BSOD occurs when tansfering file , pls help!

[Daydream85]

Alway when I transferring files from another PC through a router, BSOD occurs. It really bothers me a lot. The BSOD shows some "tdx.sys" driver failed. But there are not too many information about this file failure on the internet. Does anyone know what leads this problem? I really appreciate your help!

I also attached the minidump file. I hope it may offer a little help.

Mini060608_01.rar

[cluberti]

Sounds like you should install the hotfix in KB934611, because you've got a non-Vista compatible TDI driver or network driver installed causing this. It's probably got a TDxDeviceLock and isn't releasing it properly, causing the next IO request over the TDI subsystem to crash. Since this is specifically not allowed to happen, the machine is doing what it is supposed to and is letting you know you've got a faulty network or TDI driver (it could be your antivirus package's TDI filter driver, btw - it doesn't always mean it's your actual network card driver).

[Daydream85]

Thank you, cluberti. You're a really nice guy. Yes, you're right, it could be my driver or antivirus software's problem which I still need to find out. I should have already installed the KB934611 hotfix,because the Vista had autoupdated to SP1. Now today even when I change my IP Address which happened to cause a IP adress collision with another PC, the BSOD come out again. And this time it seems not related to the "tdx.sys" file. I tried to find what happened, but actually the windbg showed series of code which I barely know, here it is:

IRQL_NOT_LESS_OR_EQUAL (a)

An attempt was made to access a pageable (or completely invalid) address at an

interrupt request level (IRQL) that is too high. This is usually

caused by drivers using improper addresses.

If a kernel debugger is available get the stack backtrace.

Arguments:

Arg1: 00000000, memory referenced

Arg2: 0000001b, IRQL

Arg3: 00000000, bitfield :

bit 0 : value 0 = read operation, 1 = write operation

bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)

Arg4: 81ce6cba, address which referenced memory

Debugging Details:

------------------

READ_ADDRESS: GetPointerFromAddress: unable to read from 81d6a868

Unable to read MiSystemVaType memory at 81d4a420

00000000

CURRENT_IRQL: 1b

FAULTING_IP:

nt!KiUnwaitThread+14

81ce6cba 8b08 mov ecx,dword ptr [eax]

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0xA

PROCESS_NAME: svchost.exe

TRAP_FRAME: 9aa29c94 -- (.trap 0xffffffff9aa29c94)

ErrCode = 00000000

eax=00000000 ebx=81e2de00 ecx=848318d0 edx=848318d0 esi=8edda340 edi=00000418

eip=81ce6cba esp=9aa29d08 ebp=9aa29d1c iopl=0 nv up ei pl nz ac pe cy

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010217

nt!KiUnwaitThread+0x14:

81ce6cba 8b08 mov ecx,dword ptr [eax] ds:0023:00000000=????????

Resetting default scope

LAST_CONTROL_TRANSFER: from 81ce6cba to 81c8dd84

STACK_TEXT:

9aa29c94 81ce6cba badb0d00 848318d0 8edda554 nt!KiTrap0E+0x2ac

9aa29d1c 81c60ce0 00000002 0000013c 01d6faac nt!KiUnwaitThread+0x14

9aa29d40 81e2de97 8edda340 85659901 8edda340 nt!KeAlertThread+0x5e

9aa29d58 81c8aa7a 0000013c 01d6fab8 76fe9a94 nt!NtAlertThread+0x3e

9aa29d58 76fe9a94 0000013c 01d6fab8 76fe9a94 nt!KiFastCallEntry+0x12a

WARNING: Frame IP not in any known module. Following frames may be wrong.

01d6fab8 00000000 00000000 00000000 00000000 0x76fe9a94

STACK_COMMAND: kb

FOLLOWUP_IP:

nt!KiUnwaitThread+14

81ce6cba 8b08 mov ecx,dword ptr [eax]

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: nt!KiUnwaitThread+14

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 47918b12

FAILURE_BUCKET_ID: 0xA_nt!KiUnwaitThread+14

BUCKET_ID: 0xA_nt!KiUnwaitThread+14

[cluberti]

A driver tried to reference a NULL memory address (0x00000000). That will always cause a bugcheck, and if it happened when changing your IP address, I'd say anything on that machine is suspect. I'd remove your antivirus package and any firewall package, and also perhaps remove and update your network card drivers as well. You'll have to narrow this down the old fashioned way, because whatever is causing this is unloading and removing from the stack too quickly to catch unless a live debug is done, and we can't really do that in this case.

Good luck.