How to Fix: BAD_POOL_CALLER Blue Screen of Death

Dennis Faas's picture

Infopackets Reader David L. writes:

" Dear Dennis,

I have a VERY perplexing problem! My wife and I are trying to publish a book online a website (CreateSpace.com) - unfortunately, both her system and my system are crashing with blue screens of death (BSOD) error: BAD_POOL_CALLER. I am using Mozilla Firefox on my machine, and she is using Edge. I've called Microsoft and talked to their support for over 4 hours but they were unable to help - and in fact, my system is operating even worse than before! You've done work for me in the past and I need to have you connect to my system and tell me what is going on! This is driving me crazy. I can't get ANY work done! "

My response:

This is a very interesting problem, as blue screens of death (BSOD) usually only appear if you have a hardware problem, or a driver problem. The fact that David's computer AND his wife's computer were suffering the exact same BSOD BAD_POOL_CALLER error message suggested to me that this was likely not a hardware problem. That's because most blue screens of death related to hardware are usually the video card or the motherboard - but not always. Also, the fact that two completely different systems were having the exact same BAD_POOL_CALLER error message at roughly the same time would be astronomically rare, especially if it were hardware related.

Probing the Situation: Using Remote Desktop Support Service

To get more information, I connected with David over his desktop and discussed the issues in detail. David told me he had been collecting minidump files (located at the C:\Windows\Minidump folder). By default, Windows collects minidump files for the purpose of bug tracing, though if you don't know how to read these files, they will be of little use.

Normally I use the Event Viewer to review "critical" errors related to the operating system's kernel power - which always shows events leading up to a crash - however, David mentioned he was using a program called "Blue Screen View" by Nirsoft (freeware) to review the minidump files. He also mentioned that much of the minidump information on his and his wife's system were very similar, but was unable to draw a conclusion.

Understanding How to Use Blue Screen View

Admittedly I have never used "Blue Screen View" before - as such I downloaded it, then copied David's minidump log files to my system.

At first I was overwhelmed with information presented by Blue Screen Viewer. Initially I was not sure at all what I was looking at, as much of it has to do with memory addresses. At this point I started to look for a pattern, which is when I decided to sort the columns of information by: "Caused by address". From here I could see that fwpkclnt.sys, vsdatant.sys, netio.sys (which are all system files) were responsible for the crashes.

Specifically: fwpkclnt.sys appeared 26 times, vsdatant.sys appeared 3 times, and netio.sys appeared only 1 time.

Drawing a Conclusion: Researching System Files using Google

At this point I went to Google to research the purpose of each .sys file (system file) responsible for the crashes. I should also mention that almost every page that showed up in Google which claimed to have information about the .sys file in question was in fact fake! These "driver information" pages were nothing more than a front in order to get people to download some sort of "automated driver fixer program" which claims to fix driver errors. DO NOT - I repeat - DO NOT trust these programs - most of them are scams designed to do nothing more than take your money - and will NOT fix the errors!

With that out of the way, here is what I found after a bit of digging online:

Fwpkclnt.sys, which appeared 26 times is the "firewall platform kernel client"; vsdatant.sys, which appeared 3 times is a system file related to TrueVector device driver for ZoneAlarm firewall (driver), and netio.sys, which appeared only once, is the Network I/O Subsystem - likely a network driver.

Do you see the pattern? These system files are all related to the firewall. One system file in particular (vsdatant.sys) is related to the ZoneAlarm firewall, which is not part of Windows, but is in fact a third party program.

I then asked if David's wife's computer was using ZoneAlarm, and he told me "yes". At this point, I was 99.99% certain I found the culprit; as such, I uninstalled ZoneAlarm and also disabled other non-essential system services, then had David try to replicate the blue screen scenario (by publishing his book online CreateSpace.com). He went through the scenario multiple times and his system hasn't crashed in the last 3 days - whereas it was crashing many times throughout a single day. On the other hand, he uninstalled ZoneAlarm and reinstalled it on his wife's machine, only to have her system crash again.

So there you have it - next time your system is suffering from random Blue Screens - have a look at "Blue Screen View" and follow the steps I took in this article, and hopefully you'll be able to draw a conclusion like I was able to do for David. Of course, being able to draw a conclusion based on system files is somewhat technical - in that case, you are welcome to contact me for 1-on-1 support, described next.

Additional 1-on-1 Support: From Dennis

If all of this is over your head, or you need help troubleshooting random Blue Screens of Death - I can help using my remote desktop service. Simply contact me briefly describing your message and I'll get back to you as soon as I can.

Got a Computer Question or Problem? Ask Dennis!

I need more computer questions. If you have a computer question -- or even a computer problem that needs fixing - please email me with your question so that I can write more articles like this one. I can't promise I'll respond to all the messages I receive (depending on the volume), but I'll do my best.

About the author: Dennis Faas is the owner and operator of Infopackets.com. With over 30 years of computing experience, Dennis' areas of expertise are a broad range and include PC hardware, Microsoft Windows, Linux, network administration, and virtualization. Dennis holds a Bachelors degree in Computer Science (1999) and has authored 6 books on the topics of MS Windows and PC Security. If you like the advice you received on this page, please up-vote / Like this page and share it with friends. For technical support inquiries, Dennis can be reached via Live chat online this site using the Zopim Chat service (currently located at the bottom left of the screen); optionally, you can contact Dennis through the website contact form.

Rate this article: 
Average: 5 (6 votes)

Comments

ecash's picture

I would love Google to Clean up..
I would love a button (for certain people at least) to Click to notify Google of BAD SITES..

Its taken time for those sites to get to the TOP of the lists..but something has to be abit off.

kitekrazy's picture

I hope they notified the developers. I don't use Zone Alarm anymore but it is a nice program.

Dennis Faas's picture

I had a very similar problem 10 years ago with almost the exact same circumstance - ZoneAlarm was causing blue screens of death. I uninstalled it and the problem went away. Also there is no reason to use / pay for a third party firewall. Windows Firewall works fine.

beach.boui's picture

What the native Windows Firewall doesn't do is provide notification for questionable outgoing activity. I don't like it when various programs report to the mothership in the background and I am not alerted to the activity. Third-party personal firewall programs can be set to alert you to outgoing activity. Or, you can tell the firewall not to bother you if the activity is from a trusted program. The native Windows firewall doesn't give you that outgoing notification. Or, if it does, it doesn't make it a easy to setup. I've been using the Comodo Firewall for many years. While I'm not particularly happy with the bloat it has acquired over the years, it remains on my must-have list until I find a way to make the Windows firewall alert to outgoing activity. This is especially important to me with programs from smaller vendors software whom I know nothing about.