Bad_Pool_Header 0x0000019 BSOD tho can boot in safe mode

The Lenovo has been working fine till around 2-3 weeks ago, it BSODed
while booting up : saw the Windows logo & shortly after it BSODed 0x0...19
Not aware of any change other than around those few days, noted an
MS update took place (from Windows "System Restore" point description.

It could boot up in Safe Mode or "Safe Mode with Networking" though.
Tried "Repair Windows" & it did not help.

https://www.experts-exchange.com/questions/26813125/Bad-Pool-Header-0x019-BSOD.html
Also tried the suggestions given in url above ie

1. boot up in Safe Mode & renamed away the file
    C:\Windows\System32\FNTCACHE.DAT & reboot

2. sfc / scannow   in Safe Mode showed no error (ie no integrity issue)

3. in Safe Mode, I used msconfig to disabled the AV TrendMicro & a few startups
    that are of unknown developer

I can attach the minidump & the screen showing the BSOD if it's useful as clue
for troubleshooting.

Running Windows 7 Profesnl
sunhuxAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Uttam KumarTech Support ExpertCommented:
0
Natty GregIn Theory (IT)Commented:
Open up the computer take out memory, hard drive and battery, reseat the memory and hard disk and boot up the machine, then post back
1
RaminTechnical AdvisorCommented:
Please go to C:\Windows\Minidump\
 and attach the Minidump.dmp file to your post.
1
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

sunhuxAuthor Commented:
Reseating the RAM, battery & HDD did not help.

As there are 2 RAM chips, used 1 chip at a time on each of the DIMM sockets but did not help.
Is the hotfix link correct?  It says it's not there anymore.

Will provide  the minidump on Monday
0
sunhuxAuthor Commented:
While in Safe mode, have 'restored' to a point that is about 1 month back (ie prior to the
Windows update that was automatically updated) : it did not help too
0
nobusCommented:
i Always start by running diags on Ram and disk - to be sure about the basics , before proceeding a repair
i use the ubcd for this :
Hardware diagnostic CD    UBCD
---------------------------------------------------
go to the download page, scroll down to the mirror section, and  click on a mirror to start the download
Download the UBCD and make the cd   <<==on a WORKING PC, and boot the problem PC from it
Here 2 links, one to the general site, and a direct link to the download

since the downloaded file is an ISO file, eg ubcd527.iso - so you need to use an ISO burning tool
if you don't have that software, install cdburnerXP : http://cdburnerxp.se/

If you want also the Ram tested - run memtest86+ at least 1 full pass,  - you should have NO errors!
 
For disk Diagnostics run the disk diag for your disk brand (eg seagate diag for seagate drive)  from the HDD section -  long or advanced diag !  (runs at least for30 minutes)

http://www.ultimatebootcd.com/      

**  you can make a bootable cd - or bootable usb stick
*** note *** for SSD drives  use the tool from the manufacturer, like intel 's toolbox :
https://downloadcenter.intel.com/download/18455/Intel-Solid-State-Drive-Toolbox

for completeness -here's how i handle disk problems : http://www.experts-exchange.com/Storage/Hard_Drives/A_3000-The-bad-hard-disk-problem.html

==>>****in order to be able to  boot from CD or usb - you may have to disable secure boot in the bios
1
masnrockCommented:
Did you try removing Trend Micro entirely?
1
RaminTechnical AdvisorCommented:
Please try CHKDSK /r in Command Prompt and let us know the result.
0
sunhuxAuthor Commented:
attached the dump : sorry it took too long.

Did not remove Trendmicro completely but can do that.
I'm worried of doing chkdsk /r  as I had in the past done
this with a Win2008 R2 tt has NTFS 55 error & it got worse
040817-160790-01.dmp
0
sunhuxAuthor Commented:
I've  run a scan while in Safe mode:  scannow / ...   but it gives no error
0
sunhuxAuthor Commented:
correction:  it's   sfc /scannow
0
RaminTechnical AdvisorCommented:
This is a typical software Driver bug.  More often memory corruption happens because of software errors in buggy drivers.

In your case the cause is TMUMH.sys
The TMUMH.sys is a Trend Micro driver for Anti-exploit feature.
Uninstall Trend Micro completely.
Try reinstalling latest version of Trend Micro or use alternative security software.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
masnrockCommented:
I've historically known Trend Micro to be pretty problematic, hence why I suggested removing it first... I've even seen an instance of it corrupting the TCP/IP stack so bad that it had to be reinstalled (resetting didn't work). And all that was done was that Windows updates were installed.
1
nobusCommented:
note that in some case sit can also be caused ba ram or disk problems, so running a diag on them can help too
0
sunhuxAuthor Commented:
Now, we are unable to uninstall TrendMicro :
hv tried the suggestions in link below:
  http://www.compit.se/?p=3

While uninstalling in Safe mode (as can't boot
to full mode), it gave the error message:
  Uninstallation Stopped
  Unable to remove the software while in Safe Mode
0
masnrockCommented:
Most likely dependent on Windows Installer, which doesn't run when you're in Safe Mode. Have you tried Safe Mode with Networking? That *might* let you do some additional things.

But here's an article from Trend Micro with instructions for manual uninstall or other uninstall methods (I am assuming you are using OfficeScan): https://success.trendmicro.com/solution/1039283-uninstalling-clients-or-agents-in-officescan-osce
0
sunhuxAuthor Commented:
Yes it's Officescan.   Got it resolved:

Booted up in Safe Mode w Networking & downloaded Revo Uninstaller:
using this tool, uninstalled TrendMicro & after reboot, it doesn't BSOD anymore.

Presume the copy of TrendMicro may have been corrupted that it doesn't
allow uninstallation & had to be manually uninstalled using Revo
0
RaminTechnical AdvisorCommented:
I am glad you got it working, and Thanks.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.