Solved BSOD When Uninstalling a software.

[lealr]

Hello ,

A friend had called me in to check on her computer that froze on the Bios startup screen, so I removed allUSB devices attached, except for those required (Mouse & Keyboard). When I powered on the computer it manage to boot into windows. From there I decided to uninstall any unnecessary software such as toolbars, etc. Yet there was one toolbar that would not uninstall, and eventually caused a BSOD. If anyone could assist me with this issue I would greatly appreciate it.

Thanks

 

[bagavan]

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {ffffffffc0000005, fffff80002f8263a, 1, 18}

Probably caused by : ntkrnlmp.exe ( nt!ObpCreateHandle+29a )

Followup: MachineOwner
---------

4: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80002f8263a, The address that the exception occurred at
Arg3: 0000000000000001, Parameter 0 of the exception
Arg4: 0000000000000018, Parameter 1 of the exception

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002ebd100
GetUlongFromAddress: unable to read from fffff80002ebd1c0
 0000000000000000 Nonpaged pool

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!ObpCreateHandle+29a
fffff800`02f8263a f0480fba6f1800  lock bts qword ptr [rdi+18h],0

BUGCHECK_STR:  0x1E_c0000005_R

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

PROCESS_NAME:  SearchSettings

CURRENT_IRQL:  0

TRAP_FRAME:  fffff8800336f340 -- (.trap 0xfffff8800336f340)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa8006a8e040
rdx=00000000000f001f rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002f8263a rsp=fffff8800336f4d0 rbp=0000000000000000
 r8=fffff8a01a3c5780  r9=00000000000000e8 r10=0000000000000000
r11=fffff8a01a3c5730 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz ac po nc
nt!ObpCreateHandle+0x29a:
fffff800`02f8263a f0480fba6f1800  lock bts qword ptr [rdi+18h],0 ds:00000000`00000018=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002cd8a88 to fffff80002c8dfc0

STACK_TEXT:  
fffff880`0336eab8 fffff800`02cd8a88 : 00000000`0000001e ffffffff`c0000005 fffff800`02f8263a 00000000`00000001 : nt!KeBugCheckEx
fffff880`0336eac0 fffff800`02c8d642 : fffff880`0336f298 00000000`00000000 fffff880`0336f340 fffffa80`06a8e040 : nt! ?? ::FNODOBFM::`string'+0x487ad
fffff880`0336f160 fffff800`02c8c1ba : 00000000`00000001 00000000`00000018 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2
fffff880`0336f340 fffff800`02f8263a : fffff880`00000000 fffff880`0336f520 fffffa80`07c4b850 fffff8a0`1a3c5780 : nt!KiPageFault+0x23a
fffff880`0336f4d0 fffff800`02f73dde : fffffa80`00000000 fffff8a0`1a3c5780 fffff8a0`000f001f 00000000`00000000 : nt!ObpCreateHandle+0x29a
fffff880`0336f5e0 fffff800`02f6517f : fffffa80`06f433e0 fffff880`0336f9a0 fffffa80`08989d00 00000000`08000000 : nt!ObInsertObjectEx+0xde
fffff880`0336f830 fffff800`02c8d253 : fffffa80`06a8e040 fffff880`0336fad8 fffff880`0336f8c8 fffffa80`0bcedb80 : nt!NtCreateSection+0x1fe
fffff880`0336f8b0 fffff800`02c89810 : fffffa80`0850ca9e fffff880`0336fbc0 00000000`00000000 fffffa80`08510250 : nt!KiSystemServiceCopyEnd+0x13
fffff880`0336fab8 fffffa80`0850ca9e : fffff880`0336fbc0 00000000`00000000 fffffa80`08510250 fffffa80`08513750 : nt!KiServiceLinkage
fffff880`0336fac0 fffff880`0336fbc0 : 00000000`00000000 fffffa80`08510250 fffffa80`08513750 fffffa80`00000002 : 0xfffffa80`0850ca9e
fffff880`0336fac8 00000000`00000000 : fffffa80`08510250 fffffa80`08513750 fffffa80`00000002 00000000`08000000 : 0xfffff880`0336fbc0


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ObpCreateHandle+29a
fffff800`02f8263a f0480fba6f1800  lock bts qword ptr [rdi+18h],0

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  nt!ObpCreateHandle+29a

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  503f82be

FAILURE_BUCKET_ID:  X64_0x1E_c0000005_R_nt!ObpCreateHandle+29a

BUCKET_ID:  X64_0x1E_c0000005_R_nt!ObpCreateHandle+29a

Followup: MachineOwner
---------

Some of your drivers are failing. That is the cause for BSOD

Please see this

http://www.sevenforums.com/tutorials/101379-driver-verifier-enable-disable.html

Or you could try a clean install.

 

[Arc]

Do what bagavan suggested. Also Scan the system for possible virus infection.

• Anti-rootkit utility TDSSKiller
• Windows Defender Offline

 

[lealr]

Appreciate the update guys. I will look into it and then get back to you guys.

 

[lealr]

So a friend of mine looked into the issue and the problem was the Video Card which he replaced, and as you guys had mentioned it is best to do a clean install. Appreciate the help guys. Once again thanks.