David Kaye wrote:
> Windows 7, the indestructable has destructed.
> I have a customer who will get every possible hardware and software problem
> there is. He is the first to get any new malware going around. His hard
> drive crashes with tons of errors. I have made a lot of money off his
> foolishness, which often involves downloading and opening suspicious emails,
> downloading "fixes" for his problems which turn out to be malware, etc. So,
> I guess I knew what I was getting into when he called me.
> This time it's the BSOD with "Bad Pool Header" staggered with "Bad Pool
> Caller". Just prior to the BSOD the video gets lots of lines in it and gets
> generally messed up. It happens only only under the following
> circumstances: (1) running any kind of scan in Avast, (2) reinstalling the
> video driver, (3) trying to run ComboFix or anything else that scans the HD,
> except for chkdsk.
> It does not BSOD when running YouTube videos. It does not BSOD when opening
> lots and lots of photos and running up the RAM and swapfile. It does not
> BSOD when going to most websites, but it does on some and it appears to be
> random or maybe tied to a banner ad or something. Java, Adobe, and Windows
> updates are up to date. No new hardware or software have been added.
> Various diagnostic programs report no RAM errors. The handy-dandy Win 7
> repair tools won't let me restore back more than 3 days (the day the
> troubles began to happen). I tried the "Repair Startup" function and, of
> course it reported nothing. Windows offered to check the problem for me and
> reported back that nothing was wrong.
> I've removed, cleaned, and re-seated 8 GB of ram cards (4 cards), the video
> card (ATI Radeon HD 5250). I've looked at the drivers. At first Device
> Manager reported back a generic driver for the video. AHA! So, I tried to
> install the video driver. It BSOD'd and gave me the pool error again. I
> then uninstalled and reinstalled the video on the next go-round and it took.
> DevMgr reported back the name of the video driver as well as the video card
> and the monitor. Great!
> Not so great. BSOD and Pool errors. Oh, and anybody who works with this
> stuff knows that a pool error is a low-level memory management error that
> can be *anything* from driver problems to viruses to a dirty HD to a piece
> of hardware going bad. From my experience there is nothing worse than a
> pool error. At least if the thing won't turn on you know it's a bad power
> supply or a dead mobo.
> Chkdsk reported various indexing errors and orphaned files. Restarted. No
> change. Though there were file errors apparently none of these had anything
> to do with the problem.
> The only option is a complete reinstall, which means he loses his thousands
> of photos because he only backed up a few. He's going to balk at having to
> spend money to transfer his stuff out in order for me to low-level reformat
> the HD, along with the reinstallation time involved.
> His problems get me so frustrated I just want to walk away from this one.
> But it's a nice night out so I'm going for a walk...
I don't understand the comment about "loses his thousands of photos".
You can slave the drive up to a working computer, and copy off the stuff.
He might lose them, if they're scattered all over the place. But a naive
user probably relies on default settings, and they could all be plopped
in one directory.
I'm not an "IT guy", just a home user. Things I've heard of:
1) Offline scan with AV scanner. Can be done with the downloadable CD.
Can be done with disk still in computer.
http://support.kaspersky.com/faq/?qid=208282163 (196MB download)
(AV updates when booted)
That takes one to two hours, depending on processor speed. The versions
now are multithreaded - more cores, means you go home faster.
2) Connect drive to your own computer. Check SMART stats with the 2.55 free version
of HDTune. Look for Current Pending or Reallocated Sector counts, as an indicator
of drive health. Both Seagate and Western Digital offer tools for testing hard drives.
Although, my experience with Seagate tools has been going steadily downhill
(less and less likely to work with my more modern hardware).
3) If the disk appears physically healthy, try a CHKDSK while the disk is
still connected to your own computer.
4) If disk is now clean, connect back to his computer.
5) You can run SFC /scannow in the damaged Windows, which would check
for damage to system files. But there is hardly a reason to suspect this would work
under all circumstances. If malware is present, just about
anything can be compromised.
6) Repair install. In the case of Windows 7, this is more like an
"install over the top", in the sense that when it is finished, there
is a "Windows.old". You delete the Windows.old, when everything looks
You can download images of Windows 7 off the web. But they tend to
be Retail versions. So if you needed a Retail Win7 SP1, you could
probably find a copy from digitalriver. Note in that Sevenforums
article, simple slipstreamed discs don't work. Which makes the
chances of a repair install working the first time, iffy.
Anyway, those are just a few ideas. It sounds like you have
more than one problem, and I'm hoping the CHKDSK stuff is
just noise (like the user turning off the power instead
of doing a proper shutdown). Of course, with all the BSODs,
the damage to the file system could be a side effect of
all the unclean shutdowns that result.
I'm suspecting step 1 is going to be fun :-)
If you thought the issue was solely the video driver, you
could uninstall it, and look for a driver cleaner that
works on Windows 7, to remove the last vestiges. For a driver update,
the AMD or Nvidia web sites might even offer an automatic updater
tool (which all it does, is download the right version of driver).
What you do next, really depends on how much time you want to
put into this. But some of the more "hammer" style options, you
really need to be well prepared in advance (collection of
discs, have tested repair install works, etc.). You wouldn't
want to use the customer as a guinea pig, unless you
back up the partition first. And Windows 7 has its own
image making capability for that (makes a couple VHD files
in your portable USB disk, one for C: and one for the
SYSTEM RESERVED partition). I use the image making thing
on my Win7 laptop, and it's got me out of trouble a
couple of times. I boot the Win7 recovery CD, and
do the restore from there, to restore my image of the
two most important partitions (after screwing something up).
If it was your own machine, you could spend some time playing with it.
"Pushing the Limits of Windows: Paged and Nonpaged Pool"