Jump to content

Recommended Posts

I just started to receive these screenshots. Is there a fix? Happens on 1 pc, Duo-Core Intel XP (home) Scans are clean. TIA EDIT: PS: also has a Dr. Watson log - attached:

Microsoft ® DrWtsn32

Copyright © 1985-2001 Microsoft Corp. All rights reserved.

Application exception occurred:

App: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (pid=3428)

When: 4/12/2011 @ 15:07:12.812

Exception number: c0000005 (access violation)

*----> System Information <----*

Computer Name: OWNER-A31BA9366

User Name: SYSTEM

Terminal Session Id: 0

Number of Processors: 2

Processor Type: x86 Family 6 Model 23 Stepping 10

Windows Version: 5.1

Current Build: 2600

Service Pack: 3

Current Type: Multiprocessor Free

Registered Organization:

Registered Owner: owner

*----> Task List <----*

0 System Process

4 System

944 smss.exe

992 csrss.exe

1016 winlogon.exe

1060 services.exe

1072 lsass.exe

1244 svchost.exe

1312 svchost.exe

1436 MsMpEng.exe

1476 svchost.exe

1544 svchost.exe

1760 svchost.exe

1880 spoolsv.exe

1980 svchost.exe

2024 Error 0xD0000022

2040 Error 0xD0000022

124 Error 0xD0000022

212 mainserv.exe

360 mscorsvw.exe

436 DkService.exe

464 dlcxcoms.exe

716 jqs.exe

896 LSSrvc.exe

1348 mbamservice.exe

1612 SeaPort.exe

308 svchost.exe

348 ups.exe

588 WLIDSVC.EXE

1296 WLIDSvcM.exe

2080 Explorer.EXE

2376 AOLSoftware.exe

2440 MSASCui.exe

2448 mswinext.exe

2484 realsched.exe

2492 dlcxmon.exe

2504 memcard.exe

2536 mbamgui.exe

2716 jusched.exe

2848 Error 0xD0000022

3120 ctfmon.exe

3148 NMIndexStoreSvr.exe

3192 SUPERAntiSpyware.exe

3736 alg.exe

3784 NMIndexingService.exe

4024 iexplore.exe

272 iexplore.exe

2544 SCServer.exe

1636 NOTEPAD.EXE

256 MailWasher.exe

3428 mbam.exe

1988 dwwin.exe

3136 wmiprvse.exe

2560 drwtsn32.exe

*----> Module List <----*

(0000000000400000 - 00000000004ef000: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

(00000000011f0000 - 00000000014b5000: C:\WINDOWS\system32\xpsp2res.dll

(0000000001a20000 - 0000000001a56000: C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll

(00000000043f0000 - 0000000004445000: C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll

(0000000010000000 - 0000000010082000: C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll

(0000000028b50000 - 0000000028bc9000: C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx

(000000002e8c0000 - 000000002e8ca000: C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

(000000004d4f0000 - 000000004d549000: C:\WINDOWS\system32\WINHTTP.dll

(000000005ad70000 - 000000005ada8000: C:\WINDOWS\system32\UxTheme.dll

(000000005b860000 - 000000005b8b5000: C:\WINDOWS\system32\NETAPI32.dll

(000000005edd0000 - 000000005ede7000: C:\WINDOWS\system32\olepro32.dll

(0000000065000000 - 000000006502e000: C:\WINDOWS\system32\advpack.dll

(00000000662b0000 - 0000000066308000: C:\WINDOWS\system32\hnetcfg.dll

(0000000068000000 - 0000000068036000: C:\WINDOWS\system32\rsaenh.dll

(0000000068100000 - 0000000068126000: C:\WINDOWS\system32\dssenh.dll

(00000000708f0000 - 0000000070903000: C:\WINDOWS\system32\asycfilt.dll

(0000000071a50000 - 0000000071a8f000: C:\WINDOWS\system32\mswsock.dll

(0000000071a90000 - 0000000071a98000: C:\WINDOWS\System32\wshtcpip.dll

(0000000071aa0000 - 0000000071aa8000: C:\WINDOWS\system32\WS2HELP.dll

(0000000071ab0000 - 0000000071ac7000: C:\WINDOWS\system32\WS2_32.dll

(0000000071b20000 - 0000000071b32000: C:\WINDOWS\system32\MPR.dll

(0000000073420000 - 0000000073573000: C:\WINDOWS\system32\MSVBVM60.DLL

(0000000076360000 - 0000000076370000: C:\WINDOWS\system32\WINSTA.dll

(0000000076390000 - 00000000763ad000: C:\WINDOWS\system32\IMM32.DLL

(0000000076780000 - 0000000076789000: C:\WINDOWS\system32\shfolder.dll

(0000000076790000 - 000000007679c000: C:\WINDOWS\system32\cryptdll.dll

(00000000767f0000 - 0000000076818000: C:\WINDOWS\system32\schannel.dll

(00000000769c0000 - 0000000076a74000: C:\WINDOWS\system32\USERENV.dll

(0000000076bf0000 - 0000000076bfb000: C:\WINDOWS\system32\PSAPI.DLL

(0000000076c30000 - 0000000076c5e000: C:\WINDOWS\system32\WINTRUST.dll

(0000000076c90000 - 0000000076cb8000: C:\WINDOWS\system32\IMAGEHLP.dll

(0000000076d60000 - 0000000076d79000: C:\WINDOWS\system32\iphlpapi.dll

(0000000076f20000 - 0000000076f47000: C:\WINDOWS\system32\DNSAPI.dll

(0000000076f50000 - 0000000076f58000: C:\WINDOWS\system32\WTSAPI32.dll

(0000000076fc0000 - 0000000076fc6000: C:\WINDOWS\system32\rasadhlp.dll

(0000000076fd0000 - 000000007704f000: C:\WINDOWS\system32\CLBCATQ.DLL

(0000000077050000 - 0000000077115000: C:\WINDOWS\system32\COMRes.dll

(0000000077120000 - 00000000771ab000: C:\WINDOWS\system32\OLEAUT32.dll

(00000000773d0000 - 00000000774d3000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.DLL

(00000000774e0000 - 000000007761e000: C:\WINDOWS\system32\ole32.dll

(0000000077920000 - 0000000077a13000: C:\WINDOWS\system32\SETUPAPI.dll

(0000000077a80000 - 0000000077b15000: C:\WINDOWS\system32\CRYPT32.dll

(0000000077b20000 - 0000000077b32000: C:\WINDOWS\system32\MSASN1.dll

(0000000077b40000 - 0000000077b62000: C:\WINDOWS\system32\Apphelp.dll

(0000000077c00000 - 0000000077c08000: C:\WINDOWS\system32\VERSION.dll

(0000000077c10000 - 0000000077c68000: C:\WINDOWS\system32\msvcrt.dll

(0000000077c70000 - 0000000077c95000: C:\WINDOWS\system32\msv1_0.dll

(0000000077dd0000 - 0000000077e6b000: C:\WINDOWS\system32\ADVAPI32.dll

(0000000077e70000 - 0000000077f03000: C:\WINDOWS\system32\RPCRT4.dll

(0000000077f10000 - 0000000077f59000: C:\WINDOWS\system32\GDI32.dll

(0000000077f60000 - 0000000077fd6000: C:\WINDOWS\system32\SHLWAPI.dll

(0000000077fe0000 - 0000000077ff1000: C:\WINDOWS\system32\Secur32.dll

(000000007c800000 - 000000007c8f6000: C:\WINDOWS\system32\kernel32.dll

(000000007c900000 - 000000007c9b2000: C:\WINDOWS\system32\ntdll.dll

(000000007c9c0000 - 000000007d1d7000: C:\WINDOWS\system32\shell32.dll

(000000007e410000 - 000000007e4a1000: C:\WINDOWS\system32\USER32.dll

(000000007e720000 - 000000007e7d0000: C:\WINDOWS\system32\SXS.DLL

*----> State Dump for Thread Id 0xcd0 <----*

eax=00000600 ebx=00000266 ecx=00000608 edx=04200eac esi=019e0178 edi=09888cd0

eip=7c911295 esp=0012f39c ebp=0012f5bc iopl=0 nv up ei pl nz na pe nc

cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202

*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ntdll.dll -

function: ntdll!wcsncpy

7c91127a e4e8 in al,e8

7c91127c cc int 3

7c91127d 1300 adc eax,[eax]

7c91127f 008bc8898d6c add [ebx+0x6c8d89c8],cl

7c911285 ffff ???

7c911287 ff3b ???

7c911289 f1 ???

7c91128a 7412 jz ntdll!wcsncpy+0xd1f (7c91129e)

7c91128c 8d41f8 lea eax,[ecx-0x8]

7c91128f 8985d8feffff mov [ebp-0x128],eax

FAULT ->7c911295 663b18 cmp bx,[eax] ds:0023:00000600=????

7c911298 0f873ef5ffff jnbe ntdll!wcsncpy+0x25d (7c9107dc)

7c91129e 8d4708 lea eax,[edi+0x8]

7c9112a1 8985d0feffff mov [ebp-0x130],eax

7c9112a7 8b5104 mov edx,[ecx+0x4]

7c9112aa 8995c8feffff mov [ebp-0x138],edx

7c9112b0 e960fdffff jmp ntdll!wcsncpy+0xa96 (7c911015)

7c9112b5 8b06 mov eax,[esi]

7c9112b7 ebc7 jmp ntdll!wcsncpy+0xd01 (7c911280)

7c9112b9 0fb7c9 movzx ecx,cx

7c9112bc c1e103 shl ecx,0x3

*----> Stack Back Trace <----*

*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll -

WARNING: Stack unwind information not available. Following frames may be wrong.

*** ERROR: Module load completed but symbols could not be loaded for C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

ChildEBP RetAddr Args to Child

0012f5bc 1004988c 019e0000 00000000 00004dc4 ntdll!wcsncpy+0xd16

0012f5dc 10048b9c 00004dc4 0012f698 0012f640 mbamcore+0x4988c

0012f5f8 1000f4f4 00004dc4 019e0000 00000000 mbamcore+0x48b9c

0012f63c 1000f4bd 000002c7 0012f6e0 0012f698 mbamcore+0xf4f4

040c3818 00720065 0065006e 00200074 0000005c mbamcore+0xf4bd

097f0948 0044005c 0043004f 004d0055 004e0045 0x720065

003a0043 00000000 00000000 00000000 00000000 mbam+0x4005c

*----> Raw Stack Dump <----*

000000000012f39c c7 02 00 00 e0 f6 12 00 - c4 4d 00 00 22 02 91 7c .........M.."..|

000000000012f3ac 9b 01 91 7c db 01 91 7c - 98 f6 12 00 8e 00 00 00 ...|...|........

000000000012f3bc 1e 01 00 00 08 00 9e 01 - 00 00 00 00 07 00 00 00 ................

000000000012f3cc 00 f4 12 00 00 00 91 7c - 04 15 00 00 e0 57 8d 10 .......|.....W..

000000000012f3dc 00 00 00 00 00 00 00 00 - 07 00 00 00 00 00 9e 01 ................

000000000012f3ec 00 00 12 00 48 02 9e 01 - 03 00 00 00 68 02 9e 01 ....H.......h...

000000000012f3fc 60 02 9e 01 e0 f0 89 09 - 28 10 91 7c 86 10 91 7c `.......(..|...|

000000000012f40c db 01 91 7c 18 38 0c 04 - 29 16 80 7c a0 92 00 00 ...|.8..)..|....

000000000012f41c 07 00 00 00 00 00 20 04 - 00 00 91 7c 00 00 20 04 ...... ....|.. .

000000000012f42c 00 00 bb 07 18 4f 8b 09 - 00 00 bb 07 07 00 00 00 .....O..........

000000000012f43c a4 38 0c 04 00 00 20 04 - c0 00 00 00 78 01 9e 01 .8.... .....x...

000000000012f44c 07 00 00 00 00 00 00 00 - 07 00 00 00 08 3f 88 09 .............?..

000000000012f45c 00 00 00 00 08 00 00 00 - 00 00 00 00 03 00 00 00 ................

000000000012f46c 00 00 00 00 30 fb 87 09 - c0 50 89 09 d0 8c 88 09 ....0....P......

000000000012f47c 78 01 9e 01 10 00 00 00 - 08 46 89 09 10 00 00 00 x........F......

000000000012f48c 50 94 87 09 08 00 00 00 - 00 06 00 00 0c 00 00 00 P...............

000000000012f49c 78 01 9e 01 78 01 9e 01 - 38 fb 87 09 00 00 bb 07 x...x...8.......

000000000012f4ac 0a 00 00 00 00 00 9e 01 - 30 04 9e 01 c0 50 89 09 ........0....P..

000000000012f4bc e0 f4 12 00 28 05 9e 01 - 00 00 9e 01 b0 71 87 09 ....(........q..

000000000012f4cc b0 71 87 09 00 00 9e 01 - 00 00 bb 07 48 02 9e 01 .q..........H...

*----> State Dump for Thread Id 0x6a8 <----*

eax=00000000 ebx=00000000 ecx=7c809a0d edx=12f6001b esi=0019c9c8 edi=0019ca6c

eip=7c90e514 esp=015bfe18 ebp=015bff80 iopl=0 nv up ei pl zr na po nc

cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

function: ntdll!KiFastSystemCallRet

7c90e4fa e829000000 call ntdll!RtlRaiseException (7c90e528)

7c90e4ff 8b0424 mov eax,[esp]

7c90e502 8be5 mov esp,ebp

7c90e504 5d pop ebp

7c90e505 c3 ret

7c90e506 8da42400000000 lea esp,[esp]

7c90e50d 8d4900 lea ecx,[ecx]

ntdll!KiFastSystemCall:

7c90e510 8bd4 mov edx,esp

7c90e512 0f34 sysenter

ntdll!KiFastSystemCallRet:

7c90e514 c3 ret

7c90e515 8da42400000000 lea esp,[esp]

7c90e51c 8d642400 lea esp,[esp]

ntdll!KiIntSystemCall:

7c90e520 8d542408 lea edx,[esp+0x8]

7c90e524 cd2e int 2e

7c90e526 c3 ret

7c90e527 90 nop

ntdll!RtlRaiseException:

7c90e528 55 push ebp

7c90e529 8bec mov ebp,esp

*----> Stack Back Trace <----*

*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\RPCRT4.dll -

WARNING: Stack unwind information not available. Following frames may be wrong.

*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll -

ChildEBP RetAddr Args to Child

015bff80 77e76caf 015bffa8 77e76ad1 0019c9c8 ntdll!KiFastSystemCallRet

015bff88 77e76ad1 0019c9c8 00188da8 0012efa8 RPCRT4!I_RpcBCacheFree+0x61c

015bffa8 77e76c97 0017a788 015bffec 7c80b729 RPCRT4!I_RpcBCacheFree+0x43e

015bffb4 7c80b729 0019cb08 00188da8 0012efa8 RPCRT4!I_RpcBCacheFree+0x604

015bffec 00000000 77e76c7d 0019cb08 00000000 kernel32!GetModuleFileNameA+0x1ba

*----> Raw Stack Dump <----*

00000000015bfe18 aa da 90 7c e3 65 e7 77 - 1c 01 00 00 74 ff 5b 01 ...|.e.w....t.[.

00000000015bfe28 00 00 00 00 88 ee 19 00 - 48 ff 5b 01 46 02 00 00 ........H.[.F...

00000000015bfe38 1b 5a 54 80 50 5b 7c a6 - a8 0d aa 88 20 f1 df ff .ZT.P[|..... ...

00000000015bfe48 00 00 00 00 50 38 50 80 - a0 9d 64 89 a8 0d aa 88 ....P8P...d.....

00000000015bfe58 c2 da 4f 80 00 00 00 00 - 06 02 00 00 90 fb 4f 80 ..O...........O.

00000000015bfe68 f3 5b 54 80 d0 13 aa 88 - 00 20 04 80 00 71 6e 80 .[T...... ...qn.

00000000015bfe78 d0 13 aa 88 a8 6d 11 89 - 40 f5 df ff dc 5b 54 80 .....m..@....[T.

00000000015bfe88 ff ff ff ff 02 02 00 00 - d7 5a 54 80 84 5b 7c a6 .........ZT..[|.

00000000015bfe98 27 74 6e 80 00 00 00 00 - 43 7d 6e 80 28 5c 7c a6 'tn.....C}n.(\|.

00000000015bfea8 27 74 6e 80 00 0d db ba - 00 00 00 00 20 7c a4 a6 'tn......... |..

00000000015bfeb8 1c 81 56 e2 74 e1 97 7c - 00 00 00 00 00 00 00 00 ..V.t..|........

00000000015bfec8 ac 20 00 00 00 05 9c 0a - 00 00 10 00 20 1a ce a6 . .......... ...

00000000015bfed8 00 00 00 00 c0 1b a4 88 - 00 00 00 00 00 00 00 00 ................

00000000015bfee8 00 00 00 00 00 00 00 00 - ff ff ff ff 08 00 00 00 ................

00000000015bfef8 00 00 00 00 10 74 6e 80 - 6c 15 aa 88 28 5c 7c a6 .....tn.l...(\|.

00000000015bff08 00 00 00 00 27 74 6e 80 - 08 00 00 00 46 02 00 00 ....'tn.....F...

00000000015bff18 72 38 50 80 40 14 aa 88 - d0 13 aa 88 78 b0 4f 80 r8P.@.......x.O.

00000000015bff28 3c 15 aa 88 80 ff 5b 01 - 85 d1 e7 77 48 ff 5b 01 <.....[....wH.[.

00000000015bff38 95 d1 e7 77 e0 10 90 7c - 58 c8 19 00 08 cb 19 00 ...w...|X.......

00000000015bff48 00 a2 2f 4d ff ff ff ff - 00 5d 1e ee ff ff ff ff ../M.....]......

*----> State Dump for Thread Id 0xe24 <----*

eax=000000c0 ebx=00000000 ecx=00000000 edx=00000000 esi=00000000 edi=00000001

eip=7c90e514 esp=04b5fcec ebp=04b5ffb4 iopl=0 nv up ei pl zr na po nc

cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

function: ntdll!KiFastSystemCallRet

7c90e4fa e829000000 call ntdll!RtlRaiseException (7c90e528)

7c90e4ff 8b0424 mov eax,[esp]

7c90e502 8be5 mov esp,ebp

7c90e504 5d pop ebp

7c90e505 c3 ret

7c90e506 8da42400000000 lea esp,[esp]

7c90e50d 8d4900 lea ecx,[ecx]

ntdll!KiFastSystemCall:

7c90e510 8bd4 mov edx,esp

7c90e512 0f34 sysenter

ntdll!KiFastSystemCallRet:

7c90e514 c3 ret

7c90e515 8da42400000000 lea esp,[esp]

7c90e51c 8d642400 lea esp,[esp]

ntdll!KiIntSystemCall:

7c90e520 8d542408 lea edx,[esp+0x8]

7c90e524 cd2e int 2e

7c90e526 c3 ret

7c90e527 90 nop

ntdll!RtlRaiseException:

7c90e528 55 push ebp

7c90e529 8bec mov ebp,esp

*----> Stack Back Trace <----*

WARNING: Stack unwind information not available. Following frames may be wrong.

ChildEBP RetAddr Args to Child

04b5ffb4 7c80b729 00000000 001caec8 00000000 ntdll!KiFastSystemCallRet

04b5ffec 00000000 7c92a3f3 00000000 00000000 kernel32!GetModuleFileNameA+0x1ba

*----> Raw Stack Dump <----*

0000000004b5fcec 4a df 90 7c 1a a5 92 7c - 14 00 00 00 30 fd b5 04 J..|...|....0...

0000000004b5fcfc 01 00 00 00 01 00 00 00 - 00 00 00 00 c8 ae 1c 00 ................

0000000004b5fd0c 00 00 00 00 00 00 00 00 - a0 f9 97 7c a0 f9 97 7c ...........|...|

0000000004b5fd1c 14 03 00 00 24 0e 00 00 - 14 00 00 00 14 00 00 00 ....$...........

0000000004b5fd2c 13 00 00 00 10 03 00 00 - 54 01 00 00 60 03 00 00 ........T...`...

0000000004b5fd3c 88 03 00 00 e4 03 00 00 - 10 04 00 00 30 04 00 00 ............0...

0000000004b5fd4c 28 04 00 00 54 03 00 00 - 7c 03 00 00 94 03 00 00 (...T...|.......

0000000004b5fd5c b8 03 00 00 c0 03 00 00 - b4 03 00 00 cc 03 00 00 ................

0000000004b5fd6c d8 03 00 00 f0 03 00 00 - fc 03 00 00 04 04 00 00 ................

0000000004b5fd7c 1c 04 00 00 78 04 00 00 - 7c 04 00 00 88 04 00 00 ....x...|.......

0000000004b5fd8c 94 04 00 00 a0 04 00 00 - ac 04 00 00 ac 04 00 00 ................

0000000004b5fd9c ac 04 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

0000000004b5fdac 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

0000000004b5fdbc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

0000000004b5fdcc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

0000000004b5fddc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

0000000004b5fdec 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

0000000004b5fdfc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

0000000004b5fe0c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

0000000004b5fe1c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

*----> State Dump for Thread Id 0xa30 <----*

eax=00000000 ebx=04c5fef4 ecx=7ffd8000 edx=76a613f0 esi=00000000 edi=7ffd5000

eip=7c90e514 esp=04c5fecc ebp=04c5ff68 iopl=0 nv up ei pl zr na po nc

cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

function: ntdll!KiFastSystemCallRet

7c90e4fa e829000000 call ntdll!RtlRaiseException (7c90e528)

7c90e4ff 8b0424 mov eax,[esp]

7c90e502 8be5 mov esp,ebp

7c90e504 5d pop ebp

7c90e505 c3 ret

7c90e506 8da42400000000 lea esp,[esp]

7c90e50d 8d4900 lea ecx,[ecx]

ntdll!KiFastSystemCall:

7c90e510 8bd4 mov edx,esp

7c90e512 0f34 sysenter

ntdll!KiFastSystemCallRet:

7c90e514 c3 ret

7c90e515 8da42400000000 lea esp,[esp]

7c90e51c 8d642400 lea esp,[esp]

ntdll!KiIntSystemCall:

7c90e520 8d542408 lea edx,[esp+0x8]

7c90e524 cd2e int 2e

7c90e526 c3 ret

7c90e527 90 nop

ntdll!RtlRaiseException:

7c90e528 55 push ebp

7c90e529 8bec mov ebp,esp

*----> Stack Back Trace <----*

WARNING: Stack unwind information not available. Following frames may be wrong.

*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\USERENV.dll -

ChildEBP RetAddr Args to Child

04c5ff68 7c80a115 00000003 76a61348 00000000 ntdll!KiFastSystemCallRet

04c5ff84 769c87bd 00000003 76a61348 00000000 kernel32!WaitForMultipleObjects+0x18

04c5ffb4 7c80b729 00000000 00000000 00000000 USERENV!RegisterGPNotification+0x1b6

04c5ffec 00000000 769c8761 00000000 00000000 kernel32!GetModuleFileNameA+0x1ba

*----> Raw Stack Dump <----*

0000000004c5fecc 4a df 90 7c 90 95 80 7c - 03 00 00 00 f4 fe c5 04 J..|...|........

0000000004c5fedc 01 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

0000000004c5feec f0 13 a6 76 e7 9b 80 7c - 64 03 00 00 68 03 00 00 ...v...|d...h...

0000000004c5fefc 6c 03 00 00 5c fe c5 04 - 6c ff c5 04 6c ff c5 04 l...\...l...l...

0000000004c5ff0c 20 e9 90 7c 60 00 91 7c - 14 00 00 00 01 00 00 00 ..|`..|........

0000000004c5ff1c 00 00 00 00 00 00 00 00 - 10 00 00 00 fa 1b 80 7c ...............|

0000000004c5ff2c 00 00 00 00 00 00 00 00 - 00 50 fd 7f 00 80 fd 7f .........P......

0000000004c5ff3c 48 8b 16 00 00 00 00 00 - f4 fe c5 04 00 00 00 00 H...............

0000000004c5ff4c 03 00 00 00 e8 fe c5 04 - 00 00 00 00 dc ff c5 04 ................

0000000004c5ff5c d8 9a 83 7c 80 96 80 7c - 00 00 00 00 84 ff c5 04 ...|...|........

0000000004c5ff6c 15 a1 80 7c 03 00 00 00 - 48 13 a6 76 00 00 00 00 ...|....H..v....

0000000004c5ff7c ff ff ff ff 00 00 00 00 - b4 ff c5 04 bd 87 9c 76 ...............v

0000000004c5ff8c 03 00 00 00 48 13 a6 76 - 00 00 00 00 ff ff ff ff ....H..v........

0000000004c5ff9c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 9c 76 ...............v

0000000004c5ffac 03 00 00 00 00 00 00 00 - ec ff c5 04 29 b7 80 7c ............)..|

0000000004c5ffbc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

0000000004c5ffcc 00 80 fd 7f 00 66 4f 8a - c0 ff c5 04 98 d1 96 88 .....fO.........

0000000004c5ffdc ff ff ff ff d8 9a 83 7c - 30 b7 80 7c 00 00 00 00 .......|0..|....

0000000004c5ffec 00 00 00 00 00 00 00 00 - 61 87 9c 76 00 00 00 00 ........a..v....

0000000004c5fffc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

*----> State Dump for Thread Id 0xf2c <----*

eax=0020d754 ebx=00000000 ecx=00157898 edx=776071a8 esi=0019c9c8 edi=0019ca6c

eip=7c90e514 esp=0474fe18 ebp=0474ff80 iopl=0 nv up ei pl zr na po nc

cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

function: ntdll!KiFastSystemCallRet

7c90e4fa e829000000 call ntdll!RtlRaiseException (7c90e528)

7c90e4ff 8b0424 mov eax,[esp]

7c90e502 8be5 mov esp,ebp

7c90e504 5d pop ebp

7c90e505 c3 ret

7c90e506 8da42400000000 lea esp,[esp]

7c90e50d 8d4900 lea ecx,[ecx]

ntdll!KiFastSystemCall:

7c90e510 8bd4 mov edx,esp

7c90e512 0f34 sysenter

ntdll!KiFastSystemCallRet:

7c90e514 c3 ret

7c90e515 8da42400000000 lea esp,[esp]

7c90e51c 8d642400 lea esp,[esp]

ntdll!KiIntSystemCall:

7c90e520 8d542408 lea edx,[esp+0x8]

7c90e524 cd2e int 2e

7c90e526 c3 ret

7c90e527 90 nop

ntdll!RtlRaiseException:

7c90e528 55 push ebp

7c90e529 8bec mov ebp,esp

*----> Stack Back Trace <----*

WARNING: Stack unwind information not available. Following frames may be wrong.

ChildEBP RetAddr Args to Child

0474ff80 77e76caf 0474ffa8 77e76ad1 0019c9c8 ntdll!KiFastSystemCallRet

0474ff88 77e76ad1 0019c9c8 00000000 00000000 RPCRT4!I_RpcBCacheFree+0x61c

0474ffa8 77e76c97 0017a788 0474ffec 7c80b729 RPCRT4!I_RpcBCacheFree+0x43e

0474ffb4 7c80b729 001bb9e8 00000000 00000000 RPCRT4!I_RpcBCacheFree+0x604

0474ffec 00000000 77e76c7d 001bb9e8 00000000 kernel32!GetModuleFileNameA+0x1ba

*----> Raw Stack Dump <----*

000000000474fe18 aa da 90 7c e3 65 e7 77 - 1c 01 00 00 74 ff 74 04 ...|.e.w....t.t.

000000000474fe28 00 00 00 00 40 df 20 00 - 48 ff 74 04 46 02 00 00 ....@. .H.t.F...

000000000474fe38 1b 5a 54 80 50 6b a0 a5 - 30 6b 7c 88 20 f1 df ff .ZT.Pk..0k|. ...

000000000474fe48 00 00 00 00 50 38 50 80 - 02 9d 64 89 00 00 7c 88 ....P8P...d...|.

000000000474fe58 c2 da 4f 80 00 00 00 00 - 30 6b 7c 88 00 00 00 00 ..O.....0k|.....

000000000474fe68 f8 9d 64 89 01 00 00 00 - f0 6b a0 a5 8b 27 5d 80 ..d......k...'].

000000000474fe78 00 00 00 00 30 6b 7c 88 - 78 6d 7c 88 00 00 00 00 ....0k|.xm|.....

000000000474fe88 08 00 20 00 06 00 00 00 - 00 3c 3f 8a 00 00 00 00 .. ......<?.....

000000000474fe98 a1 20 a4 a6 00 81 56 e2 - cc 87 25 1c 5d f9 cb 01 . ....V...%.]...

000000000474fea8 00 3c 3f 8a d8 20 a4 a6 - 00 3c 3f 8a 20 7c a4 a6 .<?.. ...<?. |..

000000000474feb8 1c 81 56 e2 74 e1 97 7c - 00 00 00 00 a0 9d 64 89 ..V.t..|......d.

000000000474fec8 30 6b 7c 88 00 00 2d 03 - 00 00 10 00 00 00 00 00 0k|...-.........

000000000474fed8 00 00 00 00 00 00 00 00 - bc 50 43 89 20 3a 56 80 .........PC. :V.

000000000474fee8 00 b0 fd 7f 00 00 00 00 - b1 89 a4 a6 da 89 a4 00 ................

000000000474fef8 5c 6b a0 a5 4c 6c a0 a5 - ff ff ff ff 10 9b 53 80 \k..Ll........S.

000000000474ff08 30 a9 4d 80 ff ff ff ff - 10 6c a0 a5 0c 29 5d 80 0.M......l...)].

000000000474ff18 38 f5 df ff 34 59 54 80 - 00 68 7c 88 b4 b1 4f 80 8...4YT..h|...O.

000000000474ff28 24 6a 7c 88 80 ff 74 04 - 85 d1 e7 77 48 ff 74 04 $j|...t....wH.t.

000000000474ff38 95 d1 e7 77 e0 10 90 7c - a0 df 1b 00 e8 b9 1b 00 ...w...|........

000000000474ff48 00 a2 2f 4d ff ff ff ff - 00 5d 1e ee ff ff ff ff ../M.....]......

post-3835-0-58034000-1302653292.jpg

post-3835-0-95648200-1302653301.jpg

Link to post
Share on other sites

thx. for the reply.. old news now. Trend Micro Titanium Internet Security, said in a blog somewhere they were going to update everyone's engine/program. on 3/29 so I got my download! I can get my mbam pro to work with TM but its a little slow... I have to work on removing & replacing files. If I ever get it to work? My contact for TM is in the Philippines, and I was on the phone with him last night for 90mins... So my mbam pro is now free a version. Until I can sort this out! Bad time since I moved from Payson to Sedona, AZ. later....

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.