1   1  /  1  页   跳转

[求助] 电脑无缘无故蓝屏了

收藏
星空ZQ
头像
拙长孩提狮
  • 帖子:174
  • 注册: 2008-08-01
  • 来自:山东
发表于: 2009-12-05 20:59 | 只看楼主 短消息 资料
字号: 1楼

电脑无缘无故蓝屏了

今天晚上,和朋友视频的时候电脑突然之间蓝屏了,蹦了一大堆的英文,一小时内出了三次,都是在视频的时候,我想是不是摄像头发的原因,可是,原来用的时候没有呀,现在上传日志,高手给看看

用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; CIBA; InfoPath.1; .NET CLR 2.0.50727)

附件附件:

文件名:SREngLOG.log
下载次数:163
文件类型:application/octet-stream
文件大小:
上传时间:2009-12-5 20:58:43
描述:log
分享到:
gototop
 
夲號ヱ被ジ盜
头像
叱咤花甲狮
  • 帖子:7083
  • 注册: 2008-08-21
  • 来自:昆仑琼华派
论坛8周年活动礼物就爱不长大论坛9周年纪念冰激凌10温馨圣诞十周年国庆61周年十一周年勋章
发表于: 2009-12-05 21:04 | 短消息 资料
字号: 2楼

回复:电脑无缘无故蓝屏了

全盘搜索*.dmp
包括隐藏的文件和文件夹、系统文件夹
搜索的到压缩后附件上传
gototop
 
夲號ヱ被ジ盜
头像
叱咤花甲狮
  • 帖子:7083
  • 注册: 2008-08-21
  • 来自:昆仑琼华派
论坛8周年活动礼物就爱不长大论坛9周年纪念冰激凌10温馨圣诞十周年国庆61周年十一周年勋章
发表于: 2009-12-05 21:05 | 短消息 资料
字号: 3楼

回复:电脑无缘无故蓝屏了

好像是木马群
日志的明显异常....
Autorun.inf
[C:\]
[AutoRun]
Shellexecute=WScript.exe 1747673830.vbs "AutoRun"
shell\open=打开(&O)
shell\open\command=WScript.exe 1747673830.vbs "AutoRun"
shell\open\Default=1
shell\explore=资源管理器(&X)
shell\explore\command=WScript.exe 1747673830.vbs "AutoRun"
gototop
 
星空ZQ
头像
拙长孩提狮
  • 帖子:174
  • 注册: 2008-08-01
  • 来自:山东
发表于: 2009-12-05 21:12 | 只看楼主 短消息 资料
字号: 4楼

回复: 电脑无缘无故蓝屏了

不是吧 ,我电脑装着瑞星呀,也很正常呀,按你说的,搜索了已上传,就两个文件

附件附件:

文件名:桌面.rar
下载次数:169
文件类型:application/octet-stream
文件大小:
上传时间:2009-12-5 21:12:03
描述:rar
gototop
 
夲號ヱ被ジ盜
头像
叱咤花甲狮
  • 帖子:7083
  • 注册: 2008-08-21
  • 来自:昆仑琼华派
论坛8周年活动礼物就爱不长大论坛9周年纪念冰激凌10温馨圣诞十周年国庆61周年十一周年勋章
发表于: 2009-12-05 21:22 | 短消息 资料
字号: 5楼

回复: 电脑无缘无故蓝屏了

模块加载完成,但不能在ntdll.dll中加载

建议:360和瑞星的监控重复,关闭360的实时监控

用Win RAR清理C盘根目录木马群残留的文件1747673830.vbs
最好右键---编辑
看看是啥内容
Sreng工具重置HOSTS文件,迅雷被屏蔽了- -!


Microsoft (R) Windows Debugger  Version 6.6.0007.5
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Documents and Settings\lenovo\桌面\1\2009-11-12 17.05.21 Crash.dmp]
User Mini Dump File: Only registers, stack and portions of memory are available
WARNING: Minidump contains unknown stream type 0x1000
Windows XP Version 2600 (Service Pack 3, v.5857) MP (2 procs) Free x86 compatible
Product: WinNt, suite: SingleUserTS
Debug session time: Thu Nov 12 17:05:22.000 2009 (GMT+8)
System Uptime: not available
Process Uptime: 0 days 2:15:51.000
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path.          *
* Use .symfix to have the debugger choose a symbol path.                  *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
..........................................................................
This dump file has an exception of interest stored in it.
The stored exception information can be accessed via .ecxr.
(344.e28): Access violation - code c0000005 (first/second chance not available)
eax=00000000 ebx=00000000 ecx=00000007 edx=0011ca3d esi=0001e340 edi=00000000
eip=7c92e514 esp=0012dcb4 ebp=0012dd18 iopl=0        nv up ei pl zr na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000            efl=00000246
Unable to load image C:\WINDOWS\system32\ntdll.dll, Win32 error 2
*** WARNING: Unable to verify timestamp for ntdll.dll
*** ERROR: Module load completed but symbols could not be loaded for ntdll.dll
ntdll+0xe514:
7c92e514 c3              ret



                                                                                    传说中的分割线
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------v

Microsoft (R) Windows Debugger  Version 6.6.0007.5
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Documents and Settings\lenovo\桌面\1\crush.dmp]
User Mini Dump File: Only registers, stack and portions of memory are available
Windows XP Version 2600 (Service Pack 3, v.5857) MP (2 procs) Free x86 compatible
Product: WinNt, suite: SingleUserTS
Debug session time: Sun Nov 15 21:51:08.000 2009 (GMT+8)
System Uptime: not available
Process Uptime: 0 days 1:08:46.000
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path.          *
* Use .symfix to have the debugger choose a symbol path.                  *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
........................................................................................................
This dump file has an exception of interest stored in it.
The stored exception information can be accessed via .ecxr.
(6f4.114): Access violation - code c0000005 (first/second chance not available)
eax=05310000 ebx=0c534788 ecx=00000007 edx=7c92e514 esi=0c534760 edi=0c5347b8
eip=7c92e514 esp=0170b19c ebp=0170b1ac iopl=0        nv up ei pl zr na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000            efl=00000246
Unable to load image C:\WINDOWS\system32\ntdll.dll, Win32 error 2
*** WARNING: Unable to verify timestamp for ntdll.dll
*** ERROR: Module load completed but symbols could not be loaded for ntdll.dll
ntdll+0xe514:
7c92e514 c3              ret
gototop
 
星空ZQ
头像
拙长孩提狮
  • 帖子:174
  • 注册: 2008-08-01
  • 来自:山东
发表于: 2009-12-06 14:13 | 只看楼主 短消息 资料
字号: 6楼

回复: 电脑无缘无故蓝屏了

那个*.vbs已经让瑞星给删除了,谢谢你,我想了想应该是摄像头和什么冲突了吧,我今天又用了好长时间都没出现问题,应该是摄像头的问题,哎,以后没的用了
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT