Windows 7 Windows 7 hibernates randomly (and NO idea why)

Evert7 · Nov 12, 2011

Hello. My computer hibernates on random times, I don't have ANY idea why.

Some years ago, my laptop was running vista fine. No problems or whatsoever. Then I did an upgrade to Windows 7 and after a few years it was starting randomly hibernate. I didn't managed to get Windows working properly, and finally I installed linux. I don't have any problems with it. Now I really need windows back so I installed Windows 7 (x64). When I startup and choose windows in grub (yes, my linux is still there) It hibernates after 5/10/50/... minutes. I tried disabling hibernate trough cmd, result: shuts down instead of hibernate. I tried installing windows again, same error. Also, in linux I've made a special .vmdk (for VBox) so that it points to my main harddrive, so in virtualbox I tried booting windows from my harddrive and until now I didn't had problems that way.

My computer is an hp pavilion dv7 2120sb, without any modifications. Problem occurs with and without battery.

So PLEASE help me, this is driving me crazy , and I mean really really crazy 8o|

. I know quite a lot of computers, but this is just too difficult

- PROBLEM SOLVED: -
Just cleaned my fan, and the problem was gone.

Medico · Nov 13, 2011

Link Removed. Once you disable hibernate you can Link Removed

Evert7 · Nov 13, 2011

Ted Myers said:
Link Removed. Once you disable hibernate you can Link Removed

That wasn't really what I ment...

zvit · Nov 13, 2011

Evert7 said:
That wasn't really what I ment...

Seems like you want to disable the hibernate function and that's what Ted posted. What is it you need to achieve?

OldTimer · Nov 13, 2011

I'm sittin' here, scratching, and wondering if that PC is not really Hibernating at all, but something else.
Once Hibernate is disabled, it cannot re-enable, by itself. Look elsewhere!

PS: Once Hibernate is disabled and the PC is rebooted, the Hiberfil.sys file will be GONE!

zvit · Nov 13, 2011

So to understand the problem, you DO want to hibernate at times but the computer is hibernating by itself at random times?

Saltgrass · Nov 13, 2011

I was wondering if the situation might be related to the way you are booting? I have always used the Windows boot manager and never GRUB when dual booting, but possibly the ACPI system is not being set up properly.

There is a utility (Powercfg) that deals with power situations, but I do not see anything to show what is putting a system to sleep, just what wakes it up.

Evert7 · Nov 15, 2011

zvit said:
So to understand the problem, you DO want to hibernate at times but the computer is hibernating by itself at random times?

Yes thats the problem, I'm sorry if I wasn't clear enough.
My PC just hibernates on random times and IF I enable hibernation (and I know how to do that) the PC just shuts down at random times instead of hibernate.

Evert7 · Nov 16, 2011

Please help me!

zvit · Nov 16, 2011

Here are some solutions I found on the net. Hope one will help you:

1. Might be a malfunctioning multi-media keyboard. If your keyboard has a sleep button, try changing the keyboard.

2. Laptop battery might be dying. Do you get something that says "Sleep Reason: Battery" that you might not have noticed? Does this happen also when you are NOT on battery?

3. Go to your Event Viewer, check if there's any event when the issue happened. Tell us the event code.

4. Laptop overheating may cause random hibernation at times. Check if you have a heating problem. You can use Speedfan to monitor the temperatures of your laptop.

5. Try to delete your power plan and create a new one: Win7 Laptop Randomly Hibernates??? - Microsoft Answers

Get back to us.

Saltgrass · Nov 16, 2011

I made a comment about how you are booting, have you thought about it?

Since the problem is random and I do not know of a normal situation that would cause hibernation, you will need to monitor your system to see what might be doing it. If you can see some common occurrence or time displacement, it might help track down the problem.

While you are in Windows, could you open an administrative command prompt and type bcdedit then use the snipping tool to take a picture and post using the paperclip.

While you are in the command prompt, you also might try typing Powercfg -energy to test your system. You need to shutdown all software you can, like browsers and such. Keep track of where the .html report is stored and copy it to the desktop to open. You will probably see USB messages, but hopefully something else will show up.

Are any messages showing up in Device Manager beside a Kernel Power type?

Evert7 · Nov 16, 2011

It has nothing to do with cooling I think, laptop isnt warm at all when it hibernates and besides, in linux it runs fine.
I'll try the other things you said.
Here are the last 15 events before hibernating:

Code:

Log Name:      Microsoft-Windows-Kernel-Power/Thermal-Operational Source:        Microsoft-Windows-Kernel-Power Date:          15/11/2011 18:27:22 Event ID:      82 Task Category: (79) Level:         Information Keywords:      (32) User:          SYSTEM Computer:      Evert-PC Description: ACPI thermal zone ACPI\ThermalZone\THRM has engaged passive cooling.              EventTime = ‎2011‎-‎11‎-‎15T18:27:22.048915300Z              _PSV = 368K              _TMP = 370K              _TC1 = 2              _TC2 = 3              _TSP = 3000ms              Delta P = 100              _PSL - see event data. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />     <EventID>82</EventID>     <Version>0</Version>     <Level>4</Level>     <Task>79</Task>     <Opcode>0</Opcode>     <Keywords>0x1000000000000020</Keywords>     <TimeCreated SystemTime="2011-11-15T17:27:22.048915300Z" />     <EventRecordID>90</EventRecordID>     <Correlation />     <Execution ProcessID="4" ThreadID="44" />     <Channel>Microsoft-Windows-Kernel-Power/Thermal-Operational</Channel>     <Computer>Evert-PC</Computer>     <Security UserID="S-1-5-18" />   </System>   <EventData>     <Data Name="ThermalZoneDeviceInstanceLength">21</Data>     <Data Name="ThermalZoneDeviceInstance">ACPI\ThermalZone\THRM</Data>     <Data Name="EventTime">2011-11-15T18:27:22.048915300Z</Data>     <Data Name="PassiveCoolingStateLength">7</Data>     <Data Name="PassiveCoolingState">engaged</Data>     <Data Name="AffinityCount">1</Data>     <Data Name="_PSV">368</Data>     <Data Name="_TMP">370</Data>     <Data Name="_TC1">2</Data>     <Data Name="_TC2">3</Data>     <Data Name="_TSP">3000</Data>     <Data Name="DeltaP">100</Data>     <ComplexData Name="_PSL">0300000000000000</ComplexData>   </EventData> </Event>  Log Name:      Microsoft-Windows-Bits-Client/Operational Source:        Microsoft-Windows-Bits-Client Date:          15/11/2011 18:27:21 Event ID:      4 Task Category: None Level:         Information Keywords:       User:          SYSTEM Computer:      Evert-PC Description: The transfer job is complete. User: NT AUTHORITY\SYSTEM Transfer job: WU Client Download Job ID: {9560E714-B62C-40EF-AE46-B3C052EE62D8} Owner: NT AUTHORITY\SYSTEM File count: 1 Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Bits-Client" Guid="{EF1CC15B-46C1-414E-BB95-E76B077BD51E}" />     <EventID>4</EventID>     <Version>1</Version>     <Level>4</Level>     <Task>0</Task>     <Opcode>0</Opcode>     <Keywords>0x4000000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:27:21.253314300Z" />     <EventRecordID>1462</EventRecordID>     <Correlation />     <Execution ProcessID="868" ThreadID="980" />     <Channel>Microsoft-Windows-Bits-Client/Operational</Channel>     <Computer>Evert-PC</Computer>     <Security UserID="S-1-5-18" />   </System>   <EventData>     <Data Name="User">NT AUTHORITY\SYSTEM</Data>     <Data Name="jobTitle">WU Client Download</Data>     <Data Name="jobId">{9560E714-B62C-40EF-AE46-B3C052EE62D8}</Data>     <Data Name="jobOwner">NT AUTHORITY\SYSTEM</Data>     <Data Name="fileCount">1</Data>     <Data Name="bytesTransferred">15280</Data>     <Data Name="bytesTransferredFromPeer">0</Data>   </EventData> </Event>  Log Name:      Microsoft-Windows-Bits-Client/Operational Source:        Microsoft-Windows-Bits-Client Date:          15/11/2011 18:27:18 Event ID:      60 Task Category: None Level:         Information Keywords:       User:          SYSTEM Computer:      Evert-PC Description: BITS stopped transferring the WU Client Download transfer job that is associated with the http://au.download.windowsupdate.com/msdownload/update/software/secu/2011/07/windows6.1-kb2556532-x64_40c9765a9a636f57b64f62c6d598b34f81f588dc.psf URL. The status code is 0x40008. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Bits-Client" Guid="{EF1CC15B-46C1-414E-BB95-E76B077BD51E}" />     <EventID>60</EventID>     <Version>1</Version>     <Level>4</Level>     <Task>0</Task>     <Opcode>2</Opcode>     <Keywords>0x4000000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:27:18.273710400Z" />     <EventRecordID>1461</EventRecordID>     <Correlation ActivityID="{F59637DA-65C4-4647-9331-AFEE813DEF5D}" />     <Execution ProcessID="868" ThreadID="668" />     <Channel>Microsoft-Windows-Bits-Client/Operational</Channel>     <Computer>Evert-PC</Computer>     <Security UserID="S-1-5-18" />   </System>   <EventData>     <Data Name="transferId">{F59637DA-65C4-4647-9331-AFEE813DEF5D}</Data>     <Data Name="name">WU Client Download</Data>     <Data Name="Id">{6086CADD-93A0-4696-9314-639E9BA23D8B}</Data>     <Data Name="url">http://au.download.windowsupdate.com/msdownload/update/software/secu/2011/07/windows6.1-kb2556532-x64_40c9765a9a636f57b64f62c6d598b34f81f588dc.psf</Data>     <Data Name="peer">     </Data>     <Data Name="hr">262152</Data>     <Data Name="fileTime">2011-07-20T01:21:53.000000000Z</Data>     <Data Name="fileLength">143719792</Data>     <Data Name="bytesTotal">2189759</Data>     <Data Name="bytesTransferred">786655</Data>     <Data Name="proxy">     </Data>     <Data Name="peerProtocolFlags">0</Data>     <Data Name="bytesTransferredFromPeer">0</Data>     <Data Name="AdditionalInfoHr">0</Data>     <Data Name="PeerContextInfo">0</Data>     <Data Name="bandwidthLimit">18446744073709551615</Data>     <Data Name="ignoreBandwidthLimitsOnLan">false</Data>   </EventData> </Event>  Log Name:      Microsoft-Windows-Kernel-Power/Thermal-Operational Source:        Microsoft-Windows-Kernel-Power Date:          15/11/2011 18:27:18 Event ID:      82 Task Category: (79) Level:         Information Keywords:      (32) User:          SYSTEM Computer:      Evert-PC Description: ACPI thermal zone ACPI\ThermalZone\THRM has disengaged passive cooling.              EventTime = ‎2011‎-‎11‎-‎15T18:27:18.195710300Z              _PSV = 368K              _TMP = 365K              _TC1 = 2              _TC2 = 3              _TSP = 3000ms              Delta P = 0              _PSL - see event data. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />     <EventID>82</EventID>     <Version>0</Version>     <Level>4</Level>     <Task>79</Task>     <Opcode>0</Opcode>     <Keywords>0x1000000000000020</Keywords>     <TimeCreated SystemTime="2011-11-15T17:27:18.195710300Z" />     <EventRecordID>89</EventRecordID>     <Correlation />     <Execution ProcessID="4" ThreadID="52" />     <Channel>Microsoft-Windows-Kernel-Power/Thermal-Operational</Channel>     <Computer>Evert-PC</Computer>     <Security UserID="S-1-5-18" />   </System>   <EventData>     <Data Name="ThermalZoneDeviceInstanceLength">21</Data>     <Data Name="ThermalZoneDeviceInstance">ACPI\ThermalZone\THRM</Data>     <Data Name="EventTime">2011-11-15T18:27:18.195710300Z</Data>     <Data Name="PassiveCoolingStateLength">10</Data>     <Data Name="PassiveCoolingState">disengaged</Data>     <Data Name="AffinityCount">1</Data>     <Data Name="_PSV">368</Data>     <Data Name="_TMP">365</Data>     <Data Name="_TC1">2</Data>     <Data Name="_TC2">3</Data>     <Data Name="_TSP">3000</Data>     <Data Name="DeltaP">0</Data>     <ComplexData Name="_PSL">0300000000000000</ComplexData>   </EventData> </Event>  Log Name:      Microsoft-Windows-Windows Defender/WHC Source:        Microsoft-Windows-Windows Defender Date:          15/11/2011 18:26:35 Event ID:      101 Task Category: None Level:         Information Keywords:       User:          SYSTEM Computer:      Evert-PC Description: Windows Defender state updated to 10. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Windows Defender" Guid="{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}" />     <EventID>101</EventID>     <Version>0</Version>     <Level>0</Level>     <Task>0</Task>     <Opcode>0</Opcode>     <Keywords>0x4000000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:26:35.042053200Z" />     <EventRecordID>15</EventRecordID>     <Correlation />     <Execution ProcessID="3064" ThreadID="2456" />     <Channel>Microsoft-Windows-Windows Defender/WHC</Channel>     <Computer>Evert-PC</Computer>     <Security UserID="S-1-5-18" />   </System>   <EventData>     <Data Name="hc_stateid">10</Data>   </EventData> </Event>  Log Name:      Microsoft-Windows-Bits-Client/Operational Source:        Microsoft-Windows-Bits-Client Date:          15/11/2011 18:26:33 Event ID:      59 Task Category: None Level:         Information Keywords:       User:          SYSTEM Computer:      Evert-PC Description: BITS started the WU Client Download transfer job that is associated with the http://au.download.windowsupdate.com/msdownload/update/software/secu/2011/07/windows6.1-kb2556532-x64_40c9765a9a636f57b64f62c6d598b34f81f588dc.psf URL. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Bits-Client" Guid="{EF1CC15B-46C1-414E-BB95-E76B077BD51E}" />     <EventID>59</EventID>     <Version>1</Version>     <Level>4</Level>     <Task>0</Task>     <Opcode>1</Opcode>     <Keywords>0x4000000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:26:33.684851400Z" />     <EventRecordID>1460</EventRecordID>     <Correlation ActivityID="{F59637DA-65C4-4647-9331-AFEE813DEF5D}" />     <Execution ProcessID="868" ThreadID="2552" />     <Channel>Microsoft-Windows-Bits-Client/Operational</Channel>     <Computer>Evert-PC</Computer>     <Security UserID="S-1-5-18" />   </System>   <EventData>     <Data Name="transferId">{F59637DA-65C4-4647-9331-AFEE813DEF5D}</Data>     <Data Name="name">WU Client Download</Data>     <Data Name="Id">{6086CADD-93A0-4696-9314-639E9BA23D8B}</Data>     <Data Name="url">http://au.download.windowsupdate.com/msdownload/update/software/secu/2011/07/windows6.1-kb2556532-x64_40c9765a9a636f57b64f62c6d598b34f81f588dc.psf</Data>     <Data Name="peer">     </Data>     <Data Name="fileTime">2011-07-20T01:21:53.000000000Z</Data>     <Data Name="fileLength">143719792</Data>     <Data Name="bytesTotal">2189759</Data>     <Data Name="bytesTransferred">0</Data>     <Data Name="bytesTransferredFromPeer">0</Data>   </EventData> </Event>  Log Name:      Application Source:        Microsoft-Windows-Security-SPP Date:          15/11/2011 18:26:33 Event ID:      902 Task Category: None Level:         Information Keywords:      Classic User:          N/A Computer:      Evert-PC Description: The Software Protection service has started. 6.1.7600.16385 Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />     <EventID Qualifiers="16384">902</EventID>     <Version>0</Version>     <Level>0</Level>     <Task>0</Task>     <Opcode>0</Opcode>     <Keywords>0x80000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:26:33.000000000Z" />     <EventRecordID>1042</EventRecordID>     <Correlation />     <Execution ProcessID="0" ThreadID="0" />     <Channel>Application</Channel>     <Computer>Evert-PC</Computer>     <Security />   </System>   <EventData>     <Data>6.1.7600.16385</Data>   </EventData> </Event>  Log Name:      Application Source:        Microsoft-Windows-Security-SPP Date:          15/11/2011 18:26:33 Event ID:      1003 Task Category: None Level:         Information Keywords:      Classic User:          N/A Computer:      Evert-PC Description: The Software Protection service has completed licensing status check. Application Id=55c92734-d682-4d71-983e-d6ec3f16059f Licensing Status= 1: 022a1afb-b893-4190-92c3-8f69a49839fb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 2: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 3: a0cde89c-3304-4157-b61c-c8ad785d1fad, 1, 0 [(0 )(1 )(2 [0x00000000, 0, 1], [(?)( 5 0x00000000 30 38820)( 1 0x00000000 0 0 msft:rm/algorithm/flags/1.0 0x00000000 0)(?)(?)(?)])] 4: ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 5: cfb3e52c-d707-4861-af51-11b27ee6169c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 6: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 7: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]   Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />     <EventID Qualifiers="16384">1003</EventID>     <Version>0</Version>     <Level>4</Level>     <Task>0</Task>     <Opcode>0</Opcode>     <Keywords>0x80000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:26:33.000000000Z" />     <EventRecordID>1041</EventRecordID>     <Correlation />     <Execution ProcessID="0" ThreadID="0" />     <Channel>Application</Channel>     <Computer>Evert-PC</Computer>     <Security />   </System>   <EventData>     <Data>55c92734-d682-4d71-983e-d6ec3f16059f</Data>     <Data> 1: 022a1afb-b893-4190-92c3-8f69a49839fb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 2: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 3: a0cde89c-3304-4157-b61c-c8ad785d1fad, 1, 0 [(0 )(1 )(2 [0x00000000, 0, 1], [(?)( 5 0x00000000 30 38820)( 1 0x00000000 0 0 msft:rm/algorithm/flags/1.0 0x00000000 0)(?)(?)(?)])] 4: ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 5: cfb3e52c-d707-4861-af51-11b27ee6169c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 6: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 7: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]  </Data>   </EventData> </Event>  Log Name:      Application Source:        Microsoft-Windows-Security-SPP Date:          15/11/2011 18:26:33 Event ID:      1033 Task Category: None Level:         Information Keywords:      Classic User:          N/A Computer:      Evert-PC Description: These policies are being excluded since they are only defined with override-only attribute. Policy Names=(IIS-W3SVC-MaxConcurrentRequests) (Microsoft.Windows.Smc-Enabled) (Telnet-Client-EnableTelnetClient) (Telnet-Server-EnableTelnetServer) (TiffIFilterLicensing-EnableTiffIFilter) (nfs-admincmdtools-enabled) (nfs-adminmmc-enabled) (nfs-clientcmdtools-enabled) (nfs-clientcore-enabled) (sua-EnableSUA)  App Id=55c92734-d682-4d71-983e-d6ec3f16059f Sku Id=a0cde89c-3304-4157-b61c-c8ad785d1fad Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />     <EventID Qualifiers="16384">1033</EventID>     <Version>0</Version>     <Level>4</Level>     <Task>0</Task>     <Opcode>0</Opcode>     <Keywords>0x80000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:26:33.000000000Z" />     <EventRecordID>1040</EventRecordID>     <Correlation />     <Execution ProcessID="0" ThreadID="0" />     <Channel>Application</Channel>     <Computer>Evert-PC</Computer>     <Security />   </System>   <EventData>     <Data>(IIS-W3SVC-MaxConcurrentRequests) (Microsoft.Windows.Smc-Enabled) (Telnet-Client-EnableTelnetClient) (Telnet-Server-EnableTelnetServer) (TiffIFilterLicensing-EnableTiffIFilter) (nfs-admincmdtools-enabled) (nfs-adminmmc-enabled) (nfs-clientcmdtools-enabled) (nfs-clientcore-enabled) (sua-EnableSUA) </Data>     <Data>55c92734-d682-4d71-983e-d6ec3f16059f</Data>     <Data>a0cde89c-3304-4157-b61c-c8ad785d1fad</Data>   </EventData> </Event>  Log Name:      System Source:        Service Control Manager Date:          15/11/2011 18:26:30 Event ID:      7036 Task Category: None Level:         Information Keywords:      Classic User:          N/A Computer:      Evert-PC Description: The Windows Update service entered the running state. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />     <EventID Qualifiers="16384">7036</EventID>     <Version>0</Version>     <Level>4</Level>     <Task>0</Task>     <Opcode>0</Opcode>     <Keywords>0x8080000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:26:30.892447800Z" />     <EventRecordID>1971</EventRecordID>     <Correlation />     <Execution ProcessID="460" ThreadID="1688" />     <Channel>System</Channel>     <Computer>Evert-PC</Computer>     <Security />   </System>   <EventData>     <Data Name="param1">Windows Update</Data>     <Data Name="param2">running</Data>     <Binary>770075006100750073006500720076002F0034000000</Binary>   </EventData> </Event>  Log Name:      Application Source:        Microsoft-Windows-Security-SPP Date:          15/11/2011 18:26:29 Event ID:      1066 Task Category: None Level:         Information Keywords:      Classic User:          N/A Computer:      Evert-PC Description: Initialization status for service objects. C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000  Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />     <EventID Qualifiers="16384">1066</EventID>     <Version>0</Version>     <Level>4</Level>     <Task>0</Task>     <Opcode>0</Opcode>     <Keywords>0x80000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:26:29.000000000Z" />     <EventRecordID>1039</EventRecordID>     <Correlation />     <Execution ProcessID="0" ThreadID="0" />     <Channel>Application</Channel>     <Computer>Evert-PC</Computer>     <Security />   </System>   <EventData>     <Data>C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000 </Data>   </EventData> </Event>  Log Name:      Microsoft-Windows-Windows Defender/WHC Source:        Microsoft-Windows-Windows Defender Date:          15/11/2011 18:26:27 Event ID:      101 Task Category: None Level:         Information Keywords:       User:          SYSTEM Computer:      Evert-PC Description: Windows Defender state updated to 10. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Windows Defender" Guid="{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}" />     <EventID>101</EventID>     <Version>0</Version>     <Level>0</Level>     <Task>0</Task>     <Opcode>0</Opcode>     <Keywords>0x4000000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:26:27.522843300Z" />     <EventRecordID>14</EventRecordID>     <Correlation />     <Execution ProcessID="3064" ThreadID="2456" />     <Channel>Microsoft-Windows-Windows Defender/WHC</Channel>     <Computer>Evert-PC</Computer>     <Security UserID="S-1-5-18" />   </System>   <EventData>     <Data Name="hc_stateid">10</Data>   </EventData> </Event>  Log Name:      System Source:        Service Control Manager Date:          15/11/2011 18:26:27 Event ID:      7036 Task Category: None Level:         Information Keywords:      Classic User:          N/A Computer:      Evert-PC Description: The Security Center service entered the running state. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />     <EventID Qualifiers="16384">7036</EventID>     <Version>0</Version>     <Level>4</Level>     <Task>0</Task>     <Opcode>0</Opcode>     <Keywords>0x8080000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:26:27.164042800Z" />     <EventRecordID>1970</EventRecordID>     <Correlation />     <Execution ProcessID="460" ThreadID="680" />     <Channel>System</Channel>     <Computer>Evert-PC</Computer>     <Security />   </System>   <EventData>     <Data Name="param1">Security Center</Data>     <Data Name="param2">running</Data>     <Binary>7700730063007300760063002F0034000000</Binary>   </EventData> </Event>  Log Name:      Microsoft-Windows-Kernel-Power/Thermal-Operational Source:        Microsoft-Windows-Kernel-Power Date:          15/11/2011 18:26:27 Event ID:      82 Task Category: (79) Level:         Information Keywords:      (32) User:          SYSTEM Computer:      Evert-PC Description: ACPI thermal zone ACPI\ThermalZone\THRM has engaged passive cooling.              EventTime = ‎2011‎-‎11‎-‎15T18:26:27.008042600Z              _PSV = 368K              _TMP = 368K              _TC1 = 2              _TC2 = 3              _TSP = 3000ms              Delta P = 0              _PSL - see event data. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />     <EventID>82</EventID>     <Version>0</Version>     <Level>4</Level>     <Task>79</Task>     <Opcode>0</Opcode>     <Keywords>0x1000000000000020</Keywords>     <TimeCreated SystemTime="2011-11-15T17:26:27.008042600Z" />     <EventRecordID>88</EventRecordID>     <Correlation />     <Execution ProcessID="4" ThreadID="44" />     <Channel>Microsoft-Windows-Kernel-Power/Thermal-Operational</Channel>     <Computer>Evert-PC</Computer>     <Security UserID="S-1-5-18" />   </System>   <EventData>     <Data Name="ThermalZoneDeviceInstanceLength">21</Data>     <Data Name="ThermalZoneDeviceInstance">ACPI\ThermalZone\THRM</Data>     <Data Name="EventTime">2011-11-15T18:26:27.008042600Z</Data>     <Data Name="PassiveCoolingStateLength">7</Data>     <Data Name="PassiveCoolingState">engaged</Data>     <Data Name="AffinityCount">1</Data>     <Data Name="_PSV">368</Data>     <Data Name="_TMP">368</Data>     <Data Name="_TC1">2</Data>     <Data Name="_TC2">3</Data>     <Data Name="_TSP">3000</Data>     <Data Name="DeltaP">0</Data>     <ComplexData Name="_PSL">0300000000000000</ComplexData>   </EventData> </Event>  Log Name:      Application Source:        SecurityCenter Date:          15/11/2011 18:26:27 Event ID:      1 Task Category: None Level:         Information Keywords:      Classic User:          N/A Computer:      Evert-PC Description: The Windows Security Center Service has started. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <System>     <Provider Name="SecurityCenter" />     <EventID Qualifiers="0">1</EventID>     <Level>4</Level>     <Task>0</Task>     <Keywords>0x80000000000000</Keywords>     <TimeCreated SystemTime="2011-11-15T17:26:27.000000000Z" />     <EventRecordID>1038</EventRecordID>     <Channel>Application</Channel>     <Computer>Evert-PC</Computer>     <Security />   </System>   <EventData>   </EventData> </Event>

Evert7 · Nov 16, 2011

Saltgrass said:
I made a comment about how you are booting, have you thought about it?

Since the problem is random and I do not know of a normal situation that would cause hibernation, you will need to monitor your system to see what might be doing it. If you can see some common occurrence or time displacement, it might help track down the problem.

While you are in Windows, could you open an administrative command prompt and type bcdedit then use the snipping tool to take a picture and post using the paperclip.

While you are in the command prompt, you also might try typing Powercfg -energy to test your system. You need to shutdown all software you can, like browsers and such. Keep track of where the .html report is stored and copy it to the desktop to open. You will probably see USB messages, but hopefully something else will show up.

Are any messages showing up in Device Manager beside a Kernel Power type?

atm Im booting with grub, but I tried to boot with windows boot manager too with no result.

zvit · Nov 16, 2011

Events are talking about TEMP. This is a CPU temp event. I don't have time now to check the event but Google a CPU temp monitor prog and use it and get back to us. In the BIOS you should also be able to see the CPU temp. p.s. Not all OS systems cause shutdown\hibernate as a defense mechanism (Windows 7 does) so the fact that this doesn't happen in Linux is not a function. (I don't know what version of Linux you're using).

Saltgrass · Nov 16, 2011

It did not look like the events posted were error or warning messages from the system, so I was taking those as just normal system activity, but depending on where you got the events, I could be wrong.

Also, Zvit mentions a battery. We had one poster who was unable to run the Powercfg utility and it turned out his battery was bad. Since I am not sure what you mean by "with or without" battery, it might be related to it. I do not know what effect of not having a battery installed would have on the ACPI system.

Evert7 · Nov 16, 2011

I mean that the problem occurs when I have the battery inserted but also when I have the battery removed.

the result of powercfg -energy is in the attachment (converted from html to pdf)

Link Removed

zvit · Nov 16, 2011

Interesting PDF.

Tell me, how often does this happen? Every 15 minutes? Once an hour?

Please try to create a new user and see if it happens when logged into this new user. (Call the user "pickles"... just for good luck

If it doesn't happen with pickles (like it doesn't happen with Linux), then it's something with your Windows user account and not hardware and we can take it from there.

Evert7 · Nov 16, 2011

most times, the problem occurs in 5 - 15 minutes, and sometimes even before logging in, so that won't be the issue I think.

Saltgrass · Nov 16, 2011

CPU Utilizationrocessor utilization is high
The average processor utilization during the trace was high. The system will consume less power when the average processor utilization is very low.
Review processor utilization for individual processes to determine which applications and services contribute the most to total processor utilization.
Average Utilization (%) 49.77

Battery:Last Full Charge (%)
The battery stored less than 40% of the Designed Capacity the last time the battery was fully charged.
Battery ID Hewlett-PackardPrimary
Design Capacity 73440
Last Full Charge 15206
Last Full

Is your processor really running that high (49.77%)? If you only have 2 cores (not sure), one may be running at 100% and getting hot.

Seems .Net Framework 2 is involved with the processor. I do know .Net will set itself up in the background, but that is quite a load. Did you install .Net 2? I see you are not yet running SP1?

It also appears the battery isn't being charged completely. I wonder if this is related to the processor activity..

Any bios updates?

Evert7 · Nov 16, 2011

I'm now running for half an hour, if the problem won't occur anymore, one of these things solved my issue:

disabling Virtual T... or something (forgot that ) in BIOS
press f8 at boot and select disable system restart on error

EDIT: Bad try, PC was hibernating again :cry_smile:

Navigation section

Windows 7 Windows 7 hibernates randomly (and NO idea why)

New Member

Senior Member

New Member

Honorable Member

Banned

Honorable Member

Excellent Member

New Member

New Member

Honorable Member

Excellent Member

New Member

New Member

Honorable Member

Excellent Member

New Member

Honorable Member

New Member

Excellent Member

New Member

Similar threads