W2K Prof. Explorer stürzt ab

Evolution100 · 03.03.2002

Hi,

seit längerer Zeit hab ich den Fehler, dass der windows explorer abstürzt, danach läd windows die shell neu (als würde ich mich neu anmelden)
kennte jemand diesen fehler? oder kann ich zumindest das neuladen unterbinden?

SP2+SRP3 is installiert

anbei mal die drwtsn log datei

Danke Euch

Evo

Microsoft ® Windows 2000 ® Version 5.00 DrWtsn32
Copyright © 1985-1999 Microsoft Corp. Alle Rechte vorbehalten.

Anwendungsausnahme aufgetreten:
Anwendung: explorer.exe (pid=684)
Wann: 20.02.2002 @ 18:30

9.347
Ausnahmenummer: c0000005 (Zugriffsverletzung)

*----> Systeminformationen <----*
Computername: PC1
Benutzername: aaa
Prozessoranzahl: 1
Prozessortyp: x86 Family 6 Model 4 Stepping 2
Windows 2000-Version: 5.0
Aktuelles Build: 2195
Service Pack: 2
Aktueller Typ: Uniprocessor Free
Firma: .
Besitzer: aaa

*----> Taskliste <----*
0 Idle.exe
8 System.exe
144 SMSS.exe
168 CSRSS.exe
188 WINLOGON.exe
216 SERVICES.exe
228 LSASS.exe
412 svchost.exe
440 spoolsv.exe
488 svchost.exe
516 HamSvc.exe
556 regsvc.exe
592 mstask.exe
680 WinMgmt.exe
848 atiptaxx.exe
1000 internat.exe
1020 Capictrl.exe
760 MtPanel.exe
748 ImageFox.exe
624 OSA.exe
840 ccui.exe
1096 Ccsrv.exe
684 explorer.exe
752 ACDSee.exe
992 taskmgr.exe
1068 Hamster.exe
1100 DRWTSN32.exe
0 _Total.exe

(00400000 - 0043E000)
(77880000 - 77901000)
(77DA0000 - 77DFC000)
(77E70000 - 77F32000)
(77D30000 - 77DA0000)
(77F40000 - 77F7C000)
(77E00000 - 77E64000)
(70BD0000 - 70C1C000)
(716F0000 - 7177A000)
(76BB0000 - 76BD0000)
(77810000 - 77817000)
(75940000 - 75946000)
(77580000 - 777C8000)
(10000000 - 10056000)
(76B00000 - 76B3F000)
(78000000 - 78046000)
(77A40000 - 77B36000)
(6E330000 - 6E336000)
(75DF0000 - 75E0A000)
(784A0000 - 78525000)
(779A0000 - 77A3B000)
(77840000 - 7787D000)
(77090000 - 770B3000)
(71500000 - 7161B000)
(71110000 - 711D9000)
(77C00000 - 77C5F000)
(76EF0000 - 76F68000)
(74FA0000 - 74FB3000)
(74F90000 - 74F98000)
(00E60000 - 00EA3000)
(76660000 - 76678000)
(766D0000 - 766D8000)
(78310000 - 783A0000)
(76680000 - 76687000)
(77540000 - 77571000)
(76F70000 - 76F7F000)
(773B0000 - 773C2000)
(750E0000 - 7512F000)
(77BD0000 - 77BDF000)
(75130000 - 75136000)
(750C0000 - 750D0000)
(77940000 - 7796B000)
(77970000 - 77994000)
(74FC0000 - 74FC9000)
(770C0000 - 77277000)
(75000000 - 75010000)
(750D0000 - 750DC000)
(75180000 - 75195000)
(75140000 - 75178000)
(77080000 - 77087000)
(77530000 - 77539000)
(773D0000 - 773D8000)
(773E0000 - 773F3000)
(76220000 - 7625D000)
(78190000 - 781F3000)
(70200000 - 7027B000)
(77500000 - 77522000)
(015F0000 - 01614000)
(01A60000 - 01A6C000)
(1A400000 - 1A473000)
(766A0000 - 766A9000)
(75CD0000 - 75CD6000)
(01F90000 - 01FB9000)
(01FC0000 - 01FDE000)
(77BE0000 - 77BF1000)
(77380000 - 773AF000)
(77350000 - 77372000)
(777F0000 - 7780D000)
(6A6B0000 - 6A72F000)
(6AAA0000 - 6AAD8000)
(785C0000 - 78722000)
(027A0000 - 027AE000)
(69A90000 - 69AAD000)
(03110000 - 03118000)
(71E40000 - 71E8D000)
(6A770000 - 6A790000)
(747E0000 - 747F6000)
(6FF60000 - 6FF65000)
(035F0000 - 0361E000)
(03A20000 - 03A9B000)
(03AB0000 - 03B8E000)

Statusabbild für Threadkennung 0x268

eax=0006fee0 ebx=00000001 ecx=00092c00 edx=00000000 esi=00092c00 edi=00000000
eip=77e02bba esp=0006ff00 ebp=0006ff1c iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: WaitMessage
77e02baf b836120000 mov eax,0x1236
77e02bb4 8d542404 lea edx,[esp+0x4] ss:00b0d4d3=

?

?
77e02bb8 cd2e int 2e
77e02bba c3 ret

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0006FF1C 77584C33 00000000 00401908 00092C00 00000000 user32!WaitMessage
0006FF60 00401621 00000054 00000000 00020602 00000005 shell32!Ordinal201
0006FFC0 77E7D326 00000000 00000000 7FFDF000 00000000 explorer!<nosymbols>
0006FFF0 00000000 004015A8 00000000 000000C8 00000100 kernel32!CreateProcessW

*----> Raw Stack Dump <----*
0006ff00 93 4c 58 77 ad 39 e7 77 - 00 2c 09 00 01 00 00 00 .LXw.9.w.,......
0006ff10 00 2c 09 00 00 2c 09 00 - 60 ff 06 00 60 ff 06 00 .,...,..`...`...
0006ff20 33 4c 58 77 00 00 00 00 - 08 19 40 00 00 2c 09 00 [email protected],..
0006ff30 00 00 00 00 02 06 02 00 - 00 f0 fd 7f 00 e0 fd 7f ................
0006ff40 e6 67 e7 77 00 00 00 00 - 0c 00 00 00 02 06 02 00 .g.w............
0006ff50 88 64 07 00 02 00 00 00 - 91 88 05 00 e0 ff 06 00 .d..............
0006ff60 c0 ff 06 00 21 16 40 00 - 54 00 00 00 00 00 00 00 [email protected]
0006ff70 02 06 02 00 05 00 00 00 - 00 00 00 00 44 00 00 00 ............D...
0006ff80 30 29 07 00 30 58 07 00 - 88 64 07 00 00 00 00 00 0)..0X...d......
0006ff90 00 00 00 00 00 00 00 00 - 00 00 00 00 2a 00 00 00 ............*...
0006ffa0 00 00 00 00 86 f1 06 00 - 01 00 00 00 05 00 00 00 ................
0006ffb0 00 00 00 00 ff ff ff ff - ff ff ff ff ff ff ff ff ................
0006ffc0 f0 ff 06 00 26 d3 e7 77 - 00 00 00 00 00 00 00 00 ....&..w........
0006ffd0 00 f0 fd 7f 00 00 00 00 - c8 ff 06 00 00 00 00 00 ................
0006ffe0 ff ff ff ff 3c d4 e8 77 - 30 d3 e7 77 00 00 00 00 ....<..w0..w....
0006fff0 00 00 00 00 00 00 00 00 - a8 15 40 00 00 00 00 00 [email protected]
00070000 c8 00 00 00 00 01 00 00 - ff ee ff ee 02 00 00 00 ................
00070010 00 00 00 00 00 fe 00 00 - 00 00 10 00 00 20 00 00 ............. ..
00070020 00 02 00 00 00 20 00 00 - c9 4d 00 00 ff ef fd 7f ..... ...M......
00070030 01 00 08 06 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

Statusabbild für Threadkennung 0x318

eax=00000000 ebx=80040002 ecx=000a3958 edx=00000000 esi=00084260 edi=00000100
eip=77882a84 esp=00cffe28 ebp=00cfff74 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206

Funktion: ZwReplyWaitReceivePortEx
77882a79 b8ac000000 mov eax,0xac
77882a7e 8d542404 lea edx,[esp+0x4] ss:0179d3fb=

?

?
77882a82 cd2e int 2e
77882a84 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
00CFFF74 77D475EC 77D47A82 00084260 00000000 40083D74 ntdll!ZwReplyWaitReceivePortEx
00CFFFA8 77D479A0 000798F8 00CFFFEC 77E86523 00084378 rpcrt4!RpcBindingSetOption
00CFFFB4 77E86523 00084378 00000000 40083D74 00084378 rpcrt4!RpcBindingSetOption
00CFFFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue

Statusabbild für Threadkennung 0x10c

eax=7fffffff ebx=0006fee4 ecx=00d3ff38 edx=00000000 esi=0006ff04 edi=00000000
eip=77e02bba esp=00d3ff5c ebp=00d3ff7c iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: WaitMessage
77e02baf b836120000 mov eax,0x1236
77e02bb4 8d542404 lea edx,[esp+0x4] ss:017dd52f=

?

?
77e02bb8 cd2e int 2e
77e02bba c3 ret

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
00D3FF7C 0040386A 70BECF39 00400000 0032002D 002D0031 user32!WaitMessage
00D3FFB4 77E86523 0006FEE4 0032002D 002D0031 0006FEE4 explorer!<nosymbols>
00D3FFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue

Statusabbild für Threadkennung 0x438

eax=00096d48 ebx=00000008 ecx=00076bd8 edx=00000000 esi=7788281e edi=00000008
eip=77882829 esp=00d8fd98 ebp=00d8fde4 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: NtWaitForMultipleObjects
7788281e b8e9000000 mov eax,0xe9
77882823 8d542404 lea edx,[esp+0x4] ss:0182d36b=

?

?
77882827 cd2e int 2e
77882829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
00D8FDE4 77E027B7 00D8FDBC 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
00D8FE40 77E0282F 00D8FE0C 00D8FEB8 FFFFFFFF 000000FF user32!MsgWaitForMultipleObjectsEx
00D8FE5C 77583546 00000007 00D8FEB8 00000000 FFFFFFFF user32!MsgWaitForMultipleObjects
7769A2F0 FFFFFFFF 00000000 00000000 000001D4 00000000 shell32!Ordinal200
778D0080 7769A2F0 778D00A8 778D0068 000000A3 000000A3 <nosymbols>
00000000 00000000 00000000 00000000 00000000 00000000 shell32!<nosymbols>

*----> Raw Stack Dump <----*
00d8fd98 c2 3c e7 77 08 00 00 00 - bc fd d8 00 01 00 00 00 .<.w............
00d8fda8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00d8fdb8 08 00 00 00 e8 01 00 00 - ec 01 00 00 f0 01 00 00 ................
00d8fdc8 f4 01 00 00 c4 01 00 00 - 14 02 00 00 b0 04 00 00 ................
00d8fdd8 cc 01 00 00 00 00 00 00 - 00 00 00 00 40 fe d8 00 [email protected]
00d8fde8 b7 27 e0 77 bc fd d8 00 - 01 00 00 00 00 00 00 00 .'.w............
00d8fdf8 00 00 00 00 00 00 00 00 - 00 00 00 00 38 04 00 00 ............8...
00d8fe08 07 00 00 00 e8 01 00 00 - ec 01 00 00 f0 01 00 00 ................
00d8fe18 f4 01 00 00 c4 01 00 00 - 14 02 00 00 b0 04 00 00 ................
00d8fe28 cc 01 00 00 08 00 00 00 - 00 00 00 00 cc b6 fd 7f ................
00d8fe38 00 00 00 00 cc 01 00 00 - 5c fe d8 00 2f 28 e0 77 ........\.../(.w
00d8fe48 0c fe d8 00 b8 fe d8 00 - ff ff ff ff ff 00 00 00 ................
00d8fe58 00 00 00 00 f0 a2 69 77 - 46 35 58 77 07 00 00 00 ......iwF5Xw....
00d8fe68 b8 fe d8 00 00 00 00 00 - ff ff ff ff ff 00 00 00 ................
00d8fe78 74 00 02 00 00 00 00 00 - ec ff d8 00 00 00 00 00 t...............
00d8fe88 38 04 00 00 00 00 00 00 - 00 00 00 00 e0 01 00 00 8...............
00d8fe98 38 04 00 00 00 00 00 00 - 00 04 00 00 00 00 00 00 8...............
00d8fea8 00 00 00 00 60 f1 09 00 - c2 00 00 00 ba 00 00 00 ....`...........
00d8feb8 e8 01 00 00 ec 01 00 00 - f0 01 00 00 f4 01 00 00 ................
00d8fec8 c4 01 00 00 14 02 00 00 - b0 04 00 00 ac 05 00 00 ................

Statusabbild für Threadkennung 0x418

eax=00ddfc48 ebx=00000002 ecx=77843080 edx=00000000 esi=7788281e edi=00000002
eip=77882829 esp=00ddfe5c ebp=00ddfea8 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: NtWaitForMultipleObjects
7788281e b8e9000000 mov eax,0xe9
77882823 8d542404 lea edx,[esp+0x4] ss:0187d42f=

?

?
77882827 cd2e int 2e
77882829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
00DDFEA8 77E027B7 00DDFE80 00000001 00000000 00DDFEA0 ntdll!NtWaitForMultipleObjects
00DDFF04 77E0282F 00DDFED0 70C16170 0000EA60 00000041 user32!MsgWaitForMultipleObjectsEx
00DDFF20 70BD18A5 00000001 70C16170 00000000 0000EA60 user32!MsgWaitForMultipleObjects
00DDFF74 70BEC069 00DDFFA0 00DDFFA4 00DDFFA8 00DDFF9C SHLWAPI!Ordinal60
00DDFFAC 70BEBFCF 00000000 77E86523 00000000 00000000 SHLWAPI!Ordinal124
00DDFFEC 00000000 00000000 00000000 00000000 00000000 SHLWAPI!Ordinal124

Statusabbild für Threadkennung 0x358

eax=00000000 ebx=00000002 ecx=01010101 edx=00000000 esi=7788281e edi=00000002
eip=77882829 esp=00e1fe5c ebp=00e1fea8 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: NtWaitForMultipleObjects
7788281e b8e9000000 mov eax,0xe9
77882823 8d542404 lea edx,[esp+0x4] ss:018bd42f=

?

?
77882827 cd2e int 2e
77882829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
00E1FEA8 77E027B7 00E1FE80 00000001 00000000 00E1FEA0 ntdll!NtWaitForMultipleObjects
00E1FF04 77E0282F 00E1FED0 70C16170 0000EA60 00000041 user32!MsgWaitForMultipleObjectsEx
00E1FF20 70BD18A5 00000001 70C16170 00000000 0000EA60 user32!MsgWaitForMultipleObjects
00E1FF74 70BEC069 00E1FFA0 00E1FFA4 00E1FFA8 00E1FF9C SHLWAPI!Ordinal60
00E1FFAC 70BEBFCF 00000000 77E86523 00000000 00000000 SHLWAPI!Ordinal124
00E1FFEC 00000000 00000000 00000000 00000000 00000000 SHLWAPI!Ordinal124

Statusabbild für Threadkennung 0x3a4

eax=000000c0 ebx=00d3fcfc ecx=77e779e7 edx=00000000 esi=ffffffff edi=00000557
eip=77882231 esp=00f6ffa0 ebp=00f6ffb4 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

Funktion: ZwDelayExecution
77882226 b832000000 mov eax,0x32
7788222b 8d542404 lea edx,[esp+0x4] ss:01a0d573=

?

?
7788222f cd2e int 2e
77882231 c20800 ret 0x8

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
00F6FFB4 77E86523 00D3FCFC 00000557 FFFFFFFF 00D3FCFC ntdll!ZwDelayExecution
00F6FFEC 00000000 77889D5D 00D3FCFC 00000000 000000C8 kernel32!TlsSetValue

*----> Raw Stack Dump <----*
00f6ffa0 9f 9d 88 77 01 00 00 00 - ac ff f6 00 00 00 00 00 ...w............
00f6ffb0 00 00 00 80 ec ff f6 00 - 23 65 e8 77 fc fc d3 00 ........#e.w....
00f6ffc0 57 05 00 00 ff ff ff ff - fc fc d3 00 00 70 fd 7f W............p..
00f6ffd0 e7 79 e7 77 c0 ff f6 00 - e7 79 e7 77 ff ff ff ff .y.w.....y.w....
00f6ffe0 3c d4 e8 77 08 79 e7 77 - 00 00 00 00 00 00 00 00 <..w.y.w........
00f6fff0 00 00 00 00 5d 9d 88 77 - fc fc d3 00 00 00 00 00 ....]..w........
00f70000 c8 00 00 00 00 01 00 00 - ff ee ff ee 02 10 00 00 ................
00f70010 00 00 00 00 00 fe 00 00 - 00 00 10 00 00 20 00 00 ............. ..
00f70020 00 02 00 00 00 20 00 00 - 2f 02 00 00 ff ef fd 7f ..... ../.......
00f70030 06 00 08 06 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00f70040 00 00 00 00 98 05 f7 00 - 0f 00 00 00 f8 ff ff ff ................
00f70050 50 00 f7 00 50 00 f7 00 - 40 06 f7 00 00 00 00 00 [email protected]
00f70060 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00f70070 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00f70080 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00f70090 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00f700a0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00f700b0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00f700c0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00f700d0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

Statusabbild für Threadkennung 0x2e8

eax=77896989 ebx=00000000 ecx=00000020 edx=00000000 esi=0106fed8 edi=00000000
eip=77e01b80 esp=0106fe98 ebp=0106feb0 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: DestroyWindow
77e01b5a ff750c push dword ptr [ebp+0xc] ss:01b0d482=

?

?
77e01b5d ff5508 call dword ptr [ebp+0x8] ss:01b0d482=

?

?
77e01b60 817c2404cdabbadc ss:01b0d46b=

?

?
cmp dword ptr [esp+0x4],0xdcbaabcd
77e01b68 0f85098a0300 jne SetClassLongW+0x65d (77e3a577)
77e01b6e 83c408 add esp,0x8
77e01b71 5d pop ebp
77e01b72 c21400 ret 0x14
77e01b75 b89a110000 mov eax,0x119a
77e01b7a 8d542404 lea edx,[esp+0x4] ss:01b0d46b=

?

?
77e01b7e cd2e int 2e
77e01b80 c21000 ret 0x10

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0106FEB0 76EF18F0 0106FED8 00000000 00000000 00000000 user32!DestroyWindow
00000001 00000000 00000000 00000000 00000000 00000000 netshell!DllGetClassObject

Statusabbild für Threadkennung 0x404

eax=00e78e68 ebx=00000003 ecx=00070000 edx=00000000 esi=7788281e edi=00000003
eip=77882829 esp=010aff20 ebp=010aff6c iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: NtWaitForMultipleObjects
7788281e b8e9000000 mov eax,0xe9
77882823 8d542404 lea edx,[esp+0x4] ss:01b4d4f3=

?

?
77882827 cd2e int 2e
77882829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
010AFF6C 77E869C6 010AFF44 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
010AFFB4 77E86523 00000000 00000000 00D3FA40 00000000 kernel32!WaitForMultipleObjects
010AFFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue

Statusabbild für Threadkennung 0x3ec

eax=00000001 ebx=77e09fb9 ecx=010effdc edx=00000000 esi=010efd70 edi=77e01de2
eip=77e01b80 esp=010efd04 ebp=010efd1c iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: DestroyWindow
77e01b5a ff750c push dword ptr [ebp+0xc] ss:01b8d2ee=

?

?
77e01b5d ff5508 call dword ptr [ebp+0x8] ss:01b8d2ee=

?

?
77e01b60 817c2404cdabbadc ss:01b8d2d7=

?

?
cmp dword ptr [esp+0x4],0xdcbaabcd
77e01b68 0f85098a0300 jne SetClassLongW+0x65d (77e3a577)
77e01b6e 83c408 add esp,0x8
77e01b71 5d pop ebp
77e01b72 c21400 ret 0x14
77e01b75 b89a110000 mov eax,0x119a
77e01b7a 8d542404 lea edx,[esp+0x4] ss:01b8d2d7=

?

?
77e01b7e cd2e int 2e
77e01b80 c21000 ret 0x10

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
010EFD1C 766616B3 010EFD70 00000000 00000000 00000000 user32!DestroyWindow
010EFD90 7666159D 00040040 00000000 76662458 00000001 stobject!DllGetClassObject
010EFFB4 77E86523 00000000 00003000 010AFFFC 00000000 stobject!DllGetClassObject
010EFFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue

Statusabbild für Threadkennung 0x384

eax=000bc298 ebx=00000000 ecx=000bc298 edx=00000000 esi=00084260 edi=00128af8
eip=77882a84 esp=0112fe28 ebp=0112ff74 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206

Funktion: ZwReplyWaitReceivePortEx
77882a79 b8ac000000 mov eax,0xac
77882a7e 8d542404 lea edx,[esp+0x4] ss:01bcd3fb=

?

?
77882a82 cd2e int 2e
77882a84 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0112FF74 77D475EC 77D47A82 00084260 00000000 00000000 ntdll!ZwReplyWaitReceivePortEx
0112FFA8 77D479A0 000798F8 0112FFEC 77E86523 0009C5C0 rpcrt4!RpcBindingSetOption
0112FFB4 77E86523 0009C5C0 00000000 00000000 0009C5C0 rpcrt4!RpcBindingSetOption
0112FFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue

Statusabbild für Threadkennung 0x38c

eax=00000021 ebx=00000102 ecx=77d33398 edx=00000000 esi=77882226 edi=0116ff74
eip=77882231 esp=0116ff60 ebp=0116ff7c iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206

Funktion: ZwDelayExecution
77882226 b832000000 mov eax,0x32
7788222b 8d542404 lea edx,[esp+0x4] ss:01c0d533=

?

?
7788222f cd2e int 2e
77882231 c20800 ret 0x8

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0116FF7C 77E739AA 0000EA60 00000000 77A5779E 0000EA60 ntdll!ZwDelayExecution
00007530 00000000 00000000 00000000 00000000 00000000 kernel32!Sleep

*----> Raw Stack Dump <----*
0116ff60 7a 39 e7 77 00 00 00 00 - 74 ff 16 01 d9 3a e7 77 z9.w....t....:.w
0116ff70 68 52 0a 00 00 ba 3c dc - ff ff ff ff 30 75 00 00 hR....<.....0u..
0116ff80 aa 39 e7 77 60 ea 00 00 - 00 00 00 00 9e 77 a5 77 .9.w`........w.w
0116ff90 60 ea 00 00 32 4f a8 77 - 00 00 00 00 00 00 a4 77 `...2O.w.......w
0116ffa0 68 52 0a 00 ec ff 16 01 - 68 52 0a 00 f1 4e a8 77 hR......hR...N.w
0116ffb0 00 00 00 00 98 f7 ec 77 - 23 65 e8 77 68 52 0a 00 .......w#e.whR..
0116ffc0 00 00 00 00 98 f7 ec 77 - 68 52 0a 00 00 f0 fa 7f .......whR......
0116ffd0 9f 41 88 77 c0 ff 16 01 - 9f 41 88 77 ff ff ff ff .A.w.....A.w....
0116ffe0 3c d4 e8 77 08 79 e7 77 - 00 00 00 00 00 00 00 00 <..w.y.w........
0116fff0 00 00 00 00 d7 4e a8 77 - 68 52 0a 00 00 00 00 00 .....N.whR......
01170000 00 00 04 00 01 00 00 00 - 01 00 00 00 20 00 01 00 ............ ...
01170010 0c 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01170020 00 00 00 00 5c 00 5c 00 - 3f 00 5c 00 70 00 63 00 ....\.\.?.\.p.c.
01170030 69 00 23 00 76 00 65 00 - 6e 00 5f 00 31 00 34 00 i.#.v.e.n._.1.4.
01170040 31 00 32 00 26 00 64 00 - 65 00 76 00 5f 00 31 00 1.2.&.d.e.v._.1.
01170050 37 00 31 00 32 00 26 00 - 73 00 75 00 62 00 73 00 7.1.2.&.s.u.b.s.
01170060 79 00 73 00 5f 00 31 00 - 31 00 31 00 35 00 31 00 y.s._.1.1.1.5.1.
01170070 35 00 33 00 62 00 26 00 - 72 00 65 00 76 00 5f 00 5.3.b.&.r.e.v._.
01170080 30 00 32 00 23 00 33 00 - 26 00 36 00 31 00 61 00 0.2.#.3.&.6.1.a.
01170090 61 00 61 00 30 00 31 00 - 26 00 30 00 26 00 35 00 a.a.0.1.&.0.&.5.

Statusabbild für Threadkennung 0x3f0

eax=77532bda ebx=00000002 ecx=00000000 edx=00000000 esi=7788281e edi=00000002
eip=77882829 esp=011fff24 ebp=011fff70 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: NtWaitForMultipleObjects
7788281e b8e9000000 mov eax,0xe9
77882823 8d542404 lea edx,[esp+0x4] ss:01c9d4f7=

?

?
77882827 cd2e int 2e
77882829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
011FFF70 77E869C6 011FFF48 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
011FFFB4 77E86523 00000000 7FFD4BF8 00000000 00000000 kernel32!WaitForMultipleObjects
011FFFEC 00000000 77532BDA 00000000 00000000 000000C8 kernel32!TlsSetValue

*----> Raw Stack Dump <----*
011fff24 c2 3c e7 77 02 00 00 00 - 48 ff 1f 01 01 00 00 00 .<.w....H.......
011fff34 00 00 00 00 00 00 00 00 - f8 4b fd 7f 00 00 00 00 .........K......
011fff44 00 00 00 00 6c 03 00 00 - 64 03 00 00 a0 3d 49 f8 ....l...d....=I.
011fff54 46 02 00 00 80 7c 64 ba - 46 02 00 00 5f a5 46 80 F....&#124

.F..._.F.
011fff64 00 00 00 00 ac 7c 64 ba - 00 00 00 00 b4 ff 1f 01 .....&#124

.........
011fff74 c6 69 e8 77 48 ff 1f 01 - 01 00 00 00 00 00 00 00 .i.wH...........
011fff84 00 00 00 00 00 00 00 00 - 1a 2c 53 77 02 00 00 00 .........,Sw....
011fff94 a4 ff 1f 01 00 00 00 00 - ff ff ff ff 00 00 00 00 ................
011fffa4 6c 03 00 00 64 03 00 00 - 00 00 00 00 7b 10 43 80 l...d.......{.C.
011fffb4 ec ff 1f 01 23 65 e8 77 - 00 00 00 00 f8 4b fd 7f ....#e.w.....K..
011fffc4 00 00 00 00 00 00 00 00 - 00 e0 fa 7f 00 00 00 00 ................
011fffd4 c0 ff 1f 01 00 00 00 00 - ff ff ff ff 3c d4 e8 77 ............<..w
011fffe4 08 79 e7 77 00 00 00 00 - 00 00 00 00 00 00 00 00 .y.w............
011ffff4 da 2b 53 77 00 00 00 00 - 00 00 00 00 c8 00 00 00 .+Sw............
01200004 00 01 00 00 ff ee ff ee - 02 00 00 00 00 00 00 00 ................
01200014 00 fe 00 00 00 00 10 00 - 00 20 00 00 00 02 00 00 ......... ......
01200024 00 20 00 00 fb 01 00 00 - ff ef fd 7f 08 00 08 06 . ..............
01200034 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01200044 98 05 20 01 0f 00 00 00 - f8 ff ff ff 50 00 20 01 .. .........P. .
01200054 50 00 20 01 40 06 20 01 - 00 00 00 00 00 00 00 00 P. [email protected] .........

Statusabbild für Threadkennung 0x37c

eax=77d47988 ebx=000493e0 ecx=77889656 edx=00000000 esi=000836e0 edi=000493e0
eip=77882837 esp=0133febc ebp=0133fee4 iopl=0 nv up ei ng nz ac po cy
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000297

Funktion: NtRemoveIoCompletion
7788282c b8a8000000 mov eax,0xa8
77882831 8d542404 lea edx,[esp+0x4] ss:01ddd48f=

?

?
77882835 cd2e int 2e
77882837 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0133FEE4 77D3179B 00000188 0133FF1C 0133FF0C 0133FF14 ntdll!NtRemoveIoCompletion
0133FF20 77D4B59B 000493E0 0133FF60 0133FF5C 0133FF70 rpcrt4!<nosymbols>
0133FF74 77D4B47A 77D479EE 000836E0 00000008 010EF62C rpcrt4!NdrContextHandleSize
0133FFA8 77D479A0 000AA000 0133FFEC 77E86523 0009D840 rpcrt4!NdrContextHandleSize
0133FFB4 77E86523 0009D840 00000008 010EF62C 0009D840 rpcrt4!RpcBindingSetOption
0133FFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue

Statusabbild für Threadkennung 0x130

eax=00000000 ebx=0000045c ecx=01b7ffdc edx=00000000 esi=01b7ff98 edi=77e083f4
eip=77e01b80 esp=01b7ff58 ebp=01b7ff78 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: DestroyWindow
77e01b5a ff750c push dword ptr [ebp+0xc] ss:0261d54a=

?

?
77e01b5d ff5508 call dword ptr [ebp+0x8] ss:0261d54a=

?

?
77e01b60 817c2404cdabbadc ss:0261d52b=

?

?
cmp dword ptr [esp+0x4],0xdcbaabcd
77e01b68 0f85098a0300 jne SetClassLongW+0x65d (77e3a577)
77e01b6e 83c408 add esp,0x8
77e01b71 5d pop ebp
77e01b72 c21400 ret 0x14
77e01b75 b89a110000 mov eax,0x119a
77e01b7a 8d542404 lea edx,[esp+0x4] ss:0261d52b=

?

?
77e01b7e cd2e int 2e
77e01b80 c21000 ret 0x10

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
01B7FF78 77545C36 01B7FF98 00000000 00000000 00000000 user32!DestroyWindow
01B7FFB4 77E86523 0000045C 77565428 01A5F16C 0000045C winmm!midiOutGetNumDevs
01B7FFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue

Statusabbild für Threadkennung 0x40c

eax=00000006 ebx=00000002 ecx=7ffa7000 edx=00000000 esi=7788281e edi=00000002
eip=77882829 esp=0216fe5c ebp=0216fea8 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: NtWaitForMultipleObjects
7788281e b8e9000000 mov eax,0xe9
77882823 8d542404 lea edx,[esp+0x4] ss:02c0d42f=

?

?
77882827 cd2e int 2e
77882829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0216FEA8 77E027B7 0216FE80 00000001 00000000 0216FEA0 ntdll!NtWaitForMultipleObjects
0216FF04 77E0282F 0216FED0 70C16170 0000EA60 00000041 user32!MsgWaitForMultipleObjectsEx
0216FF20 70BD18A5 00000001 70C16170 00000000 0000EA60 user32!MsgWaitForMultipleObjects
0216FF74 70BEC069 0216FFA0 0216FFA4 0216FFA8 0216FF9C SHLWAPI!Ordinal60
0216FFAC 70BEBFCF 00000000 77E86523 00000000 00000000 SHLWAPI!Ordinal124
0216FFEC 00000000 70BEBFA6 00000000 00000000 02050740 SHLWAPI!Ordinal124

*----> Raw Stack Dump <----*
0216fe5c c2 3c e7 77 02 00 00 00 - 80 fe 16 02 01 00 00 00 .<.w............
0216fe6c 00 00 00 00 a0 fe 16 02 - 00 00 00 00 00 00 00 00 ................
0216fe7c 02 00 00 00 00 02 00 00 - fc 04 00 00 cc fe 16 02 ................
0216fe8c db 72 88 77 00 00 00 00 - cc fe 16 02 f7 72 88 77 .r.w.........r.w
0216fe9c 50 69 07 00 00 ba 3c dc - ff ff ff ff 04 ff 16 02 Pi....<.........
0216feac b7 27 e0 77 80 fe 16 02 - 01 00 00 00 00 00 00 00 .'.w............
0216febc a0 fe 16 02 00 00 00 00 - 60 ea 00 00 50 61 c1 70 ........`...Pa.p
0216fecc 00 00 00 00 00 02 00 00 - fc 04 00 00 a5 45 88 77 .............E.w
0216fedc 00 00 00 00 50 61 c1 70 - 00 00 11 71 cc fe 16 02 ....Pa.p...q....
0216feec 00 70 fa 7f dc ff 16 02 - 00 00 00 00 cc 76 fa 7f .p...........v..
0216fefc 00 00 00 00 fc 04 00 00 - 20 ff 16 02 2f 28 e0 77 ........ .../(.w
0216ff0c d0 fe 16 02 70 61 c1 70 - 60 ea 00 00 41 00 00 00 ....pa.p`...A...
0216ff1c 00 00 00 00 74 ff 16 02 - a5 18 bd 70 01 00 00 00 ....t......p....
0216ff2c 70 61 c1 70 00 00 00 00 - 60 ea 00 00 41 00 00 00 pa.p....`...A...
0216ff3c 00 00 00 00 50 61 c1 70 - 07 22 88 77 48 ff 16 02 ....Pa.p.".wH...
0216ff4c 48 ff 16 02 38 1f 07 00 - 16 00 18 00 00 f0 fd 7f H...8...........
0216ff5c dc fe 16 02 01 00 00 00 - b9 cc 09 00 50 61 c1 70 ............Pa.p
0216ff6c 60 ea 00 00 01 00 00 00 - ac ff 16 02 69 c0 be 70 `...........i..p
0216ff7c a0 ff 16 02 a4 ff 16 02 - a8 ff 16 02 9c ff 16 02 ................
0216ff8c 60 ea 00 00 00 00 00 00 - 00 00 bd 70 00 00 00 00 `..........p....

Statusabbild für Threadkennung 0x3c8

eax=766656d0 ebx=00000000 ecx=77882600 edx=00000000 esi=778827dd edi=000004ec
eip=778827e8 esp=026fff70 ebp=026fff94 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

Funktion: NtWaitForSingleObject
778827dd b8ea000000 mov eax,0xea
778827e2 8d542404 lea edx,[esp+0x4] ss:0319d543=

?

?
778827e6 cd2e int 2e
778827e8 c20c00 ret 0xc
778827eb 8b4124 mov eax,[ecx+0x24] ds:7831fbd2=0000006d
778827ee 39420c cmp [edx+0xc],eax ds:00a9d5d2=

?

?
778827f1 0f85c9100000 jne NtQueryDefaultLocale+0x115 (778838c0)
778827f7 ff4208 inc dword ptr [edx+0x8] ds:00a9d5d2=

?

?
778827fa 33c0 xor eax,eax
778827fc c20400 ret 0x4
778827ff 90 nop
77882800 ff4a04 dec dword ptr [edx+0x4] ds:00a9d5d2=

?

?
77882803 c20400 ret 0x4

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
026FFF94 77E73B5B 000004EC FFFFFFFF 00000000 766656FC ntdll!NtWaitForSingleObject
026FFFEC 00000000 00000000 00000000 00000000 00000000 kernel32!WaitForSingleObject

Statusabbild für Threadkennung 0x43c

eax=00000000 ebx=80040002 ecx=00117af0 edx=00000000 esi=00084260 edi=00000100
eip=77882a84 esp=0306fe28 ebp=0306ff74 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000202

Funktion: ZwReplyWaitReceivePortEx
77882a79 b8ac000000 mov eax,0xac
77882a7e 8d542404 lea edx,[esp+0x4] ss:03b0d3fb=8b03b3e8
77882a82 cd2e int 2e
77882a84 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0306FF74 77D475EC 77D479EE 00084260 00000000 00000000 ntdll!ZwReplyWaitReceivePortEx
0306FFA8 77D479A0 00125F68 0306FFEC 77E86523 000B6EF0 rpcrt4!RpcBindingSetOption
0306FFB4 77E86523 000B6EF0 00000000 00000000 000B6EF0 rpcrt4!RpcBindingSetOption
0306FFEC 00000000 77D47988 000B6EF0 00000000 00000000 kernel32!TlsSetValue

*----> Raw Stack Dump <----*
0306fe28 9c 77 d4 77 84 01 00 00 - 54 ff 06 03 00 00 00 00 .w.w....T.......
0306fe38 68 77 0f 00 58 ff 06 03 - 80 98 07 00 68 5f 12 00 hw..X.......h_..
0306fe48 f0 6e 0b 00 00 00 00 00 - 00 00 00 00 00 00 00 00 .n..............
0306fe58 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306fe68 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306fe78 00 00 00 00 00 00 00 00 - 00 00 00 00 06 00 00 00 ................
0306fe88 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306fe98 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306fea8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306feb8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306fec8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306fed8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306fee8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306fef8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306ff08 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306ff18 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0306ff28 00 00 00 00 40 8c 49 f8 - 20 3b 41 f8 00 00 00 00 [email protected] ;A.....
0306ff38 b0 3c 41 f8 60 fc 61 ba - 46 02 00 00 ec d8 42 80 .<A.`.a.F.....B.
0306ff48 10 1f 00 80 80 3c 41 f8 - 20 3b 41 f8 02 00 04 80 .....<A. ;A.....
0306ff58 00 a2 2f 4d ff ff ff ff - 50 fe 06 03 02 00 04 80 ../M....P.......

Statusabbild für Threadkennung 0x380

eax=00122aa8 ebx=00000000 ecx=775ae8c0 edx=00000000 esi=000bd310 edi=00000000
eip=77e02bba esp=030cfee8 ebp=030cff2c iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000202

Funktion: WaitMessage
77e02baf b836120000 mov eax,0x1236
77e02bb4 8d542404 lea edx,[esp+0x4] ss:03b6d4bb=c2c087f1
77e02bb8 cd2e int 2e
77e02bba c3 ret

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
030CFF2C 7112EE7B 000B006A 0006E544 77885C4C 001164A0 user32!WaitMessage
030CFFB4 77E86523 001164A0 0006E544 77885C4C 001164A0 BROWSEUI!Ordinal102
030CFFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue

Statusabbild für Threadkennung 0x354

eax=0012b108 ebx=00000001 ecx=77b23eb4 edx=000c4c10 esi=000fb198 edi=77b23ea8
eip=00000000 esp=035afd54 ebp=035afec0 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000202

Funktion: <nosymbols>
FEHLER ->00000000

00000001

00000002

00000003

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
035AFD50 035F1258 0012B108 000FB198 00000001 77A56148 explorer!<nosymbols>
035AFEC0 77A561E1 000F1588 035AFEE0 7111C27C 00000000 !DllCanUnloadNow
035AFECC 7111C27C 00000000 001375E0 00000000 035AFF2C ole32!CoFreeUnusedLibraries
035AFEE0 7112F012 00000000 0006FEB4 0006EA01 00116858 BROWSEUI!Ordinal119
035AFF2C 7112EE7B 000C0238 0006FEB4 0006EA01 00116858 BROWSEUI!Ordinal102
035AFFB4 77E86523 00116858 0006FEB4 0006EA01 00116858 BROWSEUI!Ordinal102
035AFFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue

Pascal Rebsamen · 03.03.2002

Hallo

SP2 nochmal drüber installiert?

Evolution100 · 03.03.2002

hab ich schon getan.

auch den ie 5.5 und dann sp2 jedoch ohne verbesserung

Pascal Rebsamen · 03.03.2002

¨Was machst du genau, wenn er abstürzt?

Evolution100 · 03.03.2002

tritt sporratisch auf, aber sehr oft, wenn ich kopiere oder verschiebe.

Pascal Rebsamen · 03.03.2002

schon mal mit Reparieren versucht?

Evolution100 · 03.03.2002

ja, kommt danach auch wieder,
auch nach einer neuinstallation ;-(

Pascal Rebsamen · 03.03.2002

Nach einer Neuinstallation auch???

Upppss!!! Nach einer normalenInstallation, ohne Zuatzsoftware wie word oder so?

Evolution100 · 04.03.2002

Ja, nur wenn w2k uns sp´s drauf sind

Pascal Rebsamen · 04.03.2002

Hmmm, Hardwarekonflikt?? und ohne SP?

W2K Prof. Explorer stürzt ab

Evolution100

Pascal Rebsamen

Evolution100

Pascal Rebsamen

Evolution100

Pascal Rebsamen

Evolution100

Pascal Rebsamen

Evolution100

Pascal Rebsamen

W2K Prof. Explorer stürzt ab

W2K Prof. Explorer stürzt ab - Ähnliche Themen

Nach Crash die Minidump File ausgelesen; was ist das Problem?

BSOD bei vermeintlichem Treiberfehler (seit Jan 2020) verursacht durch ndis.sys+79ccb

Beim Download ruckelt PC (ndis.sys)

Bluescreen bei Xp

BlueScreen bei XPpro - Wer hat Lösungsansätze

Neues aus der Redaktion

Neue Themen

Neueste Antworten