lordapofis Posted September 15, 2010 Share Posted September 15, 2010 There were two logs. First one follows and second is attached. -- LOG START -- Microsoft ® DrWtsn32 Copyright © 1985-2001 Microsoft Corp. Reservados todos los derechos. Excepci?n de aplicaci?n ocurrida: Aplicaci?n: C:\Archivos de programa\Defraggler\Defraggler.exe (pid=724) Fecha y hora: 15/09/2010 a las 09:49:15.359 N?mero de excepci?n: c0000005 (infracci?n de acceso) *----> Informaci?n del sistema <----* Nombre de equipo: LoRDaPC Nombre de usuario: LoRDa Id. de sesi?n de terminal: 0 N?mero de procesadores: 2 Tipo de procesador: x86 Family 6 Model 23 Stepping 6 Versi?n de Windows : 5.1 Versi?n actual: 2600 Service Pack: 3 Tipo actual: Multiprocessor Free Organizaci?n registrada: Windows uE Propietario registrado: WinuE *----> Lista de tareas <----* 0 System Process 4 System 956 smss.exe 1020 csrss.exe 1056 winlogon.exe 1108 services.exe 1120 lsass.exe 1288 nvsvc32.exe 1396 svchost.exe 1448 svchost.exe 1600 svchost.exe 1652 svchost.exe 1700 svchost.exe 1812 svchost.exe 1860 spoolsv.exe 1968 svchost.exe 2016 Error 0xD0000022 2036 svchost.exe 196 jqs.exe 252 svchost.exe 304 WasherSvc.exe 764 Explorer.EXE 908 Error 0xD0000022 876 Core Temp.exe 2144 wmiapsrv.exe 2880 alg.exe 724 Defraggler.exe 3452 uTorrent.exe 2924 wmplayer.exe 3772 drwtsn32.exe *----> Lista de m?dulos <----* (0000000000390000 - 0000000000399000: C:\WINDOWS\system32\Normaliz.dll (0000000000400000 - 00000000005d9000: C:\Archivos de programa\Defraggler\Defraggler.exe (000000003fa00000 - 000000003fae6000: C:\WINDOWS\system32\WININET.dll (00000000400a0000 - 0000000040288000: C:\WINDOWS\system32\iertutil.dll (0000000044430000 - 0000000044563000: C:\WINDOWS\system32\urlmon.dll (00000000597f0000 - 0000000059845000: C:\WINDOWS\system32\NETAPI32.dll (000000005b150000 - 000000005b188000: C:\WINDOWS\system32\UXTHEME.DLL (0000000075160000 - 000000007518e000: C:\WINDOWS\system32\msctfime.ime (0000000076330000 - 0000000076335000: C:\WINDOWS\system32\MSIMG32.dll (0000000076340000 - 000000007635d000: C:\WINDOWS\system32\IMM32.DLL (0000000076360000 - 00000000763aa000: C:\WINDOWS\system32\COMDLG32.dll (00000000765b0000 - 00000000765cd000: C:\WINDOWS\System32\CSCDLL.dll (0000000076630000 - 00000000766e5000: C:\WINDOWS\system32\USERENV.dll (0000000076890000 - 0000000076914000: C:\WINDOWS\system32\CRYPTUI.dll (0000000076bf0000 - 0000000076c1e000: C:\WINDOWS\system32\WINTRUST.dll (0000000076c50000 - 0000000076c78000: C:\WINDOWS\system32\IMAGEHLP.dll (0000000076f20000 - 0000000076f4d000: C:\WINDOWS\system32\WLDAP32.dll (0000000076f90000 - 000000007700f000: C:\WINDOWS\system32\CLBCATQ.DLL (0000000077010000 - 00000000770e0000: C:\WINDOWS\system32\COMRes.dll (00000000770f0000 - 000000007717b000: C:\WINDOWS\system32\OLEAUT32.dll (00000000773a0000 - 00000000774a3000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll (00000000774b0000 - 00000000775ed000: C:\WINDOWS\system32\ole32.dll (00000000778f0000 - 00000000779e7000: C:\WINDOWS\system32\SETUPAPI.dll (00000000779f0000 - 0000000077a45000: C:\WINDOWS\System32\cscui.dll (0000000077a50000 - 0000000077ae6000: C:\WINDOWS\system32\CRYPT32.dll (0000000077af0000 - 0000000077b02000: C:\WINDOWS\system32\MSASN1.dll (0000000077b10000 - 0000000077b32000: C:\WINDOWS\system32\appHelp.dll (0000000077bd0000 - 0000000077bd8000: C:\WINDOWS\system32\VERSION.dll (0000000077be0000 - 0000000077c38000: C:\WINDOWS\system32\msvcrt.dll (0000000077da0000 - 0000000077e4c000: C:\WINDOWS\system32\ADVAPI32.dll (0000000077e50000 - 0000000077ee2000: C:\WINDOWS\system32\RPCRT4.dll (0000000077ef0000 - 0000000077f39000: C:\WINDOWS\system32\GDI32.dll (0000000077f40000 - 0000000077fb6000: C:\WINDOWS\system32\SHLWAPI.dll (0000000077fc0000 - 0000000077fd1000: C:\WINDOWS\system32\Secur32.dll (000000007c800000 - 000000007c903000: C:\WINDOWS\system32\kernel32.dll (000000007c910000 - 000000007c9c8000: C:\WINDOWS\system32\ntdll.dll (000000007e210000 - 000000007e381000: C:\WINDOWS\system32\shdocvw.dll (000000007e390000 - 000000007e421000: C:\WINDOWS\system32\USER32.dll (000000007e6a0000 - 000000007eec1000: C:\WINDOWS\system32\SHELL32.dll *----> Estado para identificador de subproceso 0xca4 <----* eax=07f10000 ebx=00000001 ecx=0012debc edx=00001000 esi=0012eb38 edi=0012eb1c eip=7c91e514 esp=0012eabc ebp=0012ead8 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ntdll.dll - funci?n: ntdll!KiFastSystemCallRet 7c91e4fa e829000000 call ntdll!RtlRaiseException (7c91e528) 7c91e4ff 8b0424 mov eax,[esp] 7c91e502 8be5 mov esp,ebp 7c91e504 5d pop ebp 7c91e505 c3 ret 7c91e506 8da42400000000 lea esp,[esp] 7c91e50d 8d4900 lea ecx,[ecx] ntdll!KiFastSystemCall: 7c91e510 8bd4 mov edx,esp 7c91e512 0f34 sysenter ntdll!KiFastSystemCallRet: 7c91e514 c3 ret 7c91e515 8da42400000000 lea esp,[esp] 7c91e51c 8d642400 lea esp,[esp] ntdll!KiIntSystemCall: 7c91e520 8d542408 lea edx,[esp+0x8] 7c91e524 cd2e int 2e 7c91e526 c3 ret 7c91e527 90 nop ntdll!RtlRaiseException: 7c91e528 55 push ebp 7c91e529 8bec mov ebp,esp *----> Seguimiento regresivo de pila <----* *** ERROR: Module load completed but symbols could not be loaded for C:\Archivos de programa\Defraggler\Defraggler.exe WARNING: Stack unwind information not available. Following frames may be wrong. *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll - ChildEBP RetAddr Args to Child 0012ead8 004b01ac 0012eb38 00000000 00000000 ntdll!KiFastSystemCallRet 0012eafc 004abddb ee1c2c29 0012fd00 00f64b88 Defraggler+0xb01ac 0012fc70 004ac32b 00000001 ee1c3809 00000a28 Defraggler+0xabddb 0012ff28 004d107f 00400000 00000000 00020738 Defraggler+0xac32b 0012ffc0 7c817077 80000001 01dbe0c4 7ffdc000 Defraggler+0xd107f 0012fff0 00000000 004d10e8 00000000 78746341 kernel32!RegisterWaitForInputIdle+0x49 *----> Muestra de pilas sin procesar <----* 000000000012eabc be 91 39 7e f1 91 39 7e - 38 eb 12 00 00 00 00 00 ..9~..9~8....... 000000000012eacc 00 00 00 00 00 00 00 00 - 38 eb 12 00 fc ea 12 00 ........8....... 000000000012eadc ac 01 4b 00 38 eb 12 00 - 00 00 00 00 00 00 00 00 ..K.8........... 000000000012eaec 00 00 00 00 60 eb 12 00 - 00 00 00 00 00 00 00 00 ....`........... 000000000012eafc 70 fc 12 00 db bd 4a 00 - 29 2c 1c ee 00 fd 12 00 p.....J.),...... 000000000012eb0c 88 4b f6 00 00 00 00 00 - 00 eb 12 00 1c eb 12 00 .K.............. 000000000012eb1c e8 2e 55 00 38 83 f6 00 - 01 00 00 00 02 00 00 00 ..U.8........... 000000000012eb2c 88 7f f6 00 01 00 00 00 - 02 00 00 00 f0 01 01 00 ................ 000000000012eb3c 00 02 00 00 00 00 00 00 - 56 03 3c 01 ed 59 7f 00 ........V.<..Y.. 000000000012eb4c 5f 03 00 00 91 02 00 00 - 00 00 00 00 2c eb 12 00 _...........,... 000000000012eb5c 43 00 3a 00 dc 08 55 00 - c4 01 01 00 60 eb 12 00 C.:...U.....`... 000000000012eb6c a4 0c 00 00 00 00 00 00 - 80 97 15 00 00 00 00 00 ................ 000000000012eb7c 00 00 00 00 20 8d 3a 7e - 00 00 00 00 c8 01 01 00 .... .:~........ 000000000012eb8c ce 01 01 00 a7 01 09 00 - f0 08 55 00 f8 08 55 00 ..........U...U. 000000000012eb9c 00 09 55 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ..U............. 000000000012ebac 28 f9 54 00 d0 4e f6 00 - 01 00 00 00 2d 00 43 00 (.T..N......-.C. 000000000012ebbc 70 4f f6 00 13 00 00 00 - 00 00 6c 00 73 00 5f 00 pO........l.s._. 000000000012ebcc 00 00 35 00 00 00 00 00 - 00 00 00 00 b4 08 55 00 ..5...........U. 000000000012ebdc ce 01 01 00 d8 eb 12 00 - a4 0c 00 00 00 00 00 00 ................ 000000000012ebec 98 0c 16 00 00 00 00 00 - 00 00 00 00 20 8d 3a 7e ............ .:~ *----> Estado para identificador de subproceso 0xcbc <----* eax=0116feb4 ebx=00f64c00 ecx=0116fecc edx=0116fe88 esi=000000ac edi=00000000 eip=7c91e514 esp=0116febc ebp=0116ff20 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 funci?n: ntdll!KiFastSystemCallRet 7c91e4fa e829000000 call ntdll!RtlRaiseException (7c91e528) 7c91e4ff 8b0424 mov eax,[esp] 7c91e502 8be5 mov esp,ebp 7c91e504 5d pop ebp 7c91e505 c3 ret 7c91e506 8da42400000000 lea esp,[esp] 7c91e50d 8d4900 lea ecx,[ecx] ntdll!KiFastSystemCall: 7c91e510 8bd4 mov edx,esp 7c91e512 0f34 sysenter ntdll!KiFastSystemCallRet: 7c91e514 c3 ret 7c91e515 8da42400000000 lea esp,[esp] 7c91e51c 8d642400 lea esp,[esp] ntdll!KiIntSystemCall: 7c91e520 8d542408 lea edx,[esp+0x8] 7c91e524 cd2e int 2e 7c91e526 c3 ret 7c91e527 90 nop ntdll!RtlRaiseException: 7c91e528 55 push ebp 7c91e529 8bec mov ebp,esp *----> Seguimiento regresivo de pila <----* WARNING: Stack unwind information not available. Following frames may be wrong. ChildEBP RetAddr Args to Child 0116ff20 7c802542 000000ac ffffffff 00000000 ntdll!KiFastSystemCallRet 0116ff34 00516940 000000ac ffffffff ef183869 kernel32!WaitForSingleObject+0x12 0116ff64 004c4cdb 00000000 00f64c00 0116ffac Defraggler+0x116940 0116ff74 004cf70a 0012fbfc ef18388d 00000000 Defraggler+0xc4cdb 0116ffac 004cf7af 001a0018 7c80b729 00f64c00 Defraggler+0xcf70a 0116ffec 00000000 004cf730 00f64c00 00000000 Defraggler+0xcf7af *----> Muestra de pilas sin procesar <----* 000000000116febc 5a df 91 7c db 25 80 7c - ac 00 00 00 00 00 00 00 Z..|.%.|........ 000000000116fecc 00 00 00 00 90 4b f6 00 - 90 4b f6 00 00 4c f6 00 .....K...K...L.. 000000000116fedc 14 00 00 00 01 00 00 00 - 00 00 00 00 00 00 00 00 ................ 000000000116feec 10 00 00 00 a0 4c 4c 00 - b8 4b f6 00 00 c0 fd 7f .....LL..K...... 000000000116fefc 00 a0 fd 7f 00 00 00 00 - 28 9c 05 b4 d0 fe 16 01 ........(....... 000000000116ff0c 27 24 70 80 54 ff 16 01 - d8 9a 83 7c 08 26 80 7c '$p.T......|.&.| 000000000116ff1c 00 00 00 00 34 ff 16 01 - 42 25 80 7c ac 00 00 00 ....4...B%.|.... 000000000116ff2c ff ff ff ff 00 00 00 00 - 64 ff 16 01 40 69 51 00 ........d...@iQ. 000000000116ff3c ac 00 00 00 ff ff ff ff - 69 38 18 ef e0 68 51 00 ........i8...hQ. 000000000116ff4c ac 00 00 00 1a dc 91 7c - 9c ff 16 01 b8 69 52 00 .......|.....iR. 000000000116ff5c 00 00 00 00 74 ff 16 01 - 74 ff 16 01 db 4c 4c 00 ....t...t....LL. 000000000116ff6c 00 00 00 00 00 4c f6 00 - ac ff 16 01 0a f7 4c 00 .....L........L. 000000000116ff7c fc fb 12 00 8d 38 18 ef - 00 00 00 00 00 4c f6 00 .....8.......L.. 000000000116ff8c 00 4c f6 00 80 ff 16 01 - 80 ff 16 01 dc ff 16 01 .L.............. 000000000116ff9c dc ff 16 01 70 1e 4d 00 - c1 39 5b ee 00 00 00 00 ....p.M..9[..... 000000000116ffac ec ff 16 01 af f7 4c 00 - 18 00 1a 00 29 b7 80 7c ......L.....)..| 000000000116ffbc 00 4c f6 00 00 00 00 00 - 18 00 1a 00 00 4c f6 00 .L...........L.. 000000000116ffcc 00 a0 fd 7f 00 26 3b 8a - c0 ff 16 01 78 9e 05 8a .....&;.....x... 000000000116ffdc ff ff ff ff d8 9a 83 7c - 30 b7 80 7c 00 00 00 00 .......|0..|.... 000000000116ffec 00 00 00 00 00 00 00 00 - 30 f7 4c 00 00 4c f6 00 ........0.L..L.. *----> Estado para identificador de subproceso 0xc94 <----* eax=21d5e73a ebx=0126fb90 ecx=00000000 edx=7c91e514 esi=00000000 edi=7ffdc000 eip=7c91e514 esp=0126fb68 ebp=0126fc04 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 funci?n: ntdll!KiFastSystemCallRet 7c91e4fa e829000000 call ntdll!RtlRaiseException (7c91e528) 7c91e4ff 8b0424 mov eax,[esp] 7c91e502 8be5 mov esp,ebp 7c91e504 5d pop ebp 7c91e505 c3 ret 7c91e506 8da42400000000 lea esp,[esp] 7c91e50d 8d4900 lea ecx,[ecx] ntdll!KiFastSystemCall: 7c91e510 8bd4 mov edx,esp 7c91e512 0f34 sysenter ntdll!KiFastSystemCallRet: 7c91e514 c3 ret 7c91e515 8da42400000000 lea esp,[esp] 7c91e51c 8d642400 lea esp,[esp] ntdll!KiIntSystemCall: 7c91e520 8d542408 lea edx,[esp+0x8] 7c91e524 cd2e int 2e 7c91e526 c3 ret 7c91e527 90 nop ntdll!RtlRaiseException: 7c91e528 55 push ebp 7c91e529 8bec mov ebp,esp *----> Seguimiento regresivo de pila <----* WARNING: Stack unwind information not available. Following frames may be wrong. ChildEBP RetAddr Args to Child 0126fc04 7c80a115 00000003 0126fc48 00000000 ntdll!KiFastSystemCallRet 0126fc20 0048be55 00000003 0126fc48 00000000 kernel32!WaitForMultipleObjects+0x18 0126ff4c 0048af48 ef283855 00000266 00f80d38 Defraggler+0x8be55 0126ff74 004cf70a 0012eef4 ef28388d 00000266 Defraggler+0x8af48 0126ffac 004cf7af 7c920222 7c80b729 00f80d38 Defraggler+0xcf70a 0126ffec 00000000 004cf730 00f80d38 00000000 Defraggler+0xcf7af *----> Muestra de pilas sin procesar <----* 000000000126fb68 4a df 91 7c 90 95 80 7c - 03 00 00 00 90 fb 26 01 J..|...|......&. 000000000126fb78 01 00 00 00 00 00 00 00 - 00 00 00 00 03 00 00 00 ................ 000000000126fb88 f4 ee 12 00 14 20 55 00 - c4 00 00 00 c8 00 00 00 ..... U......... 000000000126fb98 b4 00 00 00 b0 00 00 00 - b8 00 00 00 bc 00 00 00 ................ 000000000126fba8 58 f9 c5 72 73 11 00 00 - 14 00 00 00 01 00 00 00 X..rs........... 000000000126fbb8 00 00 00 00 00 00 00 00 - 10 00 00 00 01 fb 26 01 ..............&. 000000000126fbc8 00 00 00 00 ec fb 26 01 - 00 c0 fd 7f 00 90 fd 7f ......&......... 000000000126fbd8 e7 8f 39 7e 00 00 00 00 - 90 fb 26 01 c0 ef 12 00 ..9~......&..... 000000000126fbe8 03 00 00 00 84 fb 26 01 - 20 39 f3 9e 68 ff 26 01 ......&. 9..h.&. 000000000126fbf8 d8 9a 83 7c 80 96 80 7c - 00 00 00 00 20 fc 26 01 ...|...|.... .&. 000000000126fc08 15 a1 80 7c 03 00 00 00 - 48 fc 26 01 00 00 00 00 ...|....H.&..... 000000000126fc18 ff ff ff ff 00 00 00 00 - 4c ff 26 01 55 be 48 00 ........L.&.U.H. 000000000126fc28 03 00 00 00 48 fc 26 01 - 00 00 00 00 ff ff ff ff ....H.&......... 000000000126fc38 66 02 00 00 38 0d f8 00 - 38 0d f8 00 b7 b1 92 7c f...8...8......| 000000000126fc48 c4 00 00 00 c8 00 00 00 - b4 00 00 00 ff ff ff ff ................ 000000000126fc58 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ 000000000126fc68 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ 000000000126fc78 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ 000000000126fc88 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ 000000000126fc98 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ *----> Estado para identificador de subproceso 0xd14 <----* eax=015af630 ebx=015afb90 ecx=01aa8320 edx=00ec1adc esi=00000000 edi=7ffdc000 eip=7c91e514 esp=015afb68 ebp=015afc04 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 funci?n: ntdll!KiFastSystemCallRet 7c91e4fa e829000000 call ntdll!RtlRaiseException (7c91e528) 7c91e4ff 8b0424 mov eax,[esp] 7c91e502 8be5 mov esp,ebp 7c91e504 5d pop ebp 7c91e505 c3 ret 7c91e506 8da42400000000 lea esp,[esp] 7c91e50d 8d4900 lea ecx,[ecx] ntdll!KiFastSystemCall: 7c91e510 8bd4 mov edx,esp 7c91e512 0f34 sysenter ntdll!KiFastSystemCallRet: 7c91e514 c3 ret 7c91e515 8da42400000000 lea esp,[esp] 7c91e51c 8d642400 lea esp,[esp] ntdll!KiIntSystemCall: 7c91e520 8d542408 lea edx,[esp+0x8] 7c91e524 cd2e int 2e 7c91e526 c3 ret 7c91e527 90 nop ntdll!RtlRaiseException: 7c91e528 55 push ebp 7c91e529 8bec mov ebp,esp *----> Seguimiento regresivo de pila <----* WARNING: Stack unwind information not available. Following frames may be wrong. ChildEBP RetAddr Args to Child 015afc04 7c80a115 00000003 015afc48 00000000 ntdll!KiFastSystemCallRet 015afc20 0048be55 00000003 015afc48 00000000 kernel32!WaitForMultipleObjects+0x18 015aff4c 0048af48 ef543855 004d9ef4 00f689b8 Defraggler+0x8be55 015aff74 004cf70a 00f68470 ef54388d 004d9ef4 Defraggler+0x8af48 015affac 004cf7af 00000011 7c80b729 00f689b8 Defraggler+0xcf70a 015affec 00000000 004cf730 00f689b8 00000000 Defraggler+0xcf7af *----> Muestra de pilas sin procesar <----* 00000000015afb68 4a df 91 7c 90 95 80 7c - 03 00 00 00 90 fb 5a 01 J..|...|......Z. 00000000015afb78 01 00 00 00 00 00 00 00 - 00 00 00 00 03 00 00 00 ................ 00000000015afb88 70 84 f6 00 44 1e 55 00 - c4 01 00 00 c8 01 00 00 p...D.U......... 00000000015afb98 bc 01 00 00 81 3c 54 ef - 03 00 00 00 70 84 f6 00 .....<T.....p... 00000000015afba8 44 1e 55 00 00 c0 fd 7f - 14 00 00 00 01 00 00 00 D.U............. 00000000015afbb8 00 00 00 00 00 00 00 00 - 10 00 00 00 08 89 f6 00 ................ 00000000015afbc8 00 00 00 00 ec fb 5a 01 - 00 c0 fd 7f 00 80 fd 7f ......Z......... 00000000015afbd8 ff ff ff ff 00 00 00 00 - 90 fb 5a 01 a8 df 12 00 ..........Z..... 00000000015afbe8 03 00 00 00 84 fb 5a 01 - 95 85 93 7c 68 ff 5a 01 ......Z....|h.Z. 00000000015afbf8 d8 9a 83 7c 80 96 80 7c - 00 00 00 00 20 fc 5a 01 ...|...|.... .Z. 00000000015afc08 15 a1 80 7c 03 00 00 00 - 48 fc 5a 01 00 00 00 00 ...|....H.Z..... 00000000015afc18 ff ff ff ff 00 00 00 00 - 4c ff 5a 01 55 be 48 00 ........L.Z.U.H. 00000000015afc28 03 00 00 00 48 fc 5a 01 - 00 00 00 00 ff ff ff ff ....H.Z......... 00000000015afc38 f4 9e 4d 00 b8 89 f6 00 - b8 89 f6 00 b7 b1 92 7c ..M............| 00000000015afc48 c4 01 00 00 c8 01 00 00 - bc 01 00 00 ff ff ff ff ................ 00000000015afc58 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ 00000000015afc68 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ 00000000015afc78 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ 00000000015afc88 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ 00000000015afc98 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ *----> Estado para identificador de subproceso 0xa64 <----* eax=016af804 ebx=016afb90 ecx=00f66c38 edx=00f68354 esi=00000000 edi=7ffdc000 eip=7c91e514 esp=016afb68 ebp=016afc04 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 funci?n: ntdll!KiFastSystemCallRet 7c91e4fa e829000000 call ntdll!RtlRaiseException (7c91e528) 7c91e4ff 8b0424 mov eax,[esp] 7c91e502 8be5 mov esp,ebp 7c91e504 5d pop ebp 7c91e505 c3 ret 7c91e506 8da42400000000 lea esp,[esp] 7c91e50d 8d4900 lea ecx,[ecx] ntdll!KiFastSystemCall: 7c91e510 8bd4 mov edx,esp 7c91e512 0f34 sysenter ntdll!KiFastSystemCallRet: 7c91e514 c3 ret 7c91e515 8da42400000000 lea esp,[esp] 7c91e51c 8d642400 lea esp,[esp] ntdll!KiIntSystemCall: 7c91e520 8d542408 lea edx,[esp+0x8] 7c91e524 cd2e int 2e 7c91e526 c3 ret 7c91e527 90 nop ntdll!RtlRaiseException: 7c91e528 55 push ebp 7c91e529 8bec mov ebp,esp *----> Seguimiento regresivo de pila <----* WARNING: Stack unwind information not available. Following frames may be wrong. ChildEBP RetAddr Args to Child 016afc04 7c80a115 00000005 016afc48 00000000 ntdll!KiFastSystemCallRet 016afc20 0048be55 00000005 016afc48 00000000 kernel32!WaitForMultipleObjects+0x18 016aff4c 0048af48 ef643855 004d9ef4 00f68ce8 Defraggler+0x8be55 016aff74 004cf70a 00f68520 ef64388d 004d9ef4 Defraggler+0x8af48 016affac 004cf7af 00000011 7c80b729 00f68ce8 Defraggler+0xcf70a 016affec 00000000 004cf730 00f68ce8 00000000 Defraggler+0xcf7af *----> Muestra de pilas sin procesar <----* 00000000016afb68 4a df 91 7c 90 95 80 7c - 05 00 00 00 90 fb 6a 01 J..|...|......j. 00000000016afb78 01 00 00 00 00 00 00 00 - 00 00 00 00 05 00 00 00 ................ 00000000016afb88 20 85 f6 00 44 1e 55 00 - d8 01 00 00 dc 01 00 00 ...D.U......... 00000000016afb98 d0 01 00 00 24 02 00 00 - 5c 02 00 00 20 85 f6 00 ....$...\... ... 00000000016afba8 44 1e 55 00 00 c0 01 00 - 14 00 00 00 01 00 00 00 D.U............. 00000000016afbb8 00 00 00 00 00 00 00 00 - 10 00 00 00 20 8c f6 00 ............ ... 00000000016afbc8 01 00 00 00 ec fb 6a 01 - 00 c0 fd 7f 00 70 fd 7f ......j......p.. 00000000016afbd8 01 00 00 00 00 00 00 00 - 90 fb 6a 01 03 00 00 00 ..........j..... 00000000016afbe8 05 00 00 00 84 fb 6a 01 - b0 f9 4b 00 68 ff 6a 01 ......j...K.h.j. 00000000016afbf8 d8 9a 83 7c 80 96 80 7c - 00 00 00 00 20 fc 6a 01 ...|...|.... .j. 00000000016afc08 15 a1 80 7c 05 00 00 00 - 48 fc 6a 01 00 00 00 00 ...|....H.j..... 00000000016afc18 ff ff ff ff 00 00 00 00 - 4c ff 6a 01 55 be 48 00 ........L.j.U.H. 00000000016afc28 05 00 00 00 48 fc 6a 01 - 00 00 00 00 ff ff ff ff ....H.j......... 00000000016afc38 f4 9e 4d 00 e8 8c f6 00 - e8 8c f6 00 b7 b1 92 7c ..M............| 00000000016afc48 d8 01 00 00 dc 01 00 00 - d0 01 00 00 24 02 00 00 ............$... 00000000016afc58 5c 02 00 00 ff ff ff ff - ff ff ff ff ff ff ff ff \............... 00000000016afc68 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ 00000000016afc78 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ 00000000016afc88 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ 00000000016afc98 ff ff ff ff ff ff ff ff - ff ff ff ff ff ff ff ff ................ *----> Estado para identificador de subproceso 0xd18 <----* eax=058a2868 ebx=017af930 ecx=05583c17 edx=00630073 esi=05613758 edi=00c7f978 eip=00630077 esp=017af89c ebp=017af8c4 iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202 funci?n: <nosymbols> 0063005d 0001 add [ecx],al 0063005f 004009 add [eax+0x9],al 00630062 e3b9 jecxz 0063001d 00630064 c01aea rcr byte ptr [edx],0xea 00630067 e101 loope 0063006a 00630069 0001 add [ecx],al 0063006b 006869 add [eax+0x69],ch 0063006e a9e168fe82 test eax,0x82fe68e1 00630073 e103 loope 00630078 00630075 0001 add [ecx],al ERROR -> 00630077 00880ae3b9c0 add [eax+0xc0b9e30a],cl ds:0023:c6440b72=?? 0063007d 1aea sbb ch,dl 0063007f e101 loope 00630082 00630081 0001 add [ecx],al 00630083 0008 add [eax],cl 00630085 69a9e168fe82e1030001 imul ebp,[ecx+0x82fe68e1],0x10003e1 0063008f 00e8 add al,ch 00630091 06 push es 00630092 e5b9 in eax,b9 00630094 c01aea rcr byte ptr [edx],0xea 00630097 e101 loope 0063009a *----> Seguimiento regresivo de pila <----* WARNING: Stack unwind information not available. Following frames may be wrong. ChildEBP RetAddr Args to Child 017af8c4 00423422 07c6c3b8 ef743fd5 017afad0 0x630077 017af8f4 00430998 09a51a88 09a51a88 07c6c3b8 Defraggler+0x23422 017af914 004866e2 ef743e41 017afad0 07c6c3e8 Defraggler+0x30998 017af960 00487392 017af98c 07c6c3a8 05eb23b0 Defraggler+0x866e2 017af9a0 00488daf 017afa18 ef743e91 00f69510 Defraggler+0x87392 017afb08 00411922 017afbd0 ef743c39 06872bf0 Defraggler+0x88daf 017afb54 004870c7 ef743cb5 00f69510 00f69534 Defraggler+0x11922 017afb94 00486e99 ef743c81 00000004 00f69564 Defraggler+0x870c7 017afc1c 00486ddf 000001e4 017aff4c 0048be45 Defraggler+0x86e99 017afc28 0048be45 00000000 000001e4 0000000c Defraggler+0x86ddf 017aff4c 0048af48 ef743855 0000000c 00f6bb40 Defraggler+0x8be45 017aff74 004cf70a 00f69564 ef74388d 0000000c Defraggler+0x8af48 017affac 004cf7af 0000001c 7c80b729 00f6bb40 Defraggler+0xcf70a 017affec 00000000 004cf730 00f6bb40 00000000 Defraggler+0xcf7af *----> Muestra de pilas sin procesar <----* 00000000017af89c dd 16 40 00 78 f9 c7 00 - 80 f9 c7 00 e3 58 42 00 ..@.x........XB. 00000000017af8ac e5 3f 74 ef 80 f9 c7 00 - 80 f9 c7 00 e8 f8 7a 01 .?t...........z. 00000000017af8bc d1 8f 52 00 00 00 00 00 - f4 f8 7a 01 22 34 42 00 ..R.......z."4B. 00000000017af8cc b8 c3 c6 07 d5 3f 74 ef - d0 fa 7a 01 88 1a a5 09 .....?t...z..... 00000000017af8dc 30 f9 7a 01 78 f9 c7 00 - d0 f8 7a 01 54 f9 7a 01 0.z.x.....z.T.z. 00000000017af8ec 30 8d 52 00 00 00 00 00 - 14 f9 7a 01 98 09 43 00 0.R.......z...C. 00000000017af8fc 88 1a a5 09 88 1a a5 09 - b8 c3 c6 07 d0 fa 7a 01 ..............z. 00000000017af90c 08 a8 c6 07 60 f9 7a 01 - 60 f9 7a 01 e2 66 48 00 ....`.z.`.z..fH. 00000000017af91c 41 3e 74 ef d0 fa 7a 01 - e8 c3 c6 07 00 00 00 00 A>t...z......... 00000000017af92c 1c 00 00 00 b4 c8 5b 00 - 88 1a a5 09 00 00 00 00 ......[......... 00000000017af93c 7c 01 00 00 dd 16 40 00 - 00 00 00 00 08 a8 c6 07 |.....@......... 00000000017af94c b8 f2 f1 03 dd 16 40 00 - 94 f9 7a 01 99 f1 52 00 ......@...z...R. 00000000017af95c 03 00 00 00 a0 f9 7a 01 - 92 73 48 00 8c f9 7a 01 ......z..sH...z. 00000000017af96c a8 c3 c6 07 b0 23 eb 05 - 59 3e 74 ef 48 5c f8 00 .....#..Y>t.H\.. 00000000017af97c e8 c3 c6 07 00 c4 c6 07 - b4 23 eb 05 fc fa 7a 01 .........#....z. 00000000017af98c 6c f9 7a 01 ff ff ff ff - fc fa 7a 01 98 09 53 00 l.z.......z...S. 00000000017af99c ff ff ff ff 08 fb 7a 01 - af 8d 48 00 18 fa 7a 01 ......z...H...z. 00000000017af9ac 91 3e 74 ef 10 95 f6 00 - 34 95 f6 00 10 95 f6 00 .>t.....4....... 00000000017af9bc b4 f7 7a 01 00 00 15 00 - 48 fa 7a 01 20 e9 91 01 ..z.....H.z. ... 00000000017af9cc d0 08 00 00 b8 fa 7a 01 - 98 94 73 03 f3 e9 4c 00 ......z...s...L. *----> Estado para identificador de subproceso 0xcf4 <----* eax=03f26000 ebx=03880000 ecx=04080000 edx=00000003 esi=003e41f0 edi=03aeae90 eip=7c92aa27 esp=018af1c0 ebp=018af1d4 iopl=0 nv up ei pl nz na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000206 funci?n: ntdll!RtlReAllocateHeap 7c92aa0a f8 clc 7c92aa0b ffff ??? 7c92aa0d 8b4b24 mov ecx,[ebx+0x24] 7c92aa10 0fb717 movzx edx,word ptr [edi] 7c92aa13 897dfc mov [ebp-0x4],edi 7c92aa16 8d3cd7 lea edi,[edi+edx*8] 7c92aa19 3bf9 cmp edi,ecx 7c92aa1b 0f8382000000 jnb ntdll!RtlReAllocateHeap+0xf03 (7c92aaa3) 7c92aa21 66833f00 cmp word ptr [edi],0x0 7c92aa25 747c jz ntdll!RtlReAllocateHeap+0xf03 (7c92aaa3) 7c92aa27 f6470510 test byte ptr [edi+0x5],0x10 ds:0023:03aeae95=01 7c92aa2b 74e3 jz ntdll!RtlReAllocateHeap+0xe70 (7c92aa10) 7c92aa2d e9aff8ffff jmp ntdll!RtlReAllocateHeap+0x741 (7c92a2e1) 7c92aa32 8b7b20 mov edi,[ebx+0x20] 7c92aa35 ebcc jmp ntdll!RtlReAllocateHeap+0xe63 (7c92aa03) 7c92aa37 8b5014 mov edx,[eax+0x14] 7c92aa3a c1e203 shl edx,0x3 7c92aa3d 3bca cmp ecx,edx 7c92aa3f 0f8335f8ffff jnb ntdll!RtlReAllocateHeap+0x6da (7c92a27a) 7c92aa45 8b7d10 mov edi,[ebp+0x10] 7c92aa48 890f mov [edi],ecx *----> Seguimiento regresivo de pila <----* WARNING: Stack unwind information not available. Following frames may be wrong. ChildEBP RetAddr Args to Child 018af1d4 7c92a3dc 00f60000 03f26000 018af200 ntdll!RtlReAllocateHeap+0xe87 018af20c 7c921937 04f60000 00000018 0000000c ntdll!RtlReAllocateHeap+0x83c 018af43c 004ce9f3 00f60000 00000000 0000000c ntdll!RtlInitializeCriticalSection+0x31a 0000000c 00000000 00000000 00000000 00000000 Defraggler+0xce9f3 *----> Muestra de pilas sin procesar <----* 00000000018af1c0 00 00 f6 00 01 00 00 00 - 08 00 f6 00 30 00 88 03 ............0... 00000000018af1d0 78 ae ae 03 0c f2 8a 01 - dc a3 92 7c 00 00 f6 00 x..........|.... 00000000018af1e0 00 60 f2 03 00 f2 8a 01 - 00 60 f2 03 03 00 00 00 .`.......`...... 00000000018af1f0 68 01 f6 00 00 00 f6 00 - 08 f1 8a 01 a9 b2 92 7c h..............| 00000000018af200 00 20 00 00 00 00 88 03 - 68 01 f6 00 3c f4 8a 01 . ......h...<... 00000000018af210 37 19 92 7c 00 00 f6 04 - 18 00 00 00 0c 00 00 00 7..|............ 00000000018af220 00 00 00 00 c4 00 92 7c - f0 3f f1 03 00 00 f6 00 .......|.?...... 00000000018af230 f0 3f f1 03 08 00 f6 00 - 00 00 88 03 02 02 00 04 .?.............. 00000000018af240 74 f2 8a 01 78 f2 8a 01 - 00 00 f6 00 22 02 92 7c t...x......."..| 00000000018af250 03 00 00 00 18 07 f6 00 - 00 00 f6 00 00 00 00 00 ................ 00000000018af260 50 f2 8a 01 5d 00 92 7c - 94 f4 8a 01 20 e9 91 7c P...]..|.... ..| 00000000018af270 28 02 92 7c ff ff ff ff - a0 0f 00 00 86 10 92 7c (..|...........| 00000000018af280 db 01 92 7c 0c 00 00 00 - 00 00 00 00 c4 00 92 7c ...|...........| 00000000018af290 00 00 f6 00 22 02 92 7c - 03 00 00 00 18 07 f6 00 ...."..|........ 00000000018af2a0 08 50 f0 03 f0 36 56 06 - 00 00 3f 00 5d 00 92 7c .P...6V...?.]..| 00000000018af2b0 f8 1f ee 03 00 00 88 03 - 28 02 92 7c ff ff ff ff ........(..|.... 00000000018af2c0 22 02 92 7c 9b 01 92 7c - 78 01 f6 00 0c 00 00 00 "..|...|x....... 00000000018af2d0 00 00 00 00 c4 00 92 7c - 98 59 f0 03 28 f3 8a 01 .......|.Y..(... 00000000018af2e0 00 00 00 00 00 00 00 00 - 78 01 f6 00 90 01 f6 00 ........x....... 00000000018af2f0 00 00 00 00 38 a6 5c 03 - e0 4f f1 03 bf 31 4a 00 ....8.\..O...1J. exception.txt Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now