Prev: WINXP ERROR: "STOP OX7B
Next: Adware-Virtumonde
From: Alfred Einstein on 3 Nov 2007 00:13 I am frequently getting Windows Explorer crashes (several times a day), with the "do you want to send this info to Microsoft" dialog. Then Dr. Watson starts and leaves a log file. But I have to ctrl-alt-del to get a Process Manager, and kill two drwatson.exe processes before Explorer restarts. It would be nice to not have these Explorer crashes. I don't know why they're happening ... this is a 3-week-old fresh re-install. Second best ... it would be nice to not have Dr. Watson get in the way ... if Explorer dies, just let it restart by itself. How do I tell Dr. Watson "don't come here, I don't want you!" Here's the last Dr. Watson log entry: Application exception occurred: App: C:\WINDOWS\Explorer.EXE (pid=448) When: 11/2/2007 @ 23:09:48.453 Exception number: c0000005 (access violation) *----> System Information <----* Computer Name: DELL4600 User Name: Lester Terminal Session Id: 0 Number of Processors: 1 Processor Type: x86 Family 15 Model 2 Stepping 7 Windows Version: 5.1 Current Build: 2600 Service Pack: 2 Current Type: Uniprocessor Free Registered Organization: Registered Owner: Lester *----> Task List <----* 0 System Process 4 System 1264 smss.exe 1320 csrss.exe 1348 winlogon.exe 1392 services.exe 1404 lsass.exe 1572 Ati2evxx.exe 1584 svchost.exe 1660 svchost.exe 2008 svchost.exe 228 svchost.exe 340 svchost.exe 872 spoolsv.exe 1000 schedul2.exe 1032 avgamsvr.exe 1056 avgupsvc.exe 1088 avgemc.exe 1252 wdfmgr.exe 1444 WinVNC4.exe 1708 MsPMSPSv.exe 560 alg.exe 248 Ati2evxx.exe 448 Explorer.EXE 1952 avgcc.exe 1800 TrueImageMonitor.exe 1124 schedhlp.exe 1228 taskbarshuffle.exe 1856 volumouse.exe 536 ctfmon.exe 1820 SnagIt32.exe 524 ftpserver.exe 540 sgmain.exe 2364 sgbhp.exe 2848 TSCHelp.exe 2900 SnagPriv.exe 2948 sshd.exe 3244 svchost.exe 3408 rsync.exe 356 avant.exe 2592 drwtsn32.exe 3004 taskmgr.exe *----> Module List <----* (0000000000400000 - 0000000000409000: C:\WINDOWS\system32\Normaliz.dll (0000000000a80000 - 0000000000a90000: C:\Program Files\ATI Multimedia\mlibrary\MLShell.dll (0000000000c00000 - 0000000000c2c000: F:\apps\TaskbarShuffle\tbhookin.dll (0000000000d20000 - 0000000000d34000: C:\WINDOWS\system32\ShellExt\dkticnsr.dll (0000000000d40000 - 0000000000d53000: C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll (0000000000df0000 - 0000000000e02000: C:\WINDOWS\system32\browselc.dll (0000000001000000 - 00000000010ff000: C:\WINDOWS\Explorer.EXE (0000000001440000 - 0000000001452000: F:\apps\WS_FTP\wsfirscr.dll (00000000014e0000 - 00000000014e8000: F:\apps\WhoLockMe\WhoLockMe.dll (00000000015f0000 - 0000000001620000: F:\apps\WS_FTP\SSLEAY32.dll (0000000001670000 - 000000000169d000: C:\Program Files\WinRAR\rarext.dll (0000000001b30000 - 0000000001b50000: F:\apps\SnagIt\SnagItShellExt.dll (0000000001c60000 - 0000000001c6d000: F:\apps\HexWorkshop\hwext.dll (0000000001c80000 - 0000000001cad000: F:\apps\AttributeChanger\acshell.dll (0000000001cc0000 - 0000000001cd0000: C:\Program Files\ATI Multimedia\atisserv.dll (0000000001cd0000 - 0000000001ce7000: C:\Program Files\ATI Multimedia\mlibrary\mlenu.rsc (0000000001d10000 - 0000000001d17000: f:\apps\abbyyfinereader\fecmenu.dll (0000000001dd0000 - 0000000001e0a000: F:\apps\Eraser\erasext.dll (0000000001f10000 - 000000000200d000: F:\apps\WS_FTP\LIBEAY32.dll (0000000002360000 - 00000000023de000: F:\apps\BitComet\tools\BitCometBHO_1.1.7.4.dll (0000000002fb0000 - 0000000003024000: C:\WINDOWS\system32\ERASER.dll (00000000036f0000 - 0000000003778000: C:\WINDOWS\system32\shdoclc.dll (0000000004070000 - 000000000409f000: C:\WINDOWS\system32\xpsp1res.dll (00000000042a0000 - 00000000042b7000: C:\WINDOWS\system32\odbcint.dll (000000000ffd0000 - 000000000fff8000: C:\WINDOWS\system32\rsaenh.dll (0000000010000000 - 0000000010007000: F:\apps\Volumouse\vlmshlp.dll (0000000011000000 - 000000001102f000: F:\apps\SpywareGuard\dlprotect.dll (0000000020000000 - 00000000202c5000: C:\WINDOWS\system32\xpsp2res.dll (0000000022100000 - 000000002210c000: F:\apps\WS_FTP\wshosts.dll (0000000022200000 - 000000002221f000: F:\apps\SpywareGuard\spywareguard.dll (0000000023200000 - 000000002323d000: F:\apps\WS_FTP\wsftpsi.dll (0000000023300000 - 00000000233df000: F:\apps\WS_FTP\wsftpext.dll (0000000023500000 - 0000000023511000: F:\apps\WS_FTP\sslsvc.dll (0000000023600000 - 0000000023629000: F:\apps\WS_FTP\wsftplib.dll (0000000023700000 - 00000000238dd000: F:\apps\WS_FTP\res0409.dll (0000000023900000 - 000000002394e000: F:\apps\WS_FTP\ipspgp.dll (00000000325c0000 - 00000000325d2000: C:\Program Files\Microsoft Office\OFFICE11\msohev.dll (0000000042990000 - 00000000429d5000: C:\WINDOWS\system32\iertutil.dll (0000000042c10000 - 0000000042cdf000: C:\WINDOWS\system32\WININET.dll (0000000042cf0000 - 0000000042e14000: C:\WINDOWS\system32\urlmon.dll (0000000042e40000 - 0000000042e7c000: C:\WINDOWS\system32\webcheck.dll (0000000042ef0000 - 00000000434bb000: C:\WINDOWS\system32\ieframe.dll (000000004ec50000 - 000000004edf3000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll (000000005ad70000 - 000000005ada8000: C:\WINDOWS\system32\UxTheme.dll (000000005b860000 - 000000005b8b4000: C:\WINDOWS\system32\NETAPI32.dll (000000005ba60000 - 000000005bad1000: C:\WINDOWS\System32\themeui.dll (000000005cb00000 - 000000005cb6e000: C:\WINDOWS\system32\shimgvw.dll (000000005cb70000 - 000000005cb96000: C:\WINDOWS\system32\ShimEng.dll (000000005d090000 - 000000005d12a000: C:\WINDOWS\system32\comctl32.dll (000000005d360000 - 000000005d36e000: F:\apps\SnagIt\MFC80ENU.DLL (0000000060510000 - 0000000060528000: C:\WINDOWS\system32\dfshim.dll (00000000621a0000 - 00000000621b0000: C:\Program Files\Grisoft\AVG7\avgse.dll (0000000066000000 - 0000000066152000: C:\WINDOWS\system32\MSVBVM60.DLL (000000006f880000 - 000000006fa4a000: C:\WINDOWS\AppPatch\AcGenral.DLL (0000000071aa0000 - 0000000071aa8000: C:\WINDOWS\system32\WS2HELP.dll (0000000071ab0000 - 0000000071ac7000: C:\WINDOWS\system32\WS2_32.dll (0000000071ad0000 - 0000000071ad9000: C:\WINDOWS\system32\WSOCK32.dll (0000000071b20000 - 0000000071b32000: C:\WINDOWS\system32\MPR.dll (0000000071bf0000 - 0000000071c03000: C:\WINDOWS\System32\SAMLIB.dll (0000000071c10000 - 0000000071c1e000: C:\WINDOWS\System32\ntlanman.dll (0000000071c80000 - 0000000071c87000: C:\WINDOWS\System32\NETRAP.dll (0000000071c90000 - 0000000071cd0000: C:\WINDOWS\System32\NETUI1.dll (0000000071cd0000 - 0000000071ce7000: C:\WINDOWS\System32\NETUI0.dll (0000000071d40000 - 0000000071d5c000: C:\WINDOWS\system32\actxprxy.dll (00000000722b0000 - 00000000722b5000: C:\WINDOWS\system32\sensapi.dll (0000000072410000 - 000000007242a000: C:\WINDOWS\System32\mydocs.dll (0000000072d10000 - 0000000072d18000: C:\WINDOWS\system32\msacm32.drv (0000000072d20000 - 0000000072d29000: C:\WINDOWS\system32\wdmaud.drv (0000000073000000 - 0000000073026000: C:\WINDOWS\system32\WINSPOOL.DRV (0000000073380000 - 00000000733d7000: C:\WINDOWS\System32\zipfldr.dll (0000000074320000 - 000000007435d000: C:\WINDOWS\system32\ODBC32.dll (0000000074720000 - 000000007476b000: C:\WINDOWS\system32\MSCTF.dll (0000000074ad0000 - 0000000074ad8000: C:\WINDOWS\System32\POWRPROF.dll (0000000074af0000 - 0000000074afa000: C:\WINDOWS\System32\BatMeter.dll (00000000754d0000 - 0000000075550000: C:\WINDOWS\system32\CRYPTUI.dll (00000000755c0000 - 00000000755ee000: C:\WINDOWS\system32\msctfime.ime (0000000075970000 - 0000000075a67000: C:\WINDOWS\system32\MSGINA.dll (0000000075cf0000 - 0000000075d81000: C:\WINDOWS\system32\MLANG.dll (0000000075e90000 - 0000000075f40000: C:\WINDOWS\system32\SXS.DLL (0000000075f60000 - 0000000075f67000: C:\WINDOWS\System32\drprov.dll (0000000075f70000 - 0000000075f79000: C:\WINDOWS\System32\davclnt.dll (0000000075f80000 - 000000007607d000: C:\WINDOWS\system32\BROWSEUI.dll (0000000076280000 - 00000000762a1000: C:\WINDOWS\System32\stobject.dll (0000000076360000 - 0000000076370000: C:\WINDOWS\system32\WINSTA.dll (0000000076380000 - 0000000076385000: C:\WINDOWS\System32\MSIMG32.dll (0000000076390000 - 00000000763ad000: C:\WINDOWS\system32\IMM32.DLL (00000000763b0000 - 00000000763f9000: C:\WINDOWS\system32\comdlg32.dll (0000000076400000 - 00000000765a6000: C:\WINDOWS\system32\NETSHELL.dll (0000000076600000 - 000000007661d000: C:\WINDOWS\System32\CSCDLL.dll (0000000076980000 - 0000000076988000: C:\WINDOWS\system32\LINKINFO.dll (0000000076990000 - 00000000769b5000: C:\WINDOWS\system32\ntshrui.dll (00000000769c0000 - 0000000076a73000: C:\WINDOWS\system32\USERENV.dll (0000000076b20000 - 0000000076b31000: C:\WINDOWS\system32\ATL.DLL (0000000076b40000 - 0000000076b6d000: C:\WINDOWS\system32\WINMM.dll (0000000076bf0000 - 0000000076bfb000: C:\WINDOWS\system32\PSAPI.DLL (0000000076c00000 - 0000000076c2e000: C:\WINDOWS\system32\credui.dll (0000000076c30000 - 0000000076c5e000: C:\WINDOWS\system32\WINTRUST.dll (0000000076c90000 - 0000000076cb8000: C:\WINDOWS\system32\IMAGEHLP.dll (0000000076d60000 - 0000000076d79000: C:\WINDOWS\system32\iphlpapi.dll (0000000076e80000 - 0000000076e8e000: C:\WINDOWS\system32\rtutils.dll (0000000076e90000 - 0000000076ea2000: C:\WINDOWS\system32\rasman.dll (0000000076eb0000 - 0000000076edf000: C:\WINDOWS\system32\TAPI32.dll (0000000076ee0000 - 0000000076f1c000: C:\WINDOWS\system32\RASAPI32.dll (0000000076f50000 - 0000000076f58000: C:\WINDOWS\System32\WTSAPI32.dll (0000000076f60000 - 0000000076f8c000: C:\WINDOWS\system32\WLDAP32.dll (0000000076fd0000 - 000000007704f000: C:\WINDOWS\system32\CLBCATQ.DLL (0000000077050000 - 0000000077115000: C:\WINDOWS\system32\COMRes.dll (0000000077120000 - 00000000771ab000: C:\WINDOWS\system32\OLEAUT32.dll (00000000773d0000 - 00000000774d2000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (00000000774e0000 - 000000007761d000: C:\WINDOWS\system32\ole32.dll (0000000077690000 - 00000000776b1000: C:\WINDOWS\system32\NTMARTA.DLL (0000000077920000 - 0000000077a13000: C:\WINDOWS\System32\SETUPAPI.dll (0000000077a20000 - 0000000077a74000: C:\WINDOWS\System32\cscui.dll (0000000077a80000 - 0000000077b14000: C:\WINDOWS\system32\CRYPT32.dll (0000000077b20000 - 0000000077b32000: C:\WINDOWS\system32\MSASN1.dll (0000000077b40000 - 0000000077b62000: C:\WINDOWS\system32\appHelp.dll (0000000077bd0000 - 0000000077bd7000: C:\WINDOWS\system32\midimap.dll (0000000077be0000 - 0000000077bf5000: C:\WINDOWS\system32\MSACM32.dll (0000000077c00000 - 0000000077c08000: C:\WINDOWS\system32\VERSION.dll (0000000077c10000 - 0000000077c68000: C:\WINDOWS\system32\msvcrt.dll (0000000077c70000 - 0000000077c93000: C:\WINDOWS\system32\msv1_0.dll (0000000077dd0000 - 0000000077e6b000: C:\WINDOWS\system32\ADVAPI32.dll (0000000077e70000 - 0000000077f02000: C:\WINDOWS\system32\RPCRT4.dll (0000000077f10000 - 0000000077f57000: C:\WINDOWS\system32\GDI32.dll (0000000077f60000 - 0000000077fd6000: C:\WINDOWS\system32\SHLWAPI.dll (0000000077fe0000 - 0000000077ff1000: C:\WINDOWS\system32\Secur32.dll (0000000078130000 - 00000000781cb000: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll (00000000781d0000 - 00000000782dd000: F:\apps\SnagIt\MFC80.DLL (0000000079000000 - 0000000079045000: C:\WINDOWS\system32\mscoree.dll (000000007c140000 - 000000007c243000: C:\WINDOWS\system32\MFC71.DLL (000000007c340000 - 000000007c396000: F:\apps\WS_FTP\MSVCR71.dll (000000007c3a0000 - 000000007c41b000: F:\apps\WS_FTP\MSVCP71.dll (000000007c800000 - 000000007c8f5000: C:\WINDOWS\system32\kernel32.dll (000000007c900000 - 000000007c9b0000: C:\WINDOWS\system32\ntdll.dll (000000007c9c0000 - 000000007d1d5000: C:\WINDOWS\system32\SHELL32.dll (000000007d1e0000 - 000000007d49e000: C:\WINDOWS\system32\msi.dll (000000007e290000 - 000000007e401000: C:\WINDOWS\system32\SHDOCVW.dll (000000007e410000 - 000000007e4a0000: C:\WINDOWS\system32\USER32.dll *----> State Dump for Thread Id 0x148 <----* eax=00000bb8 ebx=00000003 ecx=000000b7 edx=00000bb8 esi=000eeaf0 edi=00000000 eip=7c90eb94 esp=0007fef0 ebp=0007ff08 iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ntdll.dll - function: ntdll!KiFastSystemCallRet 7c90eb89 90 nop 7c90eb8a 90 nop ntdll!KiFastSystemCall: 7c90eb8b 8bd4 mov edx,esp 7c90eb8d 0f34 sysenter 7c90eb8f 90 nop 7c90eb90 90 nop 7c90eb91 90 nop 7c90eb92 90 nop 7c90eb93 90 nop ntdll!KiFastSystemCallRet: 7c90eb94 c3 ret 7c90eb95 8da42400000000 lea esp,[esp] 7c90eb9c 8d642400 lea esp,[esp] 7c90eba0 90 nop 7c90eba1 90 nop 7c90eba2 90 nop 7c90eba3 90 nop 7c90eba4 90 nop ntdll!KiIntSystemCall: 7c90eba5 8d542408 lea edx,[esp+0x8] 7c90eba9 cd2e int 2e *----> Stack Back Trace <----* *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\SHELL32.dll - WARNING: Stack unwind information not available. Following frames may be wrong. *** ERROR: Module load completed but symbols could not be loaded for C:\WINDOWS\Explorer.EXE *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll - ChildEBP RetAddr Args to Child 0007ff08 7ca0be9c 00000000 0007ff5c 010132a4 ntdll!KiFastSystemCallRet 0007ff14 010132a4 000eeaf0 7ffdc000 0007ffc0 SHELL32!Ordinal201+0x28 0007ff5c 0101a936 00000000 00000000 00020652 Explorer+0x132a4 0007ffc0 7c816fd7 00000010 000810a0 7ffdc000 Explorer+0x1a936 0007fff0 00000000 0101a8ce 00000000 78746341 kernel32!RegisterWaitForInputIdle+0x49 *----> Raw Stack Dump <----* 000000000007fef0 18 94 41 7e 02 3c a2 7c - 9c 92 80 7c f0 ea 0e 00 ...A~.<.|...|.... 000000000007ff00 f0 ea 0e 00 14 ff 07 00 - 14 ff 07 00 9c be a0 7c ................| 000000000007ff10 00 00 00 00 5c ff 07 00 - a4 32 01 01 f0 ea 0e 00 .....\....2...... 000000000007ff20 00 c0 fd 7f c0 ff 07 00 - 00 00 00 00 24 fd 07 00 .............$... 000000000007ff30 50 ff 07 00 e0 ff 07 00 - 27 e0 90 7c 65 ac 80 7c P.......'..|e..| 000000000007ff40 ff ff ff ff 0c 00 00 00 - 00 00 00 00 27 78 15 00 .............'x.. 000000000007ff50 cc 00 00 00 01 00 00 00 - f0 ea 0e 00 c0 ff 07 00 ................. 000000000007ff60 36 a9 01 01 00 00 00 00 - 00 00 00 00 52 06 02 00 6...........R... 000000000007ff70 01 00 00 00 10 00 00 00 - a0 10 08 00 44 00 00 00 .............D... 000000000007ff80 a4 06 02 00 84 06 02 00 - 54 06 02 00 00 00 00 00 .........T....... 000000000007ff90 00 00 00 00 00 00 00 00 - 00 00 00 00 18 00 00 00 ................. 000000000007ffa0 8c 1d 9c 76 3c aa 41 7e - 01 00 00 00 01 00 00 00 ....v<.A~........ 000000000007ffb0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................. 000000000007ffc0 f0 ff 07 00 d7 6f 81 7c - 10 00 00 00 a0 10 08 00 ......o.|........ 000000000007ffd0 00 c0 fd 7f 38 ab 54 80 - c8 ff 07 00 a8 32 c8 85 .....8.T......2.. 000000000007ffe0 ff ff ff ff a8 9a 83 7c - e0 6f 81 7c 00 00 00 00 ........|.o.|.... 000000000007fff0 00 00 00 00 00 00 00 00 - ce a8 01 01 00 00 00 00 ................. 0000000000080000 41 63 74 78 20 00 00 00 - 01 00 00 00 98 24 00 00 Actx .........$.. 0000000000080010 c4 00 00 00 00 00 00 00 - 20 00 00 00 00 00 00 00 ......... ....... 0000000000080020 14 00 00 00 01 00 00 00 - 06 00 00 00 34 00 00 00 .............4... *----> State Dump for Thread Id 0x204 <----* eax=00000000 ebx=00000029 ecx=7ffda000 edx=6610ed10 esi=00320043 edi=6610ed10 eip=6600b1a6 esp=00efd9dc ebp=00efda14 iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\MSVBVM60.DLL - function: MSVBVM60!EbResetProjectNormal 6600b18c ed in eax,dx 6600b18d 106601 adc [esi+0x1],ah 6600b190 57 push edi 6600b191 bf10ed1066 mov edi,0x6610ed10 6600b196 7507 jnz MSVBVM60!EbResetProjectNormal+0x6ad (6600b19f) 6600b198 57 push edi 6600b199 ff159c100066 call dword ptr [MSVBVM60!Ordinal951+0x109c (6600109c)] 6600b19f 8b7610 mov esi,[esi+0x10] 6600b1a2 85f6 test esi,esi 6600b1a4 7410 jz MSVBVM60!EbResetProjectNormal+0x6c4 (6600b1b6) FAULT ->6600b1a6 8b460c mov eax,[esi+0xc] ds:0023:0032004f=???????? 6600b1a9 8b4c2410 mov ecx,[esp+0x10] 6600b1ad 3b4808 cmp ecx,[eax+0x8] 6600b1b0 0f8554590100 jne MSVBVM60!_vbaStrComp+0x5a44 (66020b0a) 6600b1b6 833d28ed106601 cmp dword ptr [MSVBVM60+0x10ed28 (6610ed28)],0x1 6600b1bd 7507 jnz MSVBVM60!EbResetProjectNormal+0x6d4 (6600b1c6) 6600b1bf 57 push edi 6600b1c0 ff1598100066 call dword ptr [MSVBVM60!Ordinal951+0x1098 (66001098)] 6600b1c6 8bc6 mov eax,esi 6600b1c8 5f pop edi 6600b1c9 5e pop esi *----> Stack Back Trace <----* *** ERROR: Symbol file could not be found. Defaulted to export symbols for F:\apps\SpywareGuard\spywareguard.dll - WARNING: Stack unwind information not available. Following frames may be wrong. *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\SHLWAPI.dll - *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\BROWSEUI.dll -
From: Allan on 4 Nov 2007 00:18 "Alfred Einstein" <lhorwinkle(a)humanoid.net> wrote in message news:8ASWi.14544$a9.11732(a)bignews5.bellsouth.net... >I am frequently getting Windows Explorer crashes (several times a day), >with > the "do you want to send this info to Microsoft" dialog. > > Then Dr. Watson starts and leaves a log file. But I have to ctrl-alt-del > to > get a Process Manager, and kill two drwatson.exe processes before Explorer > restarts. > > It would be nice to not have these Explorer crashes. I don't know why > they're happening ... this is a 3-week-old fresh re-install. > > Second best ... it would be nice to not have Dr. Watson get in the way ... > if Explorer dies, just let it restart by itself. How do I tell Dr. Watson > "don't come here, I don't want you!" > > Here's the last Dr. Watson log entry: > > Application exception occurred: > App: C:\WINDOWS\Explorer.EXE (pid=448) > When: 11/2/2007 @ 23:09:48.453 > Exception number: c0000005 (access violation) > > *----> System Information <----* > Computer Name: DELL4600 > User Name: Lester > Terminal Session Id: 0 > Number of Processors: 1 > Processor Type: x86 Family 15 Model 2 Stepping 7 > Windows Version: 5.1 > Current Build: 2600 > Service Pack: 2 > Current Type: Uniprocessor Free > Registered Organization: > Registered Owner: Lester > > *----> Task List <----* > 0 System Process > 4 System > 1264 smss.exe > 1320 csrss.exe > 1348 winlogon.exe > 1392 services.exe > 1404 lsass.exe > 1572 Ati2evxx.exe > 1584 svchost.exe > 1660 svchost.exe > 2008 svchost.exe > 228 svchost.exe > 340 svchost.exe > 872 spoolsv.exe > 1000 schedul2.exe > 1032 avgamsvr.exe > 1056 avgupsvc.exe > 1088 avgemc.exe > 1252 wdfmgr.exe > 1444 WinVNC4.exe > 1708 MsPMSPSv.exe > 560 alg.exe > 248 Ati2evxx.exe > 448 Explorer.EXE > 1952 avgcc.exe > 1800 TrueImageMonitor.exe > 1124 schedhlp.exe > 1228 taskbarshuffle.exe > 1856 volumouse.exe > 536 ctfmon.exe > 1820 SnagIt32.exe > 524 ftpserver.exe > 540 sgmain.exe > 2364 sgbhp.exe > 2848 TSCHelp.exe > 2900 SnagPriv.exe > 2948 sshd.exe > 3244 svchost.exe > 3408 rsync.exe > 356 avant.exe > 2592 drwtsn32.exe > 3004 taskmgr.exe > > *----> Module List <----* > (0000000000400000 - 0000000000409000: C:\WINDOWS\system32\Normaliz.dll > (0000000000a80000 - 0000000000a90000: C:\Program Files\ATI > Multimedia\mlibrary\MLShell.dll > (0000000000c00000 - 0000000000c2c000: F:\apps\TaskbarShuffle\tbhookin.dll > (0000000000d20000 - 0000000000d34000: > C:\WINDOWS\system32\ShellExt\dkticnsr.dll > (0000000000d40000 - 0000000000d53000: C:\Program Files\ATI > Technologies\ATI.ACE\atiacmxx.dll > (0000000000df0000 - 0000000000e02000: C:\WINDOWS\system32\browselc.dll > (0000000001000000 - 00000000010ff000: C:\WINDOWS\Explorer.EXE > (0000000001440000 - 0000000001452000: F:\apps\WS_FTP\wsfirscr.dll > (00000000014e0000 - 00000000014e8000: F:\apps\WhoLockMe\WhoLockMe.dll > (00000000015f0000 - 0000000001620000: F:\apps\WS_FTP\SSLEAY32.dll > (0000000001670000 - 000000000169d000: C:\Program Files\WinRAR\rarext.dll > (0000000001b30000 - 0000000001b50000: F:\apps\SnagIt\SnagItShellExt.dll > (0000000001c60000 - 0000000001c6d000: F:\apps\HexWorkshop\hwext.dll > (0000000001c80000 - 0000000001cad000: F:\apps\AttributeChanger\acshell.dll > (0000000001cc0000 - 0000000001cd0000: C:\Program Files\ATI > Multimedia\atisserv.dll > (0000000001cd0000 - 0000000001ce7000: C:\Program Files\ATI > Multimedia\mlibrary\mlenu.rsc > (0000000001d10000 - 0000000001d17000: f:\apps\abbyyfinereader\fecmenu.dll > (0000000001dd0000 - 0000000001e0a000: F:\apps\Eraser\erasext.dll > (0000000001f10000 - 000000000200d000: F:\apps\WS_FTP\LIBEAY32.dll > (0000000002360000 - 00000000023de000: > F:\apps\BitComet\tools\BitCometBHO_1.1.7.4.dll > (0000000002fb0000 - 0000000003024000: C:\WINDOWS\system32\ERASER.dll > (00000000036f0000 - 0000000003778000: C:\WINDOWS\system32\shdoclc.dll > (0000000004070000 - 000000000409f000: C:\WINDOWS\system32\xpsp1res.dll > (00000000042a0000 - 00000000042b7000: C:\WINDOWS\system32\odbcint.dll > (000000000ffd0000 - 000000000fff8000: C:\WINDOWS\system32\rsaenh.dll > (0000000010000000 - 0000000010007000: F:\apps\Volumouse\vlmshlp.dll > (0000000011000000 - 000000001102f000: F:\apps\SpywareGuard\dlprotect.dll > (0000000020000000 - 00000000202c5000: C:\WINDOWS\system32\xpsp2res.dll > (0000000022100000 - 000000002210c000: F:\apps\WS_FTP\wshosts.dll > (0000000022200000 - 000000002221f000: > F:\apps\SpywareGuard\spywareguard.dll > (0000000023200000 - 000000002323d000: F:\apps\WS_FTP\wsftpsi.dll > (0000000023300000 - 00000000233df000: F:\apps\WS_FTP\wsftpext.dll > (0000000023500000 - 0000000023511000: F:\apps\WS_FTP\sslsvc.dll > (0000000023600000 - 0000000023629000: F:\apps\WS_FTP\wsftplib.dll > (0000000023700000 - 00000000238dd000: F:\apps\WS_FTP\res0409.dll > (0000000023900000 - 000000002394e000: F:\apps\WS_FTP\ipspgp.dll > (00000000325c0000 - 00000000325d2000: C:\Program Files\Microsoft > Office\OFFICE11\msohev.dll > (0000000042990000 - 00000000429d5000: C:\WINDOWS\system32\iertutil.dll > (0000000042c10000 - 0000000042cdf000: C:\WINDOWS\system32\WININET.dll > (0000000042cf0000 - 0000000042e14000: C:\WINDOWS\system32\urlmon.dll > (0000000042e40000 - 0000000042e7c000: C:\WINDOWS\system32\webcheck.dll > (0000000042ef0000 - 00000000434bb000: C:\WINDOWS\system32\ieframe.dll > (000000004ec50000 - 000000004edf3000: > C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll > (000000005ad70000 - 000000005ada8000: C:\WINDOWS\system32\UxTheme.dll > (000000005b860000 - 000000005b8b4000: C:\WINDOWS\system32\NETAPI32.dll > (000000005ba60000 - 000000005bad1000: C:\WINDOWS\System32\themeui.dll > (000000005cb00000 - 000000005cb6e000: C:\WINDOWS\system32\shimgvw.dll > (000000005cb70000 - 000000005cb96000: C:\WINDOWS\system32\ShimEng.dll > (000000005d090000 - 000000005d12a000: C:\WINDOWS\system32\comctl32.dll > (000000005d360000 - 000000005d36e000: F:\apps\SnagIt\MFC80ENU.DLL > (0000000060510000 - 0000000060528000: C:\WINDOWS\system32\dfshim.dll > (00000000621a0000 - 00000000621b0000: C:\Program > Files\Grisoft\AVG7\avgse.dll > (0000000066000000 - 0000000066152000: C:\WINDOWS\system32\MSVBVM60.DLL > (000000006f880000 - 000000006fa4a000: C:\WINDOWS\AppPatch\AcGenral.DLL > (0000000071aa0000 - 0000000071aa8000: C:\WINDOWS\system32\WS2HELP.dll > (0000000071ab0000 - 0000000071ac7000: C:\WINDOWS\system32\WS2_32.dll > (0000000071ad0000 - 0000000071ad9000: C:\WINDOWS\system32\WSOCK32.dll > (0000000071b20000 - 0000000071b32000: C:\WINDOWS\system32\MPR.dll > (0000000071bf0000 - 0000000071c03000: C:\WINDOWS\System32\SAMLIB.dll > (0000000071c10000 - 0000000071c1e000: C:\WINDOWS\System32\ntlanman.dll > (0000000071c80000 - 0000000071c87000: C:\WINDOWS\System32\NETRAP.dll > (0000000071c90000 - 0000000071cd0000: C:\WINDOWS\System32\NETUI1.dll > (0000000071cd0000 - 0000000071ce7000: C:\WINDOWS\System32\NETUI0.dll > (0000000071d40000 - 0000000071d5c000: C:\WINDOWS\system32\actxprxy.dll > (00000000722b0000 - 00000000722b5000: C:\WINDOWS\system32\sensapi.dll > (0000000072410000 - 000000007242a000: C:\WINDOWS\System32\mydocs.dll > (0000000072d10000 - 0000000072d18000: C:\WINDOWS\system32\msacm32.drv > (0000000072d20000 - 0000000072d29000: C:\WINDOWS\system32\wdmaud.drv > (0000000073000000 - 0000000073026000: C:\WINDOWS\system32\WINSPOOL.DRV > (0000000073380000 - 00000000733d7000: C:\WINDOWS\System32\zipfldr.dll > (0000000074320000 - 000000007435d000: C:\WINDOWS\system32\ODBC32.dll > (0000000074720000 - 000000007476b000: C:\WINDOWS\system32\MSCTF.dll > (0000000074ad0000 - 0000000074ad8000: C:\WINDOWS\System32\POWRPROF.dll > (0000000074af0000 - 0000000074afa000: C:\WINDOWS\System32\BatMeter.dll > (00000000754d0000 - 0000000075550000: C:\WINDOWS\system32\CRYPTUI.dll > (00000000755c0000 - 00000000755ee000: C:\WINDOWS\system32\msctfime.ime > (0000000075970000 - 0000000075a67000: C:\WINDOWS\system32\MSGINA.dll > (0000000075cf0000 - 0000000075d81000: C:\WINDOWS\system32\MLANG.dll > (0000000075e90000 - 0000000075f40000: C:\WINDOWS\system32\SXS.DLL > (0000000075f60000 - 0000000075f67000: C:\WINDOWS\System32\drprov.dll > (0000000075f70000 - 0000000075f79000: C:\WINDOWS\System32\davclnt.dll > (0000000075f80000 - 000000007607d000: C:\WINDOWS\system32\BROWSEUI.dll > (0000000076280000 - 00000000762a1000: C:\WINDOWS\System32\stobject.dll > (0000000076360000 - 0000000076370000: C:\WINDOWS\system32\WINSTA.dll > (0000000076380000 - 0000000076385000: C:\WINDOWS\System32\MSIMG32.dll > (0000000076390000 - 00000000763ad000: C:\WINDOWS\system32\IMM32.DLL > (00000000763b0000 - 00000000763f9000: C:\WINDOWS\system32\comdlg32.dll > (0000000076400000 - 00000000765a6000: C:\WINDOWS\system32\NETSHELL.dll > (0000000076600000 - 000000007661d000: C:\WINDOWS\System32\CSCDLL.dll > (0000000076980000 - 0000000076988000: C:\WINDOWS\system32\LINKINFO.dll > (0000000076990000 - 00000000769b5000: C:\WINDOWS\system32\ntshrui.dll > (00000000769c0000 - 0000000076a73000: C:\WINDOWS\system32\USERENV.dll > (0000000076b20000 - 0000000076b31000: C:\WINDOWS\system32\ATL.DLL > (0000000076b40000 - 0000000076b6d000: C:\WINDOWS\system32\WINMM.dll > (0000000076bf0000 - 0000000076bfb000: C:\WINDOWS\system32\PSAPI.DLL > (0000000076c00000 - 0000000076c2e000: C:\WINDOWS\system32\credui.dll > (0000000076c30000 - 0000000076c5e000: C:\WINDOWS\system32\WINTRUST.dll > (0000000076c90000 - 0000000076cb8000: C:\WINDOWS\system32\IMAGEHLP.dll > (0000000076d60000 - 0000000076d79000: C:\WINDOWS\system32\iphlpapi.dll > (0000000076e80000 - 0000000076e8e000: C:\WINDOWS\system32\rtutils.dll > (0000000076e90000 - 0000000076ea2000: C:\WINDOWS\system32\rasman.dll > (0000000076eb0000 - 0000000076edf000: C:\WINDOWS\system32\TAPI32.dll > (0000000076ee0000 - 0000000076f1c000: C:\WINDOWS\system32\RASAPI32.dll > (0000000076f50000 - 0000000076f58000: C:\WINDOWS\System32\WTSAPI32.dll > (0000000076f60000 - 0000000076f8c000: C:\WINDOWS\system32\WLDAP32.dll > (0000000076fd0000 - 000000007704f000: C:\WINDOWS\system32\CLBCATQ.DLL > (0000000077050000 - 0000000077115000: C:\WINDOWS\system32\COMRes.dll > (0000000077120000 - 00000000771ab000: C:\WINDOWS\system32\OLEAUT32.dll > (00000000773d0000 - 00000000774d2000: > C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll > (00000000774e0000 - 000000007761d000: C:\WINDOWS\system32\ole32.dll > (0000000077690000 - 00000000776b1000: C:\WINDOWS\system32\NTMARTA.DLL > (0000000077920000 - 0000000077a13000: C:\WINDOWS\System32\SETUPAPI.dll > (0000000077a20000 - 0000000077a74000: C:\WINDOWS\System32\cscui.dll > (0000000077a80000 - 0000000077b14000: C:\WINDOWS\system32\CRYPT32.dll > (0000000077b20000 - 0000000077b32000: C:\WINDOWS\system32\MSASN1.dll > (0000000077b40000 - 0000000077b62000: C:\WINDOWS\system32\appHelp.dll > (0000000077bd0000 - 0000000077bd7000: C:\WINDOWS\system32\midimap.dll > (0000000077be0000 - 0000000077bf5000: C:\WINDOWS\system32\MSACM32.dll > (0000000077c00000 - 0000000077c08000: C:\WINDOWS\system32\VERSION.dll > (0000000077c10000 - 0000000077c68000: C:\WINDOWS\system32\msvcrt.dll > (0000000077c70000 - 0000000077c93000: C:\WINDOWS\system32\msv1_0.dll > (0000000077dd0000 - 0000000077e6b000: C:\WINDOWS\system32\ADVAPI32.dll > (0000000077e70000 - 0000000077f02000: C:\WINDOWS\system32\RPCRT4.dll > (0000000077f10000 - 0000000077f57000: C:\WINDOWS\system32\GDI32.dll > (0000000077f60000 - 0000000077fd6000: C:\WINDOWS\system32\SHLWAPI.dll > (0000000077fe0000 - 0000000077ff1000: C:\WINDOWS\system32\Secur32.dll > (0000000078130000 - 00000000781cb000: > C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll > (00000000781d0000 - 00000000782dd000: F:\apps\SnagIt\MFC80.DLL > (0000000079000000 - 0000000079045000: C:\WINDOWS\system32\mscoree.dll > (000000007c140000 - 000000007c243000: C:\WINDOWS\system32\MFC71.DLL > (000000007c340000 - 000000007c396000: F:\apps\WS_FTP\MSVCR71.dll > (000000007c3a0000 - 000000007c41b000: F:\apps\WS_FTP\MSVCP71.dll > (000000007c800000 - 000000007c8f5000: C:\WINDOWS\system32\kernel32.dll > (000000007c900000 - 000000007c9b0000: C:\WINDOWS\system32\ntdll.dll > (000000007c9c0000 - 000000007d1d5000: C:\WINDOWS\system32\SHELL32.dll > (000000007d1e0000 - 000000007d49e000: C:\WINDOWS\system32\msi.dll > (000000007e290000 - 000000007e401000: C:\WINDOWS\system32\SHDOCVW.dll > (000000007e410000 - 000000007e4a0000: C:\WINDOWS\system32\USER32.dll > > *----> State Dump for Thread Id 0x148 <----* > > eax=00000bb8 ebx=00000003 ecx=000000b7 edx=00000bb8 esi=000eeaf0 > edi=00000000 > eip=7c90eb94 esp=0007fef0 ebp=0007ff08 iopl=0 nv up ei pl nz na pe > nc > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 > efl=00000202 > > *** ERROR: Symbol file could not be found. Defaulted to export symbols > for > C:\WINDOWS\system32\ntdll.dll - > function: ntdll!KiFastSystemCallRet > 7c90eb89 90 nop > 7c90eb8a 90 nop > ntdll!KiFastSystemCall: > 7c90eb8b 8bd4 mov edx,esp > 7c90eb8d 0f34 sysenter > 7c90eb8f 90 nop > 7c90eb90 90 nop > 7c90eb91 90 nop > 7c90eb92 90 nop > 7c90eb93 90 nop > ntdll!KiFastSystemCallRet: > 7c90eb94 c3 ret > 7c90eb95 8da42400000000 lea esp,[esp] > 7c90eb9c 8d642400 lea esp,[esp] > 7c90eba0 90 nop > 7c90eba1 90 nop > 7c90eba2 90 nop > 7c90eba3 90 nop > 7c90eba4 90 nop > ntdll!KiIntSystemCall: > 7c90eba5 8d542408 lea edx,[esp+0x8] > 7c90eba9 cd2e int 2e > > *----> Stack Back Trace <----* > *** ERROR: Symbol file could not be found. Defaulted to export symbols > for > C:\WINDOWS\system32\SHELL32.dll - > WARNING: Stack unwind information not available. Following frames may be > wrong. > *** ERROR: Module load completed but symbols could not be loaded for > C:\WINDOWS\Explorer.EXE > *** ERROR: Symbol file could not be found. Defaulted to export symbols > for > C:\WINDOWS\system32\kernel32.dll - > ChildEBP RetAddr Args to Child > 0007ff08 7ca0be9c 00000000 0007ff5c 010132a4 ntdll!KiFastSystemCallRet > 0007ff14 010132a4 000eeaf0 7ffdc000 0007ffc0 SHELL32!Ordinal201+0x28 > 0007ff5c 0101a936 00000000 00000000 00020652 Explorer+0x132a4 > 0007ffc0 7c816fd7 00000010 000810a0 7ffdc000 Explorer+0x1a936 > 0007fff0 00000000 0101a8ce 00000000 78746341 > kernel32!RegisterWaitForInputIdle+0x49 > > *----> Raw Stack Dump <----* > 000000000007fef0 18 94 41 7e 02 3c a2 7c - 9c 92 80 7c f0 ea 0e 00 > ..A~.<.|...|.... > 000000000007ff00 f0 ea 0e 00 14 ff 07 00 - 14 ff 07 00 9c be a0 7c > ...............| > 000000000007ff10 00 00 00 00 5c ff 07 00 - a4 32 01 01 f0 ea 0e 00 > ....\....2...... > 000000000007ff20 00 c0 fd 7f c0 ff 07 00 - 00 00 00 00 24 fd 07 00 > ............$... > 000000000007ff30 50 ff 07 00 e0 ff 07 00 - 27 e0 90 7c 65 ac 80 7c > P.......'..|e..| > 000000000007ff40 ff ff ff ff 0c 00 00 00 - 00 00 00 00 27 78 15 00 > ............'x.. > 000000000007ff50 cc 00 00 00 01 00 00 00 - f0 ea 0e 00 c0 ff 07 00 > ................ > 000000000007ff60 36 a9 01 01 00 00 00 00 - 00 00 00 00 52 06 02 00 > 6...........R... > 000000000007ff70 01 00 00 00 10 00 00 00 - a0 10 08 00 44 00 00 00 > ............D... > 000000000007ff80 a4 06 02 00 84 06 02 00 - 54 06 02 00 00 00 00 00 > ........T....... > 000000000007ff90 00 00 00 00 00 00 00 00 - 00 00 00 00 18 00 00 00 > ................ > 000000000007ffa0 8c 1d 9c 76 3c aa 41 7e - 01 00 00 00 01 00 00 00 > ...v<.A~........ > 000000000007ffb0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 > ................ > 000000000007ffc0 f0 ff 07 00 d7 6f 81 7c - 10 00 00 00 a0 10 08 00 > .....o.|........ > 000000000007ffd0 00 c0 fd 7f 38 ab 54 80 - c8 ff 07 00 a8 32 c8 85 > ....8.T......2.. > 000000000007ffe0 ff ff ff ff a8 9a 83 7c - e0 6f 81 7c 00 00 00 00 > .......|.o.|.... > 000000000007fff0 00 00 00 00 00 00 00 00 - ce a8 01 01 00 00 00 00 > ................ > 0000000000080000 41 63 74 78 20 00 00 00 - 01 00 00 00 98 24 00 00 Actx > ........$.. > 0000000000080010 c4 00 00 00 00 00 00 00 - 20 00 00 00 00 00 00 00 > ........ ....... > 0000000000080020 14 00 00 00 01 00 00 00 - 06 00 00 00 34 00 00 00 > ............4... > > *----> State Dump for Thread Id 0x204 <----* > > eax=00000000 ebx=00000029 ecx=7ffda000 edx=6610ed10 esi=00320043 > edi=6610ed10 > eip=6600b1a6 esp=00efd9dc ebp=00efda14 iopl=0 nv up ei pl nz na pe > nc > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 > efl=00000202 > > *** ERROR: Symbol file could not be found. Defaulted to export symbols > for > C:\WINDOWS\system32\MSVBVM60.DLL - > function: MSVBVM60!EbResetProjectNormal > 6600b18c ed in eax,dx > 6600b18d 106601 adc [esi+0x1],ah > 6600b190 57 push edi > 6600b191 bf10ed1066 mov edi,0x6610ed10 > 6600b196 7507 jnz MSVBVM60!EbResetProjectNormal+0x6ad > (6600b19f) > 6600b198 57 push edi > 6600b199 ff159c100066 call dword ptr [MSVBVM60!Ordinal951+0x109c > (6600109c)] > 6600b19f 8b7610 mov esi,[esi+0x10] > 6600b1a2 85f6 test esi,esi > 6600b1a4 7410 jz MSVBVM60!EbResetProjectNormal+0x6c4 > (6600b1b6) > FAULT ->6600b1a6 8b460c mov eax,[esi+0xc] > ds:0023:0032004f=???????? > 6600b1a9 8b4c2410 mov ecx,[esp+0x10] > 6600b1ad 3b4808 cmp ecx,[eax+0x8] > 6600b1b0 0f8554590100 jne MSVBVM60!_vbaStrComp+0x5a44 > (66020b0a) > 6600b1b6 833d28ed106601 cmp dword ptr [MSVBVM60+0x10ed28 > (6610ed28)],0x1 > 6600b1bd 7507 jnz MSVBVM60!EbResetProjectNormal+0x6d4 > (6600b1c6) > 6600b1bf 57 push edi > 6600b1c0 ff1598100066 call dword ptr [MSVBVM60!Ordinal951+0x1098 > (66001098)] > 6600b1c6 8bc6 mov eax,esi > 6600b1c8 5f pop edi > 6600b1c9 5e pop esi > > *----> Stack Back Trace <----* > *** ERROR: Symbol file could not be found. Defaulted to export symbols > for > F:\apps\SpywareGuard\spywareguard.dll - > WARNING: Stack unwind information not available. Following frames may be > wrong. > *** ERROR: Symbol file could not be found. Defaulted to export symbols > for > C:\WINDOWS\system32\SHLWAPI.dll - > *** ERROR: Symbol file could not be found. Defaulted to export symbols > for > C:\WINDOWS\system32\BROWSEUI.dll - > Disable Error Reporting in the control panel System applet under "advanced" or type <Windows><pause|break> to open the System applet. You can choose to disable just this "explorer.exe" or all Windows programs, or only certain other programs as you desire.
|
Pages: 1 Prev: WINXP ERROR: "STOP OX7B Next: Adware-Virtumonde |