explorer.exe a rencontré une erreur et doit fermer

Recherche :

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : explorer.exe a rencontré une erreur et doit fermer

gephil

Bonjour,

je voudrais savoir pourquoi depuis quelque temps,des que j'ouvre mes documents ou autre dossier,et que je les ferme,j'ai toujours cette fenetre

qui s'ouvre:"explorer.exe a rencontré un probleme et doit fermer,nous nous excusons ...."

voici l'erreur : "l'instruction "0x043316d3" emploie l'adresse memoire "0x043316d3".la mémoire ne peut etre lue.

explorer.exe AppVer:6.0.2900.3156 ModName:unknown ModVer:unknown ModVer:0.0.0.0

offset:043316d3.

voici le raport hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 14:29:33, on 22/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\Dsp24Set.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
E:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
E:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Shareaza\Shareaza.exe
E:\Program Files\GigaTribe\gigatribe.exe
C:\Program Files\Windows NT\Accessoires\wordpad.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\INCRED~2\bin\IBMain.exe
C:\Documents and Settings\philippe\Bureau\Mes logiciels\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/y [...] .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/y [...] .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IBBHO Class - {12BA043E-293E-4CE4-A8C7-8460934FE801} - C:\Program Files\IncrediBar\bin\IBBHO.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: IncrediBar - {D8073790-84C7-4602-BF77-C6ACBF1612E4} - C:\Program Files\IncrediBar\bin\IBTBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [PSDrvCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [DSP24] Dsp24Set.exe /n
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [ScanSoft OmniPage 16-reminder] "E:\Program Files\ScanSoft\OmniPage16\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPage 16\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "E:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [updateMgr] "E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_0_9 -reboot 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [OpAgent] "OpAgent.exe" /agent
O4 - Startup: Dragon NaturallySpeaking.lnk = E:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe
O4 - Startup: GigaTribe.lnk = E:\Program Files\GigaTribe\gigatribe.exe
O4 - Global Startup: HPAiODevice(hp psc 900 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: IncrediBar - {023FA804-DCE1-4817-94ED-6BA4200F9AF2} - C:\Program Files\IncrediBar\bin\IBTBar.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EC4C9E3-EC6A-11CF-8E3B-444553540000} (WaveTab Control) - file://G:\setup\RiffLick.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://www.cyber-infos.net/files/OnlineScan.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.ya [...] urrent.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 3373660062
O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://members.driverguide.com/dir [...] olkit_lite
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - C:\Program Files\Fichiers communs\BCL Technologies\NitroPDF5\bepldr.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe

le rapport du Dr watson:

Microsoft (R) DrWtsn32
Copyright (C) 1985-2001 Microsoft Corp. Tous droits réservés.

Une exception d'application s'est produite :
App : C:\WINDOWS\explorer.exe (pid=3044)
Lorsque : 22/02/2008 @ 14:26:55.328
Numéro d'exception : c0000005 (violation d'accès)

*----> Informations système <----*
Nom ordinateur : PHIL
Nom utilisateur : philippe
ID de la session Terminal : 0
Nombre de processeurs : 1
Type de processeur : x86 Family 15 Model 1 Stepping 2
Version de Windows : 5.1
Numéro actuel : 2600
Service Pack : 2
Type actuel : Uniprocessor Free
Organisation enregistrée : privé
Propriétaire enregistré : philippe

*----> Liste des tâches <----*
0 System Process
4 System
956 smss.exe
1076 csrss.exe
1112 winlogon.exe
1156 services.exe
1168 lsass.exe
1324 svchost.exe
1404 svchost.exe
1500 svchost.exe
1540 svchost.exe
1568 svchost.exe
2012 spoolsv.exe
328 LVPrcSrv.exe
460 schedul2.exe
484 svchost.exe
508 ekrn.exe
548 GEARSec.exe
692 LVComSer.exe
820 MDM.EXE
864 NBService.exe
976 NBHRegInCDSrv.exe
1000 nvsvc32.exe
1016 oodag.exe
740 svchost.exe
1236 TrueImageTryStartService.exe
632 jusched.exe
644 Dsp24Set.exe
696 issch.exe
444 oodtray.exe
1628 em_exec.exe
1468 schedhlp.exe
1700 Acrotray.exe
1064 egui.exe
2132 ctfmon.exe
2228 msnmsgr.exe
2272 LVComSer.exe
2380 hpobrt07.exe
2384 rundll32.exe
2464 SearchIndexer.exe
2708 WindowsSearch.exe
2732 natspeak.exe
2976 IMApp.exe
3024 hpoevm07.exe
3688 alg.exe
2620 wlcomm.exe
3968 usnsvc.exe
2568 Shareaza.exe
3560 gigatribe.exe
3044 explorer.exe
5196 wordpad.exe
5164 dwwin.exe
6092 drwtsn32.exe

*----> Liste des modules <----*
(0000000000340000 - 0000000000347000: C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll
(0000000000be0000 - 0000000000bfb000: C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll
(0000000000c70000 - 0000000000cc0000: C:\WINDOWS\system32\NVWRSFR.DLL
(0000000001000000 - 0000000001100000: C:\WINDOWS\explorer.exe
(0000000001100000 - 0000000001206000: C:\Program Files\Nero\Nero8\InCD\NBHStr.dll
(0000000001310000 - 000000000171a000: C:\Program Files\Fichiers communs\Nero\Shared\NL3\AdvrCntr3.dll
(00000000019d0000 - 00000000019e5000: C:\WINDOWS\system32\nvwddi.dll
(0000000001dc0000 - 0000000001dcc000: C:\Program Files\Windows Desktop Search\fr-fr\msnlExtRes.dll.mui
(0000000002310000 - 000000000231b000: C:\Program Files\Fichiers communs\Logitech\Scrolling\LgMsgHk.dll
(00000000023e0000 - 0000000002407000: C:\Program Files\IncrediMail\bin\B4ImApp.dll
(00000000028d0000 - 00000000028e7000: C:\Program Files\Windows Desktop Search\MSNLDl.dll
(0000000002f90000 - 000000000301e000: C:\WINDOWS\system32\shdoclc.dll
(0000000003020000 - 00000000030a8000: C:\Program Files\Windows Desktop Search\msnlExt.dll
(00000000030b0000 - 00000000030c3000: C:\WINDOWS\system32\browselc.dll
(0000000003450000 - 00000000034e4000: C:\Program Files\Windows Desktop Search\msnlExtRes.dll
(00000000034f0000 - 00000000035a7000: C:\WINDOWS\System32\PROPSYS.dll
(0000000003630000 - 000000000367b000: C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
(0000000003680000 - 00000000036c1000: C:\WINDOWS\System32\msshsq.dll
(0000000004000000 - 00000000041a6000: E:\Program Files\Microsoft Office\Office12\1036\GrooveIntlResource.dll
(0000000005f90000 - 0000000006148000: C:\Program Files\Fichiers communs\Nero\Lib\NeroDigitalExt.dll
(00000000061f0000 - 000000000620c000: E:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
(0000000006230000 - 000000000623a000: E:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.FRA
(0000000006250000 - 0000000006287000: D:\Program Files\Illustrate\dBpowerAMP\dBShell.dll
(000000000ffd0000 - 000000000fff8000: C:\WINDOWS\system32\rsaenh.dll
(0000000010000000 - 0000000010170000: C:\WINDOWS\system32\nview.dll
(0000000010930000 - 0000000010979000: C:\WINDOWS\system32\PortableDeviceApi.dll
(00000000109c0000 - 00000000109ec000: C:\WINDOWS\system32\PortableDeviceTypes.dll
(00000000164a0000 - 00000000164c3000: C:\WINDOWS\system32\WPDShServiceObj.dll
(000000001c000000 - 000000001c019000: C:\Program Files\Nero\Nero8\InCD\NBHShx.dll
(0000000020000000 - 00000000202da000: C:\WINDOWS\system32\xpsp2res.dll
(000000004b4f0000 - 000000004b576000: C:\WINDOWS\system32\MSFTEDIT.DLL
(000000004cb20000 - 000000004cb2e000: C:\Program Files\Fichiers communs\System\ADO\msadrh15.dll
(000000004d5e0000 - 000000004d638000: C:\WINDOWS\system32\WINHTTP.dll
(000000004eb80000 - 000000004ed23000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
(0000000058b50000 - 0000000058bea000: C:\WINDOWS\system32\comctl32.dll
(00000000595b0000 - 000000005977a000: C:\WINDOWS\AppPatch\AcGenral.DLL
(000000005b090000 - 000000005b0c8000: C:\WINDOWS\system32\UxTheme.dll
(000000005b950000 - 000000005b9c3000: C:\WINDOWS\System32\themeui.dll
(000000005cea0000 - 000000005cec6000: C:\WINDOWS\system32\ShimEng.dll
(000000005d360000 - 000000005d36f000: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80FRA.DLL
(0000000060000000 - 0000000060172000: C:\WINDOWS\System32\tquery.dll
(00000000621f0000 - 000000006220f000: C:\WINDOWS\system32\MAPI32.dll
(0000000062dc0000 - 0000000062dc9000: C:\WINDOWS\system32\LPK.DLL
(0000000065e30000 - 0000000065e67000: E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
(00000000661c0000 - 00000000663dd000: E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
(0000000066a00000 - 0000000066a72000: C:\WINDOWS\system32\infosoft.dll
(0000000066b40000 - 0000000066cbf000: E:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
(0000000067d40000 - 0000000067d53000: C:\PROGRA~1\INCRED~1\bin\ImKeysU.dll
(0000000068ef0000 - 0000000068fe1000: E:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL
(0000000068ff0000 - 0000000068ff7000: E:\Program Files\Microsoft Office\Office12\GrooveNew.DLL
(00000000698e0000 - 00000000698f6000: C:\WINDOWS\system32\Faultrep.dll
(000000006c650000 - 000000006c69d000: C:\WINDOWS\system32\DUSER.dll
(000000006fee0000 - 000000006ff34000: C:\WINDOWS\system32\NETAPI32.dll
(0000000070de0000 - 0000000070df3000: C:\WINDOWS\system32\asycfilt.dll
(00000000719e0000 - 00000000719e8000: C:\WINDOWS\System32\WS2HELP.dll
(00000000719f0000 - 0000000071a07000: C:\WINDOWS\System32\WS2_32.dll
(0000000071a10000 - 0000000071a1a000: C:\WINDOWS\System32\WSOCK32.dll
(0000000071a60000 - 0000000071a72000: C:\WINDOWS\system32\MPR.dll
(0000000071b50000 - 0000000071b63000: C:\WINDOWS\system32\SAMLIB.dll
(0000000071b70000 - 0000000071b7e000: C:\WINDOWS\System32\ntlanman.dll
(0000000071be0000 - 0000000071be7000: C:\WINDOWS\System32\NETRAP.dll
(0000000071bf0000 - 0000000071c30000: C:\WINDOWS\System32\NETUI1.dll
(0000000071c30000 - 0000000071c47000: C:\WINDOWS\System32\NETUI0.dll
(0000000072380000 - 000000007239a000: C:\WINDOWS\System32\mydocs.dll
(0000000072c40000 - 0000000072c47000: C:\WINDOWS\system32\msadp32.acm
(0000000072c60000 - 0000000072c68000: C:\WINDOWS\system32\msacm32.drv
(0000000072c70000 - 0000000072c79000: C:\WINDOWS\system32\wdmaud.drv
(0000000072f50000 - 0000000072f76000: C:\WINDOWS\system32\WINSPOOL.DRV
(0000000072f80000 - 0000000072f90000: C:\WINDOWS\system32\WZCSAPI.DLL
(0000000073ec0000 - 0000000073f37000: C:\Program Files\Fichiers communs\System\OLE DB\oledb32.dll
(0000000074630000 - 0000000074657000: C:\WINDOWS\System32\msls31.dll
(0000000074660000 - 000000007468a000: C:\WINDOWS\System32\msimtf.dll
(0000000074690000 - 00000000746db000: C:\WINDOWS\system32\MSCTF.dll
(00000000748f0000 - 0000000074a03000: C:\WINDOWS\system32\msxml3.dll
(0000000074a40000 - 0000000074a48000: C:\WINDOWS\System32\POWRPROF.dll
(0000000074a60000 - 0000000074a6a000: C:\WINDOWS\System32\BatMeter.dll
(0000000074aa0000 - 0000000074ae8000: C:\WINDOWS\System32\webcheck.dll
(0000000074fb0000 - 0000000074fc4000: C:\Program Files\Fichiers communs\System\OLE DB\OLEDB32R.DLL
(0000000075020000 - 0000000075032000: C:\WINDOWS\system32\RESUTILS.DLL
(0000000075060000 - 0000000075073000: C:\WINDOWS\system32\MTXCLU.DLL
(00000000750a0000 - 00000000750b4000: C:\WINDOWS\system32\colbact.DLL
(0000000075140000 - 000000007516e000: C:\WINDOWS\system32\msctfime.ime
(00000000753c0000 - 000000007542b000: C:\WINDOWS\system32\USP10.dll
(0000000075d30000 - 0000000075dc1000: C:\WINDOWS\system32\mlang.dll
(0000000075ef0000 - 0000000075ef7000: C:\WINDOWS\System32\drprov.dll
(0000000075f00000 - 0000000075f09000: C:\WINDOWS\System32\davclnt.dll
(0000000075f10000 - 000000007600d000: C:\WINDOWS\system32\BROWSEUI.dll
(0000000076010000 - 0000000076075000: C:\WINDOWS\system32\MSVCP60.dll
(0000000076080000 - 00000000761bc000: C:\WINDOWS\system32\comsvcs.dll
(00000000762f0000 - 0000000076300000: C:\WINDOWS\system32\WINSTA.dll
(0000000076310000 - 0000000076315000: C:\WINDOWS\system32\MSImg32.dll
(0000000076320000 - 000000007633d000: C:\WINDOWS\system32\IMM32.DLL
(0000000076340000 - 000000007638a000: C:\WINDOWS\system32\comdlg32.dll
(0000000076390000 - 000000007653a000: C:\WINDOWS\system32\NETSHELL.dll
(0000000076540000 - 0000000076561000: C:\WINDOWS\System32\stobject.dll
(0000000076590000 - 00000000765ad000: C:\WINDOWS\System32\CSCDLL.dll
(00000000765b0000 - 0000000076606000: C:\WINDOWS\System32\cscui.dll
(0000000076610000 - 0000000076694000: C:\WINDOWS\system32\CRYPTUI.dll
(00000000768e0000 - 0000000076905000: C:\WINDOWS\system32\MSDART.DLL
(0000000076920000 - 0000000076928000: C:\WINDOWS\system32\LINKINFO.dll
(0000000076930000 - 0000000076956000: C:\WINDOWS\system32\ntshrui.dll
(0000000076960000 - 0000000076a15000: C:\WINDOWS\system32\USERENV.dll
(0000000076ac0000 - 0000000076ad1000: C:\WINDOWS\system32\ATL.DLL
(0000000076ae0000 - 0000000076b0f000: C:\WINDOWS\system32\WINMM.dll
(0000000076ba0000 - 0000000076bab000: C:\WINDOWS\system32\PSAPI.DLL
(0000000076bb0000 - 0000000076bdf000: C:\WINDOWS\system32\credui.dll
(0000000076be0000 - 0000000076c0e000: C:\WINDOWS\system32\WINTRUST.dll
(0000000076c40000 - 0000000076c68000: C:\WINDOWS\system32\IMAGEHLP.dll
(0000000076d10000 - 0000000076d29000: C:\WINDOWS\system32\iphlpapi.dll
(0000000076d50000 - 0000000076d61000: C:\WINDOWS\system32\CLUSAPI.DLL
(0000000076e30000 - 0000000076e3e000: C:\WINDOWS\system32\rtutils.dll
(0000000076f00000 - 0000000076f08000: C:\WINDOWS\system32\WTSAPI32.dll
(0000000076f10000 - 0000000076f3d000: C:\WINDOWS\system32\WLDAP32.dll
(0000000076f80000 - 0000000076fff000: C:\WINDOWS\system32\CLBCATQ.DLL
(0000000077000000 - 00000000770d4000: C:\WINDOWS\system32\COMRes.dll
(00000000770e0000 - 000000007716b000: C:\WINDOWS\system32\OLEAUT32.dll
(0000000077210000 - 00000000772c1000: C:\WINDOWS\system32\SXS.DLL
(0000000077390000 - 0000000077493000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
(00000000774a0000 - 00000000775dd000: C:\WINDOWS\system32\ole32.dll
(0000000077650000 - 0000000077671000: C:\WINDOWS\system32\NTMARTA.DLL
(00000000778e0000 - 00000000779d8000: C:\WINDOWS\system32\SETUPAPI.dll
(00000000779e0000 - 0000000077a76000: C:\WINDOWS\system32\CRYPT32.dll
(0000000077a80000 - 0000000077a92000: C:\WINDOWS\system32\MSASN1.dll
(0000000077aa0000 - 0000000077b4b000: C:\WINDOWS\system32\WININET.dll
(0000000077b50000 - 0000000077b72000: C:\WINDOWS\system32\appHelp.dll
(0000000077ba0000 - 0000000077ba7000: C:\WINDOWS\system32\midimap.dll
(0000000077bb0000 - 0000000077bc5000: C:\WINDOWS\system32\MSACM32.dll
(0000000077bd0000 - 0000000077bd8000: C:\WINDOWS\system32\VERSION.dll
(0000000077be0000 - 0000000077c38000: C:\WINDOWS\system32\msvcrt.dll
(0000000077da0000 - 0000000077e4c000: C:\WINDOWS\system32\ADVAPI32.dll
(0000000077e50000 - 0000000077ee2000: C:\WINDOWS\system32\RPCRT4.dll
(0000000077ef0000 - 0000000077f37000: C:\WINDOWS\system32\GDI32.dll
(0000000077f40000 - 0000000077fb6000: C:\WINDOWS\system32\SHLWAPI.dll
(0000000077fc0000 - 0000000077fd1000: C:\WINDOWS\system32\Secur32.dll
(0000000078130000 - 00000000781cb000: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
(00000000781d0000 - 00000000782df000: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL
(00000000782e0000 - 00000000783ef000: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL
(0000000078800000 - 000000007895c000: C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\msxml5.dll
(000000007c420000 - 000000007c4a7000: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll
(000000007c630000 - 000000007c64b000: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL
(000000007c800000 - 000000007c905000: C:\WINDOWS\system32\kernel32.dll
(000000007c910000 - 000000007c9c7000: C:\WINDOWS\system32\ntdll.dll
(000000007c9d0000 - 000000007d1f5000: C:\WINDOWS\system32\SHELL32.dll
(000000007d200000 - 000000007d4be000: C:\WINDOWS\system32\msi.dll
(000000007d9c0000 - 000000007db27000: C:\WINDOWS\System32\query.dll
(000000007dbf0000 - 000000007dee7000: C:\WINDOWS\System32\mshtml.dll
(000000007df30000 - 000000007dfd2000: C:\WINDOWS\system32\urlmon.dll
(000000007e210000 - 000000007e381000: C:\WINDOWS\system32\SHDOCVW.dll
(000000007e390000 - 000000007e420000: C:\WINDOWS\system32\USER32.dll

*----> Vidage de l'état de la thread 0xe90 <----*

eax=0002008e ebx=00000003 ecx=7e39b785 edx=7c91eb94 esi=000e1468 edi=00000000
eip=7c91eb94 esp=0007fef0 ebp=0007ff08 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202

*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ntdll.dll -
fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e

*----> Suivi arrière de la pile <----*
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\SHELL32.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Module load completed but symbols could not be loaded for C:\WINDOWS\explorer.exe
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll -
ChildEBP RetAddr Args to Child
0007ff08 7ca1c674 00000000 0007ff5c 010132a4 ntdll!KiFastSystemCallRet
0007ff14 010132a4 000e1468 7ffde000 0007ffc0 SHELL32!Ordinal201+0x28
0007ff5c 0101a936 00000000 00000000 0002063e explorer+0x132a4
0007ffc0 7c816fd7 00debff8 0006e890 7ffde000 explorer+0x1a936
0007fff0 00000000 0101a8ce 00000000 78746341 kernel32!RegisterWaitForInputIdle+0x49

*----> Vidage brut de la pile <----*
000000000007fef0 18 94 39 7e c5 4a a3 7c - 9c 92 80 7c 68 14 0e 00 ..9~.J.|...|h...
000000000007ff00 68 14 0e 00 14 ff 07 00 - 14 ff 07 00 74 c6 a1 7c h...........t..|
000000000007ff10 00 00 00 00 5c ff 07 00 - a4 32 01 01 68 14 0e 00 ....\....2..h...
000000000007ff20 00 e0 fd 7f c0 ff 07 00 - 00 00 00 00 24 fd 07 00 ............$...
000000000007ff30 50 ff 07 00 e0 ff 07 00 - 27 e0 91 7c 65 ac 80 7c P.......'..|e..|
000000000007ff40 ff ff ff ff 0c 00 00 00 - 00 00 00 00 2a 3b 0c 00 ............*;..
000000000007ff50 c4 00 00 00 01 00 00 00 - 68 14 0e 00 c0 ff 07 00 ........h.......
000000000007ff60 36 a9 01 01 00 00 00 00 - 00 00 00 00 3e 06 02 00 6...........>...
000000000007ff70 05 00 00 00 f8 bf de 00 - 90 e8 06 00 44 00 00 00 ............D...
000000000007ff80 90 06 02 00 70 06 02 00 - 40 06 02 00 00 00 00 00 ....p...@.......
000000000007ff90 00 00 00 00 00 00 00 00 - 00 00 00 00 2e 00 00 00 ................
000000000007ffa0 00 00 00 00 3a ef 06 00 - 01 00 00 00 05 00 00 00 ....:...........
000000000007ffb0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000007ffc0 f0 ff 07 00 d7 6f 81 7c - f8 bf de 00 90 e8 06 00 .....o.|........
000000000007ffd0 00 e0 fd 7f 38 ab 54 80 - c8 ff 07 00 48 26 a8 86 ....8.T.....H&..
000000000007ffe0 ff ff ff ff a8 9a 83 7c - e0 6f 81 7c 00 00 00 00 .......|.o.|....
000000000007fff0 00 00 00 00 00 00 00 00 - ce a8 01 01 00 00 00 00 ................
0000000000080000 41 63 74 78 20 00 00 00 - 01 00 00 00 98 24 00 00 Actx ........$..
0000000000080010 c4 00 00 00 00 00 00 00 - 20 00 00 00 00 00 00 00 ........ .......
0000000000080020 14 00 00 00 01 00 00 00 - 06 00 00 00 34 00 00 00 ............4...

*----> Vidage de l'état de la thread 0xcac <----*

eax=b57ad874 ebx=00000000 ecx=bf813cdd edx=b57ad6f4 esi=7c8021cc edi=00000001
eip=7c91eb94 esp=018ae76c ebp=018ae788 iopl=0 nv up ei pl nz na pe cy
cs=001b ss=0023 ds=a1dc es=d72c fs=003b gs=0000 efl=00000203

fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e

*----> Suivi arrière de la pile <----*
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\PSAPI.DLL -
WARNING: Stack unwind information not available. Following frames may be wrong.
*** WARNING: Unable to verify checksum for C:\WINDOWS\system32\nview.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\nview.dll -
ChildEBP RetAddr Args to Child
018ae788 76ba1fb8 00000640 001970a8 018ae7b0 ntdll!KiFastSystemCallRet
018ae848 1004b9f6 00000640 018ae870 00000004 PSAPI!EnumProcessModules+0x9c
018aea88 1004ea35 018aedd8 00000be4 00335854 nview!PMLoadPresentation+0x2ff6
018aecb8 1008b516 0002006a 018aedd8 00000000 nview!PMLoadPresentation+0x6035
7c80a9cc 5d8b53ec 7d8b5708 57ff6a0c 6a53ff6a nview+0x8b516
8b55ff8b 00000000 00000000 00000000 00000000 0x5d8b53ec

*----> Vidage brut de la pile <----*
00000000018ae76c c7 e2 91 7c e7 21 80 7c - 40 06 00 00 a8 70 19 00 ...|.!.|@....p..
00000000018ae77c b0 e7 8a 01 50 00 00 00 - 9c e7 8a 01 48 e8 8a 01 ....P.......H...
00000000018ae78c b8 1f ba 76 40 06 00 00 - a8 70 19 00 b0 e7 8a 01 ...v@....p......
00000000018ae79c 50 00 00 00 00 00 00 00 - e4 0b 00 00 40 06 00 00 P...........@...
00000000018ae7ac e1 09 83 7c 48 71 19 00 - 08 70 19 00 50 71 19 00 ...|Hq...p..Pq..
00000000018ae7bc 10 70 19 00 58 71 19 00 - 60 6c 19 00 00 00 4f 03 .p..Xq..`l....O.
00000000018ae7cc 82 8e 4f 03 00 70 0b 00 - 3e 00 40 00 60 70 19 00 ..O..p..>.@.`p..
00000000018ae7dc 16 00 18 00 88 70 19 00 - 06 40 2c 80 0e 00 00 00 .....p...@,.....
00000000018ae7ec 24 8e 19 00 74 5f 19 00 - a8 bd c7 45 00 00 00 00 $...t_.....E....
00000000018ae7fc 00 00 00 00 03 01 00 00 - 00 e0 fd 7f 01 00 00 00 ................
00000000018ae80c 08 00 00 00 e4 0b 00 00 - 58 04 00 00 5c e8 8a 01 ........X...\...
00000000018ae81c ff 0f 1f 00 a4 1e 19 00 - 90 1e 19 00 b0 70 19 00 .............p..
00000000018ae82c 76 00 00 00 a4 e7 8a 01 - 00 00 00 00 90 fe 8a 01 v...............
00000000018ae83c 0f 19 ba 76 58 20 ba 76 - ff ff ff ff 88 ea 8a 01 ...vX .v........
00000000018ae84c f6 b9 04 10 40 06 00 00 - 70 e8 8a 01 04 00 00 00 ....@...p.......
00000000018ae85c 7c e8 8a 01 00 00 00 00 - 6a 00 02 00 d8 ed 8a 01 |.......j.......
00000000018ae86c e0 f0 8a 01 00 00 00 01 - 01 00 00 00 08 00 c3 00 ................
00000000018ae87c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018ae88c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018ae89c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

*----> Vidage de l'état de la thread 0x5d8 <----*

eax=7c93798d ebx=00000000 ecx=77da6a51 edx=77da6a18 esi=ffffffff edi=7c91fb78
eip=7c91eb94 esp=018eff9c ebp=018effb4 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e

*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
018effb4 7c80b683 00000000 7c91fb78 ffffffff ntdll!KiFastSystemCallRet
018effec 00000000 7c93798d 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Vidage brut de la pile <----*
00000000018eff9c 5c d8 91 7c d4 79 93 7c - 01 00 00 00 ac ff 8e 01 \..|.y.|........
00000000018effac 00 00 00 00 00 00 00 80 - ec ff 8e 01 83 b6 80 7c ...............|
00000000018effbc 00 00 00 00 78 fb 91 7c - ff ff ff ff 00 00 00 00 ....x..|........
00000000018effcc 00 90 fd 7f 00 06 fc 86 - c0 ff 8e 01 a8 68 f7 86 .............h..
00000000018effdc ff ff ff ff a8 9a 83 7c - 90 b6 80 7c 00 00 00 00 .......|...|....
00000000018effec 00 00 00 00 00 00 00 00 - 8d 79 93 7c 00 00 00 00 .........y.|....
00000000018efffc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f000c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f001c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f002c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f003c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f004c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f005c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f006c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f007c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f008c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f009c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f00ac 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f00bc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000018f00cc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

*----> Vidage de l'état de la thread 0xd54 <----*

eax=000000c0 ebx=00000000 ecx=018afb00 edx=00000000 esi=00000000 edi=00000001
eip=7c91eb94 esp=0196fcec ebp=0196ffb4 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e

*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
0196ffb4 7c80b683 00000000 00000020 018afce4 ntdll!KiFastSystemCallRet
0196ffec 00000000 7c939fae 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Vidage brut de la pile <----*
000000000196fcec ab e9 91 7c d5 a0 93 7c - 03 00 00 00 30 fd 96 01 ...|...|....0...
000000000196fcfc 01 00 00 00 01 00 00 00 - 00 00 00 00 20 00 00 00 ............ ...
000000000196fd0c e4 fc 8a 01 00 00 00 00 - 08 e5 98 7c 08 e5 98 7c ...........|...|
000000000196fd1c d4 02 00 00 54 0d 00 00 - 03 00 00 00 03 00 00 00 ....T...........
000000000196fd2c 02 00 00 00 d0 02 00 00 - 44 05 00 00 b8 02 00 00 ........D.......
000000000196fd3c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fd4c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fd5c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fd6c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fd7c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fd8c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fd9c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fdac 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fdbc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fdcc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fddc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fdec 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fdfc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fe0c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000196fe1c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

*----> Vidage de l'état de la thread 0xf5c <----*

eax=00000103 ebx=019cfd58 ecx=019cfb50 edx=7c91eb94 esi=00000000 edi=7ffde000
eip=7c91eb94 esp=019cfd30 ebp=019cfdcc iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e

*----> Suivi arrière de la pile <----*
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\USER32.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
019cfdcc 7e3995f9 00000008 019cfdf4 00000000 ntdll!KiFastSystemCallRet
019cfe28 7ca051b4 00000007 019cfe50 ffffffff USER32!GetLastInputInfo+0x105
019cff4c 7ca1ab7c 77f56f42 00000000 7c80995a SHELL32!Ordinal646+0x2327
019cffb4 7c80b683 00000000 7c80995a 00090000 SHELL32!Ordinal753+0x133
019cffec 00000000 77f56ed3 018af4d4 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Vidage brut de la pile <----*
00000000019cfd30 ab e9 91 7c e2 94 80 7c - 08 00 00 00 58 fd 9c 01 ...|...|....X...
00000000019cfd40 01 00 00 00 01 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000019cfd50 08 00 00 00 02 00 00 00 - 4c 0b 00 00 54 07 00 00 ........L...T...
00000000019cfd60 00 05 00 00 a8 04 00 00 - 0c 03 00 00 3c 03 00 00 ............<...
00000000019cfd70 28 03 00 00 00 03 00 00 - 14 00 00 00 01 00 00 00 (...............
00000000019cfd80 30 3d 0d 00 00 00 00 00 - 00 00 00 00 ec fd 9c 01 0=..............
00000000019cfd90 57 04 3c 7e 30 88 39 7e - 00 e0 fd 7f 00 60 fd 7f W.<~0.9~.....`..
00000000019cfda0 cd 89 39 7e 00 00 00 00 - 58 fd 9c 01 04 00 00 00 ..9~....X.......
00000000019cfdb0 08 00 00 00 4c fd 9c 01 - 00 00 00 00 dc ff 9c 01 ....L...........
00000000019cfdc0 a8 9a 83 7c d8 95 80 7c - 00 00 00 00 28 fe 9c 01 ...|...|....(...
00000000019cfdd0 f9 95 39 7e 08 00 00 00 - f4 fd 9c 01 00 00 00 00 ..9~............
00000000019cfde0 ff ff ff ff 01 00 00 00 - 00 ff 0c 00 07 00 00 00 ................
00000000019cfdf0 00 00 00 00 4c 0b 00 00 - 54 07 00 00 00 05 00 00 ....L...T.......
00000000019cfe00 a8 04 00 00 0c 03 00 00 - 3c 03 00 00 28 03 00 00 ........<...(...
00000000019cfe10 00 03 00 00 39 87 00 00 - 00 00 00 00 01 00 00 00 ....9...........
00000000019cfe20 00 60 fd 7f 00 03 00 00 - 4c ff 9c 01 b4 51 a0 7c .`......L....Q.|
00000000019cfe30 07 00 00 00 50 fe 9c 01 - ff ff ff ff ff 04 00 00 ....P...........
00000000019cfe40 f4 fd 9c 01 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000019cfe50 4c 0b 00 00 54 07 00 00 - 00 05 00 00 a8 04 00 00 L...T...........
00000000019cfe60 0c 03 00 00 3c 03 00 00 - 28 03 00 00 28 03 00 00 ....<...(...(...

*----> Vidage de l'état de la thread 0x32c <----*

eax=00000187 ebx=00000000 ecx=0002d24c edx=00090608 esi=00e3f74c edi=000000e1
eip=7c91eb94 esp=00e3f4b8 ebp=00e3f6d4 iopl=0 nv up ei ng nz na po cy
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000287

fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e

*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
00e3f6d4 00000001 00000200 00000100 00000001 ntdll!KiFastSystemCallRet

*----> Vidage brut de la pile <----*
0000000000e3f4b8 ef d8 91 7c e3 27 be 00 - f8 05 00 00 00 00 00 00 ...|.'..........
0000000000e3f4c8 00 00 00 00 00 00 00 00 - 44 f5 e3 00 03 00 12 00 ........D.......
0000000000e3f4d8 d4 f6 e3 00 24 00 00 00 - 4c f7 e3 00 e1 00 00 00 ....$...L.......
0000000000e3f4e8 00 00 00 00 00 00 00 00 - 68 f5 e3 00 00 00 00 00 ........h.......
0000000000e3f4f8 c8 3b c2 00 08 f5 e3 00 - 4c f7 e3 00 01 00 00 00 .;......L.......
0000000000e3f508 00 00 00 00 71 16 80 7c - f8 05 00 00 00 00 00 00 ....q..|........
0000000000e3f518 00 00 00 00 00 00 00 00 - 44 f5 e3 00 03 00 12 00 ........D.......
0000000000e3f528 d4 f6 e3 00 24 00 00 00 - 00 00 00 00 e1 00 00 00 ....$...........
0000000000e3f538 00 00 00 00 48 f7 e3 00 - 00 00 00 00 00 00 00 00 ....H...........
0000000000e3f548 04 00 00 00 a8 f4 e3 00 - 38 f5 e3 00 9c f5 e3 00 ........8.......
0000000000e3f558 b0 f8 e3 00 a8 9a 83 7c - b0 0a 81 7c ff ff ff ff .......|...|....
0000000000e3f568 c4 f5 e3 00 ea 2b d1 76 - f8 05 00 00 03 00 12 00 .....+.v........
0000000000e3f578 d4 f6 e3 00 24 00 00 00 - 4c f7 e3 00 e1 00 00 00 ....$...L.......
0000000000e3f588 d0 f5 e3 00 00 00 00 00 - e8 f6 e3 00 1c f7 e3 00 ................
0000000000e3f598 00 00 00 00 b0 f8 e3 00 - a8 9a 83 7c 70 99 80 7c ...........|p..|
0000000000e3f5a8 ff ff ff ff 6d 99 80 7c - 5d 2a d1 76 58 f7 bc 01 ....m..|]*.vX...
0000000000e3f5b8 f0 61 c4 01 60 91 b9 02 - 00 00 00 00 34 f8 e3 00 .a..`.......4...
0000000000e3f5c8 5d 2f d1 76 06 00 00 00 - 00 00 00 00 d4 f6 e3 00 ]/.v............
0000000000e3f5d8 40 f7 e3 00 4c f7 e3 00 - 48 f7 e3 00 f0 61 c4 01 @...L...H....a..
0000000000e3f5e8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

*----> Vidage de l'état de la thread 0xa2c <----*

eax=009442b0 ebx=009442b0 ecx=7e3988da edx=7c91eb94 esi=026cfe14 edi=164be000
eip=7c91eb94 esp=026cfdd0 ebp=026cfdec iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e

*----> Suivi arrière de la pile <----*
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\WPDShServiceObj.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\SHLWAPI.dll -
ChildEBP RetAddr Args to Child
026cfdec 164aa888 026cfe14 00000000 00000000 ntdll!KiFastSystemCallRet
026cff50 77f56f42 009442b0 018af314 7c91ee18 WPDShServiceObj+0xa888
026cffb4 7c80b683 00000000 018af314 7c91ee18 SHLWAPI!Ordinal505+0x3e9
026cffec 00000000 77f56ed3 018af3f8 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Vidage brut de la pile <----*
00000000026cfdd0 be 91 39 7e f1 91 39 7e - 14 fe 6c 02 00 00 00 00 ..9~..9~..l.....
00000000026cfde0 00 00 00 00 00 00 00 00 - d4 19 4a 16 50 ff 6c 02 ..........J.P.l.
00000000026cfdf0 88 a8 4a 16 14 fe 6c 02 - 00 00 00 00 00 00 00 00 ..J...l.........
00000000026cfe00 00 00 00 00 2a e6 6c 02 - 00 00 00 00 00 00 00 00 ....*.l.........
00000000026cfe10 00 00 00 00 3e 00 04 00 - 13 01 00 00 0d 00 00 00 ....>...........
00000000026cfe20 00 00 00 00 bc 75 ab 00 - 77 02 00 00 09 02 00 00 .....u..w.......
00000000026cfe30 01 00 00 00 b0 42 94 00 - a5 83 4a 16 b2 83 4a 16 .....B....J...J.
00000000026cfe40 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000026cfe50 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000026cfe60 00 00 00 00 00 00 00 00 - 00 00 00 00 3b 00 00 00 ............;...
00000000026cfe70 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000026cfe80 44 f3 4b 77 c0 68 5c 77 - 0e 00 00 00 0d 00 00 00 D.Kw.h\w........
00000000026cfe90 17 00 00 00 b4 fe 6c 02 - c3 f4 4b 77 dc 36 0a 00 ......l...Kw.6..
00000000026cfea0 17 00 00 00 01 00 00 00 - bc d6 4b 77 c4 00 be 01 ..........Kw....
00000000026cfeb0 c4 fe 6c 02 dc d7 4b 77 - c0 00 be 01 0a d2 4b 77 ..l...Kw......Kw
00000000026cfec0 60 68 5c 77 d7 d1 4b 77 - 68 68 5c 77 e1 f5 4b 77 `h\w..Kwhh\w..Kw
00000000026cfed0 fc f3 11 00 50 ff 6c 02 - 10 f4 11 00 a5 d8 4b 77 ....P.l.......Kw
00000000026cfee0 b4 36 0a 00 fc f3 11 00 - 50 ff 6c 02 ad f1 4b 77 .6......P.l...Kw
00000000026cfef0 66 97 80 7c 50 ff 6c 02 - 3c 68 5c 77 00 00 00 00 f..|P.l.<h\w....
00000000026cff00 28 ff 6c 02 f3 f0 4b 77 - fc f3 11 00 10 f4 11 00 (.l...Kw........

*----> Vidage de l'état de la thread 0xcf0 <----*

eax=164be3e8 ebx=0270fd0c ecx=0270fd78 edx=7c91eb94 esi=00000000 edi=7ffde000
eip=7c91eb94 esp=0270fce4 ebp=0270fd80 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e

*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
0270fd80 7e3995f9 00000002 0270fda8 00000000 ntdll!KiFastSystemCallRet
0270fddc 164a9bea 00000001 0270fe2c ffffffff USER32!GetLastInputInfo+0x105
0270ff50 77f56f42 009442b0 018af314 7c91ee18 WPDShServiceObj+0x9bea
0270ffb4 7c80b683 00000000 018af314 7c91ee18 SHLWAPI!Ordinal505+0x3e9
0270ffec 00000000 77f56ed3 018af3f8 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Vidage brut de la pile <----*
000000000270fce4 ab e9 91 7c e2 94 80 7c - 02 00 00 00 0c fd 70 02 ...|...|......p.
000000000270fcf4 01 00 00 00 01 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000270fd04 02 00 00 00 02 00 00 00 - 84 04 00 00 dc 04 00 00 ................
000000000270fd14 18 6a da 77 51 6a da 77 - a8 31 4a 16 01 00 00 80 .j.wQj.w.1J.....
000000000270fd24 68 00 00 00 18 00 00 00 - 14 00 00 00 01 00 00 00 h...............
000000000270fd34 d0 92 be 01 00 00 00 00 - 00 00 00 00 56 00 56 00 ............V.V.
000000000270fd44 a8 31 4a 16 00 00 00 00 - 00 e0 fd 7f 00 a0 fa 7f .1J.............
000000000270fd54 6d a2 00 00 00 00 00 00 - 0c fd 70 02 98 fd 70 02 m.........p...p.
000000000270fd64 02 00 00 00 00 fd 70 02 - 8c fd 70 02 44 ff 70 02 ......p...p.D.p.
000000000270fd74 a8 9a 83 7c d8 95 80 7c - 00 00 00 00 dc fd 70 02 ...|...|......p.
000000000270fd84 f9 95 39 7e 02 00 00 00 - a8 fd 70 02 00 00 00 00 ..9~......p.....
000000000270fd94 ff ff ff ff 01 00 00 00 - 00 00 00 00 9b 92 39 7e ..............9~
000000000270fda4 01 00 00 00 84 04 00 00 - dc 04 00 00 63 ae 4b 16 ............c.K.
000000000270fdb4 00 00 00 00 00 00 00 00 - 00 00 00 00 30 43 94 00 ............0C..
000000000270fdc4 04 00 00 00 00 00 00 00 - 00 00 00 00 01 00 00 00 ................
000000000270fdd4 00 a0 fa 7f dc 04 00 00 - 50 ff 70 02 ea 9b 4a 16 ........P.p...J.
000000000270fde4 01 00 00 00 2c fe 70 02 - ff ff ff ff 00 01 00 00 ....,.p.........
000000000270fdf4 a8 fd 70 02 2a e6 70 02 - 00 00 00 00 00 00 00 00 ..p.*.p.........
000000000270fe04 00 00 00 00 fc ff dd 00 - 23 00 00 00 59 06 81 7c ........#...Y..|
000000000270fe14 1b 00 00 00 00 02 00 00 - fc ff 39 02 23 00 00 00 ..........9.#...

*----> Vidage de l'état de la thread 0x898 <----*

eax=00000000 ebx=00000000 ecx=01c045b8 edx=000c4ed4 esi=000ab7b8 edi=000ab85c
eip=7c91eb94 esp=0268fe1c ebp=0268ff80 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e

*----> Suivi arrière de la pile <----*
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\RPCRT4.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr Args to Child
0268ff80 77e56c2b 0268ffa8 77e56a4d 000ab7b8 ntdll!KiFastSystemCallRet
0268ff88 77e56a4d 000ab7b8 7c9206eb 000c82f0 RPCRT4!I_RpcBCacheFree+0x5e3
0268ffa8 77e56c13 000ab670 0268ffec 7c80b683 RPCRT4!I_RpcBCacheFree+0x405
0268ffb4 7c80b683 01c045b8 7c9206eb 000c82f0 RPCRT4!I_RpcBCacheFree+0x5cb
0268ffec 00000000 77e56bf9 01c045b8 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Vidage brut de la pile <----*
000000000268fe1c 99 e3 91 7c 13 67 e5 77 - 8c 02 00 00 70 ff 68 02 ...|.g.w....p.h.
000000000268fe2c 00 00 00 00 28 38 c8 01 - 4c ff 68 02 00 00 00 00 ....(8..L.h.....
000000000268fe3c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268fe4c 00 00 00 00 02 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268fe5c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268fe6c 12 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268fe7c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268fe8c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268fe9c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268feac 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268febc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268fecc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268fedc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268feec 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268fefc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000268ff0c 00 00 00 00 00 00 00 00 - fc 56 3c 86 24 cc 82 b9 .........V<.$...
000000000268ff1c b2 c2 4d 80 ba c2 4d 80 - cc 56 3c 86 60 55 3c 86 ..M...M..V<.`U<.
000000000268ff2c 94 55 3c 86 80 ff 68 02 - a9 66 e5 77 4c ff 68 02 .U<...h..f.wL.h.
000000000268ff3c b9 66 e5 77 ed 10 91 7c - d8 e6 0c 00 b8 45 c0 01 .f.w...|.....E..
000000000268ff4c 00 a2 2f 4d ff ff ff ff - 00 5d 1e ee ff ff ff ff ../M.....]......

*----> Vidage de l'état de la thread 0xd5c <----*

eax=72c730e8 ebx=0186fef8 ecx=00000050 edx=01bf9810 esi=00000000 edi=7ffde000
eip=7c91eb94 esp=0186fed0 ebp=0186ff6c iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

fonction : ntdll!KiFastSystemCallRet
7c91eb89 90 nop
7c91eb8a 90 nop
ntdll!KiFastSystemCall:
7c91eb8b 8bd4 mov edx,esp
7c91eb8d 0f34 sysenter
7c91eb8f 90 nop
7c91eb90 90 nop
7c91eb91 90 nop
7c91eb92 90 nop
7c91eb93 90 nop
ntdll!KiFastSystemCallRet:
7c91eb94 c3 ret
7c91eb95 8da42400000000 lea esp,[esp]
7c91eb9c 8d642400 lea esp,[esp]
7c91eba0 90 nop
7c91eba1 90 nop
7c91eba2 90 nop
7c91eba3 90 nop
7c91eba4 90 nop
ntdll!KiIntSystemCall:
7c91eba5 8d542408 lea edx,[esp+0x8]
7c91eba9 cd2e int 2e

*----> Suivi arrière de la pile <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\wdmaud.drv -
ChildEBP RetAddr Args to Child
0186ff6c 7c80a075 00000002 0186ffa4 00000000 ntdll!KiFastSystemCallRet
0186ff88 72c7312a 00000002 0186ffa4 00000000 kernel32!WaitForMultipleObjects+0x18
0186ffb4 7c80b683 00000000 00090248 00090000 wdmaud!midMessage+0x348
0186ffec 00000000 72c730e8 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Vidage brut de la pile <----*
000000000186fed0 ab e9 91 7c e2 94 80 7c - 02 00 00 00 f8 fe 86 01 ...|...|........
000000000186fee0 01 00 00 00 00 00 00 00 - 00 00 00 00 48 02 09 00 ............H...
000000000186fef0 00 00 00 00 00 00 00 00 - 08 06 00 00 f0 05 00 00 ................
000000000186ff00 7c 16 56 80 90 3f 3e 86 - fc db 66 b7 82 41 4e 80 |.V..?>...f..AN.
000000000186ff10 7c 16 56 80 bc 11 32 86 - 14 00 00 00 01 00 00 00 |.V...2.........
000000000186ff20 10 00 bf 01 00 00 00 00 - 00 00 00 00 54 10 32 86 ............T.2.
000000000186ff30 00 00 00 00 c6 c8 57 80 - 00 e0 fd 7f 00 b0 fd 7f ......W.........
000000000186ff40 00 b0 fd 7f 00 00 00 00 - f8 fe 86 01 00 00 00 00 ................
000000000186ff50 02 00 00 00 ec fe 86 01 - 00 00 00 00 dc ff 86 01 ................
000000000186ff60 a8 9a 83 7c d8 95 80 7c - 00 00 00 00 88 ff 86 01 ...|...|........
000000000186ff70 75 a0 80 7c 02 00 00 00 - a4 ff 86 01 00 00 00 00 u..|............
000000000186ff80 ff ff ff ff 00 00 00 00 - b4 ff 86 01 2a 31 c7 72 ............*1.r
000000000186ff90 02 00 00 00 a4 ff 86 01 - 00 00 00 00 ff ff ff ff ................
000000000186ffa0 00 00 09 00 08 06 00 00 - f0 05 00 00 00 00 00 00 ................
000000000186ffb0 dc e2 91 7c ec ff 86 01 - 83 b6 80 7c 00 00 00 00 ...|.......|....
000000000186ffc0 48 02 09 00 00 00 09 00 - 00 00 00 00 00 b0 fd 7f H...............
000000000186ffd0 00 06 fc 86 c0 ff 86 01 - 10 b8 39 86 ff ff ff ff ..........9.....
000000000186ffe0 a8 9a 83 7c 90 b6 80 7c - 00 00 00 00 00 00 00 00 ...|...|........
000000000186fff0 00 00 00 00 e8 30 c7 72 - 00 00 00 00 00 00 00 00 .....0.r........
0000000001870000 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

*----> Vidage de l'état de la thread 0xb08 <----*

eax=75140000 ebx=00000634 ecx=000009ad edx=76336020 esi=027bff98 edi=7e3ae002
eip=7c91eb94 esp=027bff54 ebp=027bff78 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

fonction : ntdll!KiFastSystemCallRet

Publicité

repie65

bonsoir
ya quelque temps j'ai eu le meme genre de soucis avec explorer(je me souvien plus du message d'erreur),voila la soluce qu'on ma donné:

Menu Démarrer / executer / tapes : regsvr32 -u shmedia.dll

si ca peu t'aider!

Wolfman

Modérateur
Lobo'tomizado

Pas de logs hijackthis.

FORUM HardWare.fr

Windows & Software

Win NT/2K/XP

explorer.exe a rencontré une erreur et doit fermer

Sujets relatifs
Message d'erreur Micrsoft	Erreur avec winload.exe
erreur au demarrage	Probleme pour eteindre/fermer une session sur vista
probleme erreur disque vista	Problème sur serveur FTP filezilla erreur 425
Windows efface mes cookies d'explorer au demarrage	erreur efbelljd.dll au démarrage / fermeture automatique des fenetres
windows update erreur 0x80200011 [résolu]	Aidez moi svp, Erreur 80072F78 impossible à corriger que faire ?
Plus de sujets relatifs à : explorer.exe a rencontré une erreur et doit fermer

Page générée en 0.077 secondes