BSOD after entering sleep, now also on normal use

G

gnarlytom

New member
Local time
11:37 PM
Messages
13
Location
UK
Hi,

i always get a BSOD after my machine (windows 7 x64) has just awoken from sleep. it happens after you log back in, as soon as you move the mouse.

So, i never let my computer sleep. However, i had another BSOD just as i was working away normally, the PC hadnt slept, this has motivated me to get to the bottom of the issue!

So, i made it BSOD by sleeping after the original BSOD to see if they were the same cause.... and I looked at the dumps and it says:

Probably caused by : ntoskrnl.exe ( nt+95b7f )

after a bit of research i understand this isnt actually very helpful, as this is essentially the core windows .exe!

anyway, i have attahced the dumps, and hopefully someone might have a better answer than myself....

the first .dmp file was without sleeping, the second was with sleeping
 

My Computer My Computer

At a glance

Windows 7 x64Intel Core Duo 2 E84006GB1GB ATI Raedon 4650
OS
Windows 7 x64
CPU
Intel Core Duo 2 E8400
Motherboard
Gigabyte GA-EP45-DS4
Memory
6GB
Graphics Card(s)
1GB ATI Raedon 4650
gnarlytom said:
Hi,

i always get a BSOD after my machine (windows 7 x64) has just awoken from sleep. it happens after you log back in, as soon as you move the mouse.

So, i never let my computer sleep. However, i had another BSOD just as i was working away normally, the PC hadnt slept, this has motivated me to get to the bottom of the issue!

So, i made it BSOD by sleeping after the original BSOD to see if they were the same cause.... and I looked at the dumps and it says:

Probably caused by : ntoskrnl.exe ( nt+95b7f )

after a bit of research i understand this isnt actually very helpful, as this is essentially the core windows .exe!

anyway, i have attahced the dumps, and hopefully someone might have a better answer than myself....

the first .dmp file was without sleeping, the second was with sleeping
Click to expand...

Both of these were caused by your vfilter.sys file. It is File vfilter.sys Reviews. This file is from Shrew Soft Inc and belongs to product Shrew Soft IM Filter Driver.

I would recommend itss update at least or removal if possible.


Let us know if you need additional assistance

Ken J



Code: 
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\K\Desktop\Dumps\092110-38360-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

WARNING: Whitespace at end of path element
Symbol search path is: SRV*C:\symbols;*http://msdl.microsoft.com/download/symbols ;srv*e:\symbols
*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02e10000 PsLoadedModuleList = 0xfffff800`0304de50
Debug session time: Tue Sep 21 07:38:40.738 2010 (GMT-4)
System Uptime: 0 days 3:53:52.595
Loading Kernel Symbols
...............................................................
................................................................
..............................
Loading User Symbols
Loading unloaded module list
........
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {0, 2, 0, fffff80002e848b6}

Unable to load image \SystemRoot\system32\DRIVERS\vfilter.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for vfilter.sys
*** ERROR: Module load completed but symbols could not be loaded for vfilter.sys
Probably caused by : vfilter.sys ( vfilter+29a6 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80002e848b6, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800030b80e0
 0000000000000000 

CURRENT_IRQL:  2

FAULTING_IP: 
nt!KeSetEvent+226
fffff800`02e848b6 488b09          mov     rcx,qword ptr [rcx]

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  svchost.exe

TRAP_FRAME:  fffff88008f02f70 -- (.trap 0xfffff88008f02f70)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa8007e491b8 rbx=0000000000000000 rcx=0000000000000000
rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002e848b6 rsp=fffff88008f03100 rbp=0000000000000002
 r8=0000000000000000  r9=0000000000000000 r10=0000000000000000
r11=0000000000000002 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz ac po cy
nt!KeSetEvent+0x226:
fffff800`02e848b6 488b09          mov     rcx,qword ptr [rcx] ds:0002:00000000`00000000=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002e7fca9 to fffff80002e80740

STACK_TEXT:  
fffff880`08f02e28 fffff800`02e7fca9 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff880`08f02e30 fffff800`02e7e920 : 00000000`00000002 fffffa80`07e491b0 00000000`000007a9 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff880`08f02f70 fffff800`02e848b6 : fffff880`08f03170 fffff880`02d1cb0e 00000000`00000047 fffff880`08f031f0 : nt!KiPageFault+0x260
fffff880`08f03100 fffff880`02d1c9a6 : fffffa80`00000000 00000000`00000000 00000000`00000000 fffffa80`07e491a0 : nt!KeSetEvent+0x226
fffff880`08f03170 fffffa80`00000000 : 00000000`00000000 00000000`00000000 fffffa80`07e491a0 00000000`00000000 : vfilter+0x29a6
fffff880`08f03178 00000000`00000000 : 00000000`00000000 fffffa80`07e491a0 00000000`00000000 fffff880`02d1c42b : 0xfffffa80`00000000


STACK_COMMAND:  kb

FOLLOWUP_IP: 
vfilter+29a6
fffff880`02d1c9a6 ??              ???

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  vfilter+29a6

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: vfilter

IMAGE_NAME:  vfilter.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4b048bff

FAILURE_BUCKET_ID:  X64_0xA_vfilter+29a6

BUCKET_ID:  X64_0xA_vfilter+29a6

Followup: MachineOwner
---------
 

My Computer My Computer

At a glance

Win 8 Release candidate 8400[email protected]4 gigsNvidia 9600M
Computer Manufacturer/Model Number
HP Pavillion dv-7 1005 Tx
OS
Win 8 Release candidate 8400
CPU
[email protected]
Memory
4 gigs
Graphics Card(s)
Nvidia 9600M
Sound Card
HD built-in
Monitor(s) Displays
17" Wxga
Screen Resolution
1440x900
Cooling
none
Internet Speed
45Mb down 5Mb up
You must log in or register to reply here.

Similar threads

BSOD on normal use and sometimes lag video.
Replies
1
Views
1K
axe0
A
Back
Top