Share via

BSOD IRQL_NOT_LESS_OR_EQUAL every restart hal.dll

Anonymous
2014-02-22T04:28:54+00:00

Hello,

My computer will blue screen with IRQL_NOT_LESS_OR_EQUAL every time I manually restart it. The blue screen occurs after I begin the restart process (but before it goes to BIOS and starts windows up again.) It then restarts "ungracefully" after the bluescreen and goes to BIOS... etc.

I have not recently installed any new hardware. My computer is a Gateway LX4710-01 desktop. I did add in new RAM chips at one point, but the blue screens were not happening while I was on Windows 8.0. They have only been happening in 8.1 (so I don't think the RAM upgrade is the issue.)

I would appreciate knowing what I need to do to stop these blue screens from occurring. I have been reading how other people have been able to resolve this and would prefer not to remove/re-install ALL drivers if it can be helped - maybe the dump file can provide specific information. What can I do to pinpoint the specific problem, and then resolve it?

This is the link to the minidump file:

https://onedrive.live.com/redir?resid=7CF80F36DFE197C9!289&authkey=!AEVM3i0AxoelT6E&ithint=file%2c.dmp

I opened the file in BlueScreenView and two lines are highlighted in red, one is for hal.dll and the other is for ntoskrnl.exe:

Thank you,

Richard

Windows for home | Previous Windows versions | Performance and system failures

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments
Answer accepted by question author
  1. Anonymous
    2014-02-22T04:50:14+00:00

    Hi Richard,

    The attached DMP file is of the IRQL_NOT_LESS_OR_EQUAL (a) bug check.

    This indicates that Microsoft Windows or a kernel-mode driver accessed paged memory at DISPATCH_LEVEL or above.

    This bug check is issued if paged memory (or invalid memory) is accessed when the IRQL is too high. The error that generates this bug check usually occurs after the installation of a faulty device driver, system service, or BIOS.

    We have very little to no info in this dump, for example:

    1: kd> kv

    Child-SP          RetAddr           : Args to Child                                                           : Call Site

    ffffd00020d0f7c8 fffff802e515d7e9 : 000000000000000a 0000000000000000 0000000000000002 0000000000000000 : nt!KeBugCheckEx

    ffffd00020d0f7d0 0000000000000000 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!KiBugCheckDispatch+0x69

    ^^ Nothing in the call stack except nt!KeBugCheckEx being called.

    Some detective work will be necessary:

    1. Please uninstall Acronis True Image as the device drivers are too old to function with Windows 8, also it generally causes conflicts.

    2. Uninstall your Realtek card reader software, or check for an update (likely not available) - http://www.realtek.com.tw/downloads/downloadsView.aspx?Langid=1&PNid=15&PFid=25&Level=4&Conn=3&DownTypeID=3&GetDown=false

    3. If you're still crashing after the above, enable Driver Verifier:

    Driver Verifier:

    What is Driver Verifier?

    Driver Verifier is included in Windows 8, 7, Windows Server 2008 R2, Windows Vista, Windows Server 2008, Windows 2000, Windows XP, and Windows Server 2003 to promote stability and reliability; you can use this tool to troubleshoot driver issues. Windows kernel-mode components can cause system corruption or system failures as a result of an improperly written driver, such as an earlier version of a Windows Driver Model (WDM) driver.

    Essentially, if there's a 3rd party driver believed to be at issue, enabling Driver Verifier will help flush out the rogue driver if it detects a violation.

    Before enabling Driver Verifier, it is recommended to create a System Restore Point:

    Vista - START | type rstrui - create a restore point

    Windows 7 - START | type create | select "Create a Restore Point"

    Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

    How to enable Driver Verifier:

    Start > type "verifier" without the quotes > Select the following options -

    1. Select - "Create custom settings (for code developers)"
    2. Select - "Select individual settings from a full list"
    3. Check the following boxes -
    • Special Pool
    • Pool Tracking
    • Force IRQL Checking
    • Deadlock Detection
    • Security Checks (Windows 7 & 8)
    • DDI compliance checking (Windows 8)
    • Miscellaneous Checks
    1. Select  - "Select driver names from a list"
    2. Click on the "Provider" tab. This will sort all of the drivers by the provider.
    3. Check EVERY box that is [B]NOT[/B] provided by Microsoft / Microsoft Corporation.
    4. Click on Finish.
    5. Restart.

    Important information regarding Driver Verifier:

    • If Driver Verifier finds a violation, the system will BSOD.
    • After enabling Driver Verifier and restarting the system, depending on the culprit, if for example the driver is on start-up, you may not be able to get back into normal Windows because Driver Verifier will flag it, and as stated above, that will cause / force a BSOD.

    If this happens, do not panic, do the following:

    • Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.
    • Once in Safe Mode - Start > Search > type "cmd" without the quotes.
    • To turn off Driver Verifier, type in cmd "verifier /reset" without the quotes.

    ・    Restart and boot into normal Windows.

    If your OS became corrupt or you cannot boot into Windows after disabling verifier via Safe Mode:

    • Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.
    • Once in Safe Mode - Start > type "system restore" without the quotes.
    • Choose the restore point you created earlier.

    How long should I keep Driver Verifier enabled for?

    It varies, many experts and analysts have different recommendations. Personally, I recommend keeping it enabled for at least 24 hours. If you don't BSOD by then, disable Driver Verifier.

    My system BSOD'd, where can I find the crash dumps?

    They will be located in %systemroot%\Minidump

    Any other questions can most likely be answered by this article:

    http://support.microsoft.com/kb/244617

    Regards,

    Patrick

    2 people found this answer helpful.
    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2014-02-22T07:22:36+00:00

    Hi Patrick,

    It seems that the problem was the driver with the Realtek card reader. Oddly, the program to install the new driver (at the link you pointed me to) went through the motions of installing, and ended with "installed successfully" at the end of the wizard, but Windows device manager still indicated that the driver was the old version. Luckily, I was able to select what I guess is the newest working driver (although I'm not entirely sure if it's the 'correct' one) by installing through device manager's manual "have disk..." option. and picking drvbin64\RtsBaStorMSI.inf and then the USB 2.0 driver 6.3.9600.39057.

    Thank you!

    0 comments
  2. Anonymous
    2014-02-22T07:55:10+00:00

    My pleasure! Glad to hear everything is working as intended now.

    Regards,

    Patrick

    0 comments