Perhaps this will help you

#1081
Zortam Support
Zortam Support
Keymaster

i have also windows 2000 service pack 4.

here the dump, perhaps it helps you.
ps: sorry my windows is german.


Anwendungsausnahme aufgetreten:
Anwendung: (pid=9512)
Wann: 22.12.2003 @ 15:15:12.421
Ausnahmenummer: c0000005 (Zugriffsverletzung)

*—-> Systeminformationen < —-*
Computername: MANITU
Benutzername: Marcel
Prozessoranzahl: 1
Prozessortyp: x86 Family 6 Model 6 Stepping 2
Windows 2000-Version: 5.0
Aktuelles Build: 2195
Service Pack: 4
Aktueller Typ: Uniprocessor Free
Firma: Privat
Besitzer: Manitu

*—-> Taskliste < —-*
0 Idle.exe
8 System.exe
256 SMSS.exe
284 CSRSS.exe
304 WINLOGON.exe
332 SERVICES.exe
344 LSASS.exe
532 svchost.exe
580 spoolsv.exe
616 DUService.exe
668 svchost.exe
692 hidserv.exe
728 mysqld-nt.exe
820 outpost.exe
840 regsvc.exe
860 mstask.exe
1112 WinMgmt.exe
1264 explorer.exe
1376 devldr32.exe
1432 DUMeter.exe
1492 iTouch.exe
6944 NetLimiter.exe
6728 emule.exe
8516 Icq.exe
8956 xiwin32.exe
8604 winamp.exe
6356 IEXPLORE.exe
8532 NTVDM.exe
8492 notepad.exe
9284 NOTEPAD.exe
9504 IEXPLORE.exe
9512 Mp3MediaStudio..exe
9596 DRWTSN32.exe
0 _Total.exe

(00400000 – 0062B000)
(77880000 – 77901000)
(77E70000 – 77F30000)
(77E00000 – 77E5F000)
(77F40000 – 77F79000)
(74FC0000 – 74FC9000)
(74FA0000 – 74FB4000)
(78000000 – 78045000)
(79350000 – 793B2000)
(77D20000 – 77D8E000)
(74F90000 – 74F98000)
(77580000 – 777CE000)
(70A70000 – 70AD5000)
(71710000 – 71794000)
(779A0000 – 77A3B000)
(77A40000 – 77B2C000)
(10000000 – 10015000)
(01140000 – 01162000)
(76B00000 – 76B3F000)
(777F0000 – 7780E000)
(782F0000 – 78301000)
(75260000 – 75280000)
(69470000 – 69499000)
(015C0000 – 01636000)
(77810000 – 77817000)
(75940000 – 75946000)
(77540000 – 77571000)
(01AC0000 – 01ADE000)
(74910000 – 74935000)
(784A0000 – 78526000)
(77840000 – 7787F000)
(77090000 – 770B3000)
(750D0000 – 750DC000)
(75180000 – 75195000)
(75140000 – 75178000)
(750E0000 – 7512F000)
(79430000 – 7943F000)
(75130000 – 75136000)
(750C0000 – 750CF000)
(77940000 – 7796B000)
(77970000 – 77994000)

Statusabbild für Threadkennung 0x23e8

eax=676f7250 ebx=01d0b270 ecx=01d0b270 edx=01c02770 esi=01c01cc0 edi=00000000
eip=004d2ea1 esp=0012ee94 ebp=0012ef04 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00200202

Funktion:
004d2e88 85db test ebx,ebx
004d2e8a 899e98000000 mov [esi+0x98],ebx ds:01c01d58=01d0b270
004d2e90 7415 jz 004db1a7
004d2e92 837c241400 cmp dword ptr [esp+0x14],0x0 ss:010a8d7b=????????
004d2e97 740e jz 004db9a7
004d2e99 8b03 mov eax,[ebx] ds:01d0b270=676f7250
004d2e9b 57 push edi
004d2e9c 53 push ebx
004d2e9d 6a01 push 0x1
004d2e9f 8bcb mov ecx,ebx
FEHLER ->004d2ea1 ff90e4000000 call dword ptr [eax+0xe4] ds:676f7334=????????
004d2ea7 5f pop edi
004d2ea8 5e pop esi
004d2ea9 5b pop ebx
004d2eaa c20800 ret 0x8
004d2ead 8b8198000000 mov eax,[ecx+0x98] ds:01d0b308=001b0730
004d2eb3 85c0 test eax,eax
004d2eb5 7409 jz 004db9c0
004d2eb7 8bc8 mov ecx,eax
004d2eb9 e8f404ffff call 004c33b2
004d2ebe eb05 jmp 004e16c5
004d2ec0 e8bcd2feff call 004c0181

*—-> Stack Back Trace < —-*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0012EF04 004C147A 01D0B270 01D0B270 00135608 00000000 !
0012EF78 004C114B 00000364 00000000 004F4BB0 0012EF94 !
0012EF98 004C00E9 00000364 00000000 00000000 77E0A7D6 !
0012EFF8 004C1A93 00000000 00210664 00000364 00000000 !
0012F01C 004C1AC7 002405DC 00000364 00000000 00000000 !
0012F044 004C1AC7 001505CA 00000364 00000000 00000000 !
0012F06C 004D2707 005600DC 00000364 00000000 00000000 !
0012F0D4 004D1053 00000000 00000001 0012F4B4 0051F788 !
0012F160 004D765F 0051F788 0051F788 FFFFFFFF 00000001 !
0012F184 00484738 0012F4B4 01C00E20 004AAA1A 00000013 !
0012F4F0 004C6FF7 004ACE7D 00000000 7FFDF000 004BC0EC !
0012F5A0 00AE1D15 00400000 00000000 001326B8 00000001 !
0012FD1C 005294B2 00000065 00000002 00000000 00000000
0012FF34 0052D9E2 00400000 00000000 001326B8 00000001 !
0012FFC0 77E987E7 00000065 00000000 7FFDF000 C0000005 !
0012FFF0 00000000 0052D914 00000000 000000C8 00000100 kernel32!ProcessIdToSessionId

*—-> Raw Stack Dump < —-*
0012ee94 01 00 00 00 70 b2 d0 01 – 00 00 00 00 70 b2 d0 01 ….p…….p…
0012eea4 00 00 00 00 c0 2f 4a 00 – c0 49 47 00 70 b2 d0 01 …../J..IG.p…
0012eeb4 01 00 00 00 70 b2 d0 01 – bd d5 47 00 08 ed 6d 00 ….p…..G…m.
0012eec4 60 84 d0 01 60 84 d0 01 – 00 00 00 00 00 00 00 00 `…`………..
0012eed4 00 00 00 00 00 00 00 00 – 00 00 00 00 46 00 00 00 …………F…
0012eee4 00 00 00 00 00 00 00 00 – 00 00 00 00 00 00 00 00 …………….
0012eef4 00 00 00 00 00 00 00 00 – 20 44 00 00 40 18 52 00 …….. D..@.R.
0012ef04 78 ef 12 00 7a 14 4c 00 – 70 b2 d0 01 70 b2 d0 01 x…z.L.p…p…
0012ef14 08 56 13 00 00 00 00 00 – 00 00 00 00 01 00 00 00 .V…………..
0012ef24 d0 a2 e2 77 dc 05 24 00 – 64 03 00 00 00 00 00 00 …w..$.d…….
0012ef34 00 00 00 00 34 47 e0 77 – cd ab ba dc 64 ef 12 00 ….4G.w….d…
0012ef44 21 6b e0 77 34 47 e0 77 – dc 05 24 00 64 03 00 00 !k.w4G.w..$.d…
0012ef54 00 00 00 00 00 00 00 00 – c0 1c c0 01 c0 1c c0 01 …………….
0012ef64 b8 4a 4f 00 00 00 00 00 – ec ef 12 00 94 95 4e 00 .JO………..N.
0012ef74 ff ff ff ff 98 ef 12 00 – 4b 11 4c 00 64 03 00 00 ……..K.L.d…
0012ef84 00 00 00 00 b0 4b 4f 00 – 94 ef 12 00 64 03 00 00 …..KO…..d…
0012ef94 00 00 00 00 f8 ef 12 00 – e9 00 4c 00 64 03 00 00 ……….L.d…
0012efa4 00 00 00 00 00 00 00 00 – d6 a7 e0 77 64 06 21 00 ………..wd.!.
0012efb4 00 00 00 00 00 00 00 00 – 00 00 00 00 00 00 00 00 …………….
0012efc4 00 00 00 00 00 00 00 00 – 00 00 00 00 00 00 00 00 …………….

Statusabbild für Threadkennung 0x2524

eax=01befd3c ebx=0072013a ecx=01beffdc edx=00000000 esi=77889153 edi=01beff6c
eip=7788915e esp=01beff58 ebp=01beff74 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206

Funktion: ZwDelayExecution
77889153 b832000000 mov eax,0x32
77889158 8d542404 lea edx,[esp+0x4] ss:02b69e3f=????????
7788915c cd2e int 2e
7788915e c20800 ret 0x8

*—-> Stack Back Trace < —-*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
01BEFF74 77E9A0B8 00000064 00000000 00AD81B9 00000064 ntdll!ZwDelayExecution
01BEFFB4 77E7B382 00000000 0000007A 00159A30 00000000 kernel32!Sleep
01BEFFEC 00000000 00AD813C 00000000 00000000 000000C8 kernel32!lstrcmpiW

*—-> Raw Stack Dump < —-*
01beff58 ed a0 e9 77 00 00 00 00 – 6c ff be 01 00 00 00 00 …w….l…….
01beff68 84 0a e7 3f c0 bd f0 ff – ff ff ff ff b4 ff be 01 …?…………
01beff78 b8 a0 e9 77 64 00 00 00 – 00 00 00 00 b9 81 ad 00 …wd………..
01beff88 64 00 00 00 30 9a 15 00 – 7a 00 00 00 00 00 00 00 d…0…z…….
01beff98 ff ff ff ff 00 00 00 00 – b0 18 ae af 00 a3 d1 84 …………….
01beffa8 40 14 d3 84 c0 9c 2f af – bc 9c 2f af ec ff be 01 @…../…/…..
01beffb8 82 b3 e7 77 00 00 00 00 – 7a 00 00 00 30 9a 15 00 …w….z…0…
01beffc8 00 00 00 00 00 d0 fd 7f – 00 b2 88 77 c0 ff be 01 ………..w….
01beffd8 00 b2 88 77 ff ff ff ff – b4 1b ec 77 f0 2a e7 77 …w…….w.*.w
01beffe8 00 00 00 00 00 00 00 00 – 00 00 00 00 3c 81 ad 00 …………< …
01befff8 00 00 00 00 00 00 00 00 – c8 00 00 00 00 01 00 00 …………….
01bf0008 ff ee ff ee 02 10 00 00 – 00 00 00 00 00 fe 00 00 …………….
01bf0018 00 00 20 00 00 20 00 00 – 00 02 00 00 00 20 00 00 .. .. ……. ..
01bf0028 ff 00 00 00 ff ef fd 7f – 0b 00 08 06 00 00 00 00 …………….
01bf0038 00 00 00 00 00 00 00 00 – 00 00 00 00 a8 05 bf 01 …………….
01bf0048 0f 00 00 00 f8 ff ff ff – 50 00 bf 01 50 00 bf 01 ……..P…P…
01bf0058 40 06 bf 01 00 00 d0 01 – 00 00 00 00 00 00 00 00 @……………
01bf0068 00 00 00 00 00 00 00 00 – 00 00 00 00 00 00 00 00 …………….
01bf0078 00 00 00 00 00 00 00 00 – 00 00 00 00 00 00 00 00 …………….
01bf0088 00 00 00 00 00 00 00 00 – 00 00 00 00 00 00 00 00 …………….

Statusabbild für Threadkennung 0x253c

eax=000001c0 ebx=0016f470 ecx=00170758 edx=00000000 esi=00170758 edi=00000100
eip=778839c7 esp=028bfe28 ebp=028bff74 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206

Funktion: NtReplyWaitReceivePortEx
778839bc b8ac000000 mov eax,0xac
778839c1 8d542404 lea edx,[esp+0x4] ss:03839d0f=????????
778839c5 cd2e int 2e
778839c7 c21400 ret 0x14
778839ca 8b4710 mov eax,[edi+0x10] ds:00f79fe6=????????
778839cd 8b483c mov ecx,[eax+0x3c] ds:00f7a0a6=????????
778839d0 f6400801 test byte ptr [eax+0x8],0x1 ds:00f7a0a6=??
778839d4 7502 jnz RtlCreateProcessParameters+0xd (77883cd8)
778839d6 03c8 add ecx,eax
778839d8 894de4 mov [ebp+0xe4],ecx ss:03839e5a=????????
778839db 8b4710 mov eax,[edi+0x10] ds:00f79fe6=????????
778839de 668b4038 mov ax,[eax+0x38] ds:00f7a0a7=????
778839e2 668945e0 mov [ebp+0xe0],ax ss:03839e5b=????
778839e6 668945e2 mov [ebp+0xe2],ax ss:03839e5b=????
778839ea 53 push ebx

*—-> Stack Back Trace < —-*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
028BFF74 77D46D9E 77D29A00 00170758 40170274 00000070 ntdll!NtReplyWaitReceivePortEx
028BFFA8 77D31C6C 00170730 028BFFEC 77E7B382 0016F470 rpcrt4!TowerConstruct
028BFFB4 77E7B382 0016F470 40170274 00000070 0016F470 rpcrt4!I_RpcServerInqTransportType
028BFFEC 00000000 00000000 00000000 00000000 00000000 kernel32!lstrcmpiW

Statusabbild für Threadkennung 0x256c

eax=77aa4639 ebx=00000102 ecx=0016f7b8 edx=00000000 esi=77889153 edi=029bff74
eip=7788915e esp=029bff60 ebp=029bff7c iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206

Funktion: ZwDelayExecution
77889153 b832000000 mov eax,0x32
77889158 8d542404 lea edx,[esp+0x4] ss:03939e47=????????
7788915c cd2e int 2e
7788915e c20800 ret 0x8

*—-> Stack Back Trace < —-*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
029BFF7C 77E9A0B8 0000EA60 00000000 77AA85FC 0000EA60 ntdll!ZwDelayExecution
00007530 00000000 00000000 00000000 00000000 00000000 kernel32!Sleep

*—-> Raw Stack Dump < —-*
029bff60 ed a0 e9 77 00 00 00 00 – 74 ff 9b 02 1d 9e e9 77 …w….t……w
029bff70 e8 2a 17 00 00 ba 3c dc – ff ff ff ff 30 75 00 00 .*….< …..0u..
029bff80 b8 a0 e9 77 60 ea 00 00 – 00 00 00 00 fc 85 aa 77 …w`……….w
029bff90 60 ea 00 00 fb 46 aa 77 – 00 00 00 00 00 00 a4 77 `….F.w…….w
029bffa0 e8 2a 17 00 ec ff 9b 02 – e8 2a 17 00 53 46 aa 77 .*…….*..SF.w
029bffb0 d8 7a a5 77 c3 7a a5 77 – 82 b3 e7 77 e8 2a 17 00 .z.w.z.w…w.*..
029bffc0 d8 7a a5 77 c3 7a a5 77 – e8 2a 17 00 00 b0 fd 7f .z.w.z.w.*……
029bffd0 b8 f7 16 00 c0 ff 9b 02 – b8 f7 16 00 ff ff ff ff …………….
029bffe0 b4 1b ec 77 f0 2a e7 77 – 00 00 00 00 00 00 00 00 …w.*.w……..
029bfff0 00 00 00 00 39 46 aa 77 – e8 2a 17 00 00 00 00 00 ….9F.w.*……
029c0000 c8 00 00 00 00 01 00 00 – ff ee ff ee 02 10 00 00 …………….
029c0010 00 00 00 00 00 fe 00 00 – 00 00 10 00 00 20 00 00 …………. ..
029c0020 00 02 00 00 00 20 00 00 – 2f 04 00 00 ff ef fd 7f ….. ../…….
029c0030 0d 00 08 06 00 00 00 00 – 00 00 00 00 00 00 00 00 …………….
029c0040 00 00 00 00 98 05 9c 02 – 0f 00 00 00 f8 ff ff ff …………….
029c0050 50 00 9c 02 50 00 9c 02 – 40 06 9c 02 00 00 00 00 P…P…@…….
029c0060 00 00 00 00 00 00 00 00 – 00 00 00 00 00 00 00 00 …………….
029c0070 00 00 00 00 00 00 00 00 – 00 00 00 00 00 00 00 00 …………….
029c0080 00 00 00 00 00 00 00 00 – 00 00 00 00 00 00 00 00 …………….
029c0090 00 00 00 00 00 00 00 00 – 00 00 00 00 00 00 00 00 …………….

(if it looks stupid in this thread, you can see it also in this textfiel: http://www.big-manitu.com/trade/dump.txt )

thank you for a solution !