DigitalFlyght | Bonjour à tous ...
J'utilise les nvs tools, de southcast, afin de streamer sur un serveur.
Je configure NSVCAP etc ... preview, et je lance la sauce.
Et là, PAN, ça plante ...
Dans le doute j'ai réinstallé divxg400, qui se lance à chaque fois que j'utilise un programme en rapport avec la vidéo (installé pour l'utiliser avec media player classic, puisque mp9 n'est pas présent sur mon win2k).
Voir les NSV Tools : http://www.nullsoft.com/nsv/ .
Bref, dès que je veux streamer, paf, ça plante !
Fermeture du programme et tout le bataclan
Le plus important est que ça m'est déjà arrivé dans d'autres cas, souvent la lécture d'une simple vidéo avec media player classic ... mais rarement (certains fichiers .asx par exemple).
J'ai réinstallé divxg400, re-désinstallé, dans le doute réinstallé ffdshow, directx9, dansé nu autour du pc, rien n'y fait ...
Voici, ci-dessous, un petit log, qqn pourrais peut être me le lire ? m'en dire plus ? savoir quel programme a cassé la machine à vapeur ?
Merci ...
(et désolé d'avance si vous trouvez, suite à ce qu'il y a ci-dessous, le message trop long ).
Code :
- Une exception d'application s'est produite :
- App : (pid=2596)
- Lorsque : 27/04/2004 @ 03:52:37.671
- Numéro d'exception : c0000005 (violation d'accès)
- *----> Informations système <----*
- Nom ordinateur : ORDI
- Nom utilisateur : XXXXXX
- Nombre de processeurs : 2
- Type de processeur : x86 Family 15 Model 2 Stepping 9
- Version Windows 2000 : 5.0
- Numéro actuel : 2195
- Service Pack : 4
- Type actuel : Multiprocessor Free
- Organisation enregistrée :
- Propriétaire enregistré : XXXXXX
- *----> Liste des tâches <----*
- 0 Idle.exe
- 8 System.exe
- 172 smss.exe
- 196 csrss.exe
- 192 winlogon.exe
- 244 services.exe
- 256 lsass.exe
- 444 svchost.exe
- 472 spoolsv.exe
- 500 CDANTSRV.exe
- 520 svchost.exe
- 536 GEARSEC.exe
- 564 nvsvc32.exe
- 620 regsvc.exe
- 684 MSTask.exe
- 720 SMAgent.exe
- 752 stisvc.exe
- 792 WinMgmt.exe
- 800 MsPMSPSv.exe
- 812 svchost.exe
- 980 Explorer.exe
- 1112 SMax4PNP.exe
- 1132 point32.exe
- 1144 DUMeter.exe
- 1176 realsched.exe
- 1272 miranda32.exe
- 1308 spampal.exe
- 1008 mirc.exe
- 840 Explorer.exe
- 828 xcommsvr.exe
- 908 bdss.exe
- 1076 vsserv.exe
- 1516 bdmcon.exe
- 1440 msnmsgr.exe
- 2004 Activator.exe
- 2104 IEXPLORE.exe
- 2596 nsvcap.exe
- 1444 drwtsn32.exe
- 0 _Total.exe
- (00400000 - 0042A000)
- (78460000 - 784E1000)
- (77E70000 - 77F2E000)
- (77E00000 - 77E5F000)
- (77F40000 - 77F79000)
- (76B00000 - 76B3E000)
- (70A70000 - 70AD5000)
- (78000000 - 78045000)
- (78ED0000 - 78F32000)
- (770C0000 - 7712E000)
- (71710000 - 71794000)
- (77580000 - 777CF000)
- (77A40000 - 77B2C000)
- (77540000 - 77571000)
- (773E0000 - 773F3000)
- (693E0000 - 69409000)
- (779A0000 - 77A3B000)
- (74FD0000 - 74FD9000)
- (74FB0000 - 74FC4000)
- (74FA0000 - 74FA8000)
- (10000000 - 1007E000)
- (61210000 - 6121C000)
- (72C60000 - 72CE6000)
- (35680000 - 356A3000)
- (783C0000 - 78451000)
- (78D20000 - 78D82000)
- (016C0000 - 016C7000)
- (77530000 - 77538000)
- (773D0000 - 773D8000)
- (1C200000 - 1C241000)
- (6A6F0000 - 6A710000)
- (77810000 - 77817000)
- (75950000 - 75956000)
- (60F00000 - 60F20000)
- (74900000 - 7493A000)
- (6C1E0000 - 6C2DB000)
- (6C120000 - 6C12E000)
- (01930000 - 01B38000)
- (61220000 - 6122E000)
- (51000000 - 5104D000)
- (72810000 - 72816000)
- (5C000000 - 5C0C8000)
- (02170000 - 021B2000)
- (021C0000 - 02221000)
- (76F80000 - 7707B000)
- (773B0000 - 773C5000)
- (63000000 - 63097000)
- (77410000 - 77489000)
- (77400000 - 77410000)
- (1C400000 - 1C43C000)
- (0B4D0000 - 0B68A000)
- (0B8B0000 - 0B8F6000)
- (0BD30000 - 0BD6A000)
- (69080000 - 69089000)
- (60780000 - 607C8000)
- (74F20000 - 74F47000)
- (74F50000 - 74F6E000)
- (74F90000 - 74F97000)
- (0C380000 - 0C3D6000)
- (780C0000 - 78121000)
- (0C3E0000 - 0C3E6000)
- État de vidage Thread Id 0x9f0
- eax=00000000 ebx=77e08a50 ecx=00000002 edx=00000000 esi=00000000 edi=00000000
- eip=77e4868b esp=0022fef8 ebp=77e06dee iopl=0 nv up ei pl zr na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
- fonction : WaitMessage
- 77e48680 b836120000 mov eax,0x1236
- 77e48685 8d542404 lea edx,[esp+0x4] ss:00dd9ddf=????????
- 77e48689 cd2e int 2e
- 77e4868b c3 ret
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 77E06DEE 341068FF 2C6877E0 6477E4C4 000000A1 89645000 user32!WaitMessage
- 6AEC8B55 00000000 00000000 00000000 00000000 00000000 <nosymbols>
- *----> Vidage brut de la pile <----*
- 0022fef8 47 2d 40 00 00 00 00 00 - 5f 38 23 00 c0 ff 22 00 G-@....._8#...".
- 0022ff08 00 00 00 00 00 05 1a 00 - 13 01 00 00 01 00 00 00 ................
- 0022ff18 00 00 00 00 ef 70 89 00 - 70 01 00 00 2d 01 00 00 .....p..p...-...
- 0022ff28 5e 00 41 00 00 00 40 00 - 00 00 00 00 5f 38 23 00 ^.A...@....._8#.
- 0022ff38 01 00 00 00 00 00 00 00 - 00 00 00 00 00 f0 fd 7f ................
- 0022ff48 ee 5f 52 80 5f 38 23 00 - b0 24 8a 00 00 00 00 00 ._R._8#..$......
- 0022ff58 03 00 00 00 88 2a 8a 00 - 01 00 00 00 44 00 00 00 .....*......D...
- 0022ff68 78 4e 23 00 00 4e 23 00 - 88 4e 23 00 00 00 00 00 xN#..N#..N#.....
- 0022ff78 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0022ff88 00 00 00 00 00 00 00 00 - 01 0c 00 00 01 00 00 00 ................
- 0022ff98 00 00 00 00 00 00 00 00 - 01 00 01 00 00 00 00 00 ................
- 0022ffa8 3c ff 22 00 00 00 00 00 - e0 ff 22 00 30 fc 40 00 <.".......".0.@.
- 0022ffb8 e8 16 41 00 00 00 00 00 - f0 ff 22 00 e7 87 e9 77 ..A......."....w
- 0022ffc8 00 00 00 00 00 00 00 00 - 00 f0 fd 7f 00 00 00 00 ................
- 0022ffd8 c8 ff 22 00 00 00 00 00 - ff ff ff ff b4 1b ec 77 .."............w
- 0022ffe8 00 2b e7 77 00 00 00 00 - 00 00 00 00 00 00 00 00 .+.w............
- 0022fff8 2a ff 40 00 00 00 00 00 - c8 00 00 00 00 01 00 00 *.@.............
- 00230008 ff ee ff ee 02 00 00 00 - 00 00 00 00 00 fe 00 00 ................
- 00230018 00 00 10 00 00 20 00 00 - 00 02 00 00 00 20 00 00 ..... ....... ..
- 00230028 16 06 00 00 ff ef fd 7f - 01 00 08 06 00 00 00 00 ................
- État de vidage Thread Id 0x354
- eax=00000130 ebx=002411d8 ecx=00242938 edx=00000000 esi=00242938 edi=00000100
- eip=784639c7 esp=014bfe28 ebp=014bff74 iopl=0 nv up ei pl nz na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206
- fonction : NtReplyWaitReceivePortEx
- 784639bc b8ac000000 mov eax,0xac
- 784639c1 8d542404 lea edx,[esp+0x4] ss:02069d0f=00000000
- 784639c5 cd2e int 2e
- 784639c7 c21400 ret 0x14
- 784639ca 8b4710 mov eax,[edi+0x10] ds:00ba9fe6=????????
- 784639cd 8b483c mov ecx,[eax+0x3c] ds:00baa016=????????
- 784639d0 f6400801 test byte ptr [eax+0x8],0x1 ds:00baa016=??
- 784639d4 7502 jnz RtlCreateProcessParameters+0xd (78463cd8)
- 784639d6 03c8 add ecx,eax
- 784639d8 894de4 mov [ebp+0xe4],ecx ss:02069e5a=00000000
- 784639db 8b4710 mov eax,[edi+0x10] ds:00ba9fe6=????????
- 784639de 668b4038 mov ax,[eax+0x38] ds:00baa017=????
- 784639e2 668945e0 mov [ebp+0xe0],ax ss:02069e5b=0000
- 784639e6 668945e2 mov [ebp+0xe2],ax ss:02069e5b=0000
- 784639ea 53 push ebx
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 014BFF74 770E6D9E 770C9A00 00242938 40242420 00000070 ntdll!NtReplyWaitReceivePortEx
- 014BFFA8 770D1C6C 002428E0 014BFFEC 77E7B382 002411D8 rpcrt4!TowerConstruct
- 014BFFB4 77E7B382 002411D8 40242420 00000070 002411D8 rpcrt4!I_RpcServerInqTransportType
- 014BFFEC 00000000 770D1C54 002411D8 00000000 00000000 kernel32!lstrcmpiW
- *----> Vidage brut de la pile <----*
- 014bfe28 d4 74 0e 77 20 01 00 00 - 54 ff 4b 01 00 00 00 00 .t.w ...T.K.....
- 014bfe38 48 4f 24 00 58 ff 4b 01 - 90 04 24 00 e0 28 24 00 HO$.X.K...$..($.
- 014bfe48 d8 11 24 00 98 1c e9 bc - 58 13 00 e1 00 00 00 00 ..$.....X.......
- 014bfe58 00 00 00 00 9c 1b e9 bc - 72 1a 45 80 01 00 00 00 ........r.E.....
- 014bfe68 a0 d7 e5 85 00 00 00 00 - 10 00 f8 00 2a b3 60 85 ............*.`.
- 014bfe78 7c 00 f8 00 3a b3 60 85 - dc 1b e9 bc 58 13 00 e1 |...:.`.....X...
- 014bfe88 88 2e e6 85 70 13 00 e1 - 00 00 00 00 1f 00 00 00 ....p...........
- 014bfe98 f0 2e e6 85 f0 2e e6 85 - 00 00 00 00 01 00 00 00 ................
- 014bfea8 f8 1b e9 bc 00 00 00 00 - 38 3d cf e3 bc 1b e9 bc ........8=......
- 014bfeb8 00 00 00 00 b7 33 41 80 - f0 2f e6 85 a0 d7 e5 85 .....3A../......
- 014bfec8 ac 1c e9 bc bd 0d 45 80 - 04 00 00 00 28 b3 60 85 ......E.....(.`.
- 014bfed8 39 72 4d 80 80 f3 22 00 - 00 00 00 00 48 f3 22 00 9rM...".....H.".
- 014bfee8 2a 0e 1d 00 00 00 00 00 - 00 00 00 00 01 00 00 00 *...............
- 014bfef8 19 00 02 00 00 00 00 00 - 19 00 02 00 00 00 00 00 ................
- 014bff08 00 00 00 00 a8 00 00 00 - a7 00 00 00 00 20 50 c0 ............. P.
- 014bff18 50 1c e9 bc 00 00 00 00 - ec 00 00 00 00 00 00 00 P...............
- 014bff28 00 00 00 00 01 00 00 00 - a0 75 2f 85 a0 1a 2f 85 .........u/.../.
- 014bff38 00 00 00 00 dc f4 df ff - 6c a8 46 80 00 1a 2f 85 ........l.F.../.
- 014bff48 e1 c3 42 80 a0 1a 2f 85 - 00 1c 2f 85 f0 54 06 80 ..B.../.../..T..
- 014bff58 00 a2 2f 4d ff ff ff ff - 50 fe 4b 01 ff ff ff ff ../M....P.K.....
- État de vidage Thread Id 0x35c
- eax=77a40000 ebx=00000102 ecx=00245050 edx=00000000 esi=78469153 edi=016bff74
- eip=7846915e esp=016bff60 ebp=016bff7c iopl=0 nv up ei pl nz na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206
- fonction : ZwDelayExecution
- 78469153 b832000000 mov eax,0x32
- 78469158 8d542404 lea edx,[esp+0x4] ss:02269e47=adf00d0b
- 7846915c cd2e int 2e
- 7846915e c20800 ret 0x8
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 016BFF7C 77E9A0B8 0000EA60 00000000 77AA85FC 0000EA60 ntdll!ZwDelayExecution
- 00007530 00000000 00000000 00000000 00000000 00000000 kernel32!Sleep
- *----> Vidage brut de la pile <----*
- 016bff60 ed a0 e9 77 00 00 00 00 - 74 ff 6b 01 1d 9e e9 77 ...w....t.k....w
- 016bff70 50 50 24 00 00 ba 3c dc - ff ff ff ff 30 75 00 00 PP$...<.....0u..
- 016bff80 b8 a0 e9 77 60 ea 00 00 - 00 00 00 00 fc 85 aa 77 ...w`..........w
- 016bff90 60 ea 00 00 fb 46 aa 77 - 00 00 00 00 00 00 a4 77 `....F.w.......w
- 016bffa0 50 50 24 00 ec ff 6b 01 - 50 50 24 00 53 46 aa 77 PP$...k.PP$.SF.w
- 016bffb0 d8 7a a5 77 c3 7a a5 77 - 82 b3 e7 77 50 50 24 00 .z.w.z.w...wPP$.
- 016bffc0 d8 7a a5 77 c3 7a a5 77 - 50 50 24 00 00 c0 fd 7f .z.w.z.wPP$.....
- 016bffd0 68 17 24 00 c0 ff 6b 01 - 68 17 24 00 ff ff ff ff h.$...k.h.$.....
- 016bffe0 b4 1b ec 77 f0 2a e7 77 - 00 00 00 00 00 00 00 00 ...w.*.w........
- 016bfff0 00 00 00 00 39 46 aa 77 - 50 50 24 00 00 00 00 00 ....9F.wPP$.....
- 016c0000 4d 5a 90 00 03 00 00 00 - 04 00 00 00 ff ff 00 00 MZ..............
- 016c0010 b8 00 00 00 00 00 00 00 - 40 00 00 00 00 00 00 00 ........@.......
- 016c0020 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 016c0030 00 00 00 00 00 00 00 00 - 00 00 00 00 e0 00 00 00 ................
- 016c0040 0e 1f ba 0e 00 b4 09 cd - 21 b8 01 4c cd 21 54 68 ........!..L.!Th
- 016c0050 69 73 20 70 72 6f 67 72 - 61 6d 20 63 61 6e 6e 6f is program canno
- 016c0060 74 20 62 65 20 72 75 6e - 20 69 6e 20 44 4f 53 20 t be run in DOS
- 016c0070 6d 6f 64 65 2e 0d 0d 0a - 24 00 00 00 00 00 00 00 mode....$.......
- 016c0080 a3 fe 01 8c e7 9f 6f df - e7 9f 6f df e7 9f 6f df ......o...o...o.
- 016c0090 23 bb 76 df e5 9f 6f df - 1d bc 76 df ee 9f 6f df #.v...o...v...o.
- État de vidage Thread Id 0x3dc
- eax=77532bda ebx=00000002 ecx=0000001c edx=00000000 esi=78473233 edi=00000002
- eip=7847323e esp=0191ff24 ebp=0191ff70 iopl=0 nv up ei pl zr na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
- fonction : NtWaitForMultipleObjects
- 78473233 b8e9000000 mov eax,0xe9
- 78473238 8d542404 lea edx,[esp+0x4] ss:024c9e0b=00000000
- 7847323c cd2e int 2e
- 7847323e c21400 ret 0x14
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0191FF70 77E99F6C 0191FF48 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
- 0191FFB4 77E7B382 00000000 0000FFFF 7FFDE000 00000000 kernel32!WaitForMultipleObjects
- 0191FFEC 00000000 77532BDA 00000000 00000000 00000000 kernel32!lstrcmpiW
- *----> Vidage brut de la pile <----*
- 0191ff24 59 a0 e9 77 02 00 00 00 - 48 ff 91 01 01 00 00 00 Y..w....H.......
- 0191ff34 00 00 00 00 00 00 00 00 - ff ff 00 00 00 00 00 00 ................
- 0191ff44 00 00 00 00 90 01 00 00 - a0 01 00 00 80 01 2f 85 ............../.
- 0191ff54 f0 54 06 80 00 00 00 00 - 5b c9 c2 18 00 b8 cc 94 .T......[.......
- 0191ff64 b5 6e e8 41 00 00 00 00 - b0 dc 3c bd b4 ff 91 01 .n.A......<.....
- 0191ff74 6c 9f e9 77 48 ff 91 01 - 01 00 00 00 00 00 00 00 l..wH...........
- 0191ff84 00 00 00 00 00 00 00 00 - 1a 2c 53 77 02 00 00 00 .........,Sw....
- 0191ff94 a4 ff 91 01 00 00 00 00 - ff ff ff ff 00 e0 fd 7f ................
- 0191ffa4 90 01 00 00 a0 01 00 00 - 00 00 00 00 00 00 00 00 ................
- 0191ffb4 ec ff 91 01 82 b3 e7 77 - 00 00 00 00 ff ff 00 00 .......w........
- 0191ffc4 00 e0 fd 7f 00 00 00 00 - 00 b0 fd 7f 1c 00 00 00 ................
- 0191ffd4 c0 ff 91 01 1c 00 00 00 - ff ff ff ff b4 1b ec 77 ...............w
- 0191ffe4 f0 2a e7 77 00 00 00 00 - 00 00 00 00 00 00 00 00 .*.w............
- 0191fff4 da 2b 53 77 00 00 00 00 - 00 00 00 00 00 00 00 00 .+Sw............
- 01920004 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01920014 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01920024 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01920034 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01920044 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01920054 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- État de vidage Thread Id 0x384
- eax=00000000 ebx=00000000 ecx=00000050 edx=00000000 esi=01d4ff9c edi=01a3c6f0
- eip=77e480ff esp=01d4ff5c ebp=01d4ff74 iopl=0 nv up ei pl zr na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00200246
- fonction : GetMenuItemRect
- 77e480e6 b899110000 mov eax,0x1199
- 77e480eb 8d542404 lea edx,[esp+0x4] ss:028f9e43=????????
- 77e480ef cd2e int 2e
- 77e480f1 c21000 ret 0x10
- 77e480f4 b89a110000 mov eax,0x119a
- 77e480f9 8d542404 lea edx,[esp+0x4] ss:028f9e43=????????
- 77e480fd cd2e int 2e
- 77e480ff c21000 ret 0x10
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 01D4FF74 0199E51E 01D4FF9C 00000000 00000000 00000000 user32!GetMenuItemRect
- 00000000 00000000 00000000 00000000 00000000 00000000 !<nosymbols>
- *----> Vidage brut de la pile <----*
- 01d4ff5c 06 73 e1 77 9c ff d4 01 - 00 00 00 00 00 00 00 00 .s.w............
- 01d4ff6c 00 00 00 00 00 00 00 00 - 00 00 00 00 1e e5 99 01 ................
- 01d4ff7c 9c ff d4 01 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01d4ff8c f0 cc 22 00 04 34 46 78 - ec ff d4 01 f0 01 00 00 .."..4Fx........
- 01d4ff9c 92 04 17 00 0a 04 00 00 - 70 f5 22 00 14 f8 22 00 ........p."...".
- 01d4ffac 6d 69 89 00 78 01 00 00 - 2f 01 00 00 82 b3 e7 77 mi..x.../......w
- 01d4ffbc f0 01 00 00 f0 cc 22 00 - 04 34 46 78 f0 01 00 00 ......"..4Fx....
- 01d4ffcc 00 a0 fd 7f 00 00 00 00 - c0 ff d4 01 00 00 00 00 ................
- 01d4ffdc ff ff ff ff b4 1b ec 77 - f0 2a e7 77 00 00 00 00 .......w.*.w....
- 01d4ffec 00 00 00 00 00 00 00 00 - d8 e4 99 01 f0 01 00 00 ................
- 01d4fffc 00 00 00 00 c1 00 00 00 - 00 01 00 00 ff ee ff ee ................
- 01d5000c 03 10 00 00 01 00 00 00 - 00 fe 00 00 00 00 10 00 ................
- 01d5001c 00 20 00 00 00 02 00 00 - 00 20 00 00 d4 02 00 00 . ....... ......
- 01d5002c ff ef fd 7f 09 00 08 06 - 00 00 00 00 00 00 00 00 ................
- 01d5003c 00 00 00 00 00 00 00 00 - 98 05 d5 01 0f 00 00 00 ................
- 01d5004c f8 ff ff ff 50 00 d5 01 - 50 00 d5 01 08 06 d5 01 ....P...P.......
- 01d5005c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01d5006c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01d5007c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01d5008c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- État de vidage Thread Id 0x5e0
- eax=00000000 ebx=00000004 ecx=00000001 edx=00000000 esi=78473233 edi=00000004
- eip=7847323e esp=0206fe94 ebp=0206fee0 iopl=0 nv up ei pl zr na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
- fonction : NtWaitForMultipleObjects
- 78473233 b8e9000000 mov eax,0xe9
- 78473238 8d542404 lea edx,[esp+0x4] ss:02c19d7b=fa7cd97c
- 7847323c cd2e int 2e
- 7847323e c21400 ret 0x14
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0206FEE0 77E99F6C 0206FEB8 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
- 0206FF40 00000000 00000001 852F2B20 852F2C80 00000240 kernel32!WaitForMultipleObjects
- *----> Vidage brut de la pile <----*
- 0206fe94 59 a0 e9 77 04 00 00 00 - b8 fe 06 02 01 00 00 00 Y..w............
- 0206fea4 00 00 00 00 00 00 00 00 - 30 85 8a 00 ff ff 00 00 ........0.......
- 0206feb4 00 00 07 80 40 02 00 00 - 3c 02 00 00 30 02 00 00 ....@...<...0...
- 0206fec4 f0 01 00 00 00 00 00 00 - 03 01 00 00 b4 fe 06 02 ................
- 0206fed4 dc ff 06 02 dc ff 06 02 - b4 1b ec 77 40 ff 06 02 ...........w@...
- 0206fee4 6c 9f e9 77 b8 fe 06 02 - 01 00 00 00 00 00 00 00 l..w............
- 0206fef4 00 00 00 00 00 00 00 00 - c4 97 f1 60 04 00 00 00 ...........`....
- 0206ff04 54 ff 06 02 00 00 00 00 - ff ff ff ff 88 06 23 00 T.............#.
- 0206ff14 cc d1 22 00 30 85 8a 00 - 80 d3 6a d1 1a ac cf 11 ..".0.....j.....
- 0206ff24 a5 d6 28 db 04 c1 00 00 - 01 00 00 00 01 00 00 00 ..(.............
- 0206ff34 80 d3 6a d1 1a ac cf 11 - a5 d6 28 db 04 c1 00 00 ..j.......(.....
- 0206ff44 00 00 00 00 01 00 00 00 - 20 2b 2f 85 80 2c 2f 85 ........ +/..,/.
- 0206ff54 40 02 00 00 3c 02 00 00 - 30 02 00 00 f0 01 00 00 @...<...0.......
- 0206ff64 03 01 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0206ff74 3c 02 00 00 05 00 00 00 - 00 00 00 00 00 00 00 00 <...............
- 0206ff84 00 00 00 00 03 01 00 00 - 00 00 00 00 00 00 00 00 ................
- 0206ff94 00 00 00 00 40 02 00 00 - 20 2b 2f 85 ff ff ff ff ....@... +/.....
- 0206ffa4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0206ffb4 ec ff 06 02 82 b3 e7 77 - e5 03 07 80 88 06 23 00 .......w......#.
- 0206ffc4 cc d1 22 00 30 85 8a 00 - 00 90 fd 7f ff ff ff ff ..".0...........
- État de vidage Thread Id 0x344
- eax=0199b275 ebx=00000000 ecx=00000002 edx=00000000 esi=78474086 edi=000002b0
- eip=78474091 esp=02baff50 ebp=02baff74 iopl=0 nv up ei pl zr na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
- fonction : ZwWaitForSingleObject
- 78474086 b8ea000000 mov eax,0xea
- 7847408b 8d542404 lea edx,[esp+0x4] ss:03759e37=00000100
- 7847408f cd2e int 2e
- 78474091 c20c00 ret 0xc
- 78474094 8a5001 mov dl,[eax+0x1] ds:0254515b=0b
- 78474097 3a5101 cmp dl,[ecx+0x1] ds:00ba9ee8=??
- 7847409a 0f8598c7ffff jne RtlEqualPrefixSid+0x44 (78470838)
- 784740a0 84d2 test dl,dl
- 784740a2 7410 jz RtlQueryAtomInAtomTable+0x31 (78474fb4)
- 784740a4 0fb6d2 movzx edx,dl
- 784740a7 33ff xor edi,edi
- 784740a9 8d72ff lea esi,[edx+0xff] ds:00ba9ee6=????????
- 784740ac 85f6 test esi,esi
- 784740ae 0f8f04100100 jnle RtlEraseUnicodeString+0x4e (784850b8)
- 784740b4 b001 mov al,0x1
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 02BAFF74 77E7B3D5 000002B0 FFFFFFFF 00000000 0199B21A ntdll!ZwWaitForSingleObject
- 02BAFFB0 0199B27E 77E7B382 008A5E48 00320035 00310032 kernel32!WaitForSingleObject
- 02BAFFEC 00000000 0199B275 008A5E48 00000000 00000000 !DllRegisterServer
- État de vidage Thread Id 0x54c
- eax=7f7e7d7c ebx=020a4ae8 ecx=00000022 edx=00000000 esi=0b8aff38 edi=0b8aff7c
- eip=77e480ff esp=0b8afef8 ebp=0b8aff18 iopl=0 nv up ei pl zr na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
- fonction : GetMenuItemRect
- 77e480e6 b899110000 mov eax,0x1199
- 77e480eb 8d542404 lea edx,[esp+0x4] ss:0c459ddf=00000000
- 77e480ef cd2e int 2e
- 77e480f1 c21000 ret 0x10
- 77e480f4 b89a110000 mov eax,0x119a
- 77e480f9 8d542404 lea edx,[esp+0x4] ss:0c459ddf=00000000
- 77e480fd cd2e int 2e
- 77e480ff c21000 ret 0x10
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0B8AFF18 1C41B9F7 0B8AFF38 00000000 00000000 00000000 user32!GetMenuItemRect
- 0B8AFFB4 77E7B382 020A4AE8 00450052 0043005C 020A4AE8 !LoadSubs
- 0B8AFFEC 00000000 78008532 020A4AE8 00000000 00905A4D kernel32!lstrcmpiW
- *----> Vidage brut de la pile <----*
- 0b8afef8 6f 69 e0 77 38 ff 8a 0b - 00 00 00 00 00 00 00 00 oi.w8...........
- 0b8aff08 00 00 00 00 e8 4a 0a 02 - f1 68 e0 77 7c ff 8a 0b .....J...h.w|...
- 0b8aff18 b4 ff 8a 0b f7 b9 41 1c - 38 ff 8a 0b 00 00 00 00 ......A.8.......
- 0b8aff28 00 00 00 00 00 00 00 00 - 52 00 45 00 e8 4a 0a 02 ........R.E..J..
- 0b8aff38 00 00 00 00 cc 41 26 85 - 60 41 26 85 f0 42 26 85 .....A&.`A&..B&.
- 0b8aff48 21 c3 42 80 60 41 26 85 - c0 42 26 85 00 00 00 00 !.B.`A&..B&.....
- 0b8aff58 e0 ac 41 1c 00 00 00 00 - 00 00 00 00 00 00 40 1c ..A...........@.
- 0b8aff68 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0b8aff78 f8 0b 43 1c d9 00 42 1c - bc 85 00 78 f8 ac 08 02 ..C...B....x....
- 0b8aff88 52 00 45 00 5c 00 43 00 - e8 4a 0a 02 31 fa 42 80 R.E.\.C..J..1.B.
- 0b8aff98 a0 75 2f 85 88 ff 8a 0b - ff ff ff ff dc ff 8a 0b .u/.............
- 0b8affa8 6a bd 00 78 20 2f 03 78 - 00 00 00 00 ec ff 8a 0b j..x /.x........
- 0b8affb8 82 b3 e7 77 e8 4a 0a 02 - 52 00 45 00 5c 00 43 00 ...w.J..R.E.\.C.
- 0b8affc8 e8 4a 0a 02 00 80 fd 7f - 45 00 53 00 c0 ff 8a 0b .J......E.S.....
- 0b8affd8 45 00 53 00 ff ff ff ff - b4 1b ec 77 f0 2a e7 77 E.S........w.*.w
- 0b8affe8 00 00 00 00 00 00 00 00 - 00 00 00 00 32 85 00 78 ............2..x
- 0b8afff8 e8 4a 0a 02 00 00 00 00 - 4d 5a 90 00 03 00 00 00 .J......MZ......
- 0b8b0008 04 00 00 00 ff ff 00 00 - b8 00 00 00 00 00 00 00 ................
- 0b8b0018 40 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 @...............
- 0b8b0028 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- État de vidage Thread Id 0x5d8
- eax=02191250 ebx=00000000 ecx=00000000 edx=00000000 esi=78474086 edi=000003f8
- eip=78474091 esp=0bb0febc ebp=0bb0fee0 iopl=0 nv up ei pl zr na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
- fonction : ZwWaitForSingleObject
- 78474086 b8ea000000 mov eax,0xea
- 7847408b 8d542404 lea edx,[esp+0x4] ss:0c6b9da3=00000000
- 7847408f cd2e int 2e
- 78474091 c20c00 ret 0xc
- 78474094 8a5001 mov dl,[eax+0x1] ds:02d3b136=ff
- 78474097 3a5101 cmp dl,[ecx+0x1] ds:00ba9ee6=??
- 7847409a 0f8598c7ffff jne RtlEqualPrefixSid+0x44 (78470838)
- 784740a0 84d2 test dl,dl
- 784740a2 7410 jz RtlQueryAtomInAtomTable+0x31 (78474fb4)
- 784740a4 0fb6d2 movzx edx,dl
- 784740a7 33ff xor edi,edi
- 784740a9 8d72ff lea esi,[edx+0xff] ds:00ba9ee6=????????
- 784740ac 85f6 test esi,esi
- 784740ae 0f8f04100100 jnle RtlEraseUnicodeString+0x4e (784850b8)
- 784740b4 b001 mov al,0x1
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0BB0FEE0 77E7B3D5 000003F8 FFFFFFFF 00000000 0219134F ntdll!ZwWaitForSingleObject
- 008AA5D0 000003F8 000003F0 00000003 00000000 00000400 kernel32!WaitForSingleObject
- *----> Vidage brut de la pile <----*
- 0bb0febc 8e 9e e9 77 f8 03 00 00 - 00 00 00 00 00 00 00 00 ...w............
- 0bb0fecc 02 00 00 00 d0 a5 8a 00 - d0 a5 8a 00 d0 a5 8a 00 ................
- 0bb0fedc d0 a5 8a 00 d0 a5 8a 00 - d5 b3 e7 77 f8 03 00 00 ...........w....
- 0bb0feec ff ff ff ff 00 00 00 00 - 4f 13 19 02 f8 03 00 00 ........O.......
- 0bb0fefc ff ff ff ff 00 00 00 00 - 7a fc 17 02 02 00 00 00 ........z.......
- 0bb0ff0c 00 00 00 00 a8 ff b0 0b - d0 a5 8a 00 91 81 47 78 ..............Gx
- 0bb0ff1c 20 1e 47 78 ff ff ff ff - 00 ff b0 0b 22 00 00 00 .Gx........"...
- 0bb0ff2c 03 00 00 00 22 4d a9 77 - c8 a0 23 00 00 00 00 00 ...."M.w..#.....
- 0bb0ff3c a4 ff b0 0b f5 8a a8 77 - 02 00 00 00 a4 ff b0 0b .......w........
- 0bb0ff4c 00 00 00 00 00 00 00 00 - 80 b5 e7 77 05 7a a6 77 ...........w.z.w
- 0bb0ff5c 28 b1 b1 77 9c bb b1 77 - a4 ff b0 0b 12 7a a6 77 (..w...w.....z.w
- 0bb0ff6c 1c b1 b1 77 02 00 00 00 - 05 40 00 80 98 ff b0 0b ...w.....@......
- 0bb0ff7c 04 00 00 00 7c 76 a6 77 - a8 76 a6 77 d0 b0 b1 77 ....|v.w.v.w...w
- 0bb0ff8c 02 00 00 00 05 40 00 80 - d0 a5 8a 00 ec ff b0 0b .....@..........
- 0bb0ff9c dc ff b0 0b 08 52 19 02 - ff ff ff ff ec ff b0 0b .....R..........
- 0bb0ffac 61 12 19 02 02 00 00 00 - e8 f8 d4 01 82 b3 e7 77 a..............w
- 0bb0ffbc d0 a5 8a 00 02 00 00 00 - e8 f8 d4 01 d0 a5 8a 00 ................
- 0bb0ffcc 00 60 fd 7f 00 00 00 00 - c0 ff b0 0b 00 00 00 00 .`..............
- 0bb0ffdc ff ff ff ff b4 1b ec 77 - f0 2a e7 77 00 00 00 00 .......w.*.w....
- 0bb0ffec 00 00 00 00 00 00 00 00 - 50 12 19 02 d0 a5 8a 00 ........P.......
- État de vidage Thread Id 0x5e4
- eax=02180c10 ebx=00000002 ecx=00000018 edx=00000000 esi=78473233 edi=00000002
- eip=7847323e esp=0bd0fabc ebp=0bd0fb08 iopl=0 nv up ei pl zr na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
- fonction : NtWaitForMultipleObjects
- 78473233 b8e9000000 mov eax,0xe9
- 78473238 8d542404 lea edx,[esp+0x4] ss:0c8b99a3=00000000
- 7847323c cd2e int 2e
- 7847323e c21400 ret 0x14
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0BD0FB08 77E99F6C 0BD0FAE0 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
- 0BD0FFEC 00000000 02180C10 008AA844 00000000 00000000 kernel32!WaitForMultipleObjects
- *----> Vidage brut de la pile <----*
- 0bd0fabc 59 a0 e9 77 02 00 00 00 - e0 fa d0 0b 01 00 00 00 Y..w............
- 0bd0facc 00 00 00 00 00 00 00 00 - 00 00 00 00 44 a8 8a 00 ............D...
- 0bd0fadc 44 a8 8a 00 04 04 00 00 - fc 03 00 00 00 00 00 00 D...............
- 0bd0faec 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0bd0fafc 00 00 00 00 00 00 00 00 - 00 00 00 00 ec ff d0 0b ................
- 0bd0fb0c 6c 9f e9 77 e0 fa d0 0b - 01 00 00 00 00 00 00 00 l..w............
- 0bd0fb1c 00 00 00 00 00 00 00 00 - 8f 0c 18 02 02 00 00 00 ................
- 0bd0fb2c 78 a7 08 02 00 00 00 00 - ff ff ff ff 00 00 00 00 x...............
- 0bd0fb3c 50 12 19 02 ec ff d0 0b - 44 a8 8a 00 00 00 00 00 P.......D.......
- 0bd0fb4c c8 7b 19 02 78 a7 08 02 - 02 00 00 00 05 00 00 00 .{..x...........
- 0bd0fb5c 00 00 00 00 7c be 01 77 - 00 00 00 00 00 00 00 00 ....|..w........
- 0bd0fb6c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0bd0fb7c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0bd0fb8c 00 00 00 00 74 84 9b 77 - 00 00 9a 77 02 00 00 00 ....t..w...w....
- 0bd0fb9c 00 00 00 00 00 00 00 00 - 02 00 00 00 80 fc d0 0b ................
- 0bd0fbac 00 00 9a 77 00 00 00 00 - 00 00 00 00 00 00 00 00 ...w............
- 0bd0fbbc 00 00 00 00 00 00 00 00 - 00 00 00 00 74 fc d0 0b ............t...
- 0bd0fbcc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0bd0fbdc 00 00 00 00 01 00 00 00 - 01 00 00 00 c8 15 41 77 ..............Aw
- 0bd0fbec 00 00 41 77 00 00 00 00 - 00 00 00 00 01 00 00 00 ..Aw............
- État de vidage Thread Id 0x81c
- eax=78f1f4f4 ebx=00000102 ecx=00000000 edx=00000000 esi=00000000 edi=00000000
- eip=7847323e esp=0bf8ff80 ebp=0bf8ffb4 iopl=0 nv up ei ng nz na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000286
- fonction : NtWaitForMultipleObjects
- 78473233 b8e9000000 mov eax,0xe9
- 78473238 8d542404 lea edx,[esp+0x4] ss:0cb39e67=00000000
- 7847323c cd2e int 2e
- 7847323e c21400 ret 0x14
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0BF8FFB4 77E7B382 00000000 00232990 00249850 00000000 ntdll!NtWaitForMultipleObjects
- 0BF8FFEC 00000000 78F1F4F4 00000000 00000000 00000008 kernel32!lstrcmpiW
- *----> Vidage brut de la pile <----*
- 0bf8ff80 23 f5 f1 78 02 00 00 00 - b0 a7 f2 78 01 00 00 00 #..x.......x....
- 0bf8ff90 00 00 00 00 ac ff f8 0b - 90 29 23 00 50 98 24 00 .........)#.P.$.
- 0bf8ffa0 00 00 00 00 04 0d 43 80 - 24 67 2c 85 00 5d 1e ee ......C.$g,..]..
- 0bf8ffb0 ff ff ff ff ec ff f8 0b - 82 b3 e7 77 00 00 00 00 ...........w....
- 0bf8ffc0 90 29 23 00 50 98 24 00 - 00 00 00 00 00 40 fd 7f .)#.P.$......@..
- 0bf8ffd0 00 00 00 00 c0 ff f8 0b - 00 00 00 00 ff ff ff ff ................
- 0bf8ffe0 b4 1b ec 77 f0 2a e7 77 - 00 00 00 00 00 00 00 00 ...w.*.w........
- 0bf8fff0 00 00 00 00 f4 f4 f1 78 - 00 00 00 00 00 00 00 00 .......x........
- 0bf90000 08 00 00 00 01 01 00 00 - ee ff ee ff 00 00 00 00 ................
- 0bf90010 00 00 d8 0b 00 e0 0e 00 - 00 00 f9 0b 00 01 00 00 ................
- 0bf90020 40 00 f9 0b 00 00 09 0c - ee 00 00 00 01 00 00 00 @...............
- 0bf90030 98 05 d8 0b 00 00 00 00 - 48 00 fa 0b 00 00 00 00 ........H.......
- 0bf90040 01 20 08 00 01 01 08 00 - 00 00 00 00 00 00 00 00 . ..............
- 0bf90050 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0bf90060 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0bf90070 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0bf90080 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0bf90090 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0bf900a0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0bf900b0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- État de vidage Thread Id 0x5c4
- eax=78008532 ebx=008aa160 ecx=00530045 edx=00000000 esi=0c2aff38 edi=0c2aff7c
- eip=77e480ff esp=0c2afef8 ebp=0c2aff18 iopl=0 nv up ei pl zr na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
- fonction : GetMenuItemRect
- 77e480e6 b899110000 mov eax,0x1199
- 77e480eb 8d542404 lea edx,[esp+0x4] ss:0ce59ddf=00000000
- 77e480ef cd2e int 2e
- 77e480f1 c21000 ret 0x10
- 77e480f4 b89a110000 mov eax,0x119a
- 77e480f9 8d542404 lea edx,[esp+0x4] ss:0ce59ddf=00000000
- 77e480fd cd2e int 2e
- 77e480ff c21000 ret 0x10
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0C2AFF18 1C41B9F7 0C2AFF38 00000000 00000000 00000000 user32!GetMenuItemRect
- 0C2AFFB4 77E7B382 008AA160 00450052 0043005C 008AA160 !LoadSubs
- 0C2AFFEC 00000000 78008532 008AA160 00000000 008A0050 kernel32!lstrcmpiW
- *----> Vidage brut de la pile <----*
- 0c2afef8 6f 69 e0 77 38 ff 2a 0c - 00 00 00 00 00 00 00 00 oi.w8.*.........
- 0c2aff08 00 00 00 00 60 a1 8a 00 - f1 68 e0 77 7c ff 2a 0c ....`....h.w|.*.
- 0c2aff18 b4 ff 2a 0c f7 b9 41 1c - 38 ff 2a 0c 00 00 00 00 ..*...A.8.*.....
- 0c2aff28 00 00 00 00 00 00 00 00 - 52 00 45 00 60 a1 8a 00 ........R.E.`...
- 0c2aff38 00 00 00 00 4c 7b 2c 85 - e0 7a 2c 85 70 7c 2c 85 ....L{,..z,.p|,.
- 0c2aff48 21 c3 42 80 e0 7a 2c 85 - 40 7c 2c 85 00 00 00 00 !.B..z,.@|,.....
- 0c2aff58 e0 ac 41 1c 00 00 00 00 - 00 00 00 00 00 00 40 1c ..A...........@.
- 0c2aff68 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c2aff78 f8 0b 43 1c d9 00 42 1c - bc 85 00 78 78 a4 08 02 ..C...B....xx...
- 0c2aff88 52 00 45 00 5c 00 43 00 - 60 a1 8a 00 31 fa 42 80 R.E.\.C.`...1.B.
- 0c2aff98 a0 75 2f 85 88 ff 2a 0c - ff ff ff ff dc ff 2a 0c .u/...*.......*.
- 0c2affa8 6a bd 00 78 20 2f 03 78 - 00 00 00 00 ec ff 2a 0c j..x /.x......*.
- 0c2affb8 82 b3 e7 77 60 a1 8a 00 - 52 00 45 00 5c 00 43 00 ...w`...R.E.\.C.
- 0c2affc8 60 a1 8a 00 00 f0 fa 7f - 45 00 53 00 c0 ff 2a 0c `.......E.S...*.
- 0c2affd8 45 00 53 00 ff ff ff ff - b4 1b ec 77 f0 2a e7 77 E.S........w.*.w
- 0c2affe8 00 00 00 00 00 00 00 00 - 00 00 00 00 32 85 00 78 ............2..x
- 0c2afff8 60 a1 8a 00 00 00 00 00 - 50 00 8a 00 50 00 8a 00 `.......P...P...
- 0c2b0008 00 00 00 00 00 00 00 00 - 00 90 08 00 00 90 08 00 ................
- 0c2b0018 20 0e 00 00 00 0b 00 00 - c8 49 41 00 00 00 00 00 ........IA.....
- 0c2b0028 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- État de vidage Thread Id 0x7c8
- eax=60f19217 ebx=0c69ff6c ecx=1c216745 edx=00000000 esi=78474086 edi=00000590
- eip=78474091 esp=0c69ff50 ebp=0c69ff74 iopl=0 nv up ei ng nz ac po cy
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000297
- fonction : ZwWaitForSingleObject
- 78474086 b8ea000000 mov eax,0xea
- 7847408b 8d542404 lea edx,[esp+0x4] ss:0d249e37=????????
- 7847408f cd2e int 2e
- 78474091 c20c00 ret 0xc
- 78474094 8a5001 mov dl,[eax+0x1] ds:61ac30fd=??
- 78474097 3a5101 cmp dl,[ecx+0x1] ds:1cdc062b=??
- 7847409a 0f8598c7ffff jne RtlEqualPrefixSid+0x44 (78470838)
- 784740a0 84d2 test dl,dl
- 784740a2 7410 jz RtlQueryAtomInAtomTable+0x31 (78474fb4)
- 784740a4 0fb6d2 movzx edx,dl
- 784740a7 33ff xor edi,edi
- 784740a9 8d72ff lea esi,[edx+0xff] ds:00ba9ee6=????????
- 784740ac 85f6 test esi,esi
- 784740ae 0f8f04100100 jnle RtlEraseUnicodeString+0x4e (784850b8)
- 784740b4 b001 mov al,0x1
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0C69FF74 60F1929F 00000590 000003E8 00000000 1C216730 ntdll!ZwWaitForSingleObject
- 0C69FFB4 77E7B382 00000000 1C216730 0B9038C8 008AC610 !<nosymbols>
- 0C69FFEC 00000000 60F19217 008AC610 00000000 00000000 kernel32!lstrcmpiW
- *----> Vidage brut de la pile <----*
- 0c69ff50 8e 9e e9 77 90 05 00 00 - 00 00 00 00 6c ff 69 0c ...w........l.i.
- 0c69ff60 02 00 00 00 10 c6 8a 00 - 00 00 00 00 80 69 67 ff .............ig.
- 0c69ff70 ff ff ff ff b4 ff 69 0c - 9f 92 f1 60 90 05 00 00 ......i....`....
- 0c69ff80 e8 03 00 00 00 00 00 00 - 30 67 21 1c c8 38 90 0b ........0g!..8..
- 0c69ff90 10 c6 8a 00 c0 a4 12 df - 17 ac cf 11 a5 d6 28 db ..............(.
- 0c69ffa0 04 c1 00 00 00 00 00 00 - 02 00 00 00 10 16 e8 00 ................
- 0c69ffb0 00 00 00 00 ec ff 69 0c - 82 b3 e7 77 00 00 00 00 ......i....w....
- 0c69ffc0 30 67 21 1c c8 38 90 0b - 10 c6 8a 00 00 e0 fa 7f 0g!..8..........
- 0c69ffd0 45 67 21 1c c0 ff 69 0c - 45 67 21 1c ff ff ff ff Eg!...i.Eg!.....
- 0c69ffe0 b4 1b ec 77 f0 2a e7 77 - 00 00 00 00 00 00 00 00 ...w.*.w........
- 0c69fff0 00 00 00 00 17 92 f1 60 - 10 c6 8a 00 00 00 00 00 .......`........
- 0c6a0000 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c6a0010 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c6a0020 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c6a0030 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c6a0040 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c6a0050 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c6a0060 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c6a0070 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c6a0080 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- État de vidage Thread Id 0x898
- eax=00000000 ebx=008aba30 ecx=008aad00 edx=008aad2c esi=008aad00 edi=008aad2c
- eip=0bd39c38 esp=0c98f674 ebp=0b2d06c4 iopl=0 nv up ei pl nz na pe nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000202
- fonction : DllUnregisterServer
- 0bd39c1c 57 push edi
- 0bd39c1d 8906 mov [esi],eax ds:008aad00=00000000
- 0bd39c1f e878650100 call configure+0x7dc5 (0bd5019c)
- 0bd39c24 83c40c add esp,0xc
- 0bd39c27 5d pop ebp
- 0bd39c28 eb2e jmp DllUnregisterServer+0x11258 (0bd42758)
- 0bd39c2a 8b842410060000 mov eax,[esp+0x610] ss:0c98fc84=00000000
- 0bd39c31 8d7e2c lea edi,[esi+0x2c] ds:01454be6=00000000
- 0bd39c34 8bd7 mov edx,edi
- 0bd39c36 2bd0 sub edx,eax
- FAUTE ->0bd39c38 8a08 mov cl,[eax] ds:00000000=??
- 0bd39c3a 880c02 mov [edx+eax],cl ds:00000000=??
- 0bd39c3d 40 inc eax
- 0bd39c3e 84c9 test cl,cl
- 0bd39c40 75f6 jnz DllUnregisterServer+0x16538 (0bd47a38)
- 0bd39c42 dd842414060000 ss:0c98fc88=402dfae27b0064e4
- fld qword ptr [esp+0x614]
- 0bd39c49 51 push ecx
- 0bd39c4a d91c24 fstp dword ptr [esp] ss:0c98f674=0b2d0280
- 0bd39c4d 57 push edi
- 0bd39c4e e82decffff call DllUnregisterServer+0x7380 (0bd38880)
- 0bd39c53 83c408 add esp,0x8
- 0bd39c56 8906 mov [esi],eax ds:008aad00=00000000
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0B2D06C4 0C6E0000 008A9CA0 008AA230 00000000 00000000 !DllUnregisterServer
- 0C750000 8E507256 805A6E4A 92426468 885A8858 8C54805E <nosymbols>
- 8E567256 00000000 00000000 00000000 00000000 00000000 <nosymbols>
- *----> Vidage brut de la pile <----*
- 0c98f674 80 02 2d 0b 48 00 2d 0b - 00 00 00 00 00 00 00 00 ..-.H.-.........
- 0c98f684 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f694 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f6a4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f6b4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f6c4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f6d4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f6e4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f6f4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f704 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f714 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f724 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f734 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f744 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f754 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f764 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f774 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f784 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0c98f794 52 00 00 00 00 00 00 00 - 00 00 00 00 68 fc 98 0c R...........h...
- 0c98f7a4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- État de vidage Thread Id 0x7e8
- eax=00000000 ebx=00000000 ecx=0210ecf8 edx=00000000 esi=78474086 edi=000005b0
- eip=78474091 esp=0cc2ff4c ebp=0cc2ff70 iopl=0 nv up ei pl zr na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
- fonction : ZwWaitForSingleObject
- 78474086 b8ea000000 mov eax,0xea
- 7847408b 8d542404 lea edx,[esp+0x4] ss:0d7d9e33=????????
- 7847408f cd2e int 2e
- 78474091 c20c00 ret 0xc
- 78474094 8a5001 mov dl,[eax+0x1] ds:00ba9ee6=??
- 78474097 3a5101 cmp dl,[ecx+0x1] ds:02cb8bde=ff
- 7847409a 0f8598c7ffff jne RtlEqualPrefixSid+0x44 (78470838)
- 784740a0 84d2 test dl,dl
- 784740a2 7410 jz RtlQueryAtomInAtomTable+0x31 (78474fb4)
- 784740a4 0fb6d2 movzx edx,dl
- 784740a7 33ff xor edi,edi
- 784740a9 8d72ff lea esi,[edx+0xff] ds:00ba9ee6=????????
- 784740ac 85f6 test esi,esi
- 784740ae 0f8f04100100 jnle RtlEraseUnicodeString+0x4e (784850b8)
- 784740b4 b001 mov al,0x1
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0CC2FF70 77E7B3D5 000005B0 FFFFFFFF 00000000 1C2262B3 ntdll!ZwWaitForSingleObject
- 0027B740 00000000 00000000 00000141 00000006 7FFACF80 kernel32!WaitForSingleObject
- *----> Vidage brut de la pile <----*
- 0cc2ff4c 8e 9e e9 77 b0 05 00 00 - 00 00 00 00 00 00 00 00 ...w............
- 0cc2ff5c 00 00 00 00 40 b4 8a 00 - 00 00 00 00 b8 af 08 02 ....@...........
- 0cc2ff6c b8 af 08 02 40 b7 27 00 - d5 b3 e7 77 b0 05 00 00 ....@.'....w....
- 0cc2ff7c ff ff ff ff 00 00 00 00 - b3 62 22 1c b0 05 00 00 .........b".....
- 0cc2ff8c ff ff ff ff ff ff ff ff - 00 00 00 00 ec ff c2 0c ................
- 0cc2ff9c 40 b4 8a 00 01 00 00 00 - 00 00 00 00 01 00 00 00 @...............
- 0cc2ffac 40 65 22 1c ff ff ff ff - ec 16 02 51 82 b3 e7 77 @e"........Q...w
- 0cc2ffbc 40 b4 8a 00 ff ff ff ff - ec 16 02 51 40 b4 8a 00 @..........Q@...
- 0cc2ffcc 00 c0 fa 7f 04 f9 22 00 - c0 ff c2 0c 04 f9 22 00 ......".......".
- 0cc2ffdc ff ff ff ff b4 1b ec 77 - f0 2a e7 77 00 00 00 00 .......w.*.w....
- 0cc2ffec 00 00 00 00 00 00 00 00 - 2e 65 22 1c 40 b4 8a 00 .........e".@...
- 0cc2fffc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0cc3000c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0cc3001c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0cc3002c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0cc3003c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0cc3004c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0cc3005c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0cc3006c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0cc3007c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- État de vidage Thread Id 0x9bc
- eax=00000000 ebx=00000003 ecx=00000101 edx=00000000 esi=78473233 edi=00000003
- eip=7847323e esp=0ce2ff3c ebp=0ce2ff88 iopl=0 nv up ei pl zr na po nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
- fonction : NtWaitForMultipleObjects
- 78473233 b8e9000000 mov eax,0xe9
- 78473238 8d542404 lea edx,[esp+0x4] ss:0d9d9e23=????????
- 7847323c cd2e int 2e
- 7847323e c21400 ret 0x14
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0CE2FF88 60F1023E 0CE2FF60 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
- 00000003 00000000 00000000 00000000 00000000 00000000 !KsGetMediaTypeCount
- *----> Vidage brut de la pile <----*
- 0ce2ff3c 59 a0 e9 77 03 00 00 00 - 60 ff e2 0c 01 00 00 00 Y..w....`.......
- 0ce2ff4c 00 00 00 00 00 00 00 00 - 01 00 00 00 e8 b7 8a 00 ................
- 0ce2ff5c 00 00 00 00 bc 05 00 00 - d4 05 00 00 d0 05 00 00 ................
- 0ce2ff6c 8e 9e e9 77 c4 05 00 00 - 00 00 00 00 00 00 00 00 ...w............
- 0ce2ff7c 03 00 00 00 e8 b7 8a 00 - cb 9b e9 77 03 00 00 00 ...........w....
- 0ce2ff8c 3e 02 f1 60 60 ff e2 0c - 01 00 00 00 00 00 00 00 >..``...........
- 0ce2ff9c 00 00 00 00 00 00 00 00 - c5 20 02 51 00 b7 e7 77 ......... .Q...w
- 0ce2ffac ec ff e2 0c e8 b7 8a 00 - 01 01 00 00 82 b3 e7 77 ...............w
- 0ce2ffbc e8 b7 8a 00 c5 20 02 51 - 00 b7 e7 77 e8 b7 8a 00 ..... .Q...w....
- 0ce2ffcc 00 b0 fa 7f fc ff c2 0c - c0 ff e2 0c fc ff c2 0c ................
- 0ce2ffdc ff ff ff ff b4 1b ec 77 - f0 2a e7 77 00 00 00 00 .......w.*.w....
- 0ce2ffec 00 00 00 00 00 00 00 00 - 21 02 f1 60 e8 b7 8a 00 ........!..`....
- 0ce2fffc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0ce3000c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0ce3001c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0ce3002c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0ce3003c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0ce3004c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0ce3005c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0ce3006c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- État de vidage Thread Id 0x118
- eax=00407170 ebx=00000000 ecx=0022f9f0 edx=00000000 esi=78469153 edi=0d02ff70
- eip=7846915e esp=0d02ff5c ebp=0d02ff78 iopl=0 nv up ei pl nz na pe nc
- cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000202
- fonction : ZwDelayExecution
- 78469153 b832000000 mov eax,0x32
- 78469158 8d542404 lea edx,[esp+0x4] ss:0dbd9e43=????????
- 7846915c cd2e int 2e
- 7846915e c20800 ret 0x8
- *----> Parcours arrière de la pile <----*
- FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
- 0D02FF78 77E9A0B8 00000021 00000000 00406FD7 00000021 ntdll!ZwDelayExecution
- 0D02FFEC 00000000 00407170 00000000 00000000 00000000 kernel32!Sleep
- *----> Vidage brut de la pile <----*
- 0d02ff5c ed a0 e9 77 00 00 00 00 - 70 ff 02 0d 28 82 08 02 ...w....p...(...
- 0d02ff6c ad a0 e9 77 f0 f6 fa ff - ff ff ff ff ec ff 02 0d ...w............
- 0d02ff7c b8 a0 e9 77 21 00 00 00 - 00 00 00 00 d7 6f 40 00 ...w!........o@.
- 0d02ff8c 21 00 00 00 e4 f9 22 00 - 01 01 00 00 01 75 40 00 !....."......u@.
- 0d02ff9c 28 82 08 02 e4 f9 22 00 - ec ff 02 0d 00 00 00 00 (.....".........
- 0d02ffac 00 00 00 00 00 00 00 00 - 88 71 40 00 82 b3 e7 77 .........q@....w
- 0d02ffbc 00 00 00 00 28 82 08 02 - e4 f9 22 00 00 00 00 00 ....(.....".....
- 0d02ffcc 00 a0 fa 7f f0 f9 22 00 - c0 ff 02 0d f0 f9 22 00 ......".......".
- 0d02ffdc ff ff ff ff b4 1b ec 77 - f0 2a e7 77 00 00 00 00 .......w.*.w....
- 0d02ffec 00 00 00 00 00 00 00 00 - 70 71 40 00 00 00 00 00 ........pq@.....
- 0d02fffc 00 00 00 00 00 00 00 00 - 9f 00 13 00 10 00 90 01 ................
- 0d03000c 17 00 b0 01 ff ff ff 00 - ff ff ff 00 00 00 00 00 ................
- 0d03001c 00 00 00 00 ff ff ff 00 - ff ff ff 00 00 00 00 00 ................
- 0d03002c 00 00 00 00 00 00 00 00 - 01 00 00 00 0d 02 01 01 ................
- 0d03003c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 0d03004c 02 00 00 00 01 00 00 00 - 01 00 00 00 00 00 00 00 ................
- 0d03005c 00 00 00 00 00 00 00 00 - 1f 00 89 01 00 00 00 00 ................
- 0d03006c ff ff ff ff ff ff ff ff - 00 00 00 00 00 00 00 00 ................
- 0d03007c 00 00 00 00 00 00 00 00 - 01 00 00 00 00 00 00 00 ................
- 0d03008c 00 00 00 00 21 00 8a 01 - 00 00 00 40 06 00 00 00 ....!......@....
|
|