gros plantage sous XP lié à explorer.exe, une id ??
gros plantage sous XP lié à explorer.exe, une id ?? - Win NT/2K/XP - Windows & Software
Marsh Posté le 17-09-2004 à 11:24:58
| wuxiu a écrit : tu as koa ds l event viewer ? |
[cpp]Une exception d'application s'est produite :
App : C:\WINDOWS\explorer.exe (pid=2912)
Lorsque : 17/09/2004 @ 11:19:38.031
Numéro d'exception : 80000007
()
*----> Informations système <----*
Nom ordinateur : A-LINK
Nom utilisateur : fr3d
ID de la session Terminal : 0
Nombre de processeurs : 2
Type de processeur : x86 Family 15 Model 2 Stepping 9
Version de Windows : 5.1
Numéro actuel : 2600
Service Pack : 2
Type actuel : Multiprocessor Free
*----> Liste des tâches <----*
0 System Process
4 System
648 smss.exe
696 csrss.exe
720 winlogon.exe
764 services.exe
776 lsass.exe
964 Ati2evxx.exe
980 svchost.exe
1052 svchost.exe
1148 svchost.exe
1264 svchost.exe
1344 svchost.exe
1560 spoolsv.exe
1688 ccSetMgr.exe
1744 navapsvc.exe
1936 svchost.exe
1988 ccEvtMgr.exe
580 alg.exe
1100 SAVScan.exe
1108 wscntfy.exe
1896 Ati2evxx.exe
1440 ccApp.exe
1624 CTHELPER.EXE
1584 atiptaxx.exe
1856 AHQTBU.EXE
1876 realsched.exe
976 ctfmon.exe
2060 acrotray.exe
2104 BCResident.exe
2576 IMApp.exe
1464 iexplore.exe
2912 explorer.exe
3856 helpctr.exe
3932 HelpSvc.exe
3804 wmiprvse.exe
4040 drwtsn32.exe
4048 regedit.exe
4060 msmsgs.exe
3972 drwtsn32.exe
*----> Liste des modules <----*
(0000000000f20000 - 0000000000f30000: C:\WINDOWS\system32\ctagent.dll
(0000000001000000 - 0000000001100000: C:\WINDOWS\explorer.exe
(0000000001830000 - 0000000001840000: C:\Program Files\Fichiers communs\Symantec Shared\Script Blocking\ScrTrust.dll
(0000000001a50000 - 0000000001a63000: C:\WINDOWS\system32\browselc.dll
(0000000001fd0000 - 0000000001fe8000: C:\Program Files\Norton AntiVirus\NavShExt.dll
(0000000002020000 - 000000000202b000: C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
(00000000022e0000 - 000000000236e000: C:\WINDOWS\system32\shdoclc.dll
(00000000023f0000 - 0000000002403000: C:\PROGRA~1\INCRED~1\bin\ImHook.dll
(0000000002520000 - 0000000002549000: C:\Program Files\WinRAR\rarext.dll
(0000000002950000 - 000000000295f000: C:\Program Files\IncrediMail\bin\IMShExt.dll
(0000000002a70000 - 0000000002a96000: C:\Program Files\DivX\Dr.DivX\EncodeDivXExt.dll
(000000000ffd0000 - 000000000fff8000: C:\WINDOWS\system32\rsaenh.dll
(0000000010000000 - 000000001000d000: C:\WINDOWS\system32\hplun.dll
(0000000020000000 - 00000000202da000: C:\WINDOWS\system32\xpsp2res.dll
(0000000058b50000 - 0000000058be7000: C:\WINDOWS\system32\comctl32.dll
(0000000059000000 - 000000005900e000: C:\WINDOWS\System32\wshFR.DLL
(00000000595b0000 - 000000005977a000: C:\WINDOWS\AppPatch\AcGenral.DLL
(000000005b090000 - 000000005b0c8000: C:\WINDOWS\system32\UxTheme.dll
(000000005b950000 - 000000005b9c3000: C:\WINDOWS\System32\themeui.dll
(000000005cea0000 - 000000005cec6000: C:\WINDOWS\system32\ShimEng.dll
(0000000060990000 - 000000006099e000: C:\WINDOWS\system32\MSISIP.DLL
(0000000061d70000 - 0000000061d7e000: C:\WINDOWS\system32\MFC42LOC.DLL
(000000006c650000 - 000000006c69d000: C:\WINDOWS\system32\DUSER.dll
(000000006fee0000 - 000000006ff34000: C:\WINDOWS\system32\NETAPI32.dll
(00000000719e0000 - 00000000719e8000: C:\WINDOWS\System32\WS2HELP.dll
(00000000719f0000 - 0000000071a07000: C:\WINDOWS\System32\WS2_32.dll
(0000000071a10000 - 0000000071a1a000: C:\WINDOWS\System32\WSOCK32.dll
(0000000071ca0000 - 0000000071cbc000: C:\WINDOWS\System32\actxprxy.dll
(0000000072c60000 - 0000000072c68000: C:\WINDOWS\system32\msacm32.drv
(0000000072c70000 - 0000000072c79000: C:\WINDOWS\system32\wdmaud.drv
(0000000073d20000 - 0000000073e1e000: C:\WINDOWS\system32\MFC42.DLL
(0000000074690000 - 00000000746db000: C:\WINDOWS\system32\MSCTF.dll
(0000000074a40000 - 0000000074a48000: C:\WINDOWS\System32\POWRPROF.dll
(0000000074a60000 - 0000000074a6a000: C:\WINDOWS\System32\BatMeter.dll
(0000000074aa0000 - 0000000074ae8000: C:\WINDOWS\System32\webcheck.dll
(0000000074e10000 - 0000000074e20000: C:\WINDOWS\System32\wshext.dll
(0000000075f10000 - 000000007600c000: C:\WINDOWS\system32\BROWSEUI.dll
(00000000762f0000 - 0000000076300000: C:\WINDOWS\system32\WINSTA.dll
(0000000076310000 - 0000000076315000: C:\WINDOWS\System32\MSIMG32.dll
(0000000076340000 - 000000007638a000: C:\WINDOWS\system32\comdlg32.dll
(0000000076390000 - 000000007653a000: C:\WINDOWS\system32\NETSHELL.dll
(0000000076540000 - 0000000076561000: C:\WINDOWS\System32\stobject.dll
(0000000076590000 - 00000000765ad000: C:\WINDOWS\System32\CSCDLL.dll
(00000000765b0000 - 0000000076606000: C:\WINDOWS\System32\cscui.dll
(0000000076610000 - 0000000076694000: C:\WINDOWS\system32\CRYPTUI.dll
(0000000076920000 - 0000000076928000: C:\WINDOWS\system32\LINKINFO.dll
(0000000076930000 - 0000000076956000: C:\WINDOWS\system32\ntshrui.dll
(0000000076960000 - 0000000076a15000: C:\WINDOWS\system32\USERENV.dll
(0000000076ac0000 - 0000000076ad1000: C:\WINDOWS\system32\ATL.DLL
(0000000076ae0000 - 0000000076b0f000: C:\WINDOWS\system32\WINMM.dll
(0000000076bb0000 - 0000000076bdf000: C:\WINDOWS\system32\credui.dll
(0000000076be0000 - 0000000076c0e000: C:\WINDOWS\system32\WINTRUST.dll
(0000000076c40000 - 0000000076c68000: C:\WINDOWS\system32\IMAGEHLP.dll
(0000000076d10000 - 0000000076d29000: C:\WINDOWS\system32\iphlpapi.dll
(0000000076e30000 - 0000000076e3e000: C:\WINDOWS\system32\rtutils.dll
(0000000076f00000 - 0000000076f08000: C:\WINDOWS\System32\WTSAPI32.dll
(0000000076f10000 - 0000000076f3d000: C:\WINDOWS\system32\WLDAP32.dll
(0000000076f80000 - 0000000076fff000: C:\WINDOWS\system32\CLBCATQ.DLL
(0000000077000000 - 00000000770d4000: C:\WINDOWS\system32\COMRes.dll
(00000000770e0000 - 000000007716c000: C:\WINDOWS\system32\OLEAUT32.dll
(0000000077170000 - 000000007720d000: C:\WINDOWS\system32\urlmon.dll
(0000000077210000 - 00000000772c1000: C:\WINDOWS\system32\SXS.DLL
(0000000077390000 - 0000000077492000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
(00000000774a0000 - 00000000775dc000: C:\WINDOWS\system32\ole32.dll
(0000000077720000 - 000000007788c000: C:\WINDOWS\system32\SHDOCVW.dll
(00000000778e0000 - 00000000779d8000: C:\WINDOWS\system32\SETUPAPI.dll
(00000000779e0000 - 0000000077a76000: C:\WINDOWS\system32\CRYPT32.dll
(0000000077a80000 - 0000000077a92000: C:\WINDOWS\system32\MSASN1.dll
(0000000077aa0000 - 0000000077b47000: C:\WINDOWS\system32\WININET.dll
(0000000077b50000 - 0000000077b72000: C:\WINDOWS\system32\appHelp.dll
(0000000077ba0000 - 0000000077ba7000: C:\WINDOWS\system32\midimap.dll
(0000000077bb0000 - 0000000077bc5000: C:\WINDOWS\system32\MSACM32.dll
(0000000077bd0000 - 0000000077bd8000: C:\WINDOWS\system32\VERSION.dll
(0000000077be0000 - 0000000077c38000: C:\WINDOWS\system32\msvcrt.dll
(0000000077d10000 - 0000000077da0000: C:\WINDOWS\system32\USER32.dll
(0000000077da0000 - 0000000077e4c000: C:\WINDOWS\system32\ADVAPI32.dll
(0000000077e50000 - 0000000077ee1000: C:\WINDOWS\system32\RPCRT4.dll
(0000000077ef0000 - 0000000077f36000: C:\WINDOWS\system32\GDI32.dll
(0000000077f40000 - 0000000077fb6000: C:\WINDOWS\system32\SHLWAPI.dll
(0000000077fc0000 - 0000000077fd1000: C:\WINDOWS\System32\Secur32.dll
(000000007c000000 - 000000007c054000: C:\WINDOWS\system32\MSVCR70.dll
(000000007c080000 - 000000007c0f7000: C:\WINDOWS\system32\MSVCP70.dll
(000000007c800000 - 000000007c904000: C:\WINDOWS\system32\kernel32.dll
(000000007c910000 - 000000007c9c7000: C:\WINDOWS\system32\ntdll.dll
(000000007c9d0000 - 000000007d1f2000: C:\WINDOWS\system32\SHELL32.dll
(000000007d200000 - 000000007d4b2000: C:\WINDOWS\system32\msi.dll
*----> Vidage de l'état de la thread 0xb6c <----*
eax=000f8e74 ebx=00000003 ecx=777515a0 edx=7c91eb94 esi=000e85e0 edi=00000000
eip=7c91eb94 esp=0007fef0 ebp=0007ff08 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ntdll.dll -
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
FAUTE ->ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\SHELL32.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Module load completed but symbols could not be loaded for C:\WINDOWS\explorer.exe
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll -
ChildEBP RetAddr Args to Child
0007ff08 7ca42c57 00000000 0007ff5c 01016e95 ntdll!KiFastSystemCallRet
0007ff14 01016e95 000e85e0 7ffdf000 0007ffc0 SHELL32!Ordinal201+0x28
0007ff5c 0101e2b6 00000000 00000000 0002064a explorer+0x16e95
0007ffc0 7c816d4f 00e54de8 0006e890 7ffdf000 explorer+0x1e2b6
0007fff0 00000000 0101e24e 00000000 78746341 kernel32!RegisterWaitForInputIdle+0x49
*----> Vidage brut de la pile <----*
000000000007fef0 f5 93 d1 77 ee 95 a4 7c - ac 92 80 7c e0 85 0e 00 ...w...|...|....
000000000007ff00 e0 85 0e 00 14 ff 07 00 - 14 ff 07 00 57 2c a4 7c ............W,.|
000000000007ff10 00 00 00 00 5c ff 07 00 - 95 6e 01 01 e0 85 0e 00 ....\....n......
000000000007ff20 00 f0 fd 7f c0 ff 07 00 - 00 00 00 00 24 fd 07 00 ............$...
000000000007ff30 50 ff 07 00 e0 ff 07 00 - 27 e0 91 7c ed aa 80 7c P.......'..|...|
000000000007ff40 ff ff ff ff 0c 00 00 00 - 00 00 00 00 f2 6d 19 00 .............m..
000000000007ff50 a8 00 00 00 01 00 00 00 - e0 85 0e 00 c0 ff 07 00 ................
000000000007ff60 b6 e2 01 01 00 00 00 00 - 00 00 00 00 4a 06 02 00 ............J...
000000000007ff70 05 00 00 00 e8 4d e5 00 - 90 e8 06 00 44 00 00 00 .....M......D...
000000000007ff80 9c 06 02 00 7c 06 02 00 - 4c 06 02 00 00 00 00 00 ....|...L.......
000000000007ff90 00 00 00 00 00 00 00 00 - 00 00 00 00 2e 00 00 00 ................
000000000007ffa0 00 00 00 00 3a ef 06 00 - 01 00 00 00 05 00 00 00 ....:...........
000000000007ffb0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000007ffc0 f0 ff 07 00 4f 6d 81 7c - e8 4d e5 00 90 e8 06 00 ....Om.|.M......
000000000007ffd0 00 f0 fd 7f 74 7c 29 c0 - c8 ff 07 00 20 c0 f0 81 ....t|)..... ...
000000000007ffe0 ff ff ff ff f3 99 83 7c - 58 6d 81 7c 00 00 00 00 .......|Xm.|....
000000000007fff0 00 00 00 00 00 00 00 00 - 4e e2 01 01 00 00 00 00 ........N.......
0000000000080000 41 63 74 78 20 00 00 00 - 01 00 00 00 98 24 00 00 Actx ........$..
0000000000080010 c4 00 00 00 00 00 00 00 - 20 00 00 00 00 00 00 00 ........ .......
0000000000080020 14 00 00 00 01 00 00 00 - 06 00 00 00 34 00 00 00 ............4...
*----> Vidage de l'état de la thread 0xb74 <----*
eax=00daff54 ebx=00000000 ecx=000bfbf8 edx=7c91eb94 esi=000bfbf8 edi=000bfc9c
eip=7c91eb94 esp=00dafe1c ebp=00daff80 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\RPCRT4.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
00daff80 77e56c22 00daffa8 77e56a3b 000bfbf8 ntdll!KiFastSystemCallRet
00daff88 77e56a3b 000bfbf8 00000000 0007f88c RPCRT4!I_RpcBCacheFree+0x5ea
00daffa8 77e56c0a 000bfab0 00daffec 7c80b50b RPCRT4!I_RpcBCacheFree+0x403
00daffb4 7c80b50b 000c9f68 00000000 0007f88c RPCRT4!I_RpcBCacheFree+0x5d2
00daffec 00000000 77e56bf0 000c9f68 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
0000000000dafe1c 99 e3 91 7c 03 67 e5 77 - b0 01 00 00 70 ff da 00 ...|.g.w....p...
0000000000dafe2c 00 00 00 00 b8 c4 15 00 - 54 ff da 00 74 61 58 80 ........T...taX.
0000000000dafe3c 8f 61 58 80 64 dd ec a5 - 78 f4 07 00 ef 60 58 80 .aX.d...x....`X.
0000000000dafe4c 82 e2 56 80 02 e5 f1 81 - 00 00 f0 81 70 e5 3b 82 ..V.........p.;.
0000000000dafe5c 28 f9 07 00 48 dd ec a5 - e6 52 57 80 05 00 00 00 (...H....RW.....
0000000000dafe6c 01 00 00 00 00 00 00 00 - 64 dd ec a5 70 db ec a5 ........d...p...
0000000000dafe7c f8 00 00 00 05 00 00 00 - 05 00 00 00 06 02 00 00 ................
0000000000dafe8c a3 9d 4d 80 82 2b 4e 80 - 30 e4 54 ff 28 dc ec a5 ..M..+N.0.T.(...
0000000000dafe9c 00 31 70 80 43 3d 70 80 - 28 dc ec a5 27 34 70 80 .1p.C=p.(...'4p.
0000000000dafeac 00 0d db ba 00 00 00 00 - 82 2b 4e 80 00 0d db ba .........+N.....
0000000000dafebc 81 a8 55 80 34 00 00 c0 - f0 e5 f1 81 01 da 56 80 ..U.4.........V.
0000000000dafecc 40 00 00 00 4c dc ec a5 - 78 44 01 e1 94 e6 f1 81 @...L...xD......
0000000000dafedc 4c dc ec a5 00 00 00 00 - 00 00 00 00 00 00 00 00 L...............
0000000000dafeec 81 a8 55 80 ff ff ff ff - 40 f5 df ff 00 00 00 00 ..U.....@.......
0000000000dafefc 10 34 70 80 cc e5 54 ff - 28 dc ec a5 00 00 00 00 .4p...T.(.......
0000000000daff0c 27 34 70 80 08 00 00 00 - 46 02 00 00 09 22 4e 80 '4p.....F...."N.
0000000000daff1c a0 e4 54 ff 30 e4 54 ff - 3f 22 4e 80 9c e5 54 ff ..T.0.T.?"N...T.
0000000000daff2c 30 e4 54 ff 80 ff da 00 - 99 66 e5 77 4c ff da 00 0.T......f.wL...
0000000000daff3c a9 66 e5 77 ed 10 91 7c - 20 97 0c 00 68 9f 0c 00 .f.w...| ...h...
0000000000daff4c 00 a2 2f 4d ff ff ff ff - 00 5d 1e ee ff ff ff ff ../M.....]......
*----> Vidage de l'état de la thread 0xb50 <----*
eax=774b319a ebx=00007530 ecx=7ffdf000 edx=00000000 esi=00000000 edi=00e0ff50
eip=7c91eb94 esp=00e0ff20 ebp=00e0ff78 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000206
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ole32.dll -
ChildEBP RetAddr Args to Child
00e0ff78 7c802451 0000ea60 00000000 00e0ffb4 ntdll!KiFastSystemCallRet
00e0ff88 774b2fcb 0000ea60 000cc7d8 774b314d kernel32!Sleep+0xf
00e0ffb4 7c80b50b 000cc7d8 00000000 7c92094e ole32!StringFromGUID2+0x2d1
00e0ffec 00000000 774b319a 000cc7d8 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
0000000000e0ff20 5c d8 91 7c ed 23 80 7c - 00 00 00 00 50 ff e0 00 \..|.#.|....P...
0000000000e0ff30 50 25 80 7c f0 56 5c 77 - 30 75 00 00 14 00 00 00 P%.|.V\w0u......
0000000000e0ff40 01 00 00 00 00 00 00 00 - 00 00 00 00 10 00 00 00 ................
0000000000e0ff50 00 ba 3c dc ff ff ff ff - cc fe e0 00 50 ff e0 00 ..<.........P...
0000000000e0ff60 30 ff e0 00 cc fe e0 00 - dc ff e0 00 f3 99 83 7c 0..............|
0000000000e0ff70 58 24 80 7c 00 00 00 00 - 88 ff e0 00 51 24 80 7c X$.|........Q$.|
0000000000e0ff80 60 ea 00 00 00 00 00 00 - b4 ff e0 00 cb 2f 4b 77 `............/Kw
0000000000e0ff90 60 ea 00 00 d8 c7 0c 00 - 4d 31 4b 77 00 00 00 00 `.......M1Kw....
0000000000e0ffa0 00 00 00 00 d8 c7 0c 00 - 00 00 4a 77 b5 31 4b 77 ..........Jw.1Kw
0000000000e0ffb0 4e 09 92 7c ec ff e0 00 - 0b b5 80 7c d8 c7 0c 00 N..|.......|....
0000000000e0ffc0 00 00 00 00 4e 09 92 7c - d8 c7 0c 00 00 c0 fd 7f ....N..|........
0000000000e0ffd0 00 06 3c 82 c0 ff e0 00 - 98 95 65 ff ff ff ff ff ..<.......e.....
0000000000e0ffe0 f3 99 83 7c 18 b5 80 7c - 00 00 00 00 00 00 00 00 ...|...|........
0000000000e0fff0 00 00 00 00 9a 31 4b 77 - d8 c7 0c 00 00 00 00 00 .....1Kw........
0000000000e10000 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e10010 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e10020 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e10030 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e10040 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e10050 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
*----> Vidage de l'état de la thread 0xb4c <----*
eax=00000007 ebx=00000000 ecx=00e4fd54 edx=7c91eb94 esi=7c98c0d8 edi=00000000
eip=7c91eb94 esp=00e4f7dc ebp=00e4f864 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\USER32.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\SHLWAPI.dll -
ChildEBP RetAddr Args to Child
00e4f864 7c91104b 0198c0d8 7c9231dc 7c98c0d8 ntdll!KiFastSystemCallRet
00e4f8a8 7c926298 00000001 00000000 00e4f908 ntdll!RtlEnterCriticalSection+0x46
00e4fb44 7c801bb9 000953d0 00e4fb90 00e4fb70 ntdll!LdrLoadDll+0xce
00e4fbac 7c801d6e 7ffdbc00 00000000 00000000 kernel32!LoadLibraryExW+0xc8
00e4fbc0 7c801da4 7cbc5100 00000000 00000000 kernel32!LoadLibraryExA+0x1f
00e4fbdc 7ca110d9 7cbc5100 00000001 00000000 kernel32!LoadLibraryA+0x2d
00e4fc1c 7ca0a5eb 7cbc4d80 7cbcc260 00000014 SHELL32!SHChangeNotifyDeregister+0x141a
00e4fc60 7ca2504b 00000001 00000001 00000001 SHELL32!SHExtractIconsW+0xbc2
00e4fc80 7ca622b4 00000000 7cbcc5c8 00000000 SHELL32!ReadCabinetState+0x735
00e4fca0 7c9f2695 00000001 00000000 7cbcc5c8 SHELL32!DragAcceptFiles+0x1807d
00e4fccc 7c9f2652 00000001 00000001 00000113 SHELL32!Ordinal57+0xfd
00e4fce8 7ca49362 00000001 00000001 00000001 SHELL32!Ordinal57+0xba
00e4fd30 010021d3 00000015 00000113 010460d8 SHELL32!Ordinal733+0x11
00e4fde8 01001b5e 001a011a 00000113 00000015 explorer+0x21d3
00e4fe0c 77d18709 001a011a 00000113 00000015 explorer+0x1b5e
00e4fe38 77d187eb 01001b1f 001a011a 00000113 USER32!GetDC+0x72
00e4fea0 77d189a5 0009fae0 01001b1f 001a011a USER32!GetDC+0x154
00e4ff00 77d189e8 00e4ff28 00000000 00e4ff44 USER32!GetWindowLongW+0x127
00e4ff10 01001a35 00e4ff28 00000000 010460d8 USER32!DispatchMessageW+0xf
00e4ff44 01011e8b 00000000 00e4ffb4 77f5f5de explorer+0x1a35
00e4ff50 77f5f5de 010460d8 0000005c 0007fc04 explorer+0x11e8b
00e4ffb4 7c80b50b 00000000 0000005c 0007fc04 SHLWAPI!Ordinal505+0x369
00e4ffec 00000000 77f5f56f 0007fdbc 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
0000000000e4f7dc c0 e9 91 7c 1b 90 92 7c - dc 02 00 00 00 00 00 00 ...|...|........
0000000000e4f7ec 00 00 00 00 08 f9 e4 00 - 00 00 00 00 01 00 00 00 ................
0000000000e4f7fc f5 00 00 00 02 00 03 00 - 03 05 05 05 00 00 00 00 ................
0000000000e4f80c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e4f81c 00 00 00 00 94 fc e4 00 - 18 00 00 00 00 00 00 00 ................
0000000000e4f82c 5c f8 e4 00 40 00 00 00 - 00 00 00 00 6c f8 e4 00 \...@.......l...
0000000000e4f83c 00 00 09 00 32 07 92 7c - 2c 00 00 00 c8 0e 09 00 ....2..|,.......
0000000000e4f84c 00 00 00 00 d0 53 09 00 - 44 f8 e4 00 b8 1a 0f 00 .....S..D.......
0000000000e4f85c 00 00 00 00 dc 02 00 00 - a8 f8 e4 00 4b 10 91 7c ............K..|
0000000000e4f86c d8 c0 98 01 dc 31 92 7c - d8 c0 98 7c 08 00 15 c0 .....1.|...|....
0000000000e4f87c 01 00 00 00 00 00 00 00 - 00 00 00 00 00 00 02 03 ................
0000000000e4f88c 74 f5 00 00 78 f8 e4 00 - 78 62 92 7c 34 fb e4 00 t...x...xb.|4...
0000000000e4f89c 18 ee 91 7c 18 32 92 7c - ff ff ff ff 44 fb e4 00 ...|.2.|....D...
0000000000e4f8ac 98 62 92 7c 01 00 00 00 - 00 00 00 00 08 f9 e4 00 .b.|............
0000000000e4f8bc 00 00 00 00 f0 17 bd 7c - 00 00 00 00 00 f9 e4 00 .......|........
0000000000e4f8cc a7 94 d1 77 b0 4a 55 00 - 00 00 00 00 b0 94 d1 77 ...w.JU........w
0000000000e4f8dc 18 fa e4 00 1c fd e4 00 - 00 00 00 00 dc f8 e4 00 ................
0000000000e4f8ec b0 94 d1 77 34 fa e4 00 - 90 fb e4 00 d0 53 09 00 ...w4........S..
0000000000e4f8fc 8c fb e4 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e4f90c 00 00 08 02 20 f9 e4 00 - 00 00 00 00 00 00 00 00 .... ...........
*----> Vidage de l'état de la thread 0x560 <----*
eax=7c93798d ebx=00000000 ecx=77da6a51 edx=77da6a18 esi=ffffffff edi=7c91fb78
eip=7c91eb94 esp=00e8ff9c ebp=00e8ffb4 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
00e8ffb4 7c80b50b 00000000 7c91fb78 ffffffff ntdll!KiFastSystemCallRet
00e8ffec 00000000 7c93798d 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
0000000000e8ff9c 5c d8 91 7c d4 79 93 7c - 01 00 00 00 ac ff e8 00 \..|.y.|........
0000000000e8ffac 00 00 00 00 00 00 00 80 - ec ff e8 00 0b b5 80 7c ...............|
0000000000e8ffbc 00 00 00 00 78 fb 91 7c - ff ff ff ff 00 00 00 00 ....x..|........
0000000000e8ffcc 00 a0 fd 7f 00 06 3c 82 - c0 ff e8 00 80 a2 14 82 ......<.........
0000000000e8ffdc ff ff ff ff f3 99 83 7c - 18 b5 80 7c 00 00 00 00 .......|...|....
0000000000e8ffec 00 00 00 00 00 00 00 00 - 8d 79 93 7c 00 00 00 00 .........y.|....
0000000000e8fffc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e9000c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e9001c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e9002c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e9003c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e9004c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e9005c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e9006c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e9007c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e9008c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e9009c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e900ac 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e900bc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000e900cc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
*----> Vidage de l'état de la thread 0xe18 <----*
eax=01995440 ebx=00000000 ecx=01550228 edx=015501d8 esi=7c98c0d8 edi=00000000
eip=7c91eb94 esp=00ecfe40 ebp=00ecfec8 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
00ecfec8 7c91104b 0198c0d8 7c929148 7c98c0d8 ntdll!KiFastSystemCallRet
00ecff3c 7c80cce7 7c98c3a0 7c98c380 00000000 ntdll!RtlEnterCriticalSection+0x46
00ecff74 7c80c939 00000000 00ecffb4 7c920b63 kernel32!ExitThread+0x3e
00ecff80 7c920b63 00000000 00e4fce4 00e4fce8 kernel32!IsBadHugeWritePtr+0x1d
00ecffb4 7c80b50b 00000000 00e4fce4 00e4fce8 ntdll!wcsncpy+0xd4
00ecffec 00000000 7c920760 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
0000000000ecfe40 c0 e9 91 7c 1b 90 92 7c - dc 02 00 00 00 00 00 00 ...|...|........
0000000000ecfe50 00 00 00 00 00 f0 fd 7f - 00 90 fd 7f 00 00 00 00 ................
0000000000ecfe60 18 ee 91 7c 70 05 92 7c - 78 fe ec 00 00 00 00 00 ...|p..|x.......
0000000000ecfe70 c8 05 92 7c 60 3b 14 00 - 44 ff ec 00 51 05 92 7c ...|`;..D...Q..|
0000000000ecfe80 18 07 09 00 6d 05 92 7c - 80 c3 98 7c 68 3b 14 00 ....m..|...|h;..
0000000000ecfe90 00 00 00 00 00 00 00 00 - e0 d4 13 00 88 8e f4 77 ...............w
0000000000ecfea0 70 dc 0c 00 bc fe ec 00 - 1f 46 4b 77 00 00 00 00 p........FKw....
0000000000ecfeb0 00 00 00 00 ec fd ec 00 - 1b 42 4b 77 30 ff ec 00 .........BKw0...
0000000000ecfec0 00 00 00 00 dc 02 00 00 - 3c ff ec 00 4b 10 91 7c ........<...K..|
0000000000ecfed0 d8 c0 98 01 48 91 92 7c - d8 c0 98 7c 00 00 00 00 ....H..|...|....
0000000000ecfee0 00 90 fd 7f 00 00 00 00 - 00 00 f1 75 e0 d4 13 00 ...........u....
0000000000ecfef0 00 90 fd 7f 40 ff ec 00 - 57 76 93 7c 10 ff ec 00 ....@...Wv.|....
0000000000ecff00 53 75 93 7c a0 c3 98 7c - 68 3b 14 00 00 00 09 00 Su.|...|h;......
0000000000ecff10 14 00 00 00 01 00 00 00 - 00 f0 fd 7f e0 4b 09 00 .............K..
0000000000ecff20 00 00 00 00 dc fe ec 00 - 3c e0 91 7c 64 ff ec 00 ........<..|d...
0000000000ecff30 18 ee 91 7c 68 91 92 7c - ff ff ff ff 74 ff ec 00 ...|h..|....t...
0000000000ecff40 e7 cc 80 7c a0 c3 98 7c - 80 c3 98 7c 00 00 00 00 ...|...|...|....
0000000000ecff50 00 00 00 00 00 90 fd 7f - 00 00 00 00 44 ff ec 00 ............D...
0000000000ecff60 a0 c3 98 7c dc ff ec 00 - f3 99 83 7c 10 cd 80 7c ...|.......|...|
0000000000ecff70 ff ff ff ff 80 ff ec 00 - 39 c9 80 7c 00 00 00 00 ........9..|....
*----> Vidage de l'état de la thread 0xe6c <----*
eax=000000c0 ebx=00000000 ecx=00e4fb00 edx=00000000 esi=00000000 edi=00000001
eip=7c91eb94 esp=00f0fcec ebp=00f0ffb4 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
00f0ffb4 7c80b50b 00000000 00000020 00e4fce4 ntdll!KiFastSystemCallRet
00f0ffec 00000000 7c939fae 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
0000000000f0fcec ab e9 91 7c d5 a0 93 7c - 03 00 00 00 30 fd f0 00 ...|...|....0...
0000000000f0fcfc 01 00 00 00 01 00 00 00 - 00 00 00 00 20 00 00 00 ............ ...
0000000000f0fd0c e4 fc e4 00 00 00 00 00 - 08 e5 98 7c 08 e5 98 7c ...........|...|
0000000000f0fd1c 00 02 00 00 6c 0e 00 00 - 03 00 00 00 03 00 00 00 ....l...........
0000000000f0fd2c 02 00 00 00 fc 01 00 00 - e4 01 00 00 34 04 00 00 ............4...
0000000000f0fd3c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fd4c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fd5c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fd6c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fd7c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fd8c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fd9c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fdac 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fdbc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fdcc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fddc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fdec 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fdfc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fe0c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000f0fe1c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
*----> Vidage de l'état de la thread 0xe74 <----*
eax=00000403 ebx=01a998b0 ecx=0000c0c2 edx=00001818 esi=00000000 edi=7ffdf000
eip=7c91eb94 esp=00fafd30 ebp=00fafdcc iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
00fafdcc 77d1bbfe 0000000c 001803d8 00000000 ntdll!KiFastSystemCallRet
00fafe28 7ca043d9 0000000b 00fafe50 ffffffff USER32!SetWindowTextW+0x120
00faff4c 7ca4114e 77f5f5de 00000000 7c809988 SHELL32!SHCreateShellFolderView+0x3d6b
00faffb4 7c80b50b 00000000 7c809988 00090000 SHELL32!Ordinal753+0x133
00faffec 00000000 77f5f56f 00e4f4d4 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
0000000000fafd30 ab e9 91 7c f2 94 80 7c - 0c 00 00 00 b0 98 a9 01 ...|...|........
0000000000fafd40 01 00 00 00 01 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000fafd50 0c 00 00 00 02 00 00 00 - 00 00 00 00 d8 03 18 00 ................
0000000000fafd60 01 00 00 00 00 00 00 00 - 38 00 00 00 10 00 00 00 ........8.......
0000000000fafd70 00 00 09 00 6c fb fa 00 - 14 00 00 00 01 00 00 00 ....l...........
0000000000fafd80 80 a5 0d 00 00 00 00 00 - 00 00 00 00 eb 06 92 7c ...............|
0000000000fafd90 0f 9a 80 7c 00 00 09 00 - 00 f0 fd 7f 00 70 fd 7f ...|.........p..
0000000000fafda0 00 70 fd 7f 00 00 00 00 - b0 98 a9 01 ac 00 02 00 .p..............
0000000000fafdb0 0c 00 00 00 4c fd fa 00 - 00 00 00 00 dc ff fa 00 ....L...........
0000000000fafdc0 f3 99 83 7c 90 95 80 7c - 00 00 00 00 28 fe fa 00 ...|...|....(...
0000000000fafdd0 fe bb d1 77 0c 00 00 00 - d8 03 18 00 00 00 00 00 ...w............
0000000000fafde0 ff ff ff ff 01 00 00 00 - 40 4b 0d 00 0b 00 00 00 ........@K......
0000000000fafdf0 00 00 00 00 78 92 d1 77 - 00 00 00 00 3c fe fa 00 ....x..w....<...
0000000000fafe00 eb 44 a0 7c 20 fe fa 00 - 00 00 00 00 00 00 00 00 .D.| ...........
0000000000fafe10 00 00 00 00 01 d1 00 00 - 00 00 00 00 01 00 00 00 ................
0000000000fafe20 00 70 fd 7f 20 02 00 00 - 4c ff fa 00 d9 43 a0 7c .p.. ...L....C.|
0000000000fafe30 0b 00 00 00 50 fe fa 00 - ff ff ff ff ff 04 00 00 ....P...........
0000000000fafe40 d8 03 18 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000000fafe50 90 06 00 00 3c 04 00 00 - 90 03 00 00 2c 03 00 00 ....<.......,...
0000000000fafe60 48 03 00 00 24 03 00 00 - 00 03 00 00 0c 03 00 00 H...$...........
*----> Vidage de l'état de la thread 0xe78 <----*
eax=00011686 ebx=00000000 ecx=00009566 edx=00000016 esi=7c98c380 edi=7c98c3a0
eip=7c91eb94 esp=0150ff70 ebp=0150ffb4 iopl=0 nv up ei ng nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000286
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
0150ffb4 7c80b50b 00000000 00e4f8c4 00e4f8c4 ntdll!KiFastSystemCallRet
0150ffec 00000000 7c920760 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
000000000150ff70 1b e3 91 7c 9d 07 92 7c - f8 01 00 00 ac ff 50 01 ...|...|......P.
000000000150ff80 b0 ff 50 01 98 ff 50 01 - a0 ff 50 01 c4 f8 e4 00 ..P...P...P.....
000000000150ff90 c4 f8 e4 00 00 00 00 00 - 00 00 00 00 08 ab aa 01 ................
000000000150ffa0 00 7c 28 e8 ff ff ff ff - a0 dc ed a5 69 75 93 7c .|(.........iu.|
000000000150ffb0 d8 94 aa 01 ec ff 50 01 - 0b b5 80 7c 00 00 00 00 ......P....|....
000000000150ffc0 c4 f8 e4 00 c4 f8 e4 00 - 00 00 00 00 00 60 fd 7f .............`..
000000000150ffd0 00 26 3c 82 c0 ff 50 01 - 98 94 57 ff ff ff ff ff .&<...P...W.....
000000000150ffe0 f3 99 83 7c 18 b5 80 7c - 00 00 00 00 00 00 00 00 ...|...|........
000000000150fff0 00 00 00 00 60 07 92 7c - 00 00 00 00 00 00 00 00 ....`..|........
0000000001510000 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000001510010 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000001510020 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000001510030 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000001510040 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000001510050 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000001510060 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000001510070 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000001510080 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0000000001510090 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000015100a0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
*----> Vidage de l'état de la thread 0x500 <----*
eax=00000000 ebx=00000000 ecx=775c5074 edx=00001000 esi=7c98c0d8 edi=00000000
eip=7c91eb94 esp=0154fe40 ebp=0154fec8 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
0154fec8 7c91104b 0198c0d8 7c929148 7c98c0d8 ntdll!KiFastSystemCallRet
0154ff3c 7c80cce7 7c98c3a0 7c98c380 00000000 ntdll!RtlEnterCriticalSection+0x46
0154ff74 7c80c939 00000000 0154ffb4 7c920b63 kernel32!ExitThread+0x3e
0154ff80 7c920b63 00000000 0057005c 006e0069 kernel32!IsBadHugeWritePtr+0x1d
0154ffb4 7c80b50b 00000000 0057005c 006e0069 ntdll!wcsncpy+0xd4
0154ffec 00000000 7c920760 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
000000000154fe40 c0 e9 91 7c 1b 90 92 7c - dc 02 00 00 00 00 00 00 ...|...|........
000000000154fe50 00 00 00 00 00 f0 fd 7f - 00 50 fd 7f 00 00 00 00 .........P......
000000000154fe60 09 00 00 00 00 00 00 00 - 78 fe 54 01 00 00 00 00 ........x.T.....
000000000154fe70 c8 05 92 7c 48 41 0f 00 - 44 ff 54 01 51 05 92 7c ...|HA..D.T.Q..|
000000000154fe80 18 07 09 00 6d 05 92 7c - 80 c3 98 7c 50 41 0f 00 ....m..|...|PA..
000000000154fe90 00 00 00 00 5d 99 80 7c - 78 9f 0e 00 88 8e f4 77 ....]..|x......w
000000000154fea0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000154feb0 00 00 00 00 38 04 11 00 - 00 dd 0e 00 e0 fe 54 01 ....8.........T.
000000000154fec0 00 00 00 00 dc 02 00 00 - 3c ff 54 01 4b 10 91 7c ........<.T.K..|
000000000154fed0 d8 c0 98 01 48 91 92 7c - d8 c0 98 7c 00 00 00 00 ....H..|...|....
000000000154fee0 00 50 fd 7f 00 00 00 00 - 01 00 00 00 78 9f 0e 00 .P..........x...
000000000154fef0 00 50 fd 7f 40 ff 54 01 - 57 76 93 7c 10 ff 54 01 .P..@.T.Wv.|..T.
000000000154ff00 53 75 93 7c a0 c3 98 7c - 50 41 0f 00 00 00 09 00 Su.|...|PA......
000000000154ff10 14 00 00 00 01 00 00 00 - 00 f0 fd 7f e0 fa 09 00 ................
000000000154ff20 00 00 00 00 dc fe 54 01 - 3c e0 91 7c 64 ff 54 01 ......T.<..|d.T.
000000000154ff30 18 ee 91 7c 68 91 92 7c - ff ff ff ff 74 ff 54 01 ...|h..|....t.T.
000000000154ff40 e7 cc 80 7c a0 c3 98 7c - 80 c3 98 7c 00 00 00 00 ...|...|...|....
000000000154ff50 00 00 00 00 00 50 fd 7f - 00 00 00 00 44 ff 54 01 .....P......D.T.
000000000154ff60 a0 c3 98 7c dc ff 54 01 - f3 99 83 7c 10 cd 80 7c ...|..T....|...|
000000000154ff70 ff ff ff ff 80 ff 54 01 - 39 c9 80 7c 00 00 00 00 ......T.9..|....
*----> Vidage de l'état de la thread 0xb5c <----*
eax=72c730e8 ebx=0166fef8 ecx=00000084 edx=00149ff8 esi=00000000 edi=7ffdf000
eip=7c91eb94 esp=0166fed0 ebp=0166ff6c iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\wdmaud.drv -
ChildEBP RetAddr Args to Child
0166ff6c 7c809c86 00000002 0166ffa4 00000000 ntdll!KiFastSystemCallRet
0166ff88 72c7312a 00000002 0166ffa4 00000000 kernel32!WaitForMultipleObjects+0x18
0166ffb4 7c80b50b 00000000 00000000 00090000 wdmaud!midMessage+0x348
0166ffec 00000000 72c730e8 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
000000000166fed0 ab e9 91 7c f2 94 80 7c - 02 00 00 00 f8 fe 66 01 ...|...|......f.
000000000166fee0 01 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000166fef0 00 00 00 00 00 00 00 00 - 6c 03 00 00 58 03 00 00 ........l...X...
000000000166ff00 94 24 13 82 28 dc ed a5 - 00 00 00 00 27 34 70 80 .$..(.......'4p.
000000000166ff10 08 00 00 00 46 02 00 00 - 14 00 00 00 01 00 00 00 ....F...........
000000000166ff20 10 a0 14 00 00 00 00 00 - 00 00 00 00 f8 22 13 82 ............."..
000000000166ff30 2c 23 13 82 06 00 00 00 - 00 f0 fd 7f 00 40 fd 7f ,#...........@..
000000000166ff40 f8 22 13 82 00 00 00 00 - f8 fe 66 01 9c bb 4f 80 ."........f...O.
000000000166ff50 02 00 00 00 ec fe 66 01 - 00 00 00 00 dc ff 66 01 ......f.......f.
000000000166ff60 f3 99 83 7c 90 95 80 7c - 00 00 00 00 88 ff 66 01 ...|...|......f.
000000000166ff70 86 9c 80 7c 02 00 00 00 - a4 ff 66 01 00 00 00 00 ...|......f.....
000000000166ff80 ff ff ff ff 00 00 00 00 - b4 ff 66 01 2a 31 c7 72 ..........f.*1.r
000000000166ff90 02 00 00 00 a4 ff 66 01 - 00 00 00 00 ff ff ff ff ......f.........
000000000166ffa0 00 00 09 00 6c 03 00 00 - 58 03 00 00 f2 3e 70 80 ....l...X....>p.
000000000166ffb0 dc e2 91 7c ec ff 66 01 - 0b b5 80 7c 00 00 00 00 ...|..f....|....
000000000166ffc0 00 00 00 00 00 00 09 00 - 00 00 00 00 00 40 fd 7f .............@..
000000000166ffd0 00 06 3c 82 c0 ff 66 01 - 60 78 1d 82 ff ff ff ff ..<...f.`x......
000000000166ffe0 f3 99 83 7c 18 b5 80 7c - 00 00 00 00 00 00 00 00 ...|...|........
000000000166fff0 00 00 00 00 e8 30 c7 72 - 00 00 00 00 00 00 00 00 .....0.r........
0000000001670000 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
*----> Vidage de l'état de la thread 0xe8c <----*
eax=00000000 ebx=00000390 ecx=001d8148 edx=0013d2d8 esi=016aff98 edi=77d3ea45
eip=7c91eb94 esp=016aff54 ebp=016aff78 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\WINMM.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
016aff78 76ae4e3d 016aff98 00000000 00000000 ntdll!KiFastSystemCallRet
016affb4 7c80b50b 00000390 00000200 0000002b WINMM!PlaySoundW+0x7e6
016affec 00000000 76ae4dd6 00000390 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
00000000016aff54 9b 91 d1 77 85 ea d3 77 - 98 ff 6a 01 00 00 00 00 ...w...w..j.....
00000000016aff64 00 00 00 00 00 00 00 00 - 90 03 00 00 45 ea d3 77 ............E..w
00000000016aff74 00 00 00 00 b4 ff 6a 01 - 3d 4e ae 76 98 ff 6a 01 ......j.=N.v..j.
00000000016aff84 00 00 00 00 00 00 00 00 - 00 00 00 00 00 02 00 00 ................
00000000016aff94 2b 00 00 00 a2 00 02 00 - c2 c0 00 00 00 00 00 00 +...............
00000000016affa4 00 00 00 00 87 e7 19 00 - c0 00 00 00 d3 02 00 00 ................
00000000016affb4 ec ff 6a 01 0b b5 80 7c - 90 03 00 00 00 02 00 00 ..j....|........
00000000016affc4 2b 00 00 00 90 03 00 00 - 00 f0 fa 7f 00 26 3c 82 +............&<.
00000000016affd4 c0 ff 6a 01 98 94 57 ff - ff ff ff ff f3 99 83 7c ..j...W........|
00000000016affe4 18 b5 80 7c 00 00 00 00 - 00 00 00 00 00 00 00 00 ...|............
00000000016afff4 d6 4d ae 76 90 03 00 00 - 00 00 00 00 c8 00 00 00 .M.v............
00000000016b0004 ff 01 00 00 ff ee ff ee - 02 10 00 00 00 00 00 00 ................
00000000016b0014 00 fe 00 00 00 00 10 00 - 00 20 00 00 00 02 00 00 ......... ......
00000000016b0024 00 20 00 00 1e 14 00 00 - ff ef fd 7f 0f 00 08 06 . ..............
00000000016b0034 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000016b0044 98 05 6b 01 0f 00 00 00 - f8 ff ff ff 50 00 6b 01 ..k.........P.k.
00000000016b0054 50 00 6b 01 40 06 6b 01 - 00 00 00 00 00 00 00 00 P.k.@.k.........
00000000016b0064 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000016b0074 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000016b0084 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
*----> Vidage de l'état de la thread 0xea0 <----*
eax=00000000 ebx=00004e20 ecx=00280000 edx=7f6f0801 esi=017cfd68 edi=77d191a3
eip=7c91eb94 esp=017cfcf8 ebp=017cfd14 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\System32\stobject.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
017cfd14 76541513 017cfd68 00000000 00000000 ntdll!KiFastSystemCallRet
017cfd8c 76543746 76540000 00000000 0003005e stobject+0x1513
017cffb4 7c80b50b 00000000 00000000 00000000 stobject!DllCanUnloadNow+0x1fa4
017cffec 00000000 765436f7 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
00000000017cfcf8 9b 91 d1 77 ce 91 d1 77 - 68 fd 7c 01 00 00 00 00 ...w...wh.|.....
00000000017cfd08 00 00 00 00 00 00 00 00 - 00 00 00 00 8c fd 7c 01 ..............|.
00000000017cfd18 13 15 54 76 68 fd 7c 01 - 00 00 00 00 00 00 00 00 ..Tvh.|.........
00000000017cfd28 00 00 00 00 00 00 00 00 - 00 00 54 76 00 00 00 00 ..........Tv....
00000000017cfd38 30 00 00 00 00 40 00 00 - 21 13 54 76 00 00 00 00 0....@..!.Tv....
00000000017cfd48 1e 00 00 00 00 00 54 76 - 35 00 05 00 11 00 01 00 ......Tv5.......
00000000017cfd58 10 00 00 00 00 00 00 00 - f4 31 54 76 00 00 00 00 .........1Tv....
00000000017cfd68 5e 00 03 00 c2 c0 00 00 - 00 00 00 00 00 00 00 00 ^...............
00000000017cfd78 87 e7 19 00 c0 00 00 00 - d3 02 00 00 00 00 00 00 ................
00000000017cfd88 00 00 00 00 b4 ff 7c 01 - 46 37 54 76 00 00 54 76 ......|.F7Tv..Tv
00000000017cfd98 00 00 00 00 5e 00 03 00 - 01 00 00 00 00 00 00 00 ....^...........
00000000017cfda8 43 00 3a 00 5c 00 57 00 - 49 00 4e 00 44 00 4f 00 C.:.\.W.I.N.D.O.
00000000017cfdb8 57 00 53 00 5c 00 53 00 - 79 00 73 00 74 00 65 00 W.S.\.S.y.s.t.e.
00000000017cfdc8 6d 00 33 00 32 00 5c 00 - 73 00 74 00 6f 00 62 00 m.3.2.\.s.t.o.b.
00000000017cfdd8 6a 00 65 00 63 00 74 00 - 2e 00 64 00 6c 00 6c 00 j.e.c.t...d.l.l.
00000000017cfde8 00 00 81 7c 1b 00 00 00 - 00 02 00 00 fc ff 7c 01 ...|..........|.
00000000017cfdf8 23 00 00 00 56 08 81 7c - 1b 00 00 00 00 02 00 00 #...V..|........
00000000017cfe08 fc ff 6e 01 23 00 00 00 - 00 00 00 00 00 00 00 00 ..n.#...........
00000000017cfe18 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000017cfe28 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
*----> Vidage de l'état de la thread 0xdf8 <----*
eax=77e56bf0 ebx=00000000 ecx=00000008 edx=003c36d0 esi=000bfbf8 edi=000bfc9c
eip=7c91eb94 esp=018bfe1c ebp=018bff80 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
018bff80 77e56c22 018bffa8 77e56a3b 000bfbf8 ntdll!KiFastSystemCallRet
018bff88 77e56a3b 000bfbf8 00000000 003c0178 RPCRT4!I_RpcBCacheFree+0x5ea
018bffa8 77e56c0a 000bfab0 018bffec 7c80b50b RPCRT4!I_RpcBCacheFree+0x403
018bffb4 7c80b50b 00153c18 00000000 003c0178 RPCRT4!I_RpcBCacheFree+0x5d2
018bffec 00000000 77e56bf0 00153c18 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
00000000018bfe1c 99 e3 91 7c 03 67 e5 77 - b0 01 00 00 70 ff 8b 01 ...|.g.w....p...
00000000018bfe2c 00 00 00 00 70 29 16 00 - 54 ff 8b 01 00 00 00 00 ....p)..T.......
00000000018bfe3c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfe4c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfe5c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfe6c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfe7c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfe8c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfe9c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfeac 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfebc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfecc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfedc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfeec 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bfefc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018bff0c 00 00 00 00 00 00 00 00 - 00 00 00 00 38 f5 df ff ............8...
00000000018bff1c 8b cc 4d 80 00 43 ea 81 - 4f ca 4d 80 f4 44 ea 81 ..M..C..O.M..D..
00000000018bff2c 88 43 ea 81 80 ff 8b 01 - 99 66 e5 77 4c ff 8b 01 .C.......f.wL...
00000000018bff3c a9 66 e5 77 ed 10 91 7c - 40 39 15 00 18 3c 15 00 .f.w...|@9...<..
00000000018bff4c 00 a2 2f 4d ff ff ff ff - 00 5d 1e ee ff ff ff ff ../M.....]......
*----> Vidage de l'état de la thread 0xee8 <----*
eax=77e56bf0 ebx=00000000 ecx=00000008 edx=00000000 esi=000bfbf8 edi=000bfc9c
eip=7c91eb94 esp=018ffe1c ebp=018fff80 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
018fff80 77e56c22 018fffa8 77e56a3b 000bfbf8 ntdll!KiFastSystemCallRet
018fff88 77e56a3b 000bfbf8 00000000 00000000 RPCRT4!I_RpcBCacheFree+0x5ea
018fffa8 77e56c0a 000bfab0 018fffec 7c80b50b RPCRT4!I_RpcBCacheFree+0x403
018fffb4 7c80b50b 001535d8 00000000 00000000 RPCRT4!I_RpcBCacheFree+0x5d2
018fffec 00000000 77e56bf0 001535d8 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
00000000018ffe1c 99 e3 91 7c 03 67 e5 77 - b0 01 00 00 70 ff 8f 01 ...|.g.w....p...
00000000018ffe2c 00 00 00 00 60 bb 15 00 - 54 ff 8f 01 30 8b 8a a6 ....`...T...0...
00000000018ffe3c 00 00 00 00 25 cb 4d 80 - 30 8c 8a a6 30 8c 8a a6 ....%.M.0...0...
00000000018ffe4c 00 00 00 00 00 00 00 00 - 54 72 10 82 00 03 1f 00 ........Tr......
00000000018ffe5c 4c 8b 8a a6 0f d4 56 80 - 00 00 00 02 30 8c 8a a6 L.....V.....0...
00000000018ffe6c 64 8b 8a a6 53 73 58 80 - 30 8c 8a a6 54 6e ee 81 d...SsX.0...Tn..
00000000018ffe7c 10 6c ee 81 58 aa f7 81 - c4 8c 8a a6 54 6e ee 81 .l..X.......Tn..
00000000018ffe8c 10 6c ee 81 00 aa f7 81 - 38 f5 df ff 8b cc 4d 80 .l......8.....M.
00000000018ffe9c 00 00 00 00 f0 eb 4e 80 - 54 6e ee 81 10 6c ee 81 ......N.Tn...l..
00000000018ffeac 58 aa f7 81 01 69 57 80 - 18 8d 8a a6 44 f5 40 01 X....iW.....D.@.
00000000018ffebc 30 f5 40 01 e3 39 07 00 - 00 00 00 00 00 00 00 00 0.@..9..........
00000000018ffecc 01 00 00 00 ff 03 1f 00 - ff 03 1f 00 ff 03 1f 00 ................
00000000018ffedc 00 00 00 00 00 00 00 00 - 00 00 00 00 7c 04 00 00 ............|...
00000000018ffeec 00 00 00 00 14 8c 8a a6 - 00 00 00 00 00 00 00 00 ................
00000000018ffefc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018fff0c 00 00 00 00 00 00 00 00 - 00 00 00 00 38 f5 7c f8 ............8.|.
00000000018fff1c 8b cc 4d 80 00 2a 15 82 - 4f ca 4d 80 5c 2c 15 82 ..M..*..O.M.\,..
00000000018fff2c f0 2a 15 82 80 ff 8f 01 - 99 66 e5 77 4c ff 8f 01 .*.......f.wL...
00000000018fff3c a9 66 e5 77 ed 10 91 7c - 68 52 15 00 d8 35 15 00 .f.w...|hR...5..
00000000018fff4c 00 a2 2f 4d ff ff ff ff - 00 5d 1e ee ff ff ff ff ../M.....]......
*----> Vidage de l'état de la thread 0xe14 <----*
eax=779e964a ebx=00000000 ecx=01a7e534 edx=00180c08 esi=7c98c0d8 edi=00000000
eip=7c91eb94 esp=01bbfdb8 ebp=01bbfe40 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e
*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\CRYPT32.dll -
ChildEBP RetAddr Args to Child
01bbfe40 7c91104b 0198c0d8 7c927332 7c98c0d8 ntdll!KiFastSystemCallRet
01bbff34 7c80aa7f 60990000 01a85478 00000000 ntdll!RtlEnterCriticalSection+0x46
01bbff48 779e980e 60990000 01830000 74e10000 kernel32!FreeLibrary+0x19
01bbff98 779e9692 00000000 00000000 00090000 CRYPT32!CertEnumSystemStoreLocation+0x14d8
01bbffb4 7c80b50b 00000001 00090000 00000000 CRYPT32!CertEnumSystemStoreLocation+0x135c
01bbffec 00000000 779e964a 01a85478 00000000 kernel32!GetModuleFileNameA+0x1b4
*----> Vidage brut de la pile <----*
0000000001bbfdb8 c0 e9 91 7c 1b 90 92 7c - dc 02 00 00 00 00 00 00 ...|...|........
0000000001bbfdc8 00 00 00 00 02 00 00 00 - 78 54 a8 01 00 00 00 00 ........xT......
0000000001bbfdd8 08 0c 18 00 34 e5 a7 01 - 4a 96 9e 77 c8 05 92 7c ....4...J..w...|
0000000001bbfde8 56 08 81 7c 1b 00 00 00 - 00 02 00 00 fc ff bb 01 V..|............
0000000001bbfdf8 23 00 00 00 56 08 81 7c - 1b 00 00 00 00 02 00 00 #...V..|........
0000000001bbfe08 fc ff a7 0
Marsh Posté le 17-09-2004 à 11:38:00
c est peut etre Norton qui fait planté
essaie de l arreter pour voir
Marsh Posté le 17-09-2004 à 20:03:09
essaie ceci
suppression des fichiers AVI)
http://a.vouillon.online.fr/faq-winxp.htm#115
Sujets relatifs:
- jarrive a me connecter mais aucune page sur internet explorer
- Pb barre d'outil office qd on ouvre un doc Word sous Internet Explorer
- [ Win XP ] Internet Explorer & images qui ne s'affichent pas
- gros pb avec messagerie wanadoo depuis outlook express...
- police de caractère internet explorer
- plantage sous xp
- MSN Messenger via Explorer
- Démarrer une appli à la place d'explorer au démarrage de windows ?
- Pb internet explorer !!
- Internet explorer et les fichiers ZIP
Marsh Posté le 17-09-2004 à 02:03:56
voila j'ai un gros pb avec XP (sp2).
surtout que j'ai reinstallé
Sous l'explorateur,quand j'essaye un clic droit sur n'importe quel fichier
ou simplement de supprimer un fichier, j'ai droit à un gros bloquage
de mon pc. obligé de killer explorer.exe dans le gestionnaire des taches puis, l'interface xp disparait puis
réaparait quelque secondes apres.
j'ai scanné mes dur pour voir si j'avais pas un virus mais j'ai rien
trouvé. j'ai aussi maté Dr watson et dans le log ya des erreur de explorer (?)
je sais vraiment pas koi penser de ce pb
XP ya pas longtemps.
Message édité par pef le 17-09-2004 à 02:28:42