Bad Pool Caller Vista X64

Discussion in 'ESET NOD32 Antivirus' started by Zardoc, Oct 22, 2008.

Thread Status:
Not open for further replies.
  1. Zardoc

    Zardoc Registered Member

    Joined:
    Feb 24, 2006
    Posts:
    61
    Hi Guys,

    Just got another mem dump with Eamon.sys file just like the one that was an issue with X64 Vista machine a while ago. :eek:

    I have the latest version 672.

    Here is the dump file. Can someone please check and comment? o_O


    Thanks,

    Zardoc


    Microsoft (R) Windows Debugger Version 6.9.0003.113 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [E:\Zardoc\Mini102108-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is:
    C:\Users\Zardoc;SRV**http://msdl.microsoft.com/download/symbols
    Executable search path is: H:\VISTA IMAGE
    Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (4 procs) Free
    x64
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 6001.18145.amd64fre.vistasp1_gdr.080917-1612
    Kernel base = 0xfffff800`01c62000 PsLoadedModuleList = 0xfffff800`01e27db0
    Debug session time: Tue Oct 21 18:22:12.299 2008 (GMT-4)
    System Uptime: 0 days 11:16:14.068
    Loading Kernel Symbols
    .........................................................................................................................................................
    Loading User Symbols
    Loading unloaded module list
    ......
    *******************************************************************************
    *
    *
    * Bugcheck Analysis
    *
    *
    *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck C2, {7, 110b, 402000a, fffffa8007498440}

    Unable to load image eamon.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for eamon.sys
    *** ERROR: Module load completed but symbols could not be loaded for
    eamon.sys
    GetPointerFromAddress: unable to read from fffff80001e8b080
    Probably caused by : eamon.sys ( eamon+1ff5 )

    Followup: MachineOwner
    ---------

    0: kd> !analyze -v
    *******************************************************************************
    *
    *
    * Bugcheck Analysis
    *
    *
    *
    *******************************************************************************

    BAD_POOL_CALLER (c2)
    The current thread is making a bad pool request. Typically this is at a bad
    IRQL level or double freeing the same allocation, etc.
    Arguments:
    Arg1: 0000000000000007, Attempt to free pool which was already freed
    Arg2: 000000000000110b, (reserved)
    Arg3: 000000000402000a, Memory contents of the pool block
    Arg4: fffffa8007498440, Address of the block of pool being deallocated

    Debugging Details:
    ------------------


    POOL_ADDRESS: fffffa8007498440

    FREED_POOL_TAG: None

    BUGCHECK_STR: 0xc2_7_None

    CUSTOMER_CRASH_COUNT: 1

    DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

    PROCESS_NAME: svchost.exe

    CURRENT_IRQL: 0

    LAST_CONTROL_TRANSFER: from fffff80001d96fa8 to fffff80001cb7350

    STACK_TEXT:
    fffffa60`0ce57f78 fffff800`01d96fa8 : 00000000`000000c2 00000000`00000007
    00000000`0000110b 00000000`0402000a : nt!KeBugCheckEx
    fffffa60`0ce57f80 fffffa60`0d5b2ff5 : fffffa80`0827da20 fffffa80`0827da20
    fffffa80`08434010 00000000`00000000 : nt!ExFreePool+0x462
    fffffa60`0ce58030 fffffa80`0827da20 : fffffa80`0827da20 fffffa80`08434010
    00000000`00000000 fffffa80`07ce0aa8 : eamon+0x1ff5
    fffffa60`0ce58038 fffffa80`0827da20 : fffffa80`08434010 00000000`00000000
    fffffa80`07ce0aa8 fffffa60`0d5b5570 : 0xfffffa80`0827da20
    fffffa60`0ce58040 fffffa80`08434010 : 00000000`00000000 fffffa80`07ce0aa8
    fffffa60`0d5b5570 00000000`00000000 : 0xfffffa80`0827da20
    fffffa60`0ce58048 00000000`00000000 : fffffa80`07ce0aa8 fffffa60`0d5b5570
    00000000`00000000 00000000`00000000 : 0xfffffa80`08434010
    fffffa60`0ce58050 fffffa80`07ce0aa8 : fffffa60`0d5b5570 00000000`00000000
    00000000`00000000 fffffa80`07ce0aa8 : 0x0
    fffffa60`0ce58058 fffffa60`0d5b5570 : 00000000`00000000 00000000`00000000
    fffffa80`07ce0aa8 fffffa80`0827da20 : 0xfffffa80`07ce0aa8
    fffffa60`0ce58060 00000000`00000000 : 00000000`00000000 fffffa80`07ce0aa8
    fffffa80`0827da20 fffffa80`07ce0a10 : eamon+0x4570
    fffffa60`0ce58068 00000000`00000000 : fffffa80`07ce0aa8 fffffa80`0827da20
    fffffa80`07ce0a10 fffff800`00000030 : 0x0
    fffffa60`0ce58070 fffffa80`07ce0aa8 : fffffa80`0827da20 fffffa80`07ce0a10
    fffff800`00000030 ffffffff`00000000 : 0x0
    fffffa60`0ce58078 fffffa80`0827da20 : fffffa80`07ce0a10 fffff800`00000030
    ffffffff`00000000 00000000`00000000 : 0xfffffa80`07ce0aa8
    fffffa60`0ce58080 fffffa80`07ce0a10 : fffff800`00000030 ffffffff`00000000
    00000000`00000000 00000000`00000040 : 0xfffffa80`0827da20
    fffffa60`0ce58088 fffff800`00000030 : ffffffff`00000000 00000000`00000000
    00000000`00000040 00000000`00000000 : 0xfffffa80`07ce0a10
    fffffa60`0ce58090 ffffffff`00000000 : 00000000`00000000 00000000`00000040
    00000000`00000000 fffffa80`07c9ad50 : 0xfffff800`00000030
    fffffa60`0ce58098 00000000`00000000 : 00000000`00000040 00000000`00000000
    fffffa80`07c9ad50 00000000`00000000 : 0xffffffff`00000000
    fffffa60`0ce580a0 00000000`00000040 : 00000000`00000000 fffffa80`07c9ad50
    00000000`00000000 fffffa80`07ce0a10 : 0x0
    fffffa60`0ce580a8 00000000`00000000 : fffffa80`07c9ad50 00000000`00000000
    fffffa80`07ce0a10 fffffa80`0827da20 : 0x40
    fffffa60`0ce580b0 fffffa80`07c9ad50 : 00000000`00000000 fffffa80`07ce0a10
    fffffa80`0827da20 fffffa80`07ce0aa8 : 0x0
    fffffa60`0ce580b8 00000000`00000000 : fffffa80`07ce0a10 fffffa80`0827da20
    fffffa80`07ce0aa8 fffffa80`08434010 : 0xfffffa80`07c9ad50
    fffffa60`0ce580c0 fffffa80`07ce0a10 : fffffa80`0827da20 fffffa80`07ce0aa8
    fffffa80`08434010 00000000`00000040 : 0x0
    fffffa60`0ce580c8 fffffa80`0827da20 : fffffa80`07ce0aa8 fffffa80`08434010
    00000000`00000040 fffff800`01f3cd83 : 0xfffffa80`07ce0a10
    fffffa60`0ce580d0 fffffa80`07ce0aa8 : fffffa80`08434010 00000000`00000040
    fffff800`01f3cd83 00000000`00000004 : 0xfffffa80`0827da20
    fffffa60`0ce580d8 fffffa80`08434010 : 00000000`00000040 fffff800`01f3cd83
    00000000`00000004 00000000`00000004 : 0xfffffa80`07ce0aa8
    fffffa60`0ce580e0 00000000`00000040 : fffff800`01f3cd83 00000000`00000004
    00000000`00000004 00000000`00000040 : 0xfffffa80`08434010
    fffffa60`0ce580e8 fffff800`01f3cd83 : 00000000`00000004 00000000`00000004
    00000000`00000040 00000000`00000000 : 0x40
    fffffa60`0ce580f0 fffff800`01f36a59 : fffffa80`05d806c0 00000000`00000000
    fffffa80`07c188e0 fffffa80`00000000 : nt!IopParseDevice+0x5e3
    fffffa60`0ce58290 fffff800`01f3a944 : 00000000`00000000 fffffa80`07780700
    fffffa80`00000040 00000000`00000000 : nt!ObpLookupObjectName+0x5eb
    fffffa60`0ce583a0 fffff800`01f46ee0 : 00000000`00100001 fffffa60`0ce588d8
    fffffa60`0ce58600 fffffa80`05e84de0 : nt!ObOpenObjectByName+0x2f4
    fffffa60`0ce58470 fffff800`01f47a0c : fffffa60`0ce58940 00000000`00100001
    00000000`00000006 fffffa60`0ce58890 : nt!IopCreateFile+0x290
    fffffa60`0ce58510 fffff800`01cb6df3 : fffffa80`059b6490 fffffa60`0ce586a0
    00000000`00000000 00000000`00000000 : nt!NtCreateFile+0x78
    fffffa60`0ce585a0 fffff800`01cb7300 : fffffa60`0d5b2f17 00000000`00000000
    00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
    fffffa60`0ce587a8 fffffa60`0d5b2f17 : 00000000`00000000 00000000`00000000
    00000000`00000000 00000000`00000000 : nt!KiServiceLinkage
    fffffa60`0ce587b0 00000000`00000000 : 00000000`00000000 00000000`00000000
    00000000`00000000 fffffa60`0ce58948 : eamon+0x1f17
    fffffa60`0ce587b8 00000000`00000000 : 00000000`00000000 00000000`00000000
    fffffa60`0ce58948 00000000`00000000 : 0x0
    fffffa60`0ce587c0 00000000`00000000 : 00000000`00000000 fffffa60`0ce58948
    00000000`00000000 00000000`00000001 : 0x0
    fffffa60`0ce587c8 00000000`00000000 : fffffa60`0ce58948 00000000`00000000
    00000000`00000001 fffff800`00000001 : 0x0
    fffffa60`0ce587d0 fffffa60`0ce58948 : 00000000`00000000 00000000`00000001
    fffff800`00000001 fffffa60`00000160 : 0x0
    fffffa60`0ce587d8 00000000`00000000 : 00000000`00000001 fffff800`00000001
    fffffa60`00000160 00000000`00000000 : 0xfffffa60`0ce58948
    fffffa60`0ce587e0 00000000`00000001 : fffff800`00000001 fffffa60`00000160
    00000000`00000000 00000000`00000000 : 0x0
    fffffa60`0ce587e8 fffff800`00000001 : fffffa60`00000160 00000000`00000000
    00000000`00000000 00000000`00013d74 : 0x1
    fffffa60`0ce587f0 fffffa60`00000160 : 00000000`00000000 00000000`00000000
    00000000`00013d74 00000000`00000bf0 : 0xfffff800`00000001
    fffffa60`0ce587f8 00000000`00000000 : 00000000`00000000 00000000`00013d74
    00000000`00000bf0 00000000`00000000 : 0xfffffa60`00000160
    fffffa60`0ce58800 00000000`00000000 : 00000000`00013d74 00000000`00000bf0
    00000000`00000000 00000000`00000000 : 0x0
    fffffa60`0ce58808 00000000`00013d74 : 00000000`00000bf0 00000000`00000000
    00000000`00000000 fffffa60`0d5b4cf9 : 0x0
    fffffa60`0ce58810 00000000`00000bf0 : 00000000`00000000 00000000`00000000
    fffffa60`0d5b4cf9 00000000`00000160 : 0x13d74
    fffffa60`0ce58818 00000000`00000000 : 00000000`00000000 fffffa60`0d5b4cf9
    00000000`00000160 00000000`00100001 : 0xbf0
    fffffa60`0ce58820 00000000`00000000 : fffffa60`0d5b4cf9 00000000`00000160
    00000000`00100001 fffffa80`07d6db40 : 0x0
    fffffa60`0ce58828 fffffa60`0d5b4cf9 : 00000000`00000160 00000000`00100001
    fffffa80`07d6db40 fffffa60`0ce586a0 : 0x0
    fffffa60`0ce58830 00000000`00000160 : 00000000`00100001 fffffa80`07d6db40
    fffffa60`0ce586a0 fffffa60`0ce58948 : eamon+0x3cf9
    fffffa60`0ce58838 00000000`00100001 : fffffa80`07d6db40 fffffa60`0ce586a0
    fffffa60`0ce58948 00000000`00000000 : 0x160
    fffffa60`0ce58840 fffffa80`07d6db40 : fffffa60`0ce586a0 fffffa60`0ce58948
    00000000`00000000 00000000`00000001 : 0x100001
    fffffa60`0ce58848 fffffa60`0ce586a0 : fffffa60`0ce58948 00000000`00000000
    00000000`00000001 00000000`00000001 : 0xfffffa80`07d6db40
    fffffa60`0ce58850 fffffa60`0ce58948 : 00000000`00000000 00000000`00000001
    00000000`00000001 00000000`00000160 : 0xfffffa60`0ce586a0
    fffffa60`0ce58858 00000000`00000000 : 00000000`00000001 00000000`00000001
    00000000`00000160 00000000`00000000 : 0xfffffa60`0ce58948
    fffffa60`0ce58860 00000000`00000001 : 00000000`00000001 00000000`00000160
    00000000`00000000 00000000`00000000 : 0x0
    fffffa60`0ce58868 00000000`00000001 : 00000000`00000160 00000000`00000000
    00000000`00000000 fffffa80`07e8f601 : 0x1
    fffffa60`0ce58870 00000000`00000160 : 00000000`00000000 00000000`00000000
    fffffa80`07e8f601 fffffa80`07b3a320 : 0x1
    fffffa60`0ce58878 00000000`00000000 : 00000000`00000000 fffffa80`07e8f601
    fffffa80`07b3a320 fffffa60`00a10e17 : 0x160
    fffffa60`0ce58880 00000000`00000000 : fffffa80`07e8f601 fffffa80`07b3a320
    fffffa60`00a10e17 fffffa60`008c008a : 0x0
    fffffa60`0ce58888 fffffa80`07e8f601 : fffffa80`07b3a320 fffffa60`00a10e17
    fffffa60`008c008a fffffa80`07d6db68 : 0x0
    fffffa60`0ce58890 fffffa80`07b3a320 : fffffa60`00a10e17 fffffa60`008c008a
    fffffa80`07d6db68 fffffa80`059b69e0 : 0xfffffa80`07e8f601
    fffffa60`0ce58898 fffffa60`00a10e17 : fffffa60`008c008a fffffa80`07d6db68
    fffffa80`059b69e0 fffffa80`05e84de0 : 0xfffffa80`07b3a320
    fffffa60`0ce588a0 fffffa60`00a100dd : 00000000`00000000 00000000`00000480
    fffffa80`059b6403 fffffa80`079c1820 :
    fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x227
    fffffa60`0ce58910 fffffa80`07c9aea0 : fffffa80`07e8f6b0 00000000`00000000
    fffffa80`07e8f6b0 00000000`00000000 : fltmgr!FltpDispatch+0xcd
    fffffa60`0ce58970 fffffa80`07e8f6b0 : 00000000`00000000 fffffa80`07e8f6b0
    00000000`00000000 fffffa80`059b6490 : 0xfffffa80`07c9aea0
    fffffa60`0ce58978 00000000`00000000 : fffffa80`07e8f6b0 00000000`00000000
    fffffa80`059b6490 fffffa60`0d5b5745 : 0xfffffa80`07e8f6b0
    fffffa60`0ce58980 fffffa80`07e8f6b0 : 00000000`00000000 fffffa80`059b6490
    fffffa60`0d5b5745 fffffa80`059b69e0 : 0x0
    fffffa60`0ce58988 00000000`00000000 : fffffa80`059b6490 fffffa60`0d5b5745
    fffffa80`059b69e0 fffffa80`00000000 : 0xfffffa80`07e8f6b0
    fffffa60`0ce58990 fffffa80`059b6490 : fffffa60`0d5b5745 fffffa80`059b69e0
    fffffa80`00000000 fffffa80`079c1820 : 0x0
    fffffa60`0ce58998 fffffa60`0d5b5745 : fffffa80`059b69e0 fffffa80`00000000
    fffffa80`079c1820 fffffa80`07780600 : 0xfffffa80`059b6490
    fffffa60`0ce589a0 fffffa80`059b69e0 : fffffa80`00000000 fffffa80`079c1820
    fffffa80`07780600 00000000`00000001 : eamon+0x4745
    fffffa60`0ce589a8 fffffa80`00000000 : fffffa80`079c1820 fffffa80`07780600
    00000000`00000001 00000000`00000000 : 0xfffffa80`059b69e0
    fffffa60`0ce589b0 fffffa80`079c1820 : fffffa80`07780600 00000000`00000001
    00000000`00000000 00000001`07060000 : 0xfffffa80`00000000
    fffffa60`0ce589b8 fffffa80`07780600 : 00000000`00000001 00000000`00000000
    00000001`07060000 fffffa60`0ce589d8 : 0xfffffa80`079c1820


    STACK_COMMAND: kb

    FOLLOWUP_IP:
    eamon+1ff5
    fffffa60`0d5b2ff5 ??
    SYMBOL_STACK_INDEX: 2

    SYMBOL_NAME: eamon+1ff5

    FOLLOWUP_NAME: MachineOwner

    MODULE_NAME: eamon

    IMAGE_NAME: eamon.sys

    DEBUG_FLR_IMAGE_TIMESTAMP: 48a95947

    FAILURE_BUCKET_ID: X64_0xc2_7_None_eamon+1ff5

    BUCKET_ID: X64_0xc2_7_None_eamon+1ff5

    Followup: MachineOwner
    ---------
     
    Zardoc, Oct 22, 2008
    #1
  2. Zardoc

    Zardoc Registered Member

    Joined:
    Feb 24, 2006
    Posts:
    61
    Wow,

    No one for a heads up?

    Aryeh my friend, you there?

    :ninja:
     
    Zardoc, Oct 22, 2008
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...