Code:
BugCheck BE, {c0297108, 230d3025, b9441c44, b}
Probably caused by : ntkrpamp.exe ( nt!KiTrap0E+dc )
Code:
0: kd> !pte c0297108
VA 52e21000
PDE at C06014B8 PTE at C0297108
Unable to get PDE C06014B8
Your not going to gather much information from this bugcheck with a Minidump, unless your lucky or have a Kernel Memory dump.
Code:
b9441c44 -- (.trap 0xffffffffb9441c44)
ErrCode = 00000003
eax=ffffffff ebx=ffffffff ecx=ffffffff edx=ffffffff esi=c0297108 edi=445ed025
eip=82edfef5 esp=b9441cb8 ebp=b9441d1c iopl=0 nv up ei ng nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00210286
nt!MmAccessFault+0x177e:
82edfef5 f00fc70e lock cmpxchg8b qword ptr [esi] ds:0023:c0297108=25d05e4400000080
An interesting thing here, is that the trap frame was created as a result of a breakpoint, which shouldn't be found in commercial code, since it's used for debugging purposes to allow the developer to find any bugs in their code at a certain point.
The Assembly lock is usually used for some form of synchronization, which is evident within the raw stack:
Code:
0xb9441c30 : 0x82e91aa8 : nt!KiTrap0E+0xdc
0xb9441c44 : 0xb9441d1c : Trap @ b9441c44
0xb9441c54 : 0x82ecbf9d : nt!KeAccumulateTicks+0xc8
0xb9441c8c : 0x82ecb763 : nt!KeUpdateRunTime+0x145
0xb9441cc8 : 0x82f7bc00 : nt!KiInitialPCR
0xb9441cf0 : 0x82e1f924 : hal!HalpDispatchSoftwareInterrupt+0x5e
0xb9441d04 : 0x82e1fb29 : hal!HalpCheckForSoftwareInterrupt+0x83
0xb9441d20 : 0x82e91aa8 : nt!KiTrap0E+0xdc
Code:
0: kd> kv
# ChildEBP RetAddr Args to Child
00 b9441c2c 82e91aa8 00000001 c0297108 00000000 nt!MmAccessFault+0x104
01 b9441c2c 82edfef5 00000001 c0297108 00000000 nt!KiTrap0E+0xdc (FPO: [0,0] TrapFrame @ b9441c44)
02 b9441d1c 82e91aa8 00000000 52e21bf8 00000001 nt!MmAccessFault+0x177e
03 b9441d1c 523e7fdd 00000000 52e21bf8 00000001 nt!KiTrap0E+0xdc (FPO: [0,0] TrapFrame @ b9441d34)
WARNING: Frame IP not in any known module. Following frames may be wrong.
04 0018b6cc 00000000 00000000 00000000 00000000 0x523e7fdd
Notice the virtual address being passed to a two function calls in the stack?
What Driver Verifier settings have enabled?
Remove:
Code:
Start Menu\Programs\Advanced SystemCare 6
Windows 7 doesn't require any programs which make changes to the operating system and registry, these programs tend to cause problems by modifying and deleting files.
Windows is a closed source system. Developers of registry cleaners do not have the core code of Windows 7 and are not working on definitive information, but rather they are going on past knowledge and experience. Automatic cleaners will usually have to do some guesswork.
Modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. No registry cleaner is completely safe and the potential is ever present to cause more problems than they claim to fix.
Registry cleaners cannot distinguish between good and bad. If you run a registry cleaner, it will delete all those keys which are obsolete and sitting idle; but in reality, those keys may well be needed by some programs or windows at a later time.
Windows 7 is much more efficient at managing the registry than previous Windows versions. If you run any other registry cleaner and do not know precisely what you are doing, you will have problems down the road. There are no gains to be had from using a registry cleaner and the risk is great.
I have given this same advice in your previous thread - Bsod bad_pool_header (19)
Did Comodo provide a patch in the end? Bsod bad_pool_header (19)
You seem to have their software installed, which I'm not sure if that is still a problem or not:
Code:
Start Menu\Programs\COMODO
Start Menu\Programs\COMODO\COMODO BackUp
Start Menu\Programs\COMODO\COMODO Cloud
Do you have the latest version of Java installed?
Code:
Start Menu\Programs\Java
I would be careful with Webroot, I've seen that program directly cause BSODs with a few other cases:
Code:
Start Menu\Programs\Webroot SecureAnywhere
Start Menu\Programs\Webroot SecureAnywhere\Tools
You also seem to be running two anti-virus programs, which can cause serve conflicts, my recommendation would be to remove Webroot and stay with MSE.
Reduce the number of programs at startup, to avoid any driver or program conflicts: