上A网2中木马 - 2009-3-19 20:04:00
BAD_EXHANDLE
Technical information
*** stop:0×000000A7 (0×00000280,0×E10BF320,0×85DDD871,0×85DDD871)
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)附件:
Mini031909-01.rar
夲號ヱ被ジ盜 - 2009-3-19 20:09:00
全盘搜索ntoskrnl.exe压缩发上来并扫描SRENG日志
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Documents and Settings\lenovo\桌面\Mini031909-01\Mini031909-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055b6a0
Debug session time: Thu Mar 19 19:55:40.796 2009 (GMT+8)
System Uptime: 0 days 0:11:52.377
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
....................................................
Loading User Symbols
Loading unloaded module list
...........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A7, {280, e10bf320, 85ddd871, 85ddd871}
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Probably caused by : ntoskrnl.exe ( nt+5c56e )
Followup: MachineOwner
---------
上A网2中木马 - 2009-3-19 20:23:00
您看是这个吗C:\WINDOWS\system32\ntoskrnl.exe
前几天下载按键精灵用了下,结果就出现第一次蓝屏.现在它已经被我删了,可蓝屏依旧存在
附件:
SREngLOG.log 附件:
ntoskrnl.rar
夲號ヱ被ジ盜 - 2009-3-19 20:45:00
最近打过补丁没
KB956841??
从上个星期三后蓝的屏?
上A网2中木马 - 2009-3-19 20:53:00
是的,最近的确打过补丁 ,KB956841已安装,它有问题吗:kaka7: 打补丁勤过头了:kaka4:
的确是上个星期三后蓝的屏:default15:
夲號ヱ被ジ盜 - 2009-3-19 20:57:00
控制面板-添加删除程序
显示更新打钩
找到KB956841
删除
蓝屏由更新引起
上A网2中木马 - 2009-3-19 20:59:00
:kaka15: 谢谢!!你真好,我试试,不行再来问
夲號ヱ被ジ盜 - 2009-3-19 21:01:00
问就明天啦
你这不属于病毒问题:default21:
应该取系统区求助
像我们这样的系统白痴
很难看出来
上A网2中木马 - 2009-3-19 21:07:00
哇#47你好棒啊!!这都看出来了.太好了~~给您添麻烦了:default5: 完全解决!
下次我一定去系统区问(低头行礼)
zhengliangliang - 2009-3-20 10:27:00
我以前也蓝频 好象是排线断了
© 2000 - 2025 Rising Corp. Ltd.