Esegui 
ho installato windows 2000, SP4 ma è praticamente impossibile usare internet explorer perché il programma si chiude quasi subito col solito messaggio "explorer.exe ha generato un errore...".
Ho 512 MB di ram, CPU intel da 2.4 GHz, scheda madre asus p4s8x.
Qualcuno sa aiutarmi?
Grazie!
Questo è il file log che viene generato:
Exception dell'applicazione:
App: iexplore.exe (pid=796)
Ora: 03/11/2003 @ 22:10:24.296
Numero exception: c0000005 (access violation)
*----> System Information <----*
Nome computer: HET5NGE8HPRFFJW
Nome utente: Administrator
Numero processori: 1
Tipo processore: x86 Family 15 Model 2 Stepping 4
Versione di Windows 2000: 5.0
Build corrente: 2195
Service Pack: 4
Tipo corrente: Uniprocessor Free
Organizzazione registrata:
Proprietario autorizzato: .
*----> Elenco Task <----*
0 Idle.exe
8 System.exe
160 SMSS.exe
184 CSRSS.exe
204 WINLOGON.exe
232 SERVICES.exe
244 LSASS.exe
420 svchost.exe
448 spoolsv.exe
476 CCEVTMGR.exe
572 svchost.exe
596 Navapsvc.exe
656 regsvc.exe
700 mstask.exe
772 WinMgmt.exe
816 svchost.exe
1116 rundll32.exe
1156 AsusProb.exe
1164 CCAPP.exe
1192 internat.exe
952 WZQKPICK.exe
312 Ymsgr_tray.exe
272 svchost.exe
796 IEXPLORE.exe
1216 DRWTSN32.exe
1308 explorer.exe
0 _Total.exe
(00400000 - 00412000)
(78460000 - 784E0000)
(79620000 - 796E0000)
(77E10000 - 77E75000)
(77F40000 - 77F7C000)
(77C70000 - 77CBA000)
(79260000 - 792C2000)
(77120000 - 77191000)
(79140000 - 79252000)
(77B50000 - 77BD9000)
(77590000 - 777DC000)
(77A50000 - 77B47000)
(6E380000 - 6E386000)
(75E30000 - 75E4A000)
(76DF0000 - 76EB7000)
(72C90000 - 72D16000)
(779B0000 - 77A4B000)
(78000000 - 78045000)
(76EC0000 - 76ECC000)
(76BE0000 - 76C55000)
(77850000 - 7788F000)
(770A0000 - 770C3000)
(10000000 - 10008000)
(00F80000 - 00F9C000)
(00FA0000 - 00FBA000)
(77820000 - 77827000)
(75980000 - 75986000)
(4B7C0000 - 4B821000)
(773C0000 - 773D5000)
(77F80000 - 77FF3000)
(76D70000 - 76DC6000)
(75D20000 - 75DA2000)
(75000000 - 75009000)
(74FE0000 - 74FF4000)
(74FD0000 - 74FD8000)
(74F80000 - 74F9E000)
(74FC0000 - 74FC7000)
(77840000 - 7784C000)
(77980000 - 779A4000)
(77320000 - 77333000)
(77500000 - 77505000)
(77300000 - 77317000)
(75100000 - 7510F000)
(75120000 - 7516F000)
(79340000 - 7934F000)
(75170000 - 75176000)
(77950000 - 7797B000)
(77390000 - 773BF000)
(77360000 - 77383000)
(77830000 - 7783E000)
(783C0000 - 78450000)
(79060000 - 790C3000)
(774C0000 - 774F3000)
(774A0000 - 774B1000)
(77510000 - 77532000)
(77340000 - 77359000)
(01170000 - 01374000)
(777E0000 - 777E8000)
(7CA00000 - 7CA23000)
(77420000 - 77498000)
(77410000 - 77420000)
(777F0000 - 777F5000)
(75AC0000 - 75D03000)
(01870000 - 0188B000)
(019A0000 - 019BE000)
(76900000 - 7692B000)
(77920000 - 77943000)
(01C10000 - 01C33000)
(759F0000 - 759FE000)
(75DB0000 - 75E27000)
(75A90000 - 75AB8000)
(77550000 - 77581000)
(77540000 - 77548000)
(773E0000 - 773E8000)
(773F0000 - 77403000)
(75D10000 - 75D16000)
(75A70000 - 75A78000)
(64920000 - 64938000)
(6E3F0000 - 6E3FA000)
Scarico dello stato per l'id del thread 0x4dc
eax=00000001 ebx=00000001 ecx=00000041 edx=00000000 esi=ffffffff edi=00000002
eip=01418d90 esp=0006d7a4 ebp=0006d7c8 iopl=0 nv up ei ng nz ac po cy
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000297
funzione: <nosymbols>
01418d75 0000 add [eax],al ds:00000001=??
01418d77 0000 add [eax],al ds:00000001=??
01418d79 0000 add [eax],al ds:00000001=??
01418d7b 009801000013 add [eax+0x13000001],bl ds:13000002=??
01418d81 0000 add [eax],al ds:00000001=??
01418d83 0070f5 add [eax+0xf5],dh ds:00a89ee7=??
01418d86 3e0100 add ds:[eax],eax ds:00000001=????????
01418d89 0000 add [eax],al ds:00000001=??
01418d8b 0000 add [eax],al ds:00000001=??
01418d8d 0000 add [eax],al ds:00000001=??
01418d8f 00d8 add al,bl
01418d91 61 popad
01418d92 b475 mov ah,0x75
01418d94 aa stosb es:00000002=??
01418d95 0000 add [eax],al ds:00000001=??
01418d97 0c90 or al,0x90
01418d99 83410100 add dword ptr [ecx+0x1],0x0 ds:00a89f27=????????
01418d9d 0000 add [eax],al ds:00000001=??
01418d9f 0030 add [eax],dh ds:00000001=??
01418da1 844101 test [ecx+0x1],al ds:00a89f27=??
01418da4 0000 add [eax],al ds:00000001=??
01418da6 0000 add [eax],al ds:00000001=??
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0006D7C8 75AC3AF5 0006D7EC 00000003 00000002 00000001 <nosymbols>
0006D7FC 75AC4180 0141EBA0 00000003 00000000 00000000 mshtml!<nosymbols>
0006D838 75ADAA0C 0141EBA0 00000001 00000000 013F1720 mshtml!<nosymbols>
0006D86C 75B5D514 00000556 013F16F0 0006D94C 00001000 mshtml!<nosymbols>
0006D890 75ADB8ED 0006D94C 013F17C0 013F16F0 01402220 mshtml!DllGetClassObject
04000000 00000000 00000000 00000000 00000000 00000000 mshtml!<nosymbols>
*----> Scarico Raw Stack <----*
0006d7a4 a8 d7 06 00 00 00 00 00 - 00 00 00 00 58 02 00 00 ............X...
0006d7b4 41 00 00 00 00 00 00 00 - 00 00 00 00 5c d8 06 00 A..............
0006d7c4 10 00 00 00 fc d7 06 00 - f5 3a ac 75 ec d7 06 00 .........:.u....
0006d7d4 03 00 00 00 02 00 00 00 - 01 00 00 00 00 00 00 00 ................
0006d7e4 20 17 3f 01 01 00 00 00 - 00 00 00 00 00 00 00 00 .?.............
0006d7f4 58 02 00 00 41 00 00 00 - 38 d8 06 00 80 41 ac 75 X...A...8....A.u
0006d804 a0 eb 41 01 03 00 00 00 - 00 00 00 00 00 00 00 00 ..A.............
0006d814 50 17 3f 01 20 17 3f 01 - 4c d9 06 00 00 00 00 00 P.?. .?.L.......
0006d824 00 00 00 00 58 02 00 00 - 41 00 00 00 50 17 3f 01 ....X...A...P.?.
0006d834 6c d8 06 00 6c d8 06 00 - 0c aa ad 75 a0 eb 41 01 l...l......u..A.
0006d844 01 00 00 00 00 00 00 00 - 20 17 3f 01 4c d9 06 00 ........ .?.L...
0006d854 43 31 00 00 04 00 00 00 - a0 eb 41 01 10 19 3f 01 C1........A...?.
0006d864 00 00 00 00 01 00 00 00 - 90 d8 06 00 14 d5 b5 75 ...............u
0006d874 56 05 00 00 f0 16 3f 01 - 4c d9 06 00 00 10 00 00 V.....?.L.......
0006d884 00 00 00 00 00 00 00 00 - 30 14 3f 01 00 00 00 04 ........0.?.....
0006d894 ed b8 ad 75 4c d9 06 00 - c0 17 3f 01 f0 16 3f 01 ...uL.....?...?.
0006d8a4 20 22 40 01 4c d9 06 00 - a2 b4 ad 75 f0 16 3f 01 "@.L......u..?.
0006d8b4 4c d9 06 00 00 00 00 04 - 4c d9 06 00 1c d9 06 00 L.......L.......
0006d8c4 00 00 00 00 5a a6 ad 75 - 4c d9 06 00 20 22 40 01 ....Z..uL... "@.
0006d8d4 4c d9 06 00 80 22 40 01 - 00 00 20 00 90 81 0e 00 L...."@... .....
Scarico dello stato per l'id del thread 0x3d0
eax=7712dcf3 ebx=78469134 ecx=00000001 edx=00000000 esi=0007e4f8 edi=00000100
eip=784639c7 esp=00bcfe28 ebp=00bcff74 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000202
funzione: NtReplyWaitReceivePortEx
784639bc b8ac000000 mov eax,0xac
784639c1 8d542404 lea edx,[esp+0x4] ss:01659d0f=????????
784639c5 cd2e int 2e
784639c7 c21400 ret 0x14
784639ca 8b4710 mov eax,[edi+0x10] ds:00a89fe6=????????
784639cd 8b483c mov ecx,[eax+0x3c] ds:77bb7bd9=00000000
784639d0 f6400801 test byte ptr [eax+0x8],0x1 ds:77bb7bd9=00
784639d4 7502 jnz RtlCreateProcessParameters+0xd (78463cd8)
784639d6 03c8 add ecx,eax
784639d8 894de4 mov [ebp+0xe4],ecx ss:01659e5a=????????
784639db 8b4710 mov eax,[edi+0x10] ds:00a89fe6=????????
784639de 668b4038 mov ax,[eax+0x38] ds:77bb7bda=0000
784639e2 668945e0 mov [ebp+0xe0],ax ss:01659e5b=????
784639e6 668945e2 mov [ebp+0xe2],ax ss:01659e5b=????
784639ea 53 push ebx
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
00BCFF74 7712D9DB 7712DDED 0007E4F8 4007DFF8 00000070 ntdll!NtReplyWaitReceivePortEx
00BCFFA8 7712DD0B 00075940 00BCFFEC 7962987C 0007E448 rpcrt4!RpcBindingSetOption
00BCFFB4 7962987C 0007E448 4007DFF8 00000070 0007E448 rpcrt4!RpcBindingSetOption
00BCFFEC 00000000 00000000 00000000 00000000 00000000 kernel32!SetThreadExecutionState
Scarico dello stato per l'id del thread 0x550
eax=77a8e915 ebx=00000102 ecx=0007d370 edx=00000000 esi=78469153 edi=00c0ff74
eip=7846915e esp=00c0ff60 ebp=00c0ff7c iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206
funzione: ZwDelayExecution
78469153 b832000000 mov eax,0x32
78469158 8d542404 lea edx,[esp+0x4] ss:01699e47=????????
7846915c cd2e int 2e
7846915e c20800 ret 0x8
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
00C0FF7C 7963AC79 0000EA60 00000000 77A60216 0000EA60 ntdll!ZwDelayExecution
00007530 00000000 00000000 00000000 00000000 00000000 kernel32!Sleep
*----> Scarico Raw Stack <----*
00c0ff60 a5 ac 63 79 00 00 00 00 - 74 ff c0 00 68 c4 63 79 ..cy....t...h.cy
00c0ff70 48 0a 08 00 00 ba 3c dc - ff ff ff ff 30 75 00 00 H.....<.....0u..
00c0ff80 79 ac 63 79 60 ea 00 00 - 00 00 00 00 16 02 a6 77 y.cy`..........w
00c0ff90 60 ea 00 00 70 e9 a8 77 - 00 00 00 00 00 00 a5 77 `...p..w.......w
00c0ffa0 48 0a 08 00 ec ff c0 00 - 48 0a 08 00 2f e9 a8 77 H.......H.../..w
00c0ffb0 dc 86 a9 77 19 3c a5 77 - 7c 98 62 79 48 0a 08 00 ...w.<.w|.byH...
00c0ffc0 dc 86 a9 77 19 3c a5 77 - 48 0a 08 00 00 c0 fd 7f ...w.<.wH.......
00c0ffd0 70 d3 07 00 c0 ff c0 00 - 70 d3 07 00 ff ff ff ff p.......p.......
00c0ffe0 b4 f0 63 79 60 d3 62 79 - 00 00 00 00 00 00 00 00 ..cy`.by........
00c0fff0 00 00 00 00 15 e9 a8 77 - 48 0a 08 00 00 00 00 00 .......wH.......
00c10000 01 00 00 00 b8 d3 07 00 - 01 00 00 00 78 36 08 00 ............x6..
00c10010 01 00 00 00 a8 da 0a 00 - 01 00 00 00 60 b3 0b 00 ............`...
00c10020 01 00 00 00 e0 a5 0b 00 - 01 00 00 00 58 46 0a 00 ............XF..
00c10030 01 00 00 00 e8 db 13 00 - 40 00 c1 00 00 00 00 00 ........@.......
00c10040 48 00 c1 00 00 00 00 00 - 50 00 c1 00 00 00 00 00 H.......P.......
00c10050 58 00 c1 00 00 00 00 00 - 60 00 c1 00 00 00 00 00 X.......`.......
00c10060 68 00 c1 00 00 00 00 00 - 70 00 c1 00 00 00 00 00 h.......p.......
00c10070 78 00 c1 00 00 00 00 00 - 80 00 c1 00 00 00 00 00 x...............
00c10080 88 00 c1 00 00 00 00 00 - 90 00 c1 00 00 00 00 00 ................
00c10090 98 00 c1 00 00 00 00 00 - a0 00 c1 00 00 00 00 00 ................
Scarico dello stato per l'id del thread 0x57c
eax=01d209c8 ebx=ffffffff ecx=00000000 edx=00000000 esi=7fffffff edi=00000102
eip=78474091 esp=0108facc ebp=0108fb04 iopl=0 nv up ei ng nz ac pe cy
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000293
funzione: ZwWaitForSingleObject
78474086 b8ea000000 mov eax,0xea
7847408b 8d542404 lea edx,[esp+0x4] ss:01b199b3=00000000
7847408f cd2e int 2e
78474091 c20c00 ret 0xc
78474094 8a5001 mov dl,[eax+0x1] ds:027aa8ae=??
78474097 3a5101 cmp dl,[ecx+0x1] ds:00a89ee6=??
7847409a 0f8598c7ffff jne RtlEqualPrefixSid+0x44 (78470838)
784740a0 84d2 test dl,dl
784740a2 7410 jz RtlQueryAtomInAtomTable+0x31 (78474fb4)
784740a4 0fb6d2 movzx edx,dl
784740a7 33ff xor edi,edi
784740a9 8d72ff lea esi,[edx+0xff] ds:00a89ee6=????????
784740ac 85f6 test esi,esi
784740ae 0f8f04100100 jnle RtlEraseUnicodeString+0x4e (784850b8)
784740b4 b001 mov al,0x1
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0108FB04 74F83C59 000001E4 000002B4 00000000 00000004 ntdll!ZwWaitForSingleObject
0108FBF0 74FE12F5 00000001 0108FE84 0108FC7C 0108FD80 msafd!WSPSetSockOpt
0108FC54 76BF72D2 00000001 0108FE84 0108FC7C 0108FD80 ws2_32!select
0108FFB0 76BF6FDD 7962987C 000A2B20 7FFDE000 00000040 wininet!InternetSetStatusCallback
0108FFEC 00000000 00000000 00000000 00000000 00000000 wininet!InternetSetStatusCallback
*----> Scarico Raw Stack <----*
0108facc 94 13 f8 74 e4 01 00 00 - 01 00 00 00 f0 fa 08 01 ...t............
0108fadc 84 fe 08 01 78 fb 08 01 - 68 fb 08 01 c8 56 50 e4 ....x...h....VP.
0108faec 4e a2 c3 01 ff ff ff ff - ff ff ff 7f 80 41 0a 00 N............A..
0108fafc 00 00 00 00 00 00 00 00 - f0 fb 08 01 59 3c f8 74 ............Y<.t
0108fb0c e4 01 00 00 b4 02 00 00 - 00 00 00 00 04 00 00 00 ................
0108fb1c 80 fd 08 01 a8 41 0a 00 - 7c fc 08 01 00 00 00 00 .....A..|.......
0108fb2c 00 00 00 00 80 0f 05 fd - ff ff ff ff b4 02 00 00 ................
0108fb3c e4 01 00 00 00 00 00 00 - 00 00 07 00 90 fb 08 01 ................
0108fb4c 17 20 01 00 80 fb 08 01 - 10 00 00 00 00 00 00 00 . ..............
0108fb5c 06 00 00 00 00 00 00 00 - 00 00 00 00 80 0f 05 fd ................
0108fb6c ff ff ff ff 01 00 00 00 - 00 41 0a 00 b4 02 00 00 .........A......
0108fb7c 19 00 00 00 30 00 00 00 - b4 02 00 00 70 41 cb 77 ....0.......pA.w
0108fb8c 70 41 cb 77 dc fb 08 01 - 91 81 47 78 40 96 46 78 pA.w......Gx@.Fx
0108fb9c ff ff ff ff ec fb 08 01 - a9 c1 63 79 00 00 07 00 ..........cy....
0108fbac 80 41 0a 00 24 00 00 00 - 00 00 00 00 68 fb 08 01 .A..$.......h...
0108fbbc 2c 00 00 00 01 00 00 00 - 00 00 00 00 00 00 00 00 ,...............
0108fbcc 00 00 00 00 1c 00 00 00 - 84 fb 08 01 1c fb 08 01 ................
0108fbdc 24 fc 08 01 44 fc 08 01 - 12 ea f8 74 88 3d f8 74 $...D......t.=.t
0108fbec ff ff ff ff 54 fc 08 01 - f5 12 fe 74 01 00 00 00 ....T......t....
0108fbfc 84 fe 08 01 7c fc 08 01 - 80 fd 08 01 90 ff 08 01 ....|...........
Scarico dello stato per l'id del thread 0x36c
eax=00000002 ebx=00000002 ecx=000e89cc edx=00000000 esi=78473233 edi=00000002
eip=7847323e esp=010cfe5c ebp=010cfea8 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
funzione: NtWaitForMultipleObjects
78473233 b8e9000000 mov eax,0xe9
78473238 8d542404 lea edx,[esp+0x4] ss:01b59d43=00000000
7847323c cd2e int 2e
7847323e c21400 ret 0x14
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
010CFEA8 77E13990 010CFE80 00000001 00000000 010CFEA0 ntdll!NtWaitForMultipleObjects
010CFF04 77E13A5C 010CFED0 77CB4190 0000EA60 00000041 user32!MsgWaitForMultipleObjectsEx
010CFF20 77C72973 00000001 77CB4190 00000000 0000EA60 user32!MsgWaitForMultipleObjects
010CFF74 77C7744C 010CFFA0 010CFFA4 010CFFA8 010CFF9C shlwapi!PathBuildRootW
010CFFAC 77C773D4 00000000 7962987C 00000000 00070178 shlwapi!Ordinal307
010CFFEC 00000000 00000000 00000000 00000000 00000000 shlwapi!Ordinal307
Scarico dello stato per l'id del thread 0x368
eax=778321fe ebx=00000004 ecx=0000004c edx=00000000 esi=78473233 edi=00000004
eip=7847323e esp=0115fd24 ebp=0115fd70 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
funzione: NtWaitForMultipleObjects
78473233 b8e9000000 mov eax,0xe9
78473238 8d542404 lea edx,[esp+0x4] ss:01be9c0b=00000000
7847323c cd2e int 2e
7847323e c21400 ret 0x14
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0115FD70 7963ABFB 0115FD48 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
0115FFB4 7962987C 00000005 000B000A 792602A7 000BD398 kernel32!WaitForMultipleObjects
0115FFEC 00000000 778321FE 000BD398 00000000 000000C8 kernel32!SetThreadExecutionState
*----> Scarico Raw Stack <----*
0115fd24 d7 bd 62 79 04 00 00 00 - 48 fd 15 01 01 00 00 00 ..by....H.......
0115fd34 00 00 00 00 00 00 00 00 - 01 00 00 00 98 d3 0b 00 ................
0115fd44 01 00 00 00 44 02 00 00 - 48 02 00 00 58 02 00 00 ....D...H...X...
0115fd54 f8 02 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0115fd64 00 00 00 00 00 00 00 00 - 00 00 00 00 b4 ff 15 01 ................
0115fd74 fb ab 63 79 48 fd 15 01 - 01 00 00 00 00 00 00 00 ..cyH...........
0115fd84 00 00 00 00 00 00 00 00 - b2 22 83 77 04 00 00 00 .........".w....
0115fd94 b0 fe 15 01 00 00 00 00 - ff ff ff ff 98 d3 0b 00 ................
0115fda4 a7 02 26 79 0a 00 0b 00 - 00 00 00 00 00 00 00 00 ..&y............
0115fdb4 00 00 00 00 00 00 00 00 - 01 00 00 00 38 00 00 00 ............8...
0115fdc4 23 00 00 00 23 00 00 00 - 0a 00 0b 00 a7 02 26 79 #...#.........&y
0115fdd4 98 d3 0b 00 68 02 26 79 - 4c 00 00 00 fe 21 83 77 ....h.&yL....!.w
0115fde4 f8 ab fd 7f 24 98 62 79 - 1b 00 00 00 00 02 00 00 ....$.by........
0115fdf4 fc ff 15 01 23 00 00 00 - 00 00 00 00 00 00 00 00 ....#...........
0115fe04 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0115fe14 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0115fe24 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0115fe34 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0115fe44 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0115fe54 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
Scarico dello stato per l'id del thread 0x358
eax=74f86311 ebx=000b9070 ecx=010cf764 edx=00000000 esi=74f9a3a0 edi=00000000
eip=7846beb2 esp=013cff84 ebp=013cffb4 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000202
funzione: NtRemoveIoCompletion
7846bea7 b8a8000000 mov eax,0xa8
7846beac 8d542404 lea edx,[esp+0x4] ss:01e59e6b=????????
7846beb0 cd2e int 2e
7846beb2 c21400 ret 0x14
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
013CFFB4 7962987C 74F89048 00000000 0000003E 000B9070 ntdll!NtRemoveIoCompletion
013CFFEC 00000000 74F86311 000B9070 00000000 013D00F2 kernel32!SetThreadExecutionState
*----> Scarico Raw Stack <----*
013cff84 63 63 f8 74 08 03 00 00 - bc ff 3c 01 b0 ff 3c 01 cc.t......<...<.
013cff94 a4 ff 3c 01 08 64 f8 74 - 00 00 00 00 3e 00 00 00 ..<..d.t....>...
013cffa4 00 00 00 00 00 00 00 00 - 00 00 f8 74 90 1d 15 00 ...........t....
013cffb4 ec ff 3c 01 7c 98 62 79 - 48 90 f8 74 00 00 00 00 ..<.|.byH..t....
013cffc4 3e 00 00 00 70 90 0b 00 - 00 70 fd 7f 64 f7 0c 01 >...p....p..d...
013cffd4 c0 ff 3c 01 64 f7 0c 01 - ff ff ff ff b4 f0 63 79 ..<.d.........cy
013cffe4 60 d3 62 79 00 00 00 00 - 00 00 00 00 00 00 00 00 `.by............
013cfff4 11 63 f8 74 70 90 0b 00 - 00 00 00 00 f2 00 3d 01 .c.tp.........=.
013d0004 06 00 00 00 06 00 00 00 - 00 00 0a 00 00 00 00 00 ................
013d0014 00 00 00 00 06 00 00 00 - 00 00 19 00 00 00 00 00 ................
013d0024 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
013d0034 00 00 00 01 01 0c 00 00 - 00 00 00 00 00 00 00 00 ................
013d0044 00 01 0a 00 00 00 00 00 - 00 00 00 00 01 00 00 00 ................
013d0054 01 10 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
013d0064 00 00 00 00 01 01 00 00 - 00 00 00 00 06 00 00 00 ................
013d0074 00 00 01 00 00 00 00 00 - 00 0b 00 00 00 00 00 00 ................
013d0084 00 00 00 00 01 00 00 00 - 00 00 00 21 00 00 00 00 ...........!....
013d0094 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
013d00a4 00 00 00 00 00 00 00 00 - 00 00 00 00 01 01 01 00 ................
013d00b4 02 00 00 00 03 00 00 00 - 00 05 00 00 00 00 01 0a ................
Scarico dello stato per l'id del thread 0x41c
eax=00000000 ebx=0180ff74 ecx=00000000 edx=00000000 esi=78474086 edi=00000334
eip=78474091 esp=0180ff58 ebp=0180ff7c iopl=0 nv up ei ng nz ac pe cy
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000293
funzione: ZwWaitForSingleObject
78474086 b8ea000000 mov eax,0xea
7847408b 8d542404 lea edx,[esp+0x4] ss:02299e3f=????????
7847408f cd2e int 2e
78474091 c20c00 ret 0xc
78474094 8a5001 mov dl,[eax+0x1] ds:00a89ee6=??
78474097 3a5101 cmp dl,[ecx+0x1] ds:00a89ee6=??
7847409a 0f8598c7ffff jne RtlEqualPrefixSid+0x44 (78470838)
784740a0 84d2 test dl,dl
784740a2 7410 jz RtlQueryAtomInAtomTable+0x31 (78474fb4)
784740a4 0fb6d2 movzx edx,dl
784740a7 33ff xor edi,edi
784740a9 8d72ff lea esi,[edx+0xff] ds:00a89ee6=????????
784740ac 85f6 test esi,esi
784740ae 0f8f04100100 jnle RtlEraseUnicodeString+0x4e (784850b8)
784740b4 b001 mov al,0x1
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0180FF7C 79631B1B 00000334 000927C0 00000000 75B6B36D ntdll!ZwWaitForSingleObject
78469134 4AFFC033 58850F08 890000C1 FF900C42 8D0F044A kernel32!WaitForSingleObject
0424548B 00000000 00000000 00000000 00000000 00000000 <nosymbols>
Scarico dello stato per l'id del thread 0x128
eax=000000c0 ebx=0000003f ecx=01cbef4c edx=00000000 esi=01cbebfc edi=00000001
eip=7847323e esp=01cbebe4 ebp=01cbffb4 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
funzione: NtWaitForMultipleObjects
78473233 b8e9000000 mov eax,0xe9
78473238 8d542404 lea edx,[esp+0x4] ss:02748acb=faf8fafa
7847323c cd2e int 2e
7847323e c21400 ret 0x14
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
01CBFFB4 7962987C 0006C16C 00000000 00000000 0006C16C ntdll!NtWaitForMultipleObjects
01CBFFEC 00000000 00000000 00000000 00000000 00000000 kernel32!SetThreadExecutionState
*----> Scarico Raw Stack <----*
01cbebe4 5e 38 46 78 0f 00 00 00 - 18 ec cb 01 01 00 00 00 ^8Fx............
01cbebf4 01 00 00 00 00 00 00 00 - 98 f5 4a 78 98 f5 4a 78 ..........Jx..Jx
01cbec04 98 03 00 00 28 01 00 00 - 0f 00 00 00 0f 00 00 00 ....(...........
01cbec14 0e 00 00 00 9c 03 00 00 - ec 02 00 00 e8 03 00 00 ................
01cbec24 f8 03 00 00 0c 04 00 00 - 2c 04 00 00 3c 04 00 00 ........,...<...
01cbec34 50 04 00 00 68 04 00 00 - 80 04 00 00 90 04 00 00 P...h...........
01cbec44 a4 04 00 00 b8 04 00 00 - d0 04 00 00 e0 04 00 00 ................
01cbec54 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbec64 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbec74 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbec84 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbec94 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbeca4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbecb4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbecc4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbecd4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbece4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbecf4 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbed04 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
01cbed14 00 00 00 00 00 00 00 00 - d0 4d 11 00 f0 2f 14 00 .........M.../..
Scarico dello stato per l'id del thread 0x56c
eax=79064a3b ebx=00000003 ecx=0015e128 edx=00000000 esi=78473233 edi=00000003
eip=7847323e esp=01cfff20 ebp=01cfff6c iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
funzione: NtWaitForMultipleObjects
78473233 b8e9000000 mov eax,0xe9
78473238 8d542404 lea edx,[esp+0x4] ss:02789e07=????????
7847323c cd2e int 2e
7847323e c21400 ret 0x14
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
01CFFF6C 7963ABFB 01CFFF44 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
00000000 00000000 00000000 00000000 00000000 00000000 kernel32!WaitForMultipleObjects
*----> Scarico Raw Stack <----*
01cfff20 d7 bd 62 79 03 00 00 00 - 44 ff cf 01 01 00 00 00 ..by....D.......
01cfff30 00 00 00 00 00 00 00 00 - 20 40 0b 79 00 00 00 00 ........ @.y....
01cfff40 68 91 62 79 10 04 00 00 - 14 04 00 00 54 04 00 00 h.by........T...
01cfff50 00 00 00 00 00 00 00 00 - 78 94 09 00 16 00 18 00 ........x.......
01cfff60 e0 4b 06 79 00 00 00 00 - 04 ff cf 01 00 00 00 00 .K.y............
01cfff70 fb ab 63 79 44 ff cf 01 - 01 00 00 00 00 00 00 00 ..cyD...........
01cfff80 00 00 00 00 00 00 00 00 - c7 4a 06 79 03 00 00 00 .........J.y....
01cfff90 bc 40 0b 79 00 00 00 00 - ff ff ff ff 04 34 46 78 .@.y.........4Fx
01cfffa0 48 f3 4a 78 ec ff cf 01 - 00 00 00 00 00 00 00 00 H.Jx............
01cfffb0 03 00 00 00 00 00 06 79 - 7c 98 62 79 00 00 00 00 .......y|.by....
01cfffc0 04 34 46 78 48 f3 4a 78 - 00 00 00 00 00 f0 fa 7f .4FxH.Jx........
01cfffd0 28 e1 15 00 c0 ff cf 01 - 28 e1 15 00 ff ff ff ff (.......(.......
01cfffe0 b4 f0 63 79 60 d3 62 79 - 00 00 00 00 00 00 00 00 ..cy`.by........
01cffff0 00 00 00 00 3b 4a 06 79 - 00 00 00 00 00 00 00 00 ....;J.y........
01d00000 08 00 00 00 01 01 00 00 - ee ff ee ff 00 00 00 00 ................
01d00010 00 00 07 00 00 90 00 00 - 00 00 d0 01 00 01 00 00 ................
01d00020 40 00 d0 01 00 00 e0 01 - 1c 00 00 00 0d 00 00 00 @...............
01d00030 f8 05 07 00 00 00 00 00 - 80 4e d3 01 00 00 00 00 .........N......
01d00040 0b 0c 08 00 01 00 08 00 - 08 c0 d3 01 f8 6f d7 01 .............o..
01d00050 20 00 54 00 41 00 52 00 - 47 00 45 00 54 00 3d 00 .T.A.R.G.E.T.=.
Scarico dello stato per l'id del thread 0x3fc
eax=0203fee4 ebx=00000002 ecx=01d38abc edx=00000000 esi=78473233 edi=00000002
eip=7847323e esp=0203fe5c ebp=0203fea8 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
funzione: NtWaitForMultipleObjects
78473233 b8e9000000 mov eax,0xe9
78473238 8d542404 lea edx,[esp+0x4] ss:02ac9d43=????????
7847323c cd2e int 2e
7847323e c21400 ret 0x14
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0203FEA8 77E13990 0203FE80 00000001 00000000 0203FEA0 ntdll!NtWaitForMultipleObjects
0203FF04 77E13A5C 0203FED0 77CB4190 0000EA60 00000041 user32!MsgWaitForMultipleObjectsEx
0203FF20 77C72973 00000001 77CB4190 00000000 0000EA60 user32!MsgWaitForMultipleObjects
0203FF74 77C7744C 0203FFA0 0203FFA4 0203FFA8 0203FF9C shlwapi!PathBuildRootW
0203FFAC 77C773D4 76BF3162 7962987C 00000000 0180CFD8 shlwapi!Ordinal307
0203FFEC 00000000 77C773AB 00000000 00000000 65696C43 shlwapi!Ordinal307
*----> Scarico Raw Stack <----*
0203fe5c d7 bd 62 79 02 00 00 00 - 80 fe 03 02 01 00 00 00 ..by............
0203fe6c 00 00 00 00 a0 fe 03 02 - 00 00 00 00 00 00 00 00 ................
0203fe7c 02 00 00 00 dc 01 00 00 - 10 05 00 00 00 00 00 00 ................
0203fe8c c4 fe 03 02 84 16 be 76 - 48 01 00 00 00 04 07 00 .......vH.......
0203fe9c 00 04 07 00 00 ba 3c dc - ff ff ff ff 04 ff 03 02 ......<.........
0203feac 90 39 e1 77 80 fe 03 02 - 01 00 00 00 00 00 00 00 .9.w............
0203febc a0 fe 03 02 00 00 00 00 - 60 ea 00 00 70 41 cb 77 ........`...pA.w
0203fecc 00 00 00 00 dc 01 00 00 - 10 05 00 00 91 81 47 78 ..............Gx
0203fedc 50 96 46 78 ff ff ff ff - 2c ff 03 02 0d c2 63 79 P.Fx....,.....cy
0203feec 00 00 07 00 00 00 00 00 - 00 00 00 00 cc e6 fa 7f ................
0203fefc 00 00 00 00 10 05 00 00 - 20 ff 03 02 5c 3a e1 77 ........ ...:.w
0203ff0c d0 fe 03 02 90 41 cb 77 - 60 ea 00 00 41 00 00 00 .....A.w`...A...
0203ff1c 00 00 00 00 74 ff 03 02 - 73 29 c7 77 01 00 00 00 ....t...s).w....
0203ff2c 90 41 cb 77 00 00 00 00 - 60 ea 00 00 41 00 00 00 .A.w....`...A...
0203ff3c 00 00 00 00 70 41 cb 77 - 34 91 46 78 f6 a9 be 76 ....pA.w4.Fx...v
0203ff4c 48 32 0f 00 88 e8 09 00 - 00 00 00 00 d7 a9 be 76 H2.............v
0203ff5c 00 00 00 00 9c e0 be 76 - 42 35 15 00 70 41 cb 77 .......vB5..pA.w
0203ff6c 60 ea 00 00 01 00 00 00 - ac ff 03 02 4c 74 c7 77 `...........Lt.w
0203ff7c a0 ff 03 02 a4 ff 03 02 - a8 ff 03 02 9c ff 03 02 ................
0203ff8c 60 ea 00 00 d8 cf 80 01 - 00 00 c7 77 00 00 00 00 `..........w....
Scarico dello stato per l'id del thread 0x47c
eax=77542bda ebx=00000002 ecx=0000001c edx=00000000 esi=78473233 edi=00000002
eip=7847323e esp=020eff24 ebp=020eff70 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
funzione: NtWaitForMultipleObjects
78473233 b8e9000000 mov eax,0xe9
78473238 8d542404 lea edx,[esp+0x4] ss:02b79e0b=????????
7847323c cd2e int 2e
7847323e c21400 ret 0x14
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
020EFF70 7963ABFB 020EFF48 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
020EFFB4 7962987C 00000000 7FFDEBF8 00000000 00000000 kernel32!WaitForMultipleObjects
020EFFEC 00000000 00000000 00000000 00000000 00000000 kernel32!SetThreadExecutionState
Scarico dello stato per l'id del thread 0x158
eax=0000020b ebx=0000054c ecx=00000210 edx=00000000 esi=0212ff98 edi=77e15780
eip=77e12f5c esp=0212ff58 ebp=0212ff78 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
funzione: TranslateMessageEx
77e12f3a 0f8540d80200 jne UnregisterHotKey+0xe89 (77e40780)
77e12f40 33c0 xor eax,eax
77e12f42 c20800 ret 0x8
77e12f45 ff742408 push dword ptr [esp+0x8] ss:02bb9e3f=????????
77e12f49 51 push ecx
77e12f4a e8ce1e0000 call GetKeyState+0x9b (77e14e1d)
77e12f4f ebf1 jmp DrawStateA+0x6e6 (77e1e842)
77e12f51 b89a110000 mov eax,0x119a
77e12f56 8d542404 lea edx,[esp+0x4] ss:02bb9e3f=????????
77e12f5a cd2e int 2e
77e12f5c c21000 ret 0x10
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0212FF78 77555C36 0212FF98 00000000 00000000 00000000 user32!TranslateMessageEx
0212FFB4 7962987C 0000054C 77575428 00069208 0000054C winmm!midiOutGetNumDevs
0212FFEC 00000000 77555BB9 0000054C 00000000 CAC8EF17 kernel32!SetThreadExecutionState
*----> Scarico Raw Stack <----*
0212ff58 bc 57 e1 77 98 ff 12 02 - 00 00 00 00 00 00 00 00 .W.w............
0212ff68 00 00 00 00 4c 05 00 00 - 00 00 00 00 80 57 e1 77 ....L........W.w
0212ff78 b4 ff 12 02 36 5c 55 77 - 98 ff 12 02 00 00 00 00 ....6Uw........
0212ff88 00 00 00 00 00 00 00 00 - 28 54 57 77 08 92 06 00 ........(TWw....
0212ff98 66 02 05 00 bc 03 00 00 - cc e6 0a 00 00 00 00 00 f...............
0212ffa8 3f c3 14 00 f3 00 00 00 - c5 01 00 00 ec ff 12 02 ?...............
0212ffb8 7c 98 62 79 4c 05 00 00 - 28 54 57 77 08 92 06 00 |.byL...(TWw....
0212ffc8 4c 05 00 00 00 c0 fa 7f - 00 00 55 77 c0 ff 12 02 L.........Uw....
0212ffd8 00 00 55 77 ff ff ff ff - b4 f0 63 79 60 d3 62 79 ..Uw......cy`.by
0212ffe8 00 00 00 00 00 00 00 00 - 00 00 00 00 b9 5b 55 77 .............[Uw
0212fff8 4c 05 00 00 00 00 00 00 - 17 ef c8 ca 01 00 00 00 L...............
02130008 00 00 00 00 00 00 00 00 - 5a 2e eb fe fa 00 2c 00 ........Z.....,.
02130018 00 5a 86 88 d4 01 3c 00 - 16 f3 cd 2a 50 00 3c 00 .Z....<....*P.<.
02130028 c1 47 68 0d 50 00 3c 00 - 46 fb 10 2b d4 01 3c 00 .Gh.P.<.F..+..<.
02130038 90 a7 9b b2 50 00 72 00 - eb 81 e3 92 50 00 3c 00 ....P.r.....P.<.
02130048 7f 35 7c fa 50 00 36 00 - f1 53 f7 2a 50 00 3c 00 .5|.P.6..S.*P.<.
02130058 d5 7a 23 f6 50 00 3c 00 - af cb 71 fc 98 00 40 00 .z#.P.<...q...@.
02130068 a9 d8 c7 aa 50 00 35 00 - 59 08 92 1a 50 00 3c 00 ....P.5.Y...P.<.
02130078 cf f3 b7 2e 50 00 3c 00 - 89 f7 af 1f b9 00 fa 00 ....P.<.........
02130088 bb 1e 1f 0a 50 00 35 00 - 48 d0 64 95 50 00 6b 00 ....P.5.H.d.P.k.
Scarico dello stato per l'id del thread 0x450
eax=00000000 ebx=0218ff74 ecx=00000008 edx=00000000 esi=78474086 edi=00000320
eip=78474091 esp=0218ff58 ebp=0218ff7c iopl=0 nv up ei ng nz ac pe cy
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000293
funzione: ZwWaitForSingleObject
78474086 b8ea000000 mov eax,0xea
7847408b 8d542404 lea edx,[esp+0x4] ss:02c19e3f=????????
7847408f cd2e int 2e
78474091 c20c00 ret 0xc
78474094 8a5001 mov dl,[eax+0x1] ds:00a89ee6=??
78474097 3a5101 cmp dl,[ecx+0x1] ds:00a89eee=??
7847409a 0f8598c7ffff jne RtlEqualPrefixSid+0x44 (78470838)
784740a0 84d2 test dl,dl
784740a2 7410 jz RtlQueryAtomInAtomTable+0x31 (78474fb4)
784740a4 0fb6d2 movzx edx,dl
784740a7 33ff xor edi,edi
784740a9 8d72ff lea esi,[edx+0xff] ds:00a89ee6=????????
784740ac 85f6 test esi,esi
784740ae 0f8f04100100 jnle RtlEraseUnicodeString+0x4e (784850b8)
784740b4 b001 mov al,0x1
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0218FF7C 79631B1B 00000320 000927C0 00000000 75B6B36D ntdll!ZwWaitForSingleObject
78469134 4AFFC033 58850F08 890000C1 FF900C42 8D0F044A kernel32!WaitForSingleObject
0424548B 00000000 00000000 00000000 00000000 00000000 <nosymbols>
Scarico dello stato per l'id del thread 0x52c
eax=7712dcf3 ebx=78469134 ecx=00000000 edx=00000000 esi=00166338 edi=000758c8
eip=7846915e esp=022aff78 ebp=022affa8 iopl=0 nv up ei ng nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000286
funzione: ZwDelayExecution
78469153 b832000000 mov eax,0x32
78469158 8d542404 lea edx,[esp+0x4] ss:02d39e5f=????????
7846915c cd2e int 2e
7846915e c20800 ret 0x8
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
022AFFA8 7712DD0B 00075940 022AFFEC 7962987C 00094140 ntdll!ZwDelayExecution
022AFFB4 7962987C 00094140 00000000 00000000 00094140 rpcrt4!RpcBindingSetOption
022AFFEC 00000000 7712DCF3 00094140 00000000 00000000 kernel32!SetThreadExecutionState
*----> Scarico Raw Stack <----*
022aff78 cd dd 12 77 01 00 00 00 - 90 ff 2a 02 00 00 00 00 ...w......*.....
022aff88 00 00 00 00 40 41 09 00 - 00 5d 1e ee ff ff ff ff ....@A...]......
022aff98 00 5d 1e ee ff ff ff ff - 30 75 00 00 40 41 09 00 .]......0u..@A..
022affa8 b4 ff 2a 02 0b dd 12 77 - 40 59 07 00 ec ff 2a 02 ..*....w@Y....*.
022affb8 7c 98 62 79 40 41 09 00 - 00 00 00 00 00 00 00 00 |.by@A..........
022affc8 40 41 09 00 00 50 fd 7f - 00 00 00 00 c0 ff 2a 02 @A...P........*.
022affd8 00 00 00 00 ff ff ff ff - b4 f0 63 79 60 d3 62 79 ..........cy`.by
022affe8 00 00 00 00 00 00 00 00 - 00 00 00 00 f3 dc 12 77 ...............w
022afff8 40 41 09 00 00 00 00 00 - 00 00 00 00 00 00 01 00 @A..............
022b0008 00 10 00 00 00 00 00 00 - f8 05 b6 00 00 80 e0 01 ................
022b0018 00 10 00 00 00 00 00 00 - 30 00 2b 02 00 00 00 00 ........0.+.....
022b0028 00 00 00 00 00 00 00 00 - 40 00 2b 02 00 00 00 00 ........@.+.....
022b0038 00 00 00 00 00 00 00 00 - 50 00 2b 02 00 00 00 00 ........P.+.....
022b0048 00 00 00 00 00 00 00 00 - 60 00 2b 02 00 00 00 00 ........`.+.....
022b0058 00 00 00 00 00 00 00 00 - 70 00 2b 02 00 00 00 00 ........p.+.....
022b0068 00 00 00 00 00 00 00 00 - 80 00 2b 02 00 00 00 00 ..........+.....
022b0078 00 00 00 00 00 00 00 00 - 90 00 2b 02 00 00 00 00 ..........+.....
022b0088 00 00 00 00 00 00 00 00 - a0 00 2b 02 00 00 00 00 ..........+.....
022b0098 00 00 00 00 00 00 00 00 - b0 00 2b 02 00 00 00 00 ..........+.....
022b00a8 00 00 00 00 00 00 00 00 - c0 00 2b 02 00 00 00 00 ..........+.....
Scarico dello stato per l'id del thread 0x224
eax=013d9770 ebx=00000002 ecx=013d9950 edx=00000000 esi=78473233 edi=00000002
eip=7847323e esp=023ffe5c ebp=023ffea8 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
funzione: NtWaitForMultipleObjects
78473233 b8e9000000 mov eax,0xe9
78473238 8d542404 lea edx,[esp+0x4] ss:02e89d43=????????
7847323c cd2e int 2e
7847323e c21400 ret 0x14
*----> Back Trace dello stack <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
023FFEA8 77E13990 023FFE80 00000001 00000000 023FFEA0 ntdll!NtWaitForMultipleObjects
023FFF04 77E13A5C 023FFED0 77CB4190 0000EA60 00000041 user32!MsgWaitForMultipleObjectsEx
023FFF20 77C72973 00000001 77CB4190 00000000 0000EA60 user32!MsgWaitForMultipleObjects
023FFF74 77C7744C 023FFFA0 023FFFA4 023FFFA8 023FFF9C shlwapi!PathBuildRootW
023FFFAC 77C773D4 00000002 7962987C 00000000 000E82FC shlwapi!Ordinal307
023FFFEC 00000000 77C773AB 00000000 00000000 00000008 shlwapi!Ordinal307
*----> Scarico Raw Stack <----*
023ffe5c d7 bd 62 79 02 00 00 00 - 80 fe 3f 02 01 00 00 00 ..by......?.....
023ffe6c 00 00 00 00 a0 fe 3f 02 - 00 00 00 00 00 00 00 00 ......?.........
023ffe7c 02 00 00 00 dc 01 00 00 - f0 05 00 00 78 fe 3f 02 ............x.?.
023ffe8c 00 00 00 00 00 00 00 00 - 48 fe 3f 02 e4 fe 3f 02 ........H.?...?.
023ffe9c dc ff 3f 02 00 ba 3c dc - ff ff ff ff 04 ff 3f 02 ..?...<.......?.
023ffeac 90 39 e1 77 80 fe 3f 02 - 01 00 00 00 00 00 00 00 .9.w..?.........
023ffebc a0 fe 3f 02 00 00 00 00 - 60 ea 00 00 70 41 cb 77 ..?.....`...pA.w
023ffecc 00 00 00 00 dc 01 00 00 - f0 05 00 00 91 81 47 78 ..............Gx
023ffedc 50 96 46 78 ff ff ff ff - 2c ff 3f 02 0d c2 63 79 P.Fx....,.?...cy
023ffeec 00 00 07 00 00 00 00 00 - 00 00 00 00 cc b6 fa 7f ................
023ffefc 00 00 00 00 f0 05 00 00 - 20 ff 3f 02 5c 3a e1 77 ........ .?.:.w
023fff0c d0 fe 3f 02 90 41 cb 77 - 60 ea 00 00 41 00 00 00 ..?..A.w`...A...
023fff1c 00 00 00 00 74 ff 3f 02 - 73 29 c7 77 01 00 00 00 ....t.?.s).w....
023fff2c 90 41 cb 77 00 00 00 00 - 60 ea 00 00 41 00 00 00 .A.w....`...A...
023fff3c 00 00 00 00 70 41 cb 77 - 34 91 46 78 f6 a9 be 76 ....pA.w4.Fx...v
023fff4c 60 9c d3 01 d8 dc 15 00 - 00 00 00 00 d7 a9 be 76 `..............v
023fff5c 00 00 00 00 9c e0 be 76 - 46 2a 15 00 70 41 cb 77 .......vF*..pA.w
023fff6c 60 ea 00 00 01 00 00 00 - ac ff 3f 02 4c 74 c7 77 `.........?.Lt.w
023fff7c a0 ff 3f 02 a4 ff 3f 02 - a8 ff 3f 02 9c ff 3f 02 ..?...?...?...?.
023fff8c 60 ea 00 00 fc 82 0e 00 - 00 00 c7 77 00 00 00 00 `..........w....
![[;)]](http://www.megalab.it/forum/images/smilies/wink.gif "Occhiolino")
