Random BSOD

[Cuban8]

Last monday I bought a new PC configuration. Since that time i'm experiencing BSOD at random, the manufacturer hasn't been able to tell me what causes these BSOD :

"BAD_POOL_HEADER"
"IRQL_LESS_OR_NOT_EQUAL"

I attached the 'crash dump' of my most recent BSOD. I hope someone can tell me what causes the BSOD, and what i can do about it.

I have run memtest86 3.4 which found no errors (5 passes).

Thanks in advance !

 

[zigzag3143]

Last monday I bought a new PC configuration. Since that time i'm experiencing BSOD at random, the manufacturer hasn't been able to tell me what causes these BSOD :

"BAD_POOL_HEADER"
"IRQL_LESS_OR_NOT_EQUAL"

I attached the 'crash dump' of my most recent BSOD. I hope someone can tell me what causes the BSOD, and what i can do about it.

Thanks in advance !

Hi Cuban and welcome

Not alot of help. I know why it happened but not what caused it so I can only give you some generic things to try.

I would
Since it involves memory download memtestx86 and run it for several hours to test your ram and to see if there is a heat issue

Also run a system file check to verify and repair your system files to do that
type cmd in search>right click and run as admin>sfc /scannow

Ken

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\K\Desktop\122309-14929-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*d:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
[B]Built by: 7600.16385.amd64fre.win7_rtm.090713-1255[/B]
Machine Name:
Kernel base = 0xfffff800`02c13000 PsLoadedModuleList = 0xfffff800`02e50e50
Debug session time: Wed Dec 23 12:37:57.023 2009 (GMT-5)
System Uptime: 0 days 1:02:12.116
Loading Kernel Symbols
...............................................................
................................................................
....................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {20, fffff8a011bc3000, fffff8a011bc3730, 5730400}

GetPointerFromAddress: unable to read from fffff80002ebb0e0
Probably caused by : ntkrnlmp.exe ( nt!ObDereferenceSecurityDescriptor+df )

Followup: MachineOwner
---------

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

[B]BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: fffff8a011bc3000, The pool entry we were looking for within the page.
Arg3: fffff8a011bc3730, The next pool entry.
Arg4: 0000000005730400, (reserved)[/B]

Debugging Details:
------------------


BUGCHECK_STR:  0x19_20

POOL_ADDRESS:  fffff8a011bc3000 

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

[B]PROCESS_NAME:  svchost.exe[/B]

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff80002db66d3 to fffff80002c84f00

STACK_TEXT:  
fffff880`08828898 fffff800`02db66d3 : 00000000`00000019 00000000`00000020 fffff8a0`11bc3000 fffff8a0`11bc3730 : nt!KeBugCheckEx
fffff880`088288a0 fffff800`02f7e73b : 00000000`00000001 00000000`00000000 fffff8a0`6353624f fffff8a0`0ee8e010 : nt!ExFreePool+0xda4
fffff880`08828950 fffff800`02f562f2 : fffff8a0`12883060 fffff8a0`0ee8e010 fffff8a0`11bc3060 00000000`00000000 : nt!ObDereferenceSecurityDescriptor+0xdf
fffff880`08828980 fffff800`02f6fb69 : fffff880`08828ae8 fffffa80`05cebe00 fffff8a0`00000002 fffff8a0`11bc3030 : nt!SepAppendAdminAceToTokenAcl+0xa2
fffff880`08828a20 fffff800`02f51fa7 : fffff8a0`0df007d0 fffffa80`05d33500 fffff8a0`0df007b0 fffffa80`05d33530 : nt!SeCopyClientToken+0xa1
fffff880`08828ab0 fffff800`02f6f76f : 00000000`00000000 fffff880`08828b28 ffffffff`ffffffff fffffa80`05d33530 : nt!SepCreateClientSecurity+0xb7
fffff880`08828ae0 fffff800`02f20821 : 00000000`01be2938 00000000`00000001 fffff880`08828bc8 fffff880`08828c38 : nt!AlpcpCreateSecurityContext+0xe7
fffff880`08828b80 fffff800`02c84153 : fffffa80`05d54060 00000000`00000000 00000000`00000001 00000000`00000000 : nt!NtAlpcCreateSecurityContext+0x130
fffff880`08828c20 00000000`77c0064a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0498e008 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77c0064a


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ObDereferenceSecurityDescriptor+df
fffff800`02f7e73b e94effffff      jmp     nt!ObDereferenceSecurityDescriptor+0x32 (fffff800`02f7e68e)

SYMBOL_STACK_INDEX:  2

SYMBOL_NAME:  nt!ObDereferenceSecurityDescriptor+df

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc600

FAILURE_BUCKET_ID:  X64_0x19_20_nt!ObDereferenceSecurityDescriptor+df

BUCKET_ID:  X64_0x19_20_nt!ObDereferenceSecurityDescriptor+df

Followup: MachineOwner
---------

Hope this helps

Ken J+

 

[Cuban8]

@zigzag3143

Thank you for your superfast reply !!

I have done an overnight memtest86 (5 passes) which came up with 0 errors.

I'll do the system file check forthwith

 

[Cuban8]

I ran system file check which told me there were problems.

CBS logfile (zip) attached.

 

[Cuban8]

Ok, i've done some troubleshooting and I think i MIGHT have found the reason for the BSOD's i've been experiencing. After uninstalling Asus EPU6 Engine my system SEEMS to be running stable. I'll keep you posted. Stay tuned.