« previous next »
Pages: 1 [2]

Author Topic: Help please Multiple browsers  (Read 1303 times)

Offline bubbleandsqueek

  • Newbie
  • *
  • Posts: 15
  • Karma: +0/-0
    • View Profile
    • http://
Help please Multiple browsers
« Reply #20 on: November 07, 2005, 11:07:41 AM »
Hi again

I've downloaded the spywareblaster and I regulary defrag at least every two weeks. I've not received any more popup windows but its always been unpredictable so I can never tell when and if its going to happen. Also I entered the "cmd" in and done as instructed.
Since I started using the clean up programme, the net has been running alot faster but it still gets stuck and says not responding even on the firefox.
 Many thanks again for all your help
Logged

Offline bubbleandsqueek

  • Newbie
  • *
  • Posts: 15
  • Karma: +0/-0
    • View Profile
    • http://
Help please Multiple browsers
« Reply #21 on: November 07, 2005, 11:26:46 AM »
I forgot to ask, what is viewpoint manager and what application would it be part of.
 Thanks again
Logged

Offline bubbleandsqueek

  • Newbie
  • *
  • Posts: 15
  • Karma: +0/-0
    • View Profile
    • http://
Help please Multiple browsers
« Reply #22 on: November 08, 2005, 06:00:36 PM »
bump bumperty bump
Logged

Guest

  • Guest
Help please Multiple browsers
« Reply #23 on: November 11, 2005, 08:42:29 AM »
bump bump
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Help please Multiple browsers
« Reply #24 on: November 12, 2005, 11:01:54 AM »
Sorry for the delay, your last log I seen looked good
How's everything on your end now?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline bubbleandsqueek

  • Newbie
  • *
  • Posts: 15
  • Karma: +0/-0
    • View Profile
    • http://
Help please Multiple browsers
« Reply #25 on: November 15, 2005, 06:02:13 AM »
Hi,
Ok I've now got new probs, whether its too many applications installed or my pc needs restoring I'm unsure but it seems when I close down the pc for now when I turn on the following day the pc makes a lot of loud clicking noises and also the first screen to appear use to be a black screen showing windows xp and a green loading bar underneath now its a black screen with a very basic white loading bar and then I get the windows xp screen and then it loads in as normal, also my antivir icon in the task bar completely dissapeared and I couldn't get it to run or update, so I had to re-install the programme which seems to be working ok now.
IE is crashing all the time now saying not responding and it takes ages before I can disconnect and close down the IE.
I have restored to a previous date hoping this might do the trick, I've not shut off the pc yet but come straight here to let you know whats happening, I've not had any more extra windows as yet. One more thing I had a look at Dr Watson just before I restored and there were three errors, to with IE and one with Realtime.

Hope you can help, I really don't want my pc to crash.
Many thanks again
Logged

Offline bubbleandsqueek

  • Newbie
  • *
  • Posts: 15
  • Karma: +0/-0
    • View Profile
    • http://
Help please Multiple browsers
« Reply #26 on: November 15, 2005, 06:42:50 AM »
Hi Just thought I'd add the errors made by watson, I don't know if it will help, but thanks for helping.

Application exception occurred:
        App: C:\Program Files\Internet Explorer\iexplore.exe (pid=2376)
        When: 10/11/2005 @ 11:55:35.109
        Exception number: c0000005 (access violation)


Application exception occurred:
        App: C:\Program Files\Internet Explorer\iexplore.exe (pid=472)
        When: 11/11/2005 @ 19:31:57.953
        Exception number: c0000005 (access violation)
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Help please Multiple browsers
« Reply #27 on: November 17, 2005, 12:14:41 AM »
I suggest that you try the following and see how it goes

Go to Start, and then click Run.
In the copy and paste the following

sfc /scannow

Close down all other windows, including this one

Then go hit OK
Wait for this too finish as it may take some time
« Last Edit: November 17, 2005, 12:15:12 AM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline bubbleandsqueek

  • Newbie
  • *
  • Posts: 15
  • Karma: +0/-0
    • View Profile
    • http://
Help please Multiple browsers
« Reply #28 on: November 23, 2005, 04:32:16 PM »
Hi,

Many thanks again, I've done as requested but still nothing. Browser is getting worse by the minute thats bothe IE and Firefox. Constant crashing, non responsive. I'm miffed. Haven't been able to log on for a while, this web site keeps saying dnerror at the bottom of the screen and the screen is all blank, not sure if thats your website of my pc.

Thanks again for still helping
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Help please Multiple browsers
« Reply #29 on: November 24, 2005, 05:30:37 PM »
Well, let's see if this shows anything

Using Internet Explorer
From my signature below,  run an online virus scan at Kaspersky's
You will be promted to install an ActiveX component from Kaspersky, Click Yes.

    * The program will launch and then begin downloading the latest definition files:
    * Once the files have been downloaded click on NEXT
    * Now click on Scan Settings
    * In the scan settings make sure that the following are selected:
          o Scan using the following Anti-Virus database:
            Extended (if available otherwise Standard)
          o Scan Options:
            Scan Archives
            Scan Mail Bases
    * Click OK

    * Now under select a target to scan:
            Select My Computer
    * This program will start and scan your system.
    * The scan will take a while so be patient and let it run.

    * Once the scan is complete it will display if your system has been infected.
          o Now click on the Save as Text button:
    * Save the file to your desktop.
    * Copy and paste that information in your next post.

Also post a fresh hijackthis log
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline bubbleandsqueek

  • Newbie
  • *
  • Posts: 15
  • Karma: +0/-0
    • View Profile
    • http://
Help please Multiple browsers
« Reply #30 on: December 01, 2005, 06:23:05 PM »
Ok , not been able to log on for ages, but here goes. I've done as requested. ALso I started using IE again and it happened again loads of windows 35 to be exact, it went mad again pop up windows one after the other and I can't do a thing until it stops. I did check Dr watson so I don't know if this will help or not. Again thanks for all your help, I will send in a donation as all your helps been appreciated.
 
Sorry dr watson is a long file but I don't know if I can make it as an attachment.



Application exception occurred:
        App: C:\Program Files\Internet Explorer\iexplore.exe (pid=472)
        When: 11/11/2005 @ 19:31:57.953
        Exception number: c0000005 (access violation)

*----> System Information <----*
        Computer Name: NICKIANDCASEY
        User Name: Nicki and Casey
        Terminal Session Id: 0
        Number of Processors: 1
        Processor Type: x86 Family 15 Model 3 Stepping 4
        Windows Version: 5.1
        Current Build: 2600
        Service Pack: 2
        Current Type: Uniprocessor Free
        Registered Organization:
        Registered Owner: Nicki and Casey

*----> Task List <----*
   0 System Process
   4 System
 356 smss.exe
 428 csrss.exe
 452 winlogon.exe
 496 services.exe
 508 lsass.exe
 652 svchost.exe
 732 svchost.exe
 772 svchost.exe
 832 svchost.exe
 900 svchost.exe
1100 Explorer.EXE
1104 spoolsv.exe
1228 AVGUARD.EXE
1268 AVWUPSRV.EXE
1340 PRISMXL.SYS
1384 slserv.exe
1416 wdfmgr.exe
1676 zHotkey.exe
1684 igfxtray.exe
1700 hkcmd.exe
1708 shwiconem.exe
1728 Dragdiag.exe
1740 gcasServ.exe
1840 realsched.exe
1872 AVGNT.EXE
1956 eBayTBDaemon.exe
2020 gcasDtServ.exe
2028 msmsgs.exe
 852 alg.exe
1316 sgmain.exe
1912 sgbhp.exe
 540 msimn.exe
 472 iexplore.exe
3784 drwtsn32.exe

*----> Module List <----*
(0000000000400000 - 0000000000419000: C:\Program Files\Internet Explorer\iexplore.exe
(0000000001210000 - 0000000001282000: C:\Program Files\eBay\eBay Toolbar2\wsasc.dll
(00000000012a0000 - 000000000134e000: C:\Program Files\eBay\eBay Toolbar2\site.dll
(0000000001360000 - 000000000136b000: C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
(00000000019f0000 - 0000000001cb5000: C:\WINDOWS\system32\xpsp2res.dll
(0000000001ee0000 - 0000000001f68000: C:\WINDOWS\system32\shdoclc.dll
(0000000002750000 - 0000000002760000: C:\WINDOWS\system32\mshtmler.dll
(0000000002d20000 - 0000000002d47000: C:\WINDOWS\system32\msls31.dll
(0000000003270000 - 000000000329a000: C:\WINDOWS\system32\msimtf.dll
(00000000032a0000 - 00000000032eb000: C:\WINDOWS\system32\MSCTF.dll
(0000000003460000 - 0000000003477000: C:\WINDOWS\system32\odbcint.dll
(0000000006260000 - 0000000006296000: C:\Program Files\eBay\eBay Toolbar2\eBayToolbarComm.dll
(000000000e500000 - 000000000e579000: C:\WINDOWS\system32\Audiodev.dll
(000000000e580000 - 000000000e5ba000: C:\WINDOWS\system32\WMASF.DLL
(000000000fa60000 - 000000000fca6000: C:\WINDOWS\system32\WMVCore.DLL
(000000000ffd0000 - 000000000fff8000: C:\WINDOWS\system32\rsaenh.dll
(0000000010000000 - 0000000010073000: C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
(0000000011000000 - 000000001102f000: C:\Program Files\SpywareGuard\dlprotect.dll
(000000001c000000 - 000000001c006000: C:\WINDOWS\HKNTDLL.dll
(0000000020000000 - 0000000020012000: C:\WINDOWS\system32\browselc.dll
(0000000030000000 - 0000000030222000: C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx
(0000000047df0000 - 0000000047e12000: C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx
(000000004d4f0000 - 000000004d548000: C:\WINDOWS\system32\WINHTTP.dll
(000000005ad70000 - 000000005ada8000: C:\WINDOWS\system32\uxtheme.dll
(000000005b0a0000 - 000000005b0a7000: C:\WINDOWS\system32\umdmxfrm.dll
(000000005b4a0000 - 000000005b4c8000: C:\Program Files\Common Files\Microsoft Shared\Triedit\triedit.dll
(000000005b860000 - 000000005b8b4000: C:\WINDOWS\system32\NETAPI32.dll
(000000005cd70000 - 000000005cd77000: C:\WINDOWS\system32\serwvdrv.dll
(000000005d090000 - 000000005d127000: C:\WINDOWS\system32\comctl32.dll
(000000005ff20000 - 000000005ff46000: C:\WINDOWS\system32\MSRATING.dll
(000000005ff50000 - 000000005ff61000: C:\WINDOWS\system32\msratelc.dll
(0000000060300000 - 0000000060327000: C:\Program Files\Yahoo!\Shared\YAlertCenter.dll
(0000000062900000 - 0000000062955000: C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
(00000000629c0000 - 00000000629c9000: C:\WINDOWS\system32\LPK.DLL
(0000000065000000 - 0000000065032000: C:\Program Files\Yahoo!\Companion\Installs\cpn\ypubc.dll
(0000000065200000 - 0000000065213000: C:\Program Files\Yahoo!\Companion\Installs\cpn\pubmod.dll
(00000000662b0000 - 0000000066308000: C:\WINDOWS\system32\hnetcfg.dll
(0000000066400000 - 0000000066463000: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNMDR50.DLL
(0000000066880000 - 000000006688c000: C:\WINDOWS\system32\ImgUtil.dll
(0000000066900000 - 0000000066a5c000: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNMUI50.DLL
(0000000066e50000 - 0000000066e90000: C:\WINDOWS\system32\iepeers.dll
(0000000068100000 - 0000000068124000: C:\WINDOWS\system32\dssenh.dll
(000000006bdd0000 - 000000006be06000: C:\WINDOWS\system32\dxtrans.dll
(000000006be10000 - 000000006be6a000: C:\WINDOWS\system32\dxtmsft.dll
(000000006cc60000 - 000000006cc6b000: C:\WINDOWS\system32\dispex.dll
(000000006d430000 - 000000006d43a000: C:\WINDOWS\system32\ddrawex.dll
(0000000071a50000 - 0000000071a8f000: C:\WINDOWS\System32\mswsock.dll
(0000000071a90000 - 0000000071a98000: C:\WINDOWS\System32\wshtcpip.dll
(0000000071aa0000 - 0000000071aa8000: C:\WINDOWS\system32\WS2HELP.dll
(0000000071ab0000 - 0000000071ac7000: C:\WINDOWS\system32\WS2_32.dll
(0000000071ad0000 - 0000000071ad9000: C:\WINDOWS\system32\WSOCK32.dll
(0000000071b20000 - 0000000071b32000: C:\WINDOWS\system32\MPR.dll
(0000000071bf0000 - 0000000071c03000: C:\WINDOWS\System32\SAMLIB.dll
(0000000071c10000 - 0000000071c1e000: C:\WINDOWS\System32\ntlanman.dll
(0000000071c80000 - 0000000071c87000: C:\WINDOWS\System32\NETRAP.dll
(0000000071c90000 - 0000000071cd0000: C:\WINDOWS\System32\NETUI1.dll
(0000000071cd0000 - 0000000071ce7000: C:\WINDOWS\System32\NETUI0.dll
(0000000071d40000 - 0000000071d5c000: C:\WINDOWS\system32\actxprxy.dll
(00000000722b0000 - 00000000722b5000: C:\WINDOWS\system32\SensApi.dll
(0000000072b20000 - 0000000072b38000: C:\WINDOWS\system32\plugin.ocx
(0000000072d10000 - 0000000072d18000: C:\WINDOWS\system32\msacm32.drv
(0000000072d20000 - 0000000072d29000: C:\WINDOWS\system32\wdmaud.drv
(0000000073000000 - 0000000073026000: C:\WINDOWS\system32\WINSPOOL.DRV
(0000000073300000 - 0000000073367000: C:\WINDOWS\system32\vbscript.dll
(0000000073420000 - 0000000073574000: C:\WINDOWS\system32\MSVBVM60.DLL
(0000000073760000 - 00000000737a9000: C:\WINDOWS\system32\DDRAW.dll
(0000000073b30000 - 0000000073b45000: C:\WINDOWS\system32\mscms.dll
(0000000073bc0000 - 0000000073bc6000: C:\WINDOWS\system32\DCIMAN32.dll
(0000000073d70000 - 0000000073d83000: C:\WINDOWS\system32\shgina.dll
(0000000073dd0000 - 0000000073ece000: C:\WINDOWS\system32\MFC42.DLL
(0000000074320000 - 000000007435d000: C:\WINDOWS\system32\ODBC32.dll
(00000000745e0000 - 00000000748a6000: C:\WINDOWS\system32\msi.dll
(0000000074980000 - 0000000074ab0000: C:\WINDOWS\system32\msxml3.dll
(0000000074ae0000 - 0000000074ae7000: C:\WINDOWS\system32\CFGMGR32.dll
(0000000074b80000 - 0000000074c0c000: C:\WINDOWS\system32\printui.dll
(0000000074d90000 - 0000000074dfb000: C:\WINDOWS\system32\USP10.dll
(00000000754d0000 - 0000000075550000: C:\WINDOWS\system32\CRYPTUI.dll
(00000000755c0000 - 00000000755ee000: C:\WINDOWS\system32\msctfime.ime
(0000000075970000 - 0000000075a67000: C:\WINDOWS\system32\MSGINA.dll
(0000000075c50000 - 0000000075cbe000: C:\WINDOWS\system32\jscript.dll
(0000000075cf0000 - 0000000075d81000: C:\WINDOWS\system32\mlang.dll
(0000000075e60000 - 0000000075e73000: C:\WINDOWS\system32\cryptnet.dll
(0000000075e90000 - 0000000075f40000: C:\WINDOWS\system32\SXS.DLL
(0000000075f60000 - 0000000075f67000: C:\WINDOWS\System32\drprov.dll
(0000000075f70000 - 0000000075f79000: C:\WINDOWS\System32\davclnt.dll
(0000000075f80000 - 000000007607d000: C:\WINDOWS\system32\BROWSEUI.dll
(0000000076200000 - 0000000076271000: C:\WINDOWS\system32\mshtmled.dll
(0000000076360000 - 0000000076370000: C:\WINDOWS\system32\WINSTA.dll
(0000000076380000 - 0000000076385000: C:\WINDOWS\system32\MSIMG32.dll
(0000000076390000 - 00000000763ad000: C:\WINDOWS\system32\IMM32.DLL
(00000000763b0000 - 00000000763f9000: C:\WINDOWS\system32\comdlg32.dll
(0000000076600000 - 000000007661d000: C:\WINDOWS\System32\CSCDLL.dll
(00000000767f0000 - 0000000076817000: C:\WINDOWS\system32\schannel.dll
(0000000076820000 - 0000000076834000: C:\WINDOWS\system32\HLINK.DLL
(00000000769c0000 - 0000000076a73000: C:\WINDOWS\system32\USERENV.dll
(0000000076b20000 - 0000000076b31000: C:\WINDOWS\system32\ATL.DLL
(0000000076b40000 - 0000000076b6d000: C:\WINDOWS\system32\WINMM.dll
(0000000076c30000 - 0000000076c5e000: C:\WINDOWS\system32\WINTRUST.dll
(0000000076c90000 - 0000000076cb8000: C:\WINDOWS\system32\IMAGEHLP.dll
(0000000076d60000 - 0000000076d79000: C:\WINDOWS\system32\iphlpapi.dll
(0000000076e10000 - 0000000076e35000: C:\WINDOWS\system32\adsldpc.dll
(0000000076e80000 - 0000000076e8e000: C:\WINDOWS\system32\rtutils.dll
(0000000076e90000 - 0000000076ea2000: C:\WINDOWS\system32\rasman.dll
(0000000076eb0000 - 0000000076edf000: C:\WINDOWS\system32\TAPI32.dll
(0000000076ee0000 - 0000000076f1c000: C:\WINDOWS\system32\RASAPI32.DLL
(0000000076f20000 - 0000000076f47000: C:\WINDOWS\system32\DNSAPI.dll
(0000000076f60000 - 0000000076f8c000: C:\WINDOWS\system32\WLDAP32.dll
(0000000076fb0000 - 0000000076fb8000: C:\WINDOWS\System32\winrnr.dll
(0000000076fc0000 - 0000000076fc6000: C:\WINDOWS\system32\rasadhlp.dll
(0000000076fd0000 - 000000007704f000: C:\WINDOWS\system32\CLBCATQ.DLL
(0000000077050000 - 0000000077115000: C:\WINDOWS\system32\COMRes.dll
(0000000077120000 - 00000000771ac000: C:\WINDOWS\system32\OLEAUT32.dll
(00000000771b0000 - 0000000077256000: C:\WINDOWS\system32\WININET.dll
(0000000077260000 - 00000000772ff000: C:\WINDOWS\system32\urlmon.dll
(00000000773d0000 - 00000000774d2000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
(00000000774e0000 - 000000007761d000: C:\WINDOWS\system32\ole32.dll
(0000000077760000 - 00000000778cc000: C:\WINDOWS\system32\SHDOCVW.dll
(0000000077920000 - 0000000077a13000: C:\WINDOWS\system32\SETUPAPI.dll
(0000000077a20000 - 0000000077a74000: C:\WINDOWS\System32\cscui.dll
(0000000077a80000 - 0000000077b14000: C:\WINDOWS\system32\CRYPT32.dll
(0000000077b20000 - 0000000077b32000: C:\WINDOWS\system32\MSASN1.dll
(0000000077b40000 - 0000000077b62000: C:\WINDOWS\system32\appHelp.dll
(0000000077bd0000 - 0000000077bd7000: C:\WINDOWS\system32\midimap.dll
(0000000077be0000 - 0000000077bf5000: C:\WINDOWS\system32\MSACM32.dll
(0000000077c00000 - 0000000077c08000: C:\WINDOWS\system32\VERSION.dll
(0000000077c10000 - 0000000077c68000: C:\WINDOWS\system32\msvcrt.dll
(0000000077c70000 - 0000000077c93000: C:\WINDOWS\system32\msv1_0.dll
(0000000077cc0000 - 0000000077cf2000: C:\WINDOWS\system32\ACTIVEDS.dll
(0000000077d40000 - 0000000077dd0000: C:\WINDOWS\system32\USER32.dll
(0000000077dd0000 - 0000000077e6b000: C:\WINDOWS\system32\ADVAPI32.dll
(0000000077e70000 - 0000000077f01000: C:\WINDOWS\system32\RPCRT4.dll
(0000000077f10000 - 0000000077f57000: C:\WINDOWS\system32\GDI32.dll
(0000000077f60000 - 0000000077fd6000: C:\WINDOWS\system32\SHLWAPI.dll
(0000000077fe0000 - 0000000077ff1000: C:\WINDOWS\system32\Secur32.dll
(0000000079170000 - 0000000079196000: C:\WINDOWS\system32\mscoree.dll
(0000000079410000 - 0000000079425000: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
(0000000079480000 - 0000000079499000: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
(000000007c340000 - 000000007c396000: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll
(000000007c800000 - 000000007c8f4000: C:\WINDOWS\system32\kernel32.dll
(000000007c900000 - 000000007c9b0000: C:\WINDOWS\system32\ntdll.dll
(000000007c9c0000 - 000000007d1d5000: C:\WINDOWS\system32\SHELL32.dll
(000000007d4a0000 - 000000007d787000: C:\WINDOWS\system32\mshtml.dll

*----> State Dump for Thread Id 0x36c <----*

eax=00000001 ebx=00000000 ecx=0013eb14 edx=7c90eb94 esi=00163010 edi=00000000
eip=7c90eb94 esp=0013eb7c ebp=0013edd8 iopl=0         nv up ei pl nz na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000202

*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\ntdll.dll -
function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\BROWSEUI.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\SHDOCVW.dll -
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\Program Files\Internet Explorer\iexplore.exe -
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll -
ChildEBP RetAddr  Args to Child              
0013edd8 75fae805 00162d88 0013ee98 00162d88 ntdll!KiFastSystemCallRet
0013ee6c 75faeacd 00162d88 00162d88 00000000 BROWSEUI!Ordinal107+0xbf1e
0013fef0 777e7216 00162d88 00000000 00000000 BROWSEUI!Ordinal102+0x22c
0013ff10 00402372 001523ba 00000001 00090000 SHDOCVW!Ordinal101+0x129
0013ff60 00402444 00400000 00000000 001523ba iexplore+0x2372
0013ffc0 7c816d4f 00090000 00116226 7ffd4000 iexplore+0x2444
0013fff0 00000000 00402451 00000000 78746341 kernel32!RegisterWaitForInputIdle+0x49

*----> Raw Stack Dump <----*
000000000013eb7c  18 94 d4 77 e9 e6 fa 75 - 98 ee 13 00 00 00 00 00  ...w...u........
000000000013eb8c  00 00 00 00 70 03 0f 00 - 13 01 00 00 01 00 00 00  ....p...........
000000000013eb9c  00 00 00 00 0e 73 0e 02 - a6 01 00 00 c8 00 00 00  .....s..........
000000000013ebac  04 00 00 00 01 44 00 90 - 10 30 16 00 00 00 00 00  .....D...0......
000000000013ebbc  46 03 0c 00 c0 c2 15 00 - 01 00 00 00 00 00 00 00  F...............
000000000013ebcc  4d 00 69 00 63 00 72 00 - 6f 00 73 00 6f 00 66 00  M.i.c.r.o.s.o.f.
000000000013ebdc  74 00 20 00 49 00 6e 00 - 74 00 65 00 72 00 6e 00  t. .I.n.t.e.r.n.
000000000013ebec  65 00 74 00 20 00 45 00 - 78 00 70 00 6c 00 6f 00  e.t. .E.x.p.l.o.
000000000013ebfc  72 00 65 00 72 00 00 00 - 37 42 2d 31 00 00 00 00  r.e.r...7B-1....
000000000013ec0c  39 44 31 46 2d 30 30 30 - 30 46 38 30 03 00 00 00  9D1F-0000F80....
000000000013ec1c  37 7d 00 00 28 2f 16 00 - dd 43 f6 77 48 53 9c 7c  7}..(/...C.wHS.|
000000000013ec2c  04 00 00 00 00 00 00 00 - 08 00 00 00 00 00 00 00  ................
000000000013ec3c  c0 01 00 00 08 00 00 00 - 78 01 15 00 c0 e4 97 7c  ........x......|
000000000013ec4c  b8 25 16 00 f8 35 88 7c - a1 43 91 7c 00 00 00 00  .%...5.|.C.|....
000000000013ec5c  08 00 0a 00 2a 03 01 00 - 00 00 15 00 02 00 00 00  ....*...........
000000000013ec6c  00 00 00 00 80 02 15 00 - b5 4e 00 00 c0 ed 13 00  .........N......
000000000013ec7c  b9 43 f6 77 c0 ed 13 00 - d0 43 f6 77 50 02 15 00  .C.w.....C.wP...
000000000013ec8c  04 00 00 00 d0 78 9e 7c - ae 00 00 00 e8 ec 13 00  .....x.|........
000000000013ec9c  d3 9b 91 7c 5a ed 13 00 - 08 00 00 00 00 00 9c 7c  ...|Z..........|
000000000013ecac  00 00 00 00 98 89 9e 7c - 00 00 00 00 1b 00 00 00  .......|........

*----> State Dump for Thread Id 0x37c <----*

eax=0101fe9c ebx=0101fee4 ecx=8d77784c edx=77239a9c esi=00000000 edi=7ffd4000
eip=7c90eb94 esp=0101febc ebp=0101ff58 iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll -
ChildEBP RetAddr  Args to Child              
0101ff58 7c809c86 00000004 0003c260 00000000 ntdll!KiFastSystemCallRet
0101ff74 62934987 00000004 0003c260 00000000 kernel32!WaitForMultipleObjects+0x18
0101ffec 00000000 6290d927 0003a490 00000000 yt+0x34987

*----> Raw Stack Dump <----*
000000000101febc  ab e9 90 7c f2 94 80 7c - 04 00 00 00 e4 fe 01 01  ...|...|........
000000000101fecc  01 00 00 00 00 00 00 00 - 00 00 00 00 30 a5 03 00  ............0...
000000000101fedc  90 a4 03 00 90 a4 03 00 - 80 02 00 00 74 02 00 00  ............t...
000000000101feec  78 02 00 00 7c 02 00 00 - 10 2c 94 62 dc ff 01 01  x...|....,.b....
000000000101fefc  18 ee 90 7c 70 05 91 7c - 14 00 00 00 01 00 00 00  ...|p..|........
000000000101ff0c  00 00 00 00 00 00 00 00 - 10 00 00 00 95 01 d6 77  ...............w
000000000101ff1c  54 ff 01 01 00 e0 fd 7f - 00 40 fd 7f 00 e0 fd 7f  T........@......
000000000101ff2c  40 ff 01 01 00 00 00 00 - e4 fe 01 01 90 a4 03 00  @...............
000000000101ff3c  04 00 00 00 d8 fe 01 01 - 01 00 00 00 dc ff 01 01  ................
000000000101ff4c  f3 99 83 7c 90 95 80 7c - 00 00 00 00 74 ff 01 01  ...|...|....t...
000000000101ff5c  86 9c 80 7c 04 00 00 00 - 60 c2 03 00 00 00 00 00  ...|....`.......
000000000101ff6c  ff ff ff ff 00 00 00 00 - ec ff 01 01 87 49 93 62  .............I.b
000000000101ff7c  04 00 00 00 60 c2 03 00 - 00 00 00 00 ff ff ff ff  ....`...........
000000000101ff8c  30 a5 03 00 90 a4 03 00 - 32 32 93 62 00 00 00 00  0.......22.b....
000000000101ff9c  90 a4 03 00 df 49 93 62 - 00 00 00 00 90 a4 03 00  .....I.b........
000000000101ffac  5c d9 90 62 02 00 00 00 - 00 00 00 00 0b b5 80 7c  \..b...........|
000000000101ffbc  90 a4 03 00 02 00 00 00 - 00 00 00 00 90 a4 03 00  ................
000000000101ffcc  00 e0 fd 7f 00 96 33 81 - c0 ff 01 01 08 20 a9 ff  ......3...... ..
000000000101ffdc  ff ff ff ff f3 99 83 7c - 18 b5 80 7c 00 00 00 00  .......|...|....
000000000101ffec  00 00 00 00 00 00 00 00 - 27 d9 90 62 90 a4 03 00  ........'..b....

*----> State Dump for Thread Id 0xec <----*

eax=0cc7e408 ebx=7c90e9b4 ecx=7ffdd000 edx=0cc7e4a0 esi=00000000 edi=00000001
eip=7c90eb94 esp=0206fad0 ebp=0206fb0c iopl=0         nv up ei pl nz na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000202

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\System32\mswsock.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\WS2_32.dll -
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\WININET.dll -
ChildEBP RetAddr  Args to Child              
0206fb0c 71a55fa7 00000380 00000384 00000001 ntdll!KiFastSystemCallRet
0206fc00 71ab2e67 00000001 0206fe80 0206fc78 mswsock+0x5fa7
0206fc50 771d714f 00000001 0206fe80 0206fc78 WS2_32!select+0xa7
0206ffac 771d9283 0206ffec 7c80b50b 001ca138 WININET!GetUrlCacheEntryInfoExW+0x892
0206ffb4 7c80b50b 001ca138 7727a646 001cbeb0 WININET!InternetSetStatusCallback+0x1d7
0206ffec 00000000 771d9276 001ca138 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Raw Stack Dump <----*
000000000206fad0  c0 e9 90 7c a5 3c a5 71 - 80 03 00 00 01 00 00 00  ...|.<.q........
000000000206fae0  f8 fa 06 02 b0 fb 06 02 - 80 fe 06 02 a0 fb 06 02  ................
000000000206faf0  00 fb 06 02 ef d8 90 7c - c0 b4 b3 ff ff ff ff ff  .......|........
000000000206fb00  68 4a 19 00 00 00 00 00 - 00 00 00 00 00 fc 06 02  hJ..............
000000000206fb10  a7 5f a5 71 80 03 00 00 - 84 03 00 00 01 00 00 00  ._.q............
000000000206fb20  04 00 00 00 7c fd 06 02 - f0 8c 1b 00 78 fc 06 02  ....|.......x...
000000000206fb30  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000206fb40  01 00 00 00 80 0f 05 fd - ff ff ff ff 00 00 15 00  ................
000000000206fb50  00 00 15 00 10 00 00 00 - 40 fb 06 02 00 00 00 00  ........@.......
000000000206fb60  00 00 01 00 05 00 00 00 - 00 00 15 00 08 01 00 00  ................
000000000206fb70  34 fc 06 02 18 ee 90 7c - b4 fb 06 02 1c 00 00 00  4......|........
000000000206fb80  68 4a 19 00 bc fb 06 02 - 78 fc 06 02 7c fd 06 02  hJ......x...|...
000000000206fb90  00 00 00 00 a0 fb 06 02 - 00 00 00 00 00 00 00 00  ................
000000000206fba0  80 0f 05 fd ff ff ff ff - 01 00 00 00 00 00 01 00  ................
000000000206fbb0  84 03 00 00 19 00 00 00 - 38 52 a4 0c 04 fc 06 02  ........8R......
000000000206fbc0  18 ee 90 7c 70 05 91 7c - ff ff ff ff 6d 05 91 7c  ...|p..|....m..|
000000000206fbd0  88 99 80 7c 00 00 15 00 - 00 00 00 00 9b 99 80 7c  ...|...........|
000000000206fbe0  3c 97 23 77 51 10 00 00 - 24 fb 06 02 0c 15 aa 71  <.#wQ...$......q
000000000206fbf0  40 fc 06 02 c8 71 a7 71 - 68 2e a5 71 ff ff ff ff  @....q.qh..q....
000000000206fc00  50 fc 06 02 67 2e ab 71 - 01 00 00 00 80 fe 06 02  P...g..q........

*----> State Dump for Thread Id 0x54c <----*

eax=000000c0 ebx=00000000 ecx=7c800000 edx=00000000 esi=00138b44 edi=02080000
eip=7c90eb94 esp=0216ff9c ebp=0216ffb4 iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
0216ffb4 7c80b50b 00000000 02080000 00138b44 ntdll!KiFastSystemCallRet
0216ffec 00000000 7c92798d 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Raw Stack Dump <----*
000000000216ff9c  5c d8 90 7c d4 79 92 7c - 01 00 00 00 ac ff 16 02  \..|.y.|........
000000000216ffac  00 00 00 00 00 00 00 80 - ec ff 16 02 0b b5 80 7c  ...............|
000000000216ffbc  00 00 00 00 00 00 08 02 - 44 8b 13 00 00 00 00 00  ........D.......
000000000216ffcc  00 c0 fd 7f 00 96 33 81 - c0 ff 16 02 48 e9 5f ff  ......3.....H._.
000000000216ffdc  ff ff ff ff f3 99 83 7c - 18 b5 80 7c 00 00 00 00  .......|...|....
000000000216ffec  00 00 00 00 00 00 00 00 - 8d 79 92 7c 00 00 00 00  .........y.|....
000000000216fffc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000217000c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000217001c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000217002c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000217003c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000217004c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000217005c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000217006c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000217007c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000217008c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000217009c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000021700ac  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000021700bc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000021700cc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................

*----> State Dump for Thread Id 0x6c <----*

eax=0000009a ebx=00000000 ecx=00000039 edx=00000035 esi=7c97c380 edi=7c97c3a0
eip=7c90eb94 esp=0226ff70 ebp=0226ffb4 iopl=0         nv up ei ng nz na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000286

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
0226ffb4 7c80b50b 00000000 00000000 00000000 ntdll!KiFastSystemCallRet
0226ffec 00000000 7c910760 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Raw Stack Dump <----*
000000000226ff70  1b e3 90 7c 9d 07 91 7c - a8 03 00 00 ac ff 26 02  ...|...|......&.
000000000226ff80  b0 ff 26 02 98 ff 26 02 - a0 ff 26 02 00 00 00 00  ..&...&...&.....
000000000226ff90  00 00 00 00 00 00 00 00 - 00 00 00 00 98 84 d6 0a  ................
000000000226ffa0  00 7c 28 e8 ff ff ff ff - 01 00 00 00 69 75 92 7c  .|(.........iu.|
000000000226ffb0  b8 33 0d 0b ec ff 26 02 - 0b b5 80 7c 00 00 00 00  .3....&....|....
000000000226ffc0  00 00 00 00 00 00 00 00 - 00 00 00 00 00 b0 fd 7f  ................
000000000226ffd0  00 96 33 81 c0 ff 26 02 - 48 e9 5f ff ff ff ff ff  ..3...&.H._.....
000000000226ffe0  f3 99 83 7c 18 b5 80 7c - 00 00 00 00 00 00 00 00  ...|...|........
000000000226fff0  00 00 00 00 60 07 91 7c - 00 00 00 00 00 00 00 00  ....`..|........
0000000002270000  d8 e9 ec 00 d8 e9 ec 00 - d8 e9 ec 00 d8 e9 ec 00  ................
0000000002270010  d8 e9 ec 00 d8 e9 ec 00 - d8 e9 ec 00 d8 e9 ec 00  ................
0000000002270020  d8 e9 ec 00 d8 e9 ec 00 - d8 e9 ec 00 d8 e9 ec 00  ................
0000000002270030  d8 e9 ec 00 d8 e9 ec 00 - d8 e9 ec 00 d8 e9 ec 00  ................
0000000002270040  d8 e9 ec 00 d8 e9 ec 00 - d8 e9 ec 00 d8 e9 ec 00  ................
0000000002270050  d8 e9 ec 00 d8 e9 ec 00 - d8 e9 ec 00 d8 e9 ec 00  ................
0000000002270060  d8 e9 ec 00 d8 e9 ec 00 - d8 e9 ec 00 d8 e9 ec 00  ................
0000000002270070  d8 e9 ec 00 d8 e9 ec 00 - d8 e9 ec 00 d8 e9 ec 00  ................
0000000002270080  d8 e9 ec 00 d8 e9 ec 00 - d8 e9 ec 00 d8 e9 ec 00  ................
0000000002270090  d8 e9 ec 00 d8 e9 ec 00 - d8 e9 ec 00 d8 e9 ec 00  ................
00000000022700a0  d8 e9 ec 00 d8 e9 ec 00 - d8 e9 ec 00 d8 e9 ec 00  ................

*----> State Dump for Thread Id 0x810 <----*

eax=ffff0001 ebx=04cbfef8 ecx=04cbffb0 edx=04cbffac esi=00000000 edi=7ffd4000
eip=7c90eb94 esp=04cbfed0 ebp=04cbff6c iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\wdmaud.drv -
ChildEBP RetAddr  Args to Child              
04cbff6c 7c809c86 00000002 04cbffa4 00000000 ntdll!KiFastSystemCallRet
04cbff88 72d2312a 00000002 04cbffa4 00000000 kernel32!WaitForMultipleObjects+0x18
04cbffb4 7c80b50b 00000000 00000000 00150000 wdmaud!midMessage+0x348
04cbffec 00000000 72d230e8 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Raw Stack Dump <----*
0000000004cbfed0  ab e9 90 7c f2 94 80 7c - 02 00 00 00 f8 fe cb 04  ...|...|........
0000000004cbfee0  01 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
0000000004cbfef0  00 00 00 00 00 00 00 00 - e4 05 00 00 d8 05 00 00  ................
0000000004cbff00  2a 26 80 7c 18 ff cb 04 - 00 26 80 7c 30 25 80 7c  *&.|.....&.|0%.|
0000000004cbff10  00 00 00 00 00 00 00 00 - 14 00 00 00 01 00 00 00  ................
0000000004cbff20  00 00 00 00 00 00 00 00 - 10 00 00 00 dc bd 6f ff  ..............o.
0000000004cbff30  ff ff ff ff 00 40 fd 7f - 00 40 fd 7f 00 50 fd 7f  .....@[email protected]..
0000000004cbff40  00 00 00 00 00 00 00 00 - f8 fe cb 04 dc ff cb 04  ................
0000000004cbff50  02 00 00 00 ec fe cb 04 - ff ff ff ff dc ff cb 04  ................
0000000004cbff60  f3 99 83 7c 90 95 80 7c - 00 00 00 00 88 ff cb 04  ...|...|........
0000000004cbff70  86 9c 80 7c 02 00 00 00 - a4 ff cb 04 00 00 00 00  ...|............
0000000004cbff80  ff ff ff ff 00 00 00 00 - b4 ff cb 04 2a 31 d2 72  ............*1.r
0000000004cbff90  02 00 00 00 a4 ff cb 04 - 00 00 00 00 ff ff ff ff  ................
0000000004cbffa0  00 00 15 00 e4 05 00 00 - d8 05 00 00 02 00 00 00  ................
0000000004cbffb0  00 00 ff ff ec ff cb 04 - 0b b5 80 7c 00 00 00 00  ...........|....
0000000004cbffc0  00 00 00 00 00 00 15 00 - 00 00 00 00 00 50 fd 7f  .............P..
0000000004cbffd0  00 96 33 81 c0 ff cb 04 - f8 39 80 ff ff ff ff ff  ..3......9......
0000000004cbffe0  f3 99 83 7c 18 b5 80 7c - 00 00 00 00 00 00 00 00  ...|...|........
0000000004cbfff0  00 00 00 00 e8 30 d2 72 - 00 00 00 00 00 00 00 00  .....0.r........
0000000004cc0000  03 fc 0f 00 0f ff 0f 00 - 1f ff 8f 00 3f ff cf 00  ............?...

*----> State Dump for Thread Id 0x5c8 <----*

eax=0aed7bd8 ebx=020e0d5f ecx=0ae34ff0 edx=100f0000 esi=00000510 edi=00000000
eip=7c90eb94 esp=0518ff08 ebp=0518ff6c iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\mshtml.dll -
ChildEBP RetAddr  Args to Child              
0518ff6c 7c802542 00000510 ffffffff 00000000 ntdll!KiFastSystemCallRet
0518ff80 7d66a58b 00000510 ffffffff 0013c400 kernel32!WaitForSingleObject+0x12
0518ffa4 7d586c62 00000020 7d586c34 0518ffec mshtml+0x1ca58b
0518ffb4 7c80b50b 02dd3be0 0013c400 00000020 mshtml+0xe6c62
0518ffec 00000000 7d586c27 02dd3be0 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Raw Stack Dump <----*
000000000518ff08  c0 e9 90 7c db 25 80 7c - 10 05 00 00 00 00 00 00  ...|.%.|........
000000000518ff18  00 00 00 00 38 3c dd 02 - e0 3b dd 02 5f 0d 0e 02  ....8<...;.._...
000000000518ff28  14 00 00 00 01 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000518ff38  10 00 00 00 90 3a cc 0b - 05 00 00 00 00 40 fd 7f  .....:.......@..
000000000518ff48  00 b0 fa 7f 00 00 00 00 - 48 00 00 00 1c ff 18 05  ........H.......
000000000518ff58  db cd 50 7d dc ff 18 05 - f3 99 83 7c 08 26 80 7c  ..P}.......|.&.|
000000000518ff68  00 00 00 00 80 ff 18 05 - 42 25 80 7c 10 05 00 00  ........B%.|....
000000000518ff78  ff ff ff ff 00 00 00 00 - a4 ff 18 05 8b a5 66 7d  ..............f}
000000000518ff88  10 05 00 00 ff ff ff ff - 00 c4 13 00 e0 3b dd 02  .............;..
000000000518ff98  e0 3b dd 02 00 00 00 00 - ff ff ff ff b4 ff 18 05  .;..............
000000000518ffa8  62 6c 58 7d 20 00 00 00 - 34 6c 58 7d ec ff 18 05  blX} ...4lX}....
000000000518ffb8  0b b5 80 7c e0 3b dd 02 - 00 c4 13 00 20 00 00 00  ...|.;...... ...
000000000518ffc8  e0 3b dd 02 00 b0 fa 7f - 00 96 33 81 c0 ff 18 05  .;........3.....
000000000518ffd8  00 7f a1 ff ff ff ff ff - f3 99 83 7c 18 b5 80 7c  ...........|...|
000000000518ffe8  00 00 00 00 00 00 00 00 - 00 00 00 00 27 6c 58 7d  ............'lX}
000000000518fff8  e0 3b dd 02 00 00 00 00 - 07 07 07 07 07 07 07 07  .;..............
0000000005190008  07 07 07 07 07 07 07 07 - 07 07 07 07 07 07 07 07  ................
0000000005190018  07 00 00 00 07 07 07 07 - 07 07 07 07 07 07 07 07  ................
0000000005190028  07 07 07 07 07 07 07 07 - 07 07 07 07 07 00 00 00  ................
0000000005190038  07 07 07 07 07 07 07 07 - 07 07 07 07 07 07 07 07  ................

*----> State Dump for Thread Id 0x9e8 <----*

eax=000000c0 ebx=00000000 ecx=7c916de8 edx=7c90ee18 esi=00000000 edi=00000001
eip=7c90eb94 esp=052ffcec ebp=052fffb4 iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
052fffb4 7c80b50b 00000000 00000000 ffffffff ntdll!KiFastSystemCallRet
052fffec 00000000 7c929fae 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Raw Stack Dump <----*
00000000052ffcec  ab e9 90 7c d5 a0 92 7c - 15 00 00 00 30 fd 2f 05  ...|...|....0./.
00000000052ffcfc  01 00 00 00 01 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000052ffd0c  ff ff ff ff 00 00 00 00 - 08 e5 97 7c 08 e5 97 7c  ...........|...|
00000000052ffd1c  bc 06 00 00 e8 09 00 00 - 15 00 00 00 15 00 00 00  ................
00000000052ffd2c  14 00 00 00 b8 06 00 00 - b4 06 00 00 38 00 00 00  ............8...
00000000052ffd3c  f8 06 00 00 04 07 00 00 - 20 07 00 00 2c 07 00 00  ........ ...,...
00000000052ffd4c  38 07 00 00 58 07 00 00 - 60 07 00 00 68 07 00 00  8...X...`...h...
00000000052ffd5c  74 07 00 00 7c 07 00 00 - 88 07 00 00 94 07 00 00  t...|...........
00000000052ffd6c  a0 07 00 00 a8 07 00 00 - b4 07 00 00 c0 07 00 00  ................
00000000052ffd7c  cc 07 00 00 d4 07 00 00 - 00 00 00 00 00 00 00 00  ................
00000000052ffd8c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000052ffd9c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000052ffdac  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000052ffdbc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000052ffdcc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000052ffddc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000052ffdec  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000052ffdfc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000052ffe0c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000052ffe1c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................

*----> State Dump for Thread Id 0xa8 <----*

eax=769c8831 ebx=053ffef4 ecx=0226f600 edx=0226f8b4 esi=00000000 edi=7ffd4000
eip=7c90eb94 esp=053ffecc ebp=053fff68 iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\USERENV.dll -
ChildEBP RetAddr  Args to Child              
053fff68 7c809c86 00000003 76a60310 00000000 ntdll!KiFastSystemCallRet
053fff84 769c888d 00000003 76a60310 00000000 kernel32!WaitForMultipleObjects+0x18
053fffb4 7c80b50b 00000000 00000000 00000000 USERENV!UnregisterGPNotification+0x15c
053fffec 00000000 769c8831 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Raw Stack Dump <----*
00000000053ffecc  ab e9 90 7c f2 94 80 7c - 03 00 00 00 f4 fe 3f 05  ...|...|......?.
00000000053ffedc  01 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000053ffeec  b8 03 a6 76 77 9b 80 7c - 08 07 00 00 0c 07 00 00  ...vw..|........
00000000053ffefc  10 07 00 00 5c fe 3f 05 - 6c ff 3f 05 6c ff 3f 05  ....\.?.l.?.l.?.
00000000053fff0c  18 ee 90 7c 70 05 91 7c - 14 00 00 00 01 00 00 00  ...|p..|........
00000000053fff1c  00 00 00 00 00 00 00 00 - 10 00 00 00 f6 1b 80 7c  ...............|
00000000053fff2c  00 00 00 00 00 00 00 00 - 00 40 fd 7f 00 90 fa 7f  .........@......
00000000053fff3c  d0 e0 15 00 00 00 00 00 - f4 fe 3f 05 00 00 00 00  ..........?.....
00000000053fff4c  03 00 00 00 e8 fe 3f 05 - 00 00 00 00 dc ff 3f 05  ......?.......?.
00000000053fff5c  f3 99 83 7c 90 95 80 7c - 00 00 00 00 84 ff 3f 05  ...|...|......?.
00000000053fff6c  86 9c 80 7c 03 00 00 00 - 10 03 a6 76 00 00 00 00  ...|.......v....
00000000053fff7c  ff ff ff ff 00 00 00 00 - b4 ff 3f 05 8d 88 9c 76  ..........?....v
00000000053fff8c  03 00 00 00 10 03 a6 76 - 00 00 00 00 ff ff ff ff  .......v........
00000000053fff9c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 9c 76  ...............v
00000000053fffac  03 00 00 00 00 00 00 00 - ec ff 3f 05 0b b5 80 7c  ..........?....|
00000000053fffbc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000000053fffcc  00 90 fa 7f 00 96 33 81 - c0 ff 3f 05 00 27 72 ff  ......3...?..'r.
00000000053fffdc  ff ff ff ff f3 99 83 7c - 18 b5 80 7c 00 00 00 00  .......|...|....
00000000053fffec  00 00 00 00 00 00 00 00 - 31 88 9c 76 00 00 00 00  ........1..v....
00000000053ffffc  00 00 00 00 00 00 00 00 - 67 00 6f 00 6e 00 7a 00  ........g.o.n.z.

*----> State Dump for Thread Id 0x834 <----*

eax=0000bcf5 ebx=00002a8c ecx=0000c0c1 edx=00001818 esi=0e25ff98 edi=77d51042
eip=7c90eb94 esp=0e25ff54 ebp=0e25ff78 iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\WINMM.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
0e25ff78 76b44e3d 0e25ff98 00000000 00000000 ntdll!KiFastSystemCallRet
0e25ffb4 7c80b50b 00002a8c 00000200 0000002b WINMM!PlaySoundW+0x7e6
0e25ffec 00000000 76b44dd6 00002a8c 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Raw Stack Dump <----*
000000000e25ff54  be 91 d4 77 82 10 d5 77 - 98 ff 25 0e 00 00 00 00  ...w...w..%.....
000000000e25ff64  00 00 00 00 00 00 00 00 - 8c 2a 00 00 42 10 d5 77  .........*..B..w
000000000e25ff74  00 00 00 00 b4 ff 25 0e - 3d 4e b4 76 98 ff 25 0e  ......%.=N.v..%.
000000000e25ff84  00 00 00 00 00 00 00 00 - 00 00 00 00 00 02 00 00  ................
000000000e25ff94  2b 00 00 00 32 04 2b 00 - bc 03 00 00 e8 16 0d 0b  +...2.+.........
000000000e25ffa4  00 00 00 00 66 11 0e 02 - 2d 02 00 00 2d 02 00 00  ....f...-...-...
000000000e25ffb4  ec ff 25 0e 0b b5 80 7c - 8c 2a 00 00 00 02 00 00  ..%....|.*......
000000000e25ffc4  2b 00 00 00 8c 2a 00 00 - 00 70 fa 7f 00 96 33 81  +....*...p....3.
000000000e25ffd4  c0 ff 25 0e c0 04 93 ff - ff ff ff ff f3 99 83 7c  ..%............|
000000000e25ffe4  18 b5 80 7c 00 00 00 00 - 00 00 00 00 00 00 00 00  ...|............
000000000e25fff4  d6 4d b4 76 8c 2a 00 00 - 00 00 00 00 00 00 00 00  .M.v.*..........
000000000e260004  67 00 6f 00 6e 00 7a 00 - 61 00 6c 00 6c 00 69 00  g.o.n.z.a.l.l.i.
000000000e260014  73 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  s...............
000000000e260024  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000e260034  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000e260044  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000e260054  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000e260064  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000e260074  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000e260084  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................

*----> State Dump for Thread Id 0x124 <----*

eax=0c05a820 ebx=00000000 ecx=0c05a820 edx=29cf0007 esi=001b5c08 edi=00000100
eip=7c90eb94 esp=0255fe1c ebp=0255ff80 iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\RPCRT4.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
0255ff80 77e76c22 0255ffa8 77e76a3b 001b5c08 ntdll!KiFastSystemCallRet
0255ff88 77e76a3b 001b5c08 0e05fc98 0c39a800 RPCRT4!I_RpcBCacheFree+0x5ea
0255ffa8 77e76c0a 0016a230 0255ffec 7c80b50b RPCRT4!I_RpcBCacheFree+0x403
0255ffb4 7c80b50b 0c39a800 0e05fc98 0c39a800 RPCRT4!I_RpcBCacheFree+0x5d2
0255ffec 00000000 77e76bf0 0c39a800 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Raw Stack Dump <----*
000000000255fe1c  99 e3 90 7c 03 67 e7 77 - d4 03 00 00 70 ff 55 02  ...|.g.w....p.U.
000000000255fe2c  00 00 00 00 50 0e bd 0a - 54 ff 55 02 80 07 00 00  ....P...T.U.....
000000000255fe3c  00 b4 00 81 00 00 00 00 - 9c 36 50 c0 18 b2 8f ff  .........6P.....
000000000255fe4c  2a 63 00 00 02 bb 89 f0 - 00 00 4e 80 2a 63 00 00  *c........N.*c..
000000000255fe5c  18 b2 8f ff 00 a0 fd 7f - fc 07 30 c0 68 ff 1f c0  ..........0.h...
000000000255fe6c  45 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  E...............
000000000255fe7c  00 00 00 00 00 00 00 00 - 28 bc 89 f0 8e b5 4e 80  ........(.....N.
000000000255fe8c  fc 07 30 c0 28 bc 89 f0 - 06 b4 4e 80 00 a0 fd 7f  ..0.(.....N.....
000000000255fe9c  00 00 00 00 00 00 00 00 - e0 a8 1c 81 20 b0 8f ff  ............ ...
000000000255feac  01 b0 8f ff 00 00 00 00 - 68 ff 1f c0 00 00 00 00  ........h.......
000000000255febc  83 db e5 7a ff ff 45 02 - 00 00 10 00 5f 24 00 00  ...z..E....._$..
000000000255fecc  ec b0 8f ff 20 b0 8f ff - 6e 94 20 00 00 00 00 00  .... ...n. .....
000000000255fedc  00 00 46 02 3c bb 89 f0 - 01 00 00 00 ff ff ff ff  ..F.<...........
000000000255feec  90 24 4e 80 00 a0 fd 7f - ff ff ff ff 22 89 56 80  .$N.........".V.
000000000255fefc  ec e7 4d 80 ff ff ff ff - b8 bc 89 f0 bc bc 89 f0  ..M.............
000000000255ff0c  00 80 00 00 14 bd 89 f0 - bc 51 63 ff 24 bc 89 f0  .........Qc.$...
000000000255ff1c  b2 c2 4d 80 ba c2 4d 80 - 8c 51 63 ff 20 50 63 ff  ..M...M..Qc. Pc.
000000000255ff2c  54 50 63 ff 80 ff 55 02 - 99 66 e7 77 4c ff 55 02  TPc...U..f.wL.U.
000000000255ff3c  a9 66 e7 77 ed 10 90 7c - c0 81 2c 0c 00 a8 39 0c  .f.w...|..,...9.
000000000255ff4c  00 a2 2f 4d ff ff ff ff - 00 5d 1e ee ff ff ff ff  ../M.....]......

*----> State Dump for Thread Id 0x940 <----*

eax=6bddadfd ebx=0edb033c ecx=7c910732 edx=00150000 esi=00000000 edi=ffffffff
eip=7c90eb94 esp=0e6bff0c ebp=0e6bff38 iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\dxtrans.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
0e6bff38 6bddae39 00002f04 0e6bff84 0e6bff88 ntdll!KiFastSystemCallRet
0e6bffb4 7c80b50b 0edb033c ffffffff 7c90fb71 dxtrans+0xae39
0e6bffec 00000000 6bddadfd 0edb033c 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Raw Stack Dump <----*
000000000e6bff0c  1b e3 90 7c d9 cb 80 7c - 04 2f 00 00 88 ff 6b 0e  ...|...|./....k.
000000000e6bff1c  50 ff 6b 0e 30 ff 6b 0e - 00 00 00 00 71 fb 90 7c  P.k.0.k.....q..|
000000000e6bff2c  ff ff ff ff 3c 03 db 0e - 02 00 00 00 b4 ff 6b 0e  ....<.........k.
000000000e6bff3c  39 ae dd 6b 04 2f 00 00 - 84 ff 6b 0e 88 ff 6b 0e  9..k./....k...k.
000000000e6bff4c  8c ff 6b 0e ff ff ff ff - ff ff ff ff 71 fb 90 7c  ..k.........q..|
000000000e6bff5c  3c 03 db 0e b8 18 4f 80 - 00 00 00 00 00 00 00 00  <.....O.........
000000000e6bff6c  58 53 4e 80 e7 e2 6e 80 - 58 b6 1d 81 50 3d a2 f0  XSN...n.X...P=..
000000000e6bff7c  00 00 00 00 00 00 00 00 - 01 00 00 00 00 00 00 00  ................
000000000e6bff8c  20 b0 8f ff 3c 03 db 0e - 00 00 00 00 00 00 00 00   ...<...........
000000000e6bff9c  54 ff 6b 0e 81 a8 4f 80 - dc ff 6b 0e bb 4f df 6b  T.k...O...k..O.k
000000000e6bffac  38 af dd 6b ff ff ff ff - ec ff 6b 0e 0b b5 80 7c  8..k......k....|
000000000e6bffbc  3c 03 db 0e ff ff ff ff - 71 fb 90 7c 3c 03 db 0e  <.......q..|<...
000000000e6bffcc  00 e0 fa 7f 00 96 33 81 - c0 ff 6b 0e 60 f7 88 ff  ......3...k.`...
000000000e6bffdc  ff ff ff ff f3 99 83 7c - 18 b5 80 7c 00 00 00 00  .......|...|....
000000000e6bffec  00 00 00 00 00 00 00 00 - fd ad dd 6b 3c 03 db 0e  ...........k<...
000000000e6bfffc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000e6c000c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000e6c001c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000e6c002c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000e6c003c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................

*----> State Dump for Thread Id 0x9a8 <----*

eax=6bddadfd ebx=0edb033c ecx=7c910732 edx=00150000 esi=00000000 edi=ffffffff
eip=7c90eb94 esp=0f6aff0c ebp=0f6aff38 iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

function: ntdll!KiFastSystemCallRet
        7c90eb89 90               nop
        7c90eb8a 90               nop
        ntdll!KiFastSystemCall:
        7c90eb8b 8bd4             mov     edx,esp
        7c90eb8d 0f34             sysenter
        7c90eb8f 90               nop
        7c90eb90 90               nop
        7c90eb91 90               nop
        7c90eb92 90               nop
        7c90eb93 90               nop
        ntdll!KiFastSystemCallRet:
        7c90eb94 c3               ret
        7c90eb95 8da42400000000   lea     esp,[esp]
        7c90eb9c 8d642400         lea     esp,[esp]
        7c90eba0 90               nop
        7c90eba1 90               nop
        7c90eba2 90               nop
        7c90eba3 90               nop
        7c90eba4 90               nop
        ntdll!KiIntSystemCall:
        7c90eba5 8d542408         lea     edx,[esp+0x8]
        7c90eba9 cd2e             int     2e

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
0f6aff38 6bddae39 00002f04 0f6aff84 0f6aff88 ntdll!KiFastSystemCallRet
0f6affb4 7c80b50b 0edb033c ffffffff 7c90fb71 dxtrans+0xae39
0f6affec 00000000 6bddadfd 0edb033c 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Raw Stack Dump <----*
000000000f6aff0c  1b e3 90 7c d9 cb 80 7c - 04 2f 00 00 88 ff 6a 0f  ...|...|./....j.
000000000f6aff1c  50 ff 6a 0f 30 ff 6a 0f - 00 00 00 00 71 fb 90 7c  P.j.0.j.....q..|
000000000f6aff2c  ff ff ff ff 3c 03 db 0e - 02 00 00 00 b4 ff 6a 0f  ....<.........j.
000000000f6aff3c  39 ae dd 6b 04 2f 00 00 - 84 ff 6a 0f 88 ff 6a 0f  9..k./....j...j.
000000000f6aff4c  8c ff 6a 0f ff ff ff ff - ff ff ff ff 71 fb 90 7c  ..j.........q..|
000000000f6aff5c  3c 03 db 0e b8 18 4f 80 - 00 00 00 00 00 00 00 00  <.....O.........
000000000f6aff6c  58 53 4e 80 e7 e2 6e 80 - 20 80 7b ff 50 5d 0c f0  XSN...n. .{.P]..
000000000f6aff7c  00 00 00 00 58 53 4e 80 - 01 e2 6e 80 00 00 00 00  ....XSN...n.....
000000000f6aff8c  20 b0 8f ff 3c 03 db 0e - 00 00 00 00 00 00 00 00   ...<...........
000000000f6aff9c  54 ff 6a 0f 81 a8 4f 80 - dc ff 6a 0f bb 4f df 6b  T.j...O...j..O.k
000000000f6affac  38 af dd 6b ff ff ff ff - ec ff 6a 0f 0b b5 80 7c  8..k......j....|
00000000
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Help please Multiple browsers
« Reply #31 on: December 01, 2005, 07:38:21 PM »
Can I see a fresh Hijackthis log
Also, what popups are these that your seeing
What are they advertising and where from?

Could you also
Right click on and Save Target as or Save link as
 Silent Runners.vbs to your desktop and double click on it to run.
Don't click anything on the Yes or No prompt, it will continue to run
If prompted by your AV, please let this script run, we are just collecting information

 This will create a text file on your desktop
Open the text file and copy and paste the contents back here

NOTE: let silentrunners completely finish, it should prompt when it is done
« Last Edit: December 01, 2005, 07:45:20 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: 1 [2]
« previous next »