag+1b1

Followup: MachineOwner
---------

 

[H2SO4]

Something is corrupting pool memory on your system, and obviously with TfSysMon gone it must be a different driver. I'd suggest you follow this procedure to enable "driver verifier" on your system:

http://www.sevenforums.com/crashes-debugging/25678-bsod-dump-files.html#post294696

While your machine is running under DV, the next BSOD may reveal more.

 

[iMarcintosh]

Okay, I took your advice and done that so that driver verification is ON. This made me lol: As soon as it finished saying "Welcome" BOOM: BSOD, I debugged and it was the synTP.sys file. From past experience, that is my touch pad driver. I uninstalled, rebooted, and again after the "Welcome" BOOM: This BSOD Occured, and this one is the

atikmdag.sys

file. Since I can only boot into safe mode (or in Safe Mode w/ networking like I am in now) I cannot uninstall the ATI Catalyst Suite due to the "Windows Installer Service" Cannot be loaded in Safe Mode. Here is the BSOD I got:

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\100509-31418-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.x86fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0x82a17000 PsLoadedModuleList = 0x82b5f810
Debug session time: Mon Oct  5 17:41:58.528 2009 (GMT-4)
System Uptime: 0 days 0:01:05.666
Loading Kernel Symbols
...............................................................
................................................................
..........................
Loading User Symbols
Loading unloaded module list
.....
0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught.  This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 000000f6, Referencing user handle as KernelMode.
Arg2: 0000048c, Handle value being referenced.
Arg3: ab2a2700, Address of the current process.
Arg4: 8f634c7a, Address inside the driver that is performing the incorrect reference.

Debugging Details:
------------------

*** WARNING: Unable to verify timestamp for atikmdag.sys
*** ERROR: Module load completed but symbols could not be loaded for atikmdag.sys

BUGCHECK_STR:  0xc4_f6

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP

PROCESS_NAME:  CCC.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 82d4bf03 to 82af3d10

STACK_TEXT:  
ae7497d4 82d4bf03 000000c4 000000f6 0000048c nt!KeBugCheckEx+0x1e
ae7497f4 82d50766 0000048c ab2a2700 a04f1cc8 nt!VerifierBugCheckIfAppropriate+0x30
ae749888 82c3b26c 0000048c ae749ba0 00000000 nt!VfCheckUserHandle+0x14f
ae7498bc 82c3b126 0000048c 000f001f 00000000 nt!ObReferenceObjectByHandleWithTag+0x13b
ae7498e0 82d59736 0000048c 000f001f 00000000 nt!ObReferenceObjectByHandle+0x21
ae749908 8f634c7a 0000048c 000f001f 00000000 nt!VerifierObReferenceObjectByHandle+0x21
WARNING: Stack unwind information not available. Following frames may be wrong.
ae749938 8f61e961 00000000 ae749ba0 8e49efc0 atikmdag+0x29c7a
ae749958 8f621b87 ae749ba0 8e49efc0 ae749ba0 atikmdag+0x13961
ae749974 8f61b381 ae749b90 00000020 ae749ba0 atikmdag+0x16b87
ae7499d8 8f61b8ac 00000000 ae749b0c 00000038 atikmdag+0x10381
ae749a04 8fac8435 8e49efc0 ae749a60 87035000 atikmdag+0x108ac
ae749a2c 8fac7e4a ae749a60 21dfffdb 03dedf50 dxgkrnl!DXGADAPTER::DdiEscape+0x46
ae749d28 82a5a42a 03dedf50 03dedf8c 77cd64f4 dxgkrnl!DxgkEscape+0x4c8
ae749d28 77cd64f4 03dedf50 03dedf8c 77cd64f4 nt!KiFastCallEntry+0x12a
03dedf8c 00000000 00000000 00000000 00000000 0x77cd64f4


STACK_COMMAND:  kb

FOLLOWUP_IP: 
atikmdag+29c7a
8f634c7a 3bc7            cmp     eax,edi

SYMBOL_STACK_INDEX:  6

SYMBOL_NAME:  atikmdag+29c7a

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: atikmdag

IMAGE_NAME:  atikmdag.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a162550

FAILURE_BUCKET_ID:  0xc4_f6_VRF_atikmdag+29c7a

BUCKET_ID:  0xc4_f6_VRF_atikmdag+29c7a

Followup: MachineOwner
---------

 

[iMarcintosh]

I turned Verifier Off and am now going to uninstall the catalyst suite and just leave the ATI Drivers. I will post all of my notes and progress here. Again everyone, I want to extend a huge thanks for everyone helping me!

 

[H2SO4]

I turned Verifier Off and am now going to uninstall the catalyst suite and just leave the ATI Drivers. I will post all of my notes and progress here. Again everyone, I want to extend a huge thanks for everyone helping me!

Great job with the troubleshooting. I hope it leads to a problem resolution for you

 

[iMarcintosh]

Hey everybody, I'm sorry its been 2 days since I have posted, but here is what I have come up with. Driver verifier passes and gives me no BSOD as long as my TouchPad and Video Card Drivers are not present. Upon installing the Video Drivers from ATI, it BSOD's pretty quick when the ATI Installer begins scanning my graphics hardware. Same way when I run the ATI Driver Package FOR Windows 7 from Toshiba for my notebook. Model Content Page. (Link to my computers drivers) Now, this morning when I turned on my computer, before I had the chance to login (after hibernation), the computer did as it did in the video of it I posted on YouTube from when I was running the RC. (Yes, that IS my computer)

So at this point, I'm open to any suggestions at all on what to do. For refrence here is a copy of this mornings computer conniption fit.

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\100809-27300-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.x86fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0x82a1d000 PsLoadedModuleList = 0x82b65810
Debug session time: Thu Oct  8 07:01:46.301 2009 (GMT-4)
System Uptime: 0 days 13:22:42.423
Loading Kernel Symbols
...............................................................
................................................................
...........................
Loading User Symbols
Loading unloaded module list
..........
0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 00000020, a pool block header size is corrupt.
Arg2: 8520d000, The pool entry we were looking for within the page.
Arg3: 8520d300, The next pool entry.
Arg4: 08600000, (reserved)

Debugging Details:
------------------

GetPointerFromAddress: unable to read from 82b85718
Unable to read MiSystemVaType memory at 82b65160

BUGCHECK_STR:  0x19_20

POOL_ADDRESS: GetPointerFromAddress: unable to read from 82b85718
Unable to read MiSystemVaType memory at 82b65160
 8520d000 

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 82c3e97a to 82b3c1b6

STACK_TEXT:  
8cb3fc4c 82c3e97a 8520d008 e56c6946 000000f8 nt!ExFreePoolWithTag+0x1b1
8cb3fc70 82c3e6f9 8520d038 8520d020 00000000 nt!ObpFreeObject+0x275
8cb3fc84 82a85f60 00000000 000c0000 00000000 nt!ObpRemoveObjectRoutine+0x5e
8cb3fc98 82a85ed0 8520d038 82c4e9f5 85b8b278 nt!ObfDereferenceObjectWithTag+0x88
8cb3fca0 82c4e9f5 85b8b278 85b8b2a0 82b87680 nt!ObfDereferenceObject+0xd
8cb3fccc 82a48f19 85b8b278 00000000 00000000 nt!MiSegmentDelete+0x191
8cb3fd28 82a48e31 84f0c020 00000000 00000000 nt!MiProcessDereferenceList+0xdb
8cb3fd50 82c2b66d 00000000 a8f8e878 00000000 nt!MiDereferenceSegmentThread+0xc5
8cb3fd90 82add0d9 82a48d6a 00000000 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExFreePoolWithTag+1b1
82b3c1b6 cc              int     3

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!ExFreePoolWithTag+1b1

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc007

FAILURE_BUCKET_ID:  0x19_20_nt!ExFreePoolWithTag+1b1

BUCKET_ID:  0x19_20_nt!ExFreePoolWithTag+1b1

Followup: MachineOwner
---------

 

[H2SO4]

Driver verifier (DV) is not one but around a dozen different mechanisms for trying to spot flaws in drivers and even trigger them on purpose. A potential result of running DV with all of its options enabled is to expose driver flaws that have nothing to do with the original BSOD problem that drove you to DV in the first place. In other words, if it wasn't for DV, that flaw in driverX.sys would stay quietly dormant on the vast majority of systems.

In your specific case, the original issue from the first page of your thread is a problem called "pool corruption". One or more drivers are overwriting "pool" memory regions which do not belong to them. Since you have the luxury of knowing the precise nature of the driver flaw you're seeking to isolate, you may want to deactivate all the other DV extras and use only the mechanism which looks for pool corruption.

"Special Pool" is a subcomponent of DV which focuses solely on pool corruption. This is how you'd activate only special pool, without the other DV bits:

VERIFIER /FLAGS 1 /ALL

Optionally, you can add a "/volatile" switch which will make the settings bite immediately, even without rebooting, but with /volatile the act of rebooting then reverts back to the previous state (deactivates volatile DV settings).

You might want to try testing that for a bit. The aim is to get a BSOD where DV "special pool" catches the original pool corruptor driver.

 

[iMarcintosh]

Okay, so my BAD_POOL_HEADER BSOD is because one of my Drivers (Suspect of mine is the ATI Drivers) is "flooding or overwriting" other regions of the memory pool. Now this is just a bit of my own figuring, but could this be caused by the BIOS or Memory in my computer? Because on the Model Content Page I posted in my last post, there were several Updates for my BIOS. I currently have the latest version (Insyde 1.9). My brother has the Exact same computer as mine, and when he is running Windows 7 he gets the same BSOD exactly with the same effect like that in my video. I will do the DV you suggested with those flags and let you know for sure what driver it is doing it, and what you all suggest I try or do. Again, Thanks so much for the help on this!

 

[H2SO4]

Now this is just a bit of my own figuring, but could this be caused by the BIOS or Memory in my computer?

Yes, unreliable hardware - and that includes the BIOS - can manifest itself as almost any type of crash imaginable, including pool corruption. However, there is nothing yet in these data to suggest that your hardware is definitely responsible. The flickering image corruption in your youtube video can also be caused by a bad driver interfering with the video buffer.

Because on the Model Content Page I posted in my last post, there were several Updates for my BIOS. I currently have the latest version (Insyde 1.9). My brother has the Exact same computer as mine, and when he is running Windows 7 he gets the same BSOD exactly with the same effect like that in my video.

Your brother's machine will probably share other attributes with yours, including your favourite anti-malware utilities, similar NICs you both purchased at the same time, preferred audio cards... that sort of thing. If the pool corruption on your machine(s) turns out to have software causes, it'll be a driver along those lines, irrespective of the fact that they're currently all up-to-date.

I will do the DV you suggested with those flags and let you know for sure what driver it is doing it, and what you all suggest I try or do. Again, Thanks so much for the help on this!

No probs

If special pool ends up fingering one of the OS drivers as supposedly responsible, you can be 99.9% sure that it's a hardware defect. Has the manufacturer certified the laptop for use with WIn7 at this point?