瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 各位高手指教看日志出什么问题~~~~~~~~~~~~~~~~~~~~~~~~~

1   1  /  1  页   跳转

各位高手指教看日志出什么问题~~~~~~~~~~~~~~~~~~~~~~~~~

收藏
痞得在理
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2006-08-02
  • 来自:
发表于: 2006-08-02 13:52 | 只看楼主 短消息 资料
字号: 1楼

各位高手指教看日志出什么问题~~~~~~~~~~~~~~~~~~~~~~~~~

老有些网页弹出来
烦死人了
高手帮忙





发生应用程序意外错误:
        应用程序:  (pid=2328)
        时间: 2006-8-2 @ 13:33:47.962
        意外情况编号: c0000005 (访问侵犯)

*----> 系统信息 <----*
        计算机名: OEM-MICRO
        用户名: SYSTEM
        处理器数量: 1
        处理器类型: x86 Family 6 Model 8 Stepping 6
        Windows 2000 版本: 5.0
        当前内部版本号: 2195
        Service Pack: 4
        当前类型: Uniprocessor Free
        注册的单位: Micro
        注册的所有者: Micro

*----> 任务列表 <----*
  0 Idle.exe
  8 System.exe
136 smss.exe
168 csrss.exe
164 winlogon.exe
224 services.exe
236 lsass.exe
428 svchost.exe
476 CCenter.exe
500 Ravmond.exe
548 spoolsv.exe
592 svchost.exe
612 svchost.exe
636 svchost.exe
660 rundll32.exe
720 regsvc.exe
756 svchost.exe
772 MSTask.exe
836 SVCHOST.exe
908 RavStub.exe
1008 server.exe
1092 WinMgmt.exe
1128 svchost.exe
1944 Explorer.exe
1324 rundll32.exe
1696 RavTask.exe
1100 realsched.exe
1776 rundll132.exe
1416 realsched.exe
1880 Ravmon.exe
1896 internat.exe
1636 iexplore.exe
2476 YLive.exe
2560 yassistse.exe
2684 Rundll32.exe
848 iexplore.exe
2328 iexplore.exe
3316 drwtsn32.exe
  0 _Total.exe

(00400000 - 00419000)
(77F80000 - 77FFD000)
(78000000 - 78045000)
(77E60000 - 77F37000)
(77DF0000 - 77E55000)
(77F40000 - 77F7E000)
(70A70000 - 70AD5000)
(796D0000 - 79732000)
(786F0000 - 7875E000)
(71700000 - 71849000)
(75E00000 - 75E1A000)
(6C330000 - 6C338000)
(65D20000 - 65D74000)
(00880000 - 00904000)
(78F90000 - 791D8000)
(77A30000 - 77B1C000)
(71500000 - 715FD000)
(71960000 - 71972000)
(72C50000 - 72CD6000)
(77990000 - 77A2B000)
(63000000 - 63096000)
(79C40000 - 79CC7000)
(773F0000 - 77400000)
(77810000 - 7784E000)
(77080000 - 770A3000)
(6D990000 - 6DA3C000)
(794D0000 - 79531000)
(75100000 - 7514F000)
(797B0000 - 797BF000)
(75150000 - 75156000)
(750E0000 - 750EF000)
(74FB0000 - 74FC4000)
(74FA0000 - 74FA8000)
(77930000 - 7795A000)
(77960000 - 77984000)
(74FD0000 - 74FDA000)
(1A400000 - 1A47A000)
(777E0000 - 777E7000)
(75950000 - 75956000)
(74920000 - 74945000)
(01E90000 - 01EB1000)
(77530000 - 77560000)
(76AF0000 - 76B2E000)
(01ED0000 - 01EE9000)
(63580000 - 63830000)
(02C30000 - 02C5E000)
(774A0000 - 774D3000)
(77480000 - 77491000)
(774F0000 - 77512000)
(777F0000 - 777FE000)
(031A0000 - 033A4000)
(034D0000 - 034EE000)
(7CA00000 - 7CA23000)
(69B10000 - 69C27000)
(70440000 - 704CF000)
(77800000 - 7780C000)
(77300000 - 77313000)
(774E0000 - 774E5000)
(772E0000 - 772F7000)
(77370000 - 7739F000)
(77340000 - 77363000)
(77320000 - 77339000)
(777A0000 - 777A8000)
(773A0000 - 773B5000)
(777B0000 - 777B5000)
(04650000 - 04668000)
(6BC40000 - 6BD3B000)
(6BC20000 - 6BC2D000)
(74F50000 - 74F6E000)
(74F90000 - 74F97000)
(703D0000 - 703EB000)
(718C0000 - 71944000)
(05960000 - 05999000)
(742E0000 - 742E5000)
(6B700000 - 6B790000)
(75A60000 - 75A88000)
(06730000 - 0673D000)
(06750000 - 0675D000)
(06760000 - 0676D000)
(06780000 - 067C3000)
(067D0000 - 06996000)
(06BC0000 - 06BC7000)

线程 ID 0x938 的状态转储

eax=004659e1 ebx=00000113 ecx=13010101 edx=00004659 esi=00000000 edi=0012edb0
eip=038c4d3c esp=0012eac4 ebp=0012eae0 iopl=0        ov up ei pl nz na po cy
cs=001b  ss=0023  ds=0023  es=0023  fs=0038  gs=0000            efl=00000a07


函数: <nosymbols>
        038c4d32 ???
        038c4d33 ???
        038c4d34 ???
        038c4d35 ???
        038c4d36 ???
        038c4d37 ???
        038c4d38 ???
        038c4d39 ???
        038c4d3a ???
        038c4d3b ???
错误 ->038c4d3c ???
        038c4d3d ???
        038c4d3e ???
        038c4d3f ???
        038c4d40 ???
        038c4d41 ???
        038c4d42 ???
        038c4d43 ???
        038c4d44 ???
        038c4d45 ???
        038c4d46 ???
        038c4d47 ???

*----> 堆栈反向跟踪 <---*

FramePtr ReturnAd Param#1  Param#2  Param#3  Param#4  Function Name
0012EAC0 77DF1EF0 00000000 00000113 00007CB9 004659E1 <nosymbols>
0012EAE0 77DF20D5 038C4D3C 00000000 00000113 00007CB9 user32!MsgWaitForMultipleObjects
0012EB6C 77DF21AF 0012EDB0 00000000 71502210 0012EDB0 user32!TranslateMessageEx
0012EDB0 00000113 00007CB9 038C4D3C 004659E1 000003FF user32!DispatchMessageW

*----> 原始堆栈转储 <----*
0012eac4  f0 1e df 77 00 00 00 00 - 13 01 00 00 b9 7c 00 00  ...w.........|..
0012ead4  e1 59 46 00 00 00 00 00 - cd ab ba dc 6c eb 12 00  .YF.........l...
0012eae4  d5 20 df 77 3c 4d 8c 03 - 00 00 00 00 13 01 00 00  . .w<M..........
0012eaf4  b9 7c 00 00 e1 59 46 00 - 00 00 00 00 c8 b0 13 00  .|...YF.........
0012eb04  00 04 00 00 00 00 00 00 - 90 4f a3 77 00 00 00 00  .........O.w....
0012eb14  00 00 00 00 90 4f a3 77 - 00 00 00 00 00 00 00 00  .....O.w........
0012eb24  e1 59 46 00 00 00 00 00 - 00 00 00 00 7e 17 df 77  .YF.........~..w
0012eb34  b0 ed 12 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
0012eb44  00 00 00 00 78 a3 5c 00 - 00 e0 fd 7f 00 00 00 00  ....x.\.........
0012eb54  fc ea 12 00 10 e7 12 00 - 64 ee 12 00 e4 bc e1 77  ........d......w
0012eb64  98 21 df 77 00 00 00 00 - b0 ed 12 00 af 21 df 77  .!.w.........!.w
0012eb74  b0 ed 12 00 00 00 00 00 - 10 22 50 71 b0 ed 12 00  ........."Pq....
0012eb84  00 00 00 00 c8 b0 13 00 - e8 ed 12 00 00 00 00 00  ................
0012eb94  29 68 52 71 b0 ed 12 00 - e8 fe 12 00 60 ab 13 00  )hRq........`...
0012eba4  00 00 00 00 4d 00 69 00 - 63 00 72 00 6f 00 73 00  ....M.i.c.r.o.s.
0012ebb4  6f 00 66 00 74 00 20 00 - 49 00 6e 00 74 00 65 00  o.f.t. .I.n.t.e.
0012ebc4  72 00 6e 00 65 00 74 00 - 20 00 45 00 78 00 70 00  r.n.e.t. .E.x.p.
0012ebd4  6c 00 6f 00 72 00 65 00 - 72 00 00 00 70 ed 12 00  l.o.r.e.r...p...
0012ebe4  0e 00 00 00 10 ec 12 00 - 50 ec 12 00 1c 00 00 00  ........P.......
0012ebf4  9c 00 00 00 70 ed 12 00 - 00 00 00 00 00 00 00 00  ....p...........

线程 ID 0xc38 的状态转储

eax=00000000 ebx=00000000 ecx=00185450 edx=00000000 esi=0013f0c0 edi=00000100
eip=77f83310 esp=00e2fe28 ebp=00e2ff74 iopl=0        nv up ei pl nz na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=0038  gs=0000            efl=00000202


函数: ZwReplyWaitReceivePortEx
        77f83305 b8ac000000      mov    eax,0xac
        77f8330a 8d542404        lea    edx,[esp+0x4]          ss:01a89d0f=????????
        77f8330e cd2e            int    2e
        77f83310 c21400          ret    0x14

*----> 堆栈反向跟踪 <---*

FramePtr ReturnAd Param#1  Param#2  Param#3  Param#4  Function Name
00E2FF74 78716D9E 786F9AD0 0013F0C0 0012D3C8 00000200 ntdll!ZwReplyWaitReceivePortEx
00E2FFA8 78701C6C 0013CDF0 00E2FFEC 77E6438B 0013F1C0 rpcrt4!TowerConstruct
00E2FFB4 77E6438B 0013F1C0 0012D3C8 00000200 0013F1C0 rpcrt4!I_RpcServerInqTransportType
00E2FFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue

线程 ID 0xc80 的状态转储

eax=00146000 ebx=00000102 ecx=00f2fd0c edx=00000000 esi=77f82826 edi=00f2ff74
eip=77f82831 esp=00f2ff60 ebp=00f2ff7c iopl=0        nv up ei pl nz na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=0038  gs=0000            efl=00000206


函数: NtDelayExecution
        77f82826 b832000000      mov    eax,0x32
        77f8282b 8d542404        lea    edx,[esp+0x4]          ss:01b89e47=????????
        77f8282f cd2e            int    2e
        77f82831 c20800          ret    0x8
        77f82834 53              push    ebx
        77f82835 51              push    ecx
        77f82836 6a00            push    0x0
        77f82838 c70701000000    mov    dword ptr [edi],0x1    ds:00f2ff74=dc3cba00
        77f8283e ff750c          push    dword ptr [ebp+0xc]    ss:01b89e62=????????
        77f82841 50              push    eax
        77f82842 e879fdffff      call    RtlMultiByteToUnicodeN (77f825c0)
        77f82847 e928fcffff      jmp  RtlConsoleMultiByteToUnicodeN+0x333 (77f82474)

最后编辑2006-08-02 14:09:44
分享到:
gototop
 
痞得在理
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2006-08-02
  • 来自:
发表于: 2006-08-02 14:17 | 只看楼主 短消息 资料
字号: 2楼

高手指教下
感激不尽
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT