Dr. Watson crash on RUNDLL32.EXE, Control Panel icon, other apps too


T

Thee Chicago Wolf

The log file shows a crash at RUNDLL32.EXE. System was perfectly
stable yesterday. The only thing I changed within the last 24 hrs was
to update Ad-Aware 2007 to the latest patches. Does anyone speak
crash-dump? Any help would be tops.




Microsoft (R) DrWtsn32
Copyright (C) 1985-2001 Microsoft Corp. All rights reserved.

Application exception occurred:
App: C:\WINDOWS\system32\rundll32.exe (pid=1764)
When: 08/29/2007 @ 07:01:31.578
Exception number: c0000005 (access violation)

*----> System Information <----*
Terminal Session Id: 0
Number of Processors: 1
Processor Type: x86 Family 6 Model 10 Stepping 0
Windows Version: 5.1
Current Build: 2600
Service Pack: 2
Current Type: Multiprocessor Free
Registered Organization: Multiprocessor Free
Registered Owner: Multiprocessor Free

*----> Task List <----*
0 System Process
4 System
348 smss.exe
444 csrss.exe
492 winlogon.exe
568 services.exe
580 lsass.exe
780 svchost.exe
860 svchost.exe
944 svchost.exe
972 svchost.exe
1100 spoolsv.exe
1160 sched.exe
1180 avguard.exe
1224 svchost.exe
1744 Explorer.EXE
200 avgnt.exe
208 MBM5.EXE
644 wuauclt.exe
984 wmiprvse.exe
1448 explorer.exe
1764 rundll32.exe
1184 drwtsn32.exe

*----> Module List <----*
(0000000001000000 - 000000000100b000: C:\WINDOWS\system32\rundll32.exe
(0000000020000000 - 00000000202c5000: C:\WINDOWS\system32\xpsp2res.dll
(0000000047d60000 - 0000000047db2000: C:\WINDOWS\system32\sysdm.cpl
(00000000508e0000 - 0000000050916000: C:\WINDOWS\system32\wuaucpl.cpl
(000000005ad70000 - 000000005ada8000: C:\WINDOWS\system32\UxTheme.dll
(000000005b860000 - 000000005b8b5000: C:\WINDOWS\system32\NETAPI32.dll
(000000005c020000 - 000000005c05f000: C:\WINDOWS\system32\srrstr.dll
(000000005c060000 - 000000005c073000: C:\WINDOWS\system32\srclient.dll
(000000005cb70000 - 000000005cb96000: C:\WINDOWS\system32\ShimEng.dll
(000000005d090000 - 000000005d12a000: C:\WINDOWS\system32\comctl32.dll
(000000005da30000 - 000000005da42000: C:\WINDOWS\system32\remotepg.dll
(000000005f660000 - 000000005f685000: C:\WINDOWS\system32\netid.dll
(00000000692c0000 - 00000000692f0000:
C:\WINDOWS\System32\Wbem\framedyn.dll
(000000006f880000 - 000000006fa4a000: C:\WINDOWS\AppPatch\AcGenral.DLL
(0000000071aa0000 - 0000000071aa8000: C:\WINDOWS\system32\WS2HELP.dll
(0000000071ab0000 - 0000000071ac7000: C:\WINDOWS\system32\WS2_32.dll
(0000000071bf0000 - 0000000071c03000: C:\WINDOWS\system32\SAMLIB.dll
(0000000074d90000 - 0000000074dfb000: C:\WINDOWS\system32\USP10.dll
(0000000074ed0000 - 0000000074ede000:
C:\WINDOWS\system32\wbem\wbemsvc.dll
(0000000074ef0000 - 0000000074ef8000:
C:\WINDOWS\system32\wbem\wbemprox.dll
(0000000075150000 - 0000000075164000: C:\WINDOWS\system32\Cabinet.dll
(0000000075290000 - 00000000752c7000:
C:\WINDOWS\system32\wbem\wbemcomn.dll
(0000000075690000 - 0000000075706000:
C:\WINDOWS\system32\wbem\fastprox.dll
(0000000076080000 - 00000000760e5000: C:\WINDOWS\system32\MSVCP60.dll
(0000000076360000 - 0000000076370000: C:\WINDOWS\system32\WINSTA.dll
(0000000076380000 - 0000000076385000: C:\WINDOWS\system32\MSIMG32.dll
(0000000076390000 - 00000000763ad000: C:\WINDOWS\system32\IMM32.dll
(00000000763b0000 - 00000000763f9000: C:\WINDOWS\system32\comdlg32.dll
(00000000767a0000 - 00000000767b3000: C:\WINDOWS\system32\NTDSAPI.dll
(00000000769c0000 - 0000000076a74000: C:\WINDOWS\system32\USERENV.dll
(0000000076b40000 - 0000000076b6d000: C:\WINDOWS\system32\WINMM.dll
(0000000076c00000 - 0000000076c2e000: C:\WINDOWS\system32\credui.dll
(0000000076c30000 - 0000000076c5e000: C:\WINDOWS\system32\WINTRUST.dll
(0000000076c90000 - 0000000076cb8000: C:\WINDOWS\system32\IMAGEHLP.dll
(0000000076f20000 - 0000000076f47000: C:\WINDOWS\system32\DNSAPI.dll
(0000000076f60000 - 0000000076f8c000: C:\WINDOWS\system32\WLDAP32.dll
(0000000076fd0000 - 000000007704f000: C:\WINDOWS\system32\CLBCATQ.DLL
(0000000077050000 - 0000000077115000: C:\WINDOWS\system32\COMRes.dll
(0000000077120000 - 00000000771ab000: C:\WINDOWS\system32\OLEAUT32.dll
(00000000773d0000 - 00000000774d3000:
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
(00000000774e0000 - 000000007761d000: C:\WINDOWS\system32\ole32.dll
(0000000077920000 - 0000000077a13000: C:\WINDOWS\system32\SETUPAPI.dll
(0000000077a80000 - 0000000077b15000: C:\WINDOWS\system32\CRYPT32.dll
(0000000077b20000 - 0000000077b32000: C:\WINDOWS\system32\MSASN1.dll
(0000000077b40000 - 0000000077b62000: C:\WINDOWS\system32\appHelp.dll
(0000000077be0000 - 0000000077bf5000: C:\WINDOWS\system32\MSACM32.dll
(0000000077c00000 - 0000000077c08000: C:\WINDOWS\system32\VERSION.dll
(0000000077c10000 - 0000000077c68000: C:\WINDOWS\system32\msvcrt.dll
(0000000077dd0000 - 0000000077e6b000: C:\WINDOWS\system32\ADVAPI32.dll
(0000000077e70000 - 0000000077f01000: C:\WINDOWS\system32\RPCRT4.dll
(0000000077f10000 - 0000000077f57000: C:\WINDOWS\system32\GDI32.dll
(0000000077f60000 - 0000000077fd6000: C:\WINDOWS\system32\SHLWAPI.dll
(0000000077fe0000 - 0000000077ff1000: C:\WINDOWS\system32\Secur32.dll
(000000007c800000 - 000000007c8f5000: C:\WINDOWS\system32\kernel32.dll
(000000007c900000 - 000000007c9af000: C:\WINDOWS\system32\ntdll.dll
(000000007c9c0000 - 000000007d1d6000: C:\WINDOWS\system32\SHELL32.dll
(000000007e410000 - 000000007e4a0000: C:\WINDOWS\system32\USER32.dll

*----> State Dump for Thread Id 0x624 <----*

eax=00000000 ebx=00000000 ecx=00000000 edx=7c90e4f4 esi=0007f0f0
edi=000a0768
eip=7c90e4f4 esp=0007f0b0 ebp=0007f0cc iopl=0 nv up ei pl zr
na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINDOWS\system32\ntdll.dll -
function: ntdll!KiFastSystemCallRet
7c90e470 6a00 push 0x0
7c90e472 51 push ecx
7c90e473 e8c8ebffff call ntdll!NtContinue (7c90d040)
7c90e478 eb0b jmp
ntdll!KiUserExceptionDispatcher+0x29 (7c90e485)
7c90e47a 5b pop ebx
7c90e47b 59 pop ecx
7c90e47c 6a00 push 0x0
7c90e47e 51 push ecx
7c90e47f 53 push ebx
7c90e480 e80bf5ffff call ntdll!NtRaiseException
(7c90d990)
7c90e485 83c4ec add esp,0xffffffec
7c90e488 890424 mov [esp],eax
7c90e48b c744240401000000 mov dword ptr [esp+0x4],0x1
7c90e493 895c2408 mov [esp+0x8],ebx
7c90e497 c744241000000000 mov dword ptr [esp+0x10],0x0
7c90e49f 54 push esp
7c90e4a0 e863000000 call ntdll!RtlRaiseException
(7c90e508)
7c90e4a5 c20800 ret 0x8
ntdll!KiRaiseUserExceptionDispatcher:
7c90e4a8 55 push ebp
7c90e4a9 8bec mov ebp,esp
7c90e4ab 83ec50 sub esp,0x50
7c90e4ae 8944240c mov [esp+0xc],eax
7c90e4b2 64a118000000 mov eax,fs:[00000018]
7c90e4b8 8b80a4010000 mov eax,[eax+0x1a4]
7c90e4be 890424 mov [esp],eax
7c90e4c1 c744240400000000 mov dword ptr [esp+0x4],0x0
7c90e4c9 c744240800000000 mov dword ptr [esp+0x8],0x0
7c90e4d1 c744241000000000 mov dword ptr [esp+0x10],0x0
7c90e4d9 54 push esp
7c90e4da e829000000 call ntdll!RtlRaiseException
(7c90e508)
7c90e4df 8b0424 mov eax,[esp]
7c90e4e2 8be5 mov esp,ebp
7c90e4e4 5d pop ebp
7c90e4e5 c3 ret
7c90e4e6 8da42400000000 lea esp,[esp]
7c90e4ed 8d4900 lea ecx,[ecx]
ntdll!KiFastSystemCall:
7c90e4f0 8bd4 mov edx,esp
7c90e4f2 0f34 sysenter
ntdll!KiFastSystemCallRet:
7c90e4f4 c3 ret
7c90e4f5 8da42400000000 lea esp,[esp]
7c90e4fc 8d642400 lea esp,[esp]
ntdll!KiIntSystemCall:
7c90e500 8d542408 lea edx,[esp+0x8]
7c90e504 cd2e int 2e
7c90e506 c3 ret
7c90e507 90 nop
ntdll!RtlRaiseException:
7c90e508 55 push ebp
7c90e509 8bec mov ebp,esp
7c90e50b 9c pushfd
7c90e50c 81ecd0020000 sub esp,0x2d0
7c90e512 8985dcfdffff mov [ebp-0x224],eax
7c90e518 898dd8fdffff mov [ebp-0x228],ecx
7c90e51e 8b4508 mov eax,[ebp+0x8]
7c90e521 8b4d04 mov ecx,[ebp+0x4]
7c90e524 89480c mov [eax+0xc],ecx
7c90e527 8d852cfdffff lea eax,[ebp-0x2d4]
7c90e52d 8988b8000000 mov [eax+0xb8],ecx
7c90e533 8998a4000000 mov [eax+0xa4],ebx
7c90e539 8990a8000000 mov [eax+0xa8],edx
7c90e53f 89b0a0000000 mov [eax+0xa0],esi
7c90e545 89b89c000000 mov [eax+0x9c],edi
7c90e54b 8d4d0c lea ecx,[ebp+0xc]
7c90e54e 8988c4000000 mov [eax+0xc4],ecx
7c90e554 8b4d00 mov ecx,[ebp]
7c90e557 8988b4000000 mov [eax+0xb4],ecx
7c90e55d 8b4dfc mov ecx,[ebp-0x4]
7c90e560 8988c0000000 mov [eax+0xc0],ecx
7c90e566 8c88bc000000 mov [eax+0xbc],cs
7c90e56c 8c9898000000 mov [eax+0x98],ds
7c90e572 8c8094000000 mov [eax+0x94],es
7c90e578 8ca090000000 mov [eax+0x90],fs
7c90e57e 8ca88c000000 mov [eax+0x8c],gs
7c90e584 8c90c8000000 mov [eax+0xc8],ss
7c90e58a c70007000100 mov dword ptr [eax],0x10007
7c90e590 6a01 push 0x1
7c90e592 50 push eax
7c90e593 ff7508 push dword ptr [ebp+0x8]
7c90e596 e8f5f3ffff call ntdll!NtRaiseException
(7c90d990)

*----> Stack Back Trace <----*

- Thee Chicago Wolf
 
Ad

Advertisements

J

Jim

Thee Chicago Wolf said:
The log file shows a crash at RUNDLL32.EXE. System was perfectly
stable yesterday. The only thing I changed within the last 24 hrs was
to update Ad-Aware 2007 to the latest patches. Does anyone speak
crash-dump? Any help would be tops.
<snip crash dump>

Somebody at MS might. The access violation was probably the cause of the
crash. In short, such a violation
happens when a program attempts to access memory which it does not have the
right to access.
Jim
 
Ad

Advertisements

T

Thee Chicago Wolf

Thee Chicago Wolf said:
<snip crash dump>

Somebody at MS might. The access violation was probably the cause of the
crash. In short, such a violation
happens when a program attempts to access memory which it does not have the
right to access.
Jim

Cheers Jim.

- Thee Chicago Wolf
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top