Ist wieder das selbe Problem.
Bugcheck1;
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+fb )
Followup: Pool_corruption
Bugcheck2;
Probably caused by : AVGNTDD.SYS ( AVGNTDD+3371 )
Followup: MachineOwner
Schein nicht soviel gebracht zu haben mit der Neuinstallation.
Hier ist nochmal Info aus dem Forum von AV.
Die Suchseite ist nur kurzfristig verfügbar, und ändert sich dann.
http://www.free-av.de/cgi-bin/ubb/u...emp-2453346-152644-ApI9.cgi&Total=&StartAt=34
Schaue mal ob du dort eine Problemlösung findest.
Habe dort auch gelesen, das es zufällige Bluescreens geben kann.
Kann dadurch auch mit Pool Corruption zusammenhängen.
Hier ist als Beispiel ein Thread mit Lösung war format C: .
http://www.free-av.de/cgi-bin/ubb/ultimatebb.cgi?ubb=get_topic&f=6&t=001151&p=
Schaue dir aber trotzdem auch mal die Suchergebnisse an.
Vielleicht findest du was.
Ansonsten kannst du es auch nochmal testen mit Deinstallation und auswechseln gegen die Freeware-Version von Bitdefender.
Gibt es hier.
http://www.bitdefender.de/bd/site/products.php?p_id=24
Viele Grüße
Fiona
Edit1;
@ eras
Kannst du mir Sagen warum ich bei "minidump 02" folgenden Fehler bei den Symbols bekomme?
Ich habe die volle Version von den Symbolen bei Microsoft geladen.
Sind über 750 MB.
Daher gibt es bei den Ergebnissen die Unterschiede.
Siehe hier;
*** ERROR: Module load completed but symbols could not be loaded for a347bus.sys
*** WARNING: Unable to verify timestamp for AVGNTDD.SYS
*** ERROR: Module load completed but symbols could not be loaded for AVGNTDD.SYS
Gruß
Edit2;
Hier auch nochmal der erste Bugcheck;
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1000008E, {c0000005, 8053cf57, f4c09828, 0}
Unable to load image a347bus.sys, Win32 error 2
*** WARNING: Unable to verify timestamp for a347bus.sys
*** ERROR: Module load completed but symbols could not be loaded for a347bus.sys
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+fb )
Followup: Pool_corruption
---------
kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
An exception code of 0x80000002 (STATUS_DATATYPE_MISALIGNMENT) indicates
that an unaligned data reference was encountered. The trap frame will
supply additional information.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 8053cf57, The address that the exception occurred at
Arg3: f4c09828, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Die Anweisung in "0x%08lx" verweist auf Speicher in "0x%08lx". Der Vorgang "%s" konnte nicht auf dem Speicher durchgef hrt werden.
FAULTING_IP:
nt!ExDeferredFreePool+fb
8053cf57 8913 mov [ebx],edx
TRAP_FRAME: f4c09828 -- (.trap fffffffff4c09828)
ErrCode = 00000003
eax=e1190b18 ebx=00ffffff ecx=e11913e0 edx=00ffffff esi=863f5028 edi=000001ff
eip=8053cf57 esp=f4c0989c ebp=f4c098dc iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010202
nt!ExDeferredFreePool+0xfb:
8053cf57 8913 mov [ebx],edx ds:0023:00ffffff=????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x8E
LAST_CONTROL_TRANSFER: from 8053cf3c to 8053cf57
STACK_TEXT:
f4c098dc 8053cf3c e1112e48 863c7748 861f5958 nt!ExDeferredFreePool+0xfb
f4c09914 80582679 e1248940 00000000 8057fb16 nt!ExFreePoolWithTag+0x413
f4c0994c 80582112 e2b25c38 861f5958 00000001 nt!ObReleaseObjectSecurity+0x18
f4c09998 80581e15 e21b2828 0009d790 e21da794 nt!CmpDoOpen+0x245
f4c09b8c 805852f5 0009d790 0009d790 861f5958 nt!CmpParseKey+0x552
f4c09c10 80581aba 0000025c f4c09c50 00000040 nt!ObpLookupObjectName+0x117
f4c09c64 805827cd 00000000 863c7708 00000101 nt!ObOpenObjectByName+0xe9
f4c09d34 f77f3fbc 000a33e0 00020019 00a7e384 nt!NtOpenKey+0x191
WARNING: Stack unwind information not available. Following frames may be wrong.
f4c09d64 863ce7c8 861ee278 f3533cec f3533d98 a347bus+0xdfbc
00000000 00000000 00000000 00000000 00000000 0x863ce7c8
STACK_COMMAND: .bugcheck ; kb
FOLLOWUP_IP:
nt!ExDeferredFreePool+fb
8053cf57 8913 mov [ebx],edx
SYMBOL_STACK_INDEX: 0
FOLLOWUP_NAME: Pool_corruption
SYMBOL_NAME: nt!ExDeferredFreePool+fb
MODULE_NAME: Pool_Corruption
IMAGE_NAME: Pool_Corruption
DEBUG_FLR_IMAGE_TIMESTAMP: 0
BUCKET_ID: 0x8E_nt!ExDeferredFreePool+fb
Followup: Pool_corruption
---------
Bugcheck2;
kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
POOL_CORRUPTION_IN_FILE_AREA (de)
A driver corrupted pool memory used for holding pages destined for disk.
This was discovered by the memory manager when dereferencing the file.
Arguments:
Arg1: 00000002
Arg2: e3c4ac08
Arg3: e368526c
Arg4: 383ff8c2
Debugging Details:
------------------
CUSTOMER_CRASH_COUNT: 2
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xDE
LAST_CONTROL_TRANSFER: from 80519842 to 805266db
STACK_TEXT:
f33af548 80519842 000000de 00000002 e3c4ac08 nt!KeBugCheckEx+0x19
f33af58c 804f8aef e3c4ac08 01000000 00000001 nt!MmPurgeSection+0x4cc
f33af5bc 804e8b4e 859d522c f33af624 00000000 nt!CcPurgeCacheSection+0xd2
f33af5f0 804e8b0a 85590598 f33af624 ffffffff nt!CcPurgeAndClearCacheSection+0xe3
f33af62c f767328d 00000000 00436998 f76893c8 nt!CcSetFileSizes+0x21b
f33af654 f76a60b6 854ed378 e3436998 e3436988 Ntfs!NtfsSetBothCacheSizes+0x6f
f33af6b8 f76a9f7a f33afa9c 854ed378 00000001 Ntfs!NtfsDeleteAllocation+0x37e
f33af72c f76a9fe2 f33afa9c e34368c0 f33af7dc Ntfs!NtfsDeleteAllocationFromRecord+0x15a
f33af85c f76a98c3 f33afa9c e34368c0 e3b5c560 Ntfs!NtfsDeleteFile+0x25a
f33afa78 f7693ac0 f33afa9c 854d5270 862d1c80 Ntfs!NtfsCommonCleanup+0x1090
f33afbf0 804eca36 862ce020 854d5270 8637c7a8 Ntfs!NtfsFsdCleanup+0xcf
f33afc00 f771466f 857fd3b0 854d5280 f33afc54 nt!IopfCallDriver+0x31
f33afc10 804eca36 862d1bc8 e3bbec48 854d5270 sr!SrCleanup+0xb1
f33afc20 80586cda 857fd398 863f1e70 00000001 nt!IopfCallDriver+0x31
f33afc54 805812b4 85c67408 862d1bc8 00010080 nt!IopCloseFile+0x261
f33afc84 80581108 85c67408 857fd3b0 863f1e70 nt!ObpDecrementHandleCount+0x119
f33afcac 8058132d e2d7e118 857fd3b0 0000020c nt!ObpCloseHandleTableEntry+0x14b
f33afcf4 8058136e 0000020c 00000001 00000000 nt!ObpCloseHandle+0x85
f33afd2c f7b42371 0000020c f7b4230c f33afd64 nt!NtClose+0x19
WARNING: Stack unwind information not available. Following frames may be wrong.
f33afd58 804da140 0000020c 00000000 863ce7c8 AVGNTDD+0x3371
f33afd64 863ce7c8 8599d020 ee714cec ee714d98 nt!KiSystemService+0xc4
00000000 00000000 00000000 00000000 00000000 0x863ce7c8
FOLLOWUP_IP:
AVGNTDD+3371
f7b42371 ?? ???
SYMBOL_STACK_INDEX: 13
FOLLOWUP_NAME: MachineOwner
SYMBOL_NAME: AVGNTDD+3371
MODULE_NAME: AVGNTDD
IMAGE_NAME: AVGNTDD.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 4188b25d
STACK_COMMAND: kb
BUCKET_ID: 0xDE_AVGNTDD+3371
Followup: MachineOwner
---------
Hier steht nochmal Eindeutig, das der Treiber AVGNTDD.SYS den Fehler POOL_CORRUPTION_IN_FILE_AREA (de) verursacht.
Deckt sich somit auch mit dem ersten Bugcheck.
Im Forum gab es viele Ursachen mit dem Treiber.
Siehe Link.
Gruß