Windows 10 Bad_Pool_Header BSOD

W

william1994

New member
Joined
Aug 2, 2015
Posts
2
· OS - Windows 8.1, 8, 7, Vista ? Windows 10
· x86 (32-bit) or x64 ? x64
· What was original installed OS on system? Windows 7 Home
· Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? OEM
· Age of system (hardware) 4~ years
· Age of OS installation - have you re-installed the OS? Upgraded to Windows 10 few days ago

· CPU - i7-2600 @ 3.4GHz
· Video Card - GTX 970 msi
· MotherBoard - (if NOT a laptop) - DELL 0Y2MRG
· Power Supply - brand & wattage (if laptop, skip this one) - SeaSonic X Series X650 Gold
· System Manufacturer
· Exact model number (if laptop, check label on bottom) - DELL XPS 8300

· Laptop or Desktop? - Desktop


Recently, after I've upgraded to Win 10 I've been getting BSOD more frequently and I have no clue what is happening . Help would be greatly appreciated!
 

Attachments

Easy.

Code: 
6: kd> .bugcheck
Bugcheck code 00000019
Arguments 00000000`00000020 ffffe000`865e81b0 ffffe000`865e81d0 00000000`04020004

0x19 was thrown due to a pool block header size becoming corrupt (0x20).

Code: 
6: kd> knL
 # Child-SP          RetAddr           Call Site
00 ffffd000`20b4b068 fffff801`0d289fe8 nt!KeBugCheckEx
01 ffffd000`20b4b070 fffff801`622c7b32 nt!ExFreePool+0x320
02 ffffd000`20b4b150 fffff801`622c8852 tcpip!IppCleanupSendState+0x1a
03 ffffd000`20b4b180 fffff801`61e1595d tcpip!IppInspectBuildHeaders+0x412
04 ffffd000`20b4b460 fffff801`65b06135 fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+0x1dd
05 ffffd000`20b4b520 00000000`00000008 mwac+0x6135
06 ffffd000`20b4b528 ffffd000`00000014 0x8
07 ffffd000`20b4b530 ffffe000`8cff9180 0xffffd000`00000014
08 ffffd000`20b4b538 ffffe000`8cff91a4 0xffffe000`8cff9180
09 ffffd000`20b4b540 ffffe000`8cff9194 0xffffe000`8cff91a4
0a ffffd000`20b4b548 00000000`00000011 0xffffe000`8cff9194
0b ffffd000`20b4b550 00000000`00000000 0x11

Malwarebytes' web access control driver calls into FwpsConstructIpHeaderForTransportPacket0 to aid in building headers for tcpip, and then we go off the rails on frame #01 when deallocating the block of pool memory because it was corrupt. Why was it corrupt? Well, it's easy to blame Malwarebytes' kernel-driver considering it's playing an active role in the stack's job.

Remove or update Malwarebytes.
 
Thanks for the reply! I will try disabling Malwarebytes and we'll see in a few days. It seems to be the source of all the BSOD I'm getting lately then! Again, appreciate the help and your time :).
 
You're welcome.

Disabling may not work as the kernel-mode driver will still be loaded, so if you crash, uninstall it instead.
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top