| pete_45323 | 09.11.2009 13:56 |
System friert laufend ein
oder hängt mit bluescreen oder bootet durch.
Das ganze passiert zwischen 5 und 50 Minuten (manchmal auch einige h) nach dem Start.
Ich kann das Verhalten nicht mit einer Softwareänderung in Zusammenhang bringen. Vor ca 4 Monaten wurde der Hauptspeicher aufgerüstet, das Problem tritt erst seit einigen Wochen auf.
Ich habe den Vista Speichertest duchgeführt, er hat kein Problem gemeldet.
Hier der output von msinfo32 Code:
Betriebssystemname Microsoft® Windows Vista™ Ultimate
Version 6.0.6002 Service Pack 2 Build 6002
Zusätzliche Betriebssystembeschreibung Nicht verfügbar
Betriebssystemhersteller Microsoft Corporation
Systemname xxxx
Systemhersteller MEDIONPC
Systemmodell MS-7204
Systemtyp X86-basierter PC
Prozessor Intel(R) Pentium(R) D CPU 3.00GHz, 3000 MHz, 2 Kern(e), 2 logische(r) Prozessor(en)
BIOS-Version/-Datum Phoenix Technologies, LTD 6.00 PG, 07.10.2005
SMBIOS-Version 2.3
Windows-Verzeichnis C:\Windows
Systemverzeichnis C:\Windows\system32
Startgerät \Device\HarddiskVolume1
Gebietsschema Deutschland
Hardwareabstraktionsebene Version = "6.0.6002.18005"
Benutzername xxxx
Zeitzone Mitteleuropäische Zeit
Installierter physikalischer Speicher (RAM) Nicht verfügbar
Gesamter realer Speicher 3,37 GB
Verfügbarer realer Speicher 2,36 GB
Gesamter virtueller Speicher 6,93 GB
Verfügbarer virtueller Speicher 5,97 GB
Größe der Auslagerungsdatei 3,67 GB
Auslagerungsdatei C:\pagefile.sys
E/A-Port 0x00000000-0x00000CF7 PCI-Bus
E/A-Port 0x00000000-0x00000CF7 DMA-Controller
E/A-Port 0x000003C0-0x000003DF Intel(R) 945G/GZ/P/PL PCI-Express-Stammanschluss - 2771
E/A-Port 0x000003C0-0x000003DF NVIDIA GeForce 6700 XL
Speicheradresse 0xF4000000-0xFBFFFFFF Intel(R) 945G/GZ/P/PL PCI-Express-Stammanschluss - 2771
Speicheradresse 0xF4000000-0xFBFFFFFF NVIDIA GeForce 6700 XL
Speicheradresse 0xD8000000-0xDFFFFFFF Intel(R) 945G/GZ/P/PL PCI-Express-Stammanschluss - 2771
Speicheradresse 0xD8000000-0xDFFFFFFF NVIDIA GeForce 6700 XL
IRQ 23 Intel(R) 82801G (ICH7-Familie) USB universeller Hostcontroller - 27C8
IRQ 23 Intel(R) 82801G (ICH7-Familie) USB2 erweiterter Hostcontroller - 27CC
IRQ 16 Intel(R) 945G/GZ/P/PL PCI-Express-Stammanschluss - 2771
IRQ 16 NVIDIA GeForce 6700 XL
IRQ 16 High Definition Audio-Controller
IRQ 16 Intel(R) 82801G (ICH7-Familie) USB universeller Hostcontroller - 27CB
IRQ 18 Intel(R) 82801G (ICH7-Familie) USB universeller Hostcontroller - 27CA
IRQ 18 Fast-Ethernet-Netzwerkkarte für Realtek RTL8139/810x-Familie
IRQ 19 Intel(R) 82801G (ICH7-Familie) USB universeller Hostcontroller - 27C9
IRQ 19 VIA OHCI-konformer IEEE 1394-Hostcontroller
IRQ 19 Intel(R) 82801GB/GR/GH (ICH7 Familie) Serieller ATA-Speichercontroller - 27C0
Speicheradresse 0xA0000-0xBFFFF PCI-Bus
Speicheradresse 0xA0000-0xBFFFF Intel(R) 945G/GZ/P/PL PCI-Express-Stammanschluss - 2771
Speicheradresse 0xA0000-0xBFFFF NVIDIA GeForce 6700 XL
E/A-Port 0x000003B0-0x000003BB Intel(R) 945G/GZ/P/PL PCI-Express-Stammanschluss - 2771
E/A-Port 0x000003B0-0x000003BB NVIDIA GeForce 6700 XL
Hier noch ein hijackthis log Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:45:51, on 09.11.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Fujitsu Siemens Computers\SCALEOwakeup\FSC_WHS_RC.exe
C:\Program Files\Windows Home Server\WHSTrayApp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Notepad++\notepad++.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h_ttp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h_ttp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h_ttp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h_ttp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h_ttp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BrowserHelper Class - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Program Files\Windows Home Server\WHSDeskBands.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Home Server Banner - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Cmiboot] C:\Windows\cmiboot.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [DLBXCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\XXXXX\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SCALEO wake up.lnk = ?
O4 - Global Startup: Windows Home Server.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O13 - Gopher Prefix:
O23 - Service: AAV UpdateService - Unknown owner - C:\Program Files\Common Files\AAV\aavus.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlbx_device - - C:\Windows\system32\dlbxcoms.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
--
End of file - 6112 bytes
output von Bluescreenviewer Code:
==================================================
Dump File : Mini110909-10.dmp
Crash Time : 09.11.2009 13:17:30
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x8b200000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x824bb0b6
Caused By Driver : ndis.sys
Caused By Address : ndis.sys+12023
File Description : NDIS 6.0 wrapper driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
==================================================
==================================================
Dump File : Mini110909-09.dmp
Crash Time : 09.11.2009 13:03:08
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x85c01000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x824bf0b6
Caused By Driver : ndis.sys
Caused By Address : ndis.sys+12023
File Description : NDIS 6.0 wrapper driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
==================================================
==================================================
Dump File : Mini110909-08.dmp
Crash Time : 09.11.2009 10:02:54
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x88006000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x824aa0b6
Caused By Driver : ndis.sys
Caused By Address : ndis.sys+16023
File Description : NDIS 6.0 wrapper driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
==================================================
==================================================
Dump File : Mini110909-07.dmp
Crash Time : 09.11.2009 08:54:30
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x85e00000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x824be0b6
Caused By Driver : ndis.sys
Caused By Address : ndis.sys+18023
File Description : NDIS 6.0 wrapper driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
==================================================
==================================================
Dump File : Mini110909-06.dmp
Crash Time : 09.11.2009 07:54:06
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x85e00000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x824e50b6
Caused By Driver : ndis.sys
Caused By Address : ndis.sys+c023
File Description : NDIS 6.0 wrapper driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
==================================================
==================================================
Dump File : Mini110909-05.dmp
Crash Time : 09.11.2009 07:02:07
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x85e91000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x824ea0b6
Caused By Driver : ndis.sys
Caused By Address : ndis.sys+c023
File Description : NDIS 6.0 wrapper driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
==================================================
==================================================
Dump File : Mini110909-04.dmp
Crash Time : 09.11.2009 05:01:45
Bug Check String : ATTEMPTED_WRITE_TO_READONLY_MEMORY
Bug Check Code : 0x000000be
Parameter 1 : 0x8b201000
Parameter 2 : 0x02fc5121
Parameter 3 : 0x82503a6c
Parameter 4 : 0x0000000a
Caused By Driver : ndistapi.sys
Caused By Address : ndistapi.sys+1000
File Description : NDIS 3.0 connection wrapper driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
==================================================
==================================================
Dump File : Mini110909-03.dmp
Crash Time : 09.11.2009 04:54:23
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x87c00000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x824f80b6
Caused By Driver : ndis.sys
Caused By Address : ndis.sys+17023
File Description : NDIS 6.0 wrapper driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
==================================================
==================================================
Dump File : Mini110909-02.dmp
Crash Time : 09.11.2009 04:01:36
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 0x00008680
Parameter 2 : 0x000000ff
Parameter 3 : 0x00000001
Parameter 4 : 0x859af052
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+4dfb9
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18082 (vistasp2_gdr.090803-2339)
Processor : 32-bit
==================================================
==================================================
Dump File : Mini110909-01.dmp
Crash Time : 09.11.2009 00:42:08
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x88200000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x824b90b6
Caused By Driver : ndis.sys
Caused By Address : ndis.sys+f023
File Description : NDIS 6.0 wrapper driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
==================================================
Treiber im stack vom letzten Bluescreen Code:
==================================================
Filename : cdrom.sys
Address In Stack : cdrom.sys+12030
From Address : 0x9015e000
To Address : 0x90176000
Size : 0x00018000
Time Stamp : 0x49e01ef5
Time String : 11.04.2009 05:39:17
Product Name : Microsoft® Windows® Operating System
File Description : SCSI CD-ROM Driver
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Company : Microsoft Corporation
Full Path : C:\Windows\system32\drivers\cdrom.sys
==================================================
==================================================
Filename : ndis.sys
Address In Stack : ndis.sys+12023
From Address : 0x82a7e000
To Address : 0x82b89000
Size : 0x0010b000
Time Stamp : 0x49e02080
Time String : 11.04.2009 05:45:52
Product Name : Microsoft® Windows® Operating System
File Description : NDIS 6.0 wrapper driver
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Company : Microsoft Corporation
Full Path : C:\Windows\system32\drivers\ndis.sys
==================================================
==================================================
Filename : ntkrnlpa.exe
Address In Stack : ntkrnlpa.exe+a90b6
From Address : 0x82412000
To Address : 0x827cb000
Size : 0x003b9000
Time Stamp : 0x4a77feb3
Time String : 04.08.2009 10:26:11
Product Name : Microsoft® Windows® Operating System
File Description : NT Kernel & System
File Version : 6.0.6002.18082 (vistasp2_gdr.090803-2339)
Company : Microsoft Corporation
Full Path : C:\Windows\system32\ntkrnlpa.exe
==================================================
==================================================
Filename : USBPORT.SYS
Address In Stack : USBPORT.SYS+69cf
From Address : 0x8fe9a000
To Address : 0x8fed8000
Size : 0x0003e000
Time Stamp : 0x49e01fcf
Time String : 11.04.2009 05:42:55
Product Name : Microsoft® Windows® Operating System
File Description : USB 1.1 & 2.0 Port Driver
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Company : Microsoft Corporation
Full Path : C:\Windows\system32\drivers\USBPORT.SYS
==================================================
==================================================
Filename : VMNetSrv.sys
Address In Stack : VMNetSrv.sys+63a8
From Address : 0x9017c000
To Address : 0x9018b000
Size : 0x0000f000
Time Stamp : 0x45b74b89
Time String : 24.01.2007 13:05:29
Product Name : Microsoft Virtual Server 2005 R2 SP1
File Description : Virtual Machine Network Services Driver
File Version : 2.6.553.0
Company : Microsoft Corporation
Full Path : C:\Windows\system32\drivers\VMNetSrv.sys
==================================================
Nachdem das PRoblem ohne Zusammenhang mit beabsichtigter Hard oder Softwareänderung auftritt habe ich den Verdacht auf malware (Ein aktueller Antivir und MS-Defander findet nichts).
Was empfehlt Ihr mir. | 