Salve, ho un problema con un pc con xp sp3

Il pc in questione spesso si riavvia senza motivo (con bsod) e altre volte rimane freezato. Le bsod sono varie: spesso fanno riferimento a IRQL_NOT_LESS_OR_EQUAL (0XA), oppure a KERNEL_MODE_NOT_HANDLED (0X8E). Ho analizzato i dump della memoria generati da bsod, e fanno riferimento a diversi driver (la maggior parte delle volte a AswSP.sys (driver di avast), oppure a ntoskrnl.exe o a ntkrnlmap.exe). Ho provato a testare i driver con driver verifier, e già ne ho disattivati due (e2lockburnerlockdriver.sys e elock2fsctldriver.sys che generavano errori della memoria), ma ogni bluescreen segnala un driver diverso...non posso mica disativarli tutti!!!

Potrebbe anche essere un problema hardware, vista la varietà e genericità delle bsod?
che può essere successo a tutti questi drivers? rimedi?

Beh con quel nick te le sei andate a cercare! :p

edit: doppio scusate

edit: doppio scusate. a quest'ore della notte il forum fa le bizze

Inizia col testare l'HW, partendo dalla ram :)

Dai una passata con un buon antisyware e una con Runscanner

Grazie per le risoposte,
le ram l'ho testate all'avvio del pc con memtest86 per due orette, e non ha trovato errori. Ho effettuato anche una chkdsk, ma non trova nulla di particolare (eccetto 4kb in settori danneggiati, causati da un'interruzione di alimentazione un po' di tempo fa.
Per quanto riguarda gli spyware ho usato il tool di avast, e poi c'è avast attivo sul pc.
Con driver verifier mi ha anche trovato un file (il WATCH.EXE di uno scanner) che genera errore in ma1908.sys, ma non credo che sia questo il problema.
In ogni caso, ho notato che le segnalazioni delle bsod rimandano la maggior parte delle volte a file che effettuano connessioni internet (come emule.exe, iexplore.exe oppure aswSP.exe , forse dovuto agli aggiornamenti avast). È possibile che il responsabile di ciò sia la scheda di rete (che uso per la connessione internet/lan) oppure i suoi driver? La scheda di rete è integerata nella mobo.

Ecco anche il log HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14.09.39, on 19/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\LANScope Agent\awServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\LANScope Agent\awtray.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\eMule\emule.exe
C:\Programmi\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\Programmi\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Acer\LANScope Agent\LockKM.exe
F:\Debugging Tools for Windows (x86)\windbg.exe
C:\WINDOWS\system32\mmc.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Programmi\Internet Explorer\iexplore.exe
F:\Tools Antivirus\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ycomp/defaults/sp/*http://it.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ycomp/defaults/su/*http://it.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmi\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [installnet.exe] "C:\Acer\LANScope Agent\Installnet.exe" "C:\Acer\LANScope Agent\
O4 - HKLM\..\Run: [AdminWorks Tray] "C:\Acer\LANScope Agent\awtray.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Programmi\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258146861500
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acer ODDSpeedControl - TODO: <????> - C:\Acer\Empowering Technology\eAcoustics\ODDSpeedCtl\speedcontrol.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Acer\LANScope Agent\awServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Programmi\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe (file missing)
O23 - Service: SQL Server Active Directory Helper (MSSQLServerADHelper) - Unknown owner - C:\Programmi\Microsoft SQL Server\90\Shared\sqladhlp90.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SQL Server Browser (SQLBrowser) - Unknown owner - C:\Programmi\Microsoft SQL Server\90\Shared\sqlbrowser.exe (file missing)

--
End of file - 10537 bytes

Allego anche il sunto delle bsod preso da WhoCrashed:

On Fri 19/11/2010 12.37.20 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000008E (0xC000001D, 0x8058B357, 0xA3EEC844, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
Dump file: C:\WINDOWS\Minidump\Mini111910-01.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Thu 18/11/2010 22.24.48 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0xC4 (0x81, 0x8932ACC8, 0xA, 0x0)
Error: DRIVER_VERIFIER_DETECTED_VIOLATION
Dump file: C:\WINDOWS\Minidump\Mini111810-04.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Thu 18/11/2010 22.15.28 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0xC4 (0x81, 0x89ADF278, 0xA, 0x0)
Error: DRIVER_VERIFIER_DETECTED_VIOLATION
Dump file: C:\WINDOWS\Minidump\Mini111810-03.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Thu 18/11/2010 20.46.32 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0xC4 (0x81, 0x88C995B0, 0xA, 0x0)
Error: DRIVER_VERIFIER_DETECTED_VIOLATION
Dump file: C:\WINDOWS\Minidump\Mini111810-02.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Thu 18/11/2010 19.59.17 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000007F (0x8, 0x80042000, 0x0, 0x0)
Error: UNEXPECTED_KERNEL_MODE_TRAP_M
Dump file: C:\WINDOWS\Minidump\Mini111810-01.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Wed 17/11/2010 14.35.54 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0xCD (0x89FE5000, 0x0, 0x804DA2C0, 0x0)
Error: PAGE_FAULT_BEYOND_END_OF_ALLOCATION
Dump file: C:\WINDOWS\Minidump\Mini111710-04.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Wed 17/11/2010 14.32.36 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0xCD (0x89EC3000, 0x0, 0x804DA2C0, 0x0)
Error: PAGE_FAULT_BEYOND_END_OF_ALLOCATION
Dump file: C:\WINDOWS\Minidump\Mini111710-03.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Wed 17/11/2010 14.25.51 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0xCD (0x8A2A3000, 0x0, 0x804DA2C0, 0x0)
Error: PAGE_FAULT_BEYOND_END_OF_ALLOCATION
Dump file: C:\WINDOWS\Minidump\Mini111710-02.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Wed 17/11/2010 14.24.11 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0xCD (0x89D2F000, 0x0, 0x804DA2C0, 0x0)
Error: PAGE_FAULT_BEYOND_END_OF_ALLOCATION
Dump file: C:\WINDOWS\Minidump\Mini111710-01.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Tue 16/11/2010 22.20.17 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0xCD (0x8A2BD000, 0x0, 0x804DA2C0, 0x0)
Error: PAGE_FAULT_BEYOND_END_OF_ALLOCATION
Dump file: C:\WINDOWS\Minidump\Mini111610-05.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Tue 16/11/2010 22.02.27 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0xCD (0x8A5DD000, 0x0, 0x804DA2C0, 0x0)
Error: PAGE_FAULT_BEYOND_END_OF_ALLOCATION
Dump file: C:\WINDOWS\Minidump\Mini111610-04.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Tue 16/11/2010 21.09.37 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x50 (0x957FF000, 0x0, 0x804DA2C0, 0x0)
Error: PAGE_FAULT_IN_NONPAGED_AREA
Dump file: C:\WINDOWS\Minidump\Mini111610-03.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Tue 16/11/2010 21.06.50 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0xCD (0x95B59000, 0x0, 0x804DA2C0, 0x0)
Error: PAGE_FAULT_BEYOND_END_OF_ALLOCATION
Dump file: C:\WINDOWS\Minidump\Mini111610-02.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Tue 16/11/2010 21.03.56 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0xCD (0x95A45000, 0x0, 0x804DA2C0, 0x0)
Error: PAGE_FAULT_BEYOND_END_OF_ALLOCATION
Dump file: C:\WINDOWS\Minidump\Mini111610-01.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Mon 15/11/2010 20.06.14 your computer crashed
This was likely caused by the following module: aswsp.sys
Bugcheck code: 0x1000000A (0xC1680008, 0x2, 0x1, 0x804F2B05)
Error: Unknown
Dump file: C:\WINDOWS\Minidump\Mini111510-02.dmp
file path: C:\WINDOWS\system32\drivers\aswsp.sys
product: avast! Antivirus System
company: AVAST Software
description: avast! self protection module



On Mon 15/11/2010 20.01.57 your computer crashed
This was likely caused by the following module: aswmon2.sys
Bugcheck code: 0x1000007F (0x8, 0xF7717D70, 0x0, 0x0)
Error: UNEXPECTED_KERNEL_MODE_TRAP_M
Dump file: C:\WINDOWS\Minidump\Mini111510-01.dmp
file path: C:\WINDOWS\system32\drivers\aswmon2.sys
product: avast! Antivirus System
company: AVAST Software
description: avast! File System Filter Driver for Windows XP



On Wed 03/11/2010 12.57.51 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000008E (0xC000001D, 0x80536F5F, 0xA7D89888, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
Dump file: C:\WINDOWS\Minidump\Mini110310-01.dmp
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Sistema operativo Microsoft® Windows®
company: Microsoft Corporation
description: Sistema e kernel NT
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.

Inoltre nel dump della memoria c'è anche una stringa particolare:

IMAGE_NAME: ntkrnlmp.exe, ntoskrnl.exe

che dovrebbe essere un errore nel kernel.


SOluzioni? Intanto faccio un contriollo spyware più approfondito...