It seems to me that everytime I try to access a game menu, FF7.exe crashes. The same exact crash happens when I enter a battle. I'm not very good at hex editing/reading, so hopefully someone can help me out on this issue. (Note: I've tried every patch imaginable with no progress.)Dr Watson reports:
Application exception occurred:
App: (pid=912)
When: 10/11/2004 @ 13:12:50.444
Exception number: c0000005 (access violation)
*----> System Information <----*
Computer Name:
User Name: Administrator
Number of Processors: 1
Processor Type: x86 Family 6 Model 6 Stepping 2
Windows 2000 Version: 5.0
Current Build: 2195
Service Pack: 4
Current Type: Uniprocessor Free
Registered Organization:
Registered Owner:
*----> Task List <----*
0 Idle.exe
8 System.exe
184 SMSS.exe
208 CSRSS.exe
228 WINLOGON.exe
256 SERVICES.exe
268 LSASS.exe
384 ati2evxx.exe
464 svchost.exe
492 spoolsv.exe
532 DkService.exe
548 svchost.exe
592 regsvc.exe
620 mstask.exe
688 WinMgmt.exe
748 svchost.exe
908 ati2evxx.exe
932 explorer.exe
1088 jusched.exe
1052 iTouch.exe
1104 aim.exe
1140 opera.exe
1416 NTVDM.exe
1008 WinRAR.exe
1412 WinRAR.exe
504 notepad.exe
480 TASKMGR.exe
1480 mmc.exe
912 FF7.exe
800 DRWTSN32.exe
0 _Total.exe
(00400000 - 00F44000)
(77F80000 - 77FFD000)
(77570000 - 775A0000)
(77E10000 - 77E75000)
(7C570000 - 7C628000)
(77F40000 - 77F7E000)
(7C2D0000 - 7C332000)
(77D30000 - 77DA1000)
(77A50000 - 77B3F000)
(51080000 - 510E1000)
(78000000 - 78045000)
(77820000 - 77827000)
(759B0000 - 759B6000)
(5F580000 - 5F620000)
(51000000 - 51050000)
(728A0000 - 728A6000)
(77410000 - 77423000)
(681A0000 - 681A7000)
(66740000 - 66747000)
(10000000 - 10007000)
(72D90000 - 72E03000)
(6F9A0000 - 6F9A8000)
(77880000 - 7790E000)
(7C0F0000 - 7C151000)
(71710000 - 71794000)
(0A1C0000 - 0A1DE000)
(77560000 - 77568000)
(77400000 - 77408000)
(75D40000 - 75D46000)
(775A0000 - 77630000)
(779B0000 - 77A4B000)
(1C400000 - 1C413000)
(35500000 - 35708000)
(0B980000 - 0B9A3000)
(1D040000 - 1D221000)
(6A8F0000 - 6A910000)
(782F0000 - 78535000)
(70A70000 - 70AD4000)
(0BDA0000 - 0BDA8000)
(0BDB0000 - 0BED7000)
(0C2F0000 - 0C3DA000)
(63000000 - 63096000)
(7C740000 - 7C7C7000)
(77430000 - 77440000)
(77800000 - 7781E000)
(76620000 - 76630000)
(76B30000 - 76B6E000)
(0CD40000 - 0CD47000)
State Dump for Thread Id 0x468
eax=017c8a40 ebx=7ffdf000 ecx=44200000 edx=44200000 esi=001313ee edi=00730061
eip=0069996d esp=0012519c ebp=001251a4 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00200206
function: <nosymbols>
00699943 83ec08 sub esp,0x8
00699946 837d0c00 cmp dword ptr [ebp+0xc],0x0 ss:00b9f08a=00000000
0069994a 0f84a3000000 je 006999f3
00699950 c745fc00000000 mov dword ptr [ebp+0xfc],0x0 ss:00b9f08a=00000000
00699957 8b450c mov eax,[ebp+0xc] ss:00b9f08a=00000000
0069995a 8b480c mov ecx,[eax+0xc] ds:02242926=ffffffff
0069995d 894df8 mov [ebp+0xf8],ecx ss:00b9f08a=00000000
00699960 837df800 cmp dword ptr [ebp+0xf8],0x0 ss:00b9f08a=00000000
00699964 0f8489000000 je 006999f3
0069996a 8b55f8 mov edx,[ebp+0xf8] ss:00b9f08a=00000000
FAULT ->0069996d 8b4204 mov eax,[edx+0x4] ds:44c79ee6=????????
00699970 3b4508 cmp eax,[ebp+0x8] ss:00b9f08a=00000000
00699973 756b jnz 006a24e0
00699975 8b4d0c mov ecx,[ebp+0xc] ss:00b9f08a=00000000
00699978 8b5110 mov edx,[ecx+0x10] ds:44c79ee6=????????
0069997b 3b55f8 cmp edx,[ebp+0xf8] ss:00b9f08a=00000000
0069997e 7509 jnz 006a2489
00699980 8b450c mov eax,[ebp+0xc] ss:00b9f08a=00000000
00699983 8b4dfc mov ecx,[ebp+0xfc] ss:00b9f08a=00000000
00699986 894810 mov [eax+0x10],ecx ds:02242926=ffffffff
00699989 837dfc00 cmp dword ptr [ebp+0xfc],0x0 ss:00b9f08a=00000000
0069998d 740c jz 006a249b
*----> Stack Back Trace <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
001251A4 0069DB42 017DECE0 01791C90 017DECE0 001251CC !<nosymbols>
001251B8 006709C7 017DECE0 01781318 00DB25F4 001251D8 !<nosymbols>
001251CC 00670A61 09FEA720 00125288 006B7655 00DB25F4 !<nosymbols>
001251D8 006B7655 00DB25F4 00000000 001251F4 006648F9 !<nosymbols>
00125288 006C35A0 00000001 006A1030 01796990 001252A8 !<nosymbols>
001252A8 006667A0 01781318 0012FF34 0067D3EC 01781318 !<nosymbols>
001252B4 0067D3EC 01781318 B3821940 00000F77 B3820B6A !<nosymbols>
0012FF34 0040B7F2 00400000 00000000 001313EE 00000001 !<nosymbols>
0012FFC0 7C581AF6 00730061 00200079 7FFDF000 C0000005 !<nosymbols>
0012FFF0 00000000 0040B6A0 00000000 000000C8 00000100 kernel32!OpenEventA
*----> Raw Stack Dump <----*
0012519c 00 00 20 44 40 8a 7c 01 - b8 51 12 00 42 db 69 00 .. D@.|..Q..B.i.
001251ac e0 ec 7d 01 90 1c 79 01 - e0 ec 7d 01 cc 51 12 00 ..}...y...}..Q..
001251bc c7 09 67 00 e0 ec 7d 01 - 18 13 78 01 f4 25 db 00 ..g...}...x..%..
001251cc d8 51 12 00 61 0a 67 00 - 20 a7 fe 09 88 52 12 00 .Q..a.g. ....R..
001251dc 55 76 6b 00 f4 25 db 00 - 00 00 00 00 f4 51 12 00 Uvk..%.......Q..
001251ec f9 48 66 00 18 13 78 01 - 84 52 12 00 93 df 73 00 .Hf...x..R....s.
001251fc 04 52 12 00 04 00 00 00 - 53 45 54 20 56 4f 4c 55 .R......SET VOLU
0012520c 4d 45 20 35 3a 20 31 32 - 37 0a 00 51 b0 13 00 51 ME 5: 127..Q...Q
0012521c ff ff ff ff b2 5b 01 51 - 00 5c 01 51 28 83 13 00 .....[.Q.\.Q(...
0012522c 17 5c 01 51 c8 09 04 51 - ee 13 13 00 58 52 12 00 .\.Q...Q....XR..
0012523c 58 52 12 00 69 96 67 00 - 00 00 00 00 b4 3d 90 00 XR..i.g......=..
0012524c 8e 0a 00 00 18 13 78 01 - 01 00 00 00 6c 52 12 00 ......x.....lR..
0012525c 65 00 66 00 01 00 00 00 - 10 14 79 01 00 00 00 00 e.f.......y.....
0012526c a4 52 12 00 86 23 68 00 - 18 13 78 01 a4 52 12 00 .R...#h...x..R..
0012527c 02 00 00 00 18 13 78 01 - a8 52 12 00 a8 52 12 00 ......x..R...R..
0012528c a0 35 6c 00 01 00 00 00 - 30 10 6a 00 90 69 79 01 .5l.....0.j..iy.
0012529c a8 52 12 00 91 09 67 00 - 90 69 79 01 b4 52 12 00 .R....g..iy..R..
001252ac a0 67 66 00 18 13 78 01 - 34 ff 12 00 ec d3 67 00 .gf...x.4.....g.
001252bc 18 13 78 01 40 19 82 b3 - 77 0f 00 00 6a 0b 82 b3 ..x.@...w...j...
001252cc 77 0f 00 00 00 00 00 00 - 01 bf 6a 41 00 00 00 00 w.........jA....
State Dump for Thread Id 0x354
eax=0a1bff98 ebx=00000001 ecx=00010101 edx=00000000 esi=77f82873 edi=00000001
eip=77f8287e esp=0a1bfecc ebp=0a1bff18 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
function: NtWaitForMultipleObjects
77f82873 b8e9000000 mov eax,0xe9
77f82878 8d542404 lea edx,[esp+0x4] ss:0ac39db3=????????
77f8287c cd2e int 2e
77f8287e c21400 ret 0x14
*----> Stack Back Trace <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0A1BFF18 77E119E6 0A1BFEF0 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
0A1BFF74 5F586B53 0A1BFF40 00000000 FFFFFFFF 000000FF user32!MsgWaitForMultipleObject[censored]
0A1BFFB4 7C57438B 00146990 00124BD4 77F88B43 00146990 !<nosymbols>
0A1BFFEC 00000000 5F586AF1 00146990 00000000 00905A4D kernel32!TlsSetValue
*----> Raw Stack Dump <----*
0a1bfecc 23 3c 57 7c 01 00 00 00 - f0 fe 1b 0a 01 00 00 00 #<W|............
0a1bfedc 01 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0a1bfeec 01 00 00 00 b0 00 00 00 - 57 ff f9 77 00 ff 1b 0a ........W..w....
0a1bfefc 24 00 00 00 00 00 0d 00 - 01 01 00 00 56 7d 58 5f $...........V}X_
0a1bff0c 99 ba e2 77 6b 00 00 00 - 4e 00 00 00 74 ff 1b 0a ...wk...N...t...
0a1bff1c e6 19 e1 77 f0 fe 1b 0a - 01 00 00 00 00 00 00 00 ...w............
0a1bff2c 00 00 00 00 01 00 00 00 - 00 00 00 00 6b 3b 57 7c ............k;W|
0a1bff3c 90 69 14 00 b0 00 00 00 - 90 69 14 00 74 ff 1b 0a .i.......i..t...
0a1bff4c ec 18 e1 77 98 ff 1b 0a - 00 00 00 00 00 00 00 00 ...w............
0a1bff5c 00 00 00 00 01 00 00 00 - 01 00 00 00 cc d6 fd 7f ................
0a1bff6c 00 00 00 00 b0 00 00 00 - b4 ff 1b 0a 53 6b 58 5f ............SkX_
0a1bff7c 40 ff 1b 0a 00 00 00 00 - ff ff ff ff ff 00 00 00 @...............
0a1bff8c 02 00 00 00 d4 4b 12 00 - 43 8b f8 77 00 00 00 00 .....K..C..w....
0a1bff9c 13 01 00 00 81 7e 00 00 - ee 6a 58 5f 5a fd b8 00 .....~...jX_Z...
0a1bffac 40 01 00 00 f0 00 00 00 - ec ff 1b 0a 8b 43 57 7c @............CW|
0a1bffbc 90 69 14 00 d4 4b 12 00 - 43 8b f8 77 90 69 14 00 .i...K..C..w.i..
0a1bffcc 00 d0 fd 7f 00 00 00 00 - c0 ff 1b 0a 00 00 00 00 ................
0a1bffdc ff ff ff ff 97 e5 57 7c - a8 a0 57 7c 00 00 00 00 ......W|..W|....
0a1bffec 00 00 00 00 00 00 00 00 - f1 6a 58 5f 90 69 14 00 .........jX_.i..
0a1bfffc 00 00 00 00 4d 5a 90 00 - 03 00 00 00 04 00 00 00 ....MZ..........
State Dump for Thread Id 0x434
eax=77562bda ebx=00000002 ecx=0000001c edx=00000000 esi=77f82873 edi=00000002
eip=77f8287e esp=0a53ff24 ebp=0a53ff70 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
function: NtWaitForMultipleObjects
77f82873 b8e9000000 mov eax,0xe9
77f82878 8d542404 lea edx,[esp+0x4] ss:0afb9e0b=00000000
77f8287c cd2e int 2e
77f8287e c21400 ret 0x14
*----> Stack Back Trace <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0A53FF70 7C578F0D 0A53FF48 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
0A53FFB4 7C57438B 00000000 00130888 7FFDEBF8 00000000 kernel32!WaitForMultipleObjects
0A53FFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue
State Dump for Thread Id 0x558
eax=0d530000 ebx=00000001 ecx=00010101 edx=00000000 esi=77f82873 edi=00000001
eip=77f8287e esp=0aa3fde4 ebp=0aa3fe30 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
function: NtWaitForMultipleObjects
77f82873 b8e9000000 mov eax,0xe9
77f82878 8d542404 lea edx,[esp+0x4] ss:0b4b9ccb=????????
77f8287c cd2e int 2e
77f8287e c21400 ret 0x14
*----> Stack Back Trace <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0AA3FE30 7C578F0D 0AA3FE08 00000001 00000000 0AA3FE28 ntdll!NtWaitForMultipleObjects
0AA3FE60 510C2E51 00000001 000001F4 00000000 0AA3FE80 kernel32!WaitForMultipleObjects
0AA3FF80 510A2329 000001F4 00000000 00000000 00000000 !<nosymbols>
0AA3FFB4 7C57438B 017706F4 77F81F55 77F82518 017706F4 !<nosymbols>
0AA3FFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue
State Dump for Thread Id 0x550
eax=0ab3ff50 ebx=00000002 ecx=0ab3ff4c edx=00000000 esi=77f82873 edi=00000002
eip=77f8287e esp=0ab3fecc ebp=0ab3ff18 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
function: NtWaitForMultipleObjects
77f82873 b8e9000000 mov eax,0xe9
77f82878 8d542404 lea edx,[esp+0x4] ss:0b5b9db3=????????
77f8287c cd2e int 2e
77f8287e c21400 ret 0x14
*----> Stack Back Trace <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0AB3FF18 7C578F0D 0AB3FEF0 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
0AB3FF48 510B228A 00000002 FFFFFFFF 00000000 0AB3FF6C kernel32!WaitForMultipleObjects
0AB3FF78 510B2559 00000150 00139FBE 778802A0 01771328 !<nosymbols>
0AB3FFAC 510B25FC 0AB3FFEC 7C57438B 01771328 00139FBE !<nosymbols>
0AB3FFB4 7C57438B 01771328 00139FBE 778802A0 01771328 !<nosymbols>
0AB3FFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue
State Dump for Thread Id 0x324
eax=00151310 ebx=00000000 ecx=0ac3ffdc edx=00000000 esi=77f82865 edi=0000013c
eip=77f82870 esp=0ac3ff60 ebp=0ac3ff84 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
function: NtWaitForSingleObject
77f82865 b8ea000000 mov eax,0xea
77f8286a 8d542404 lea edx,[esp+0x4] ss:0b6b9e47=????????
77f8286e cd2e int 2e
77f82870 c20c00 ret 0xc
*----> Stack Back Trace <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0AC3FF84 7C573B50 0000013C FFFFFFFF 00000000 775641DF ntdll!NtWaitForSingleObject
77F82060 8B000000 83042454 0F00147A 017B9C85 42FF9000 kernel32!WaitForSingleObject
180D8B64 00000000 00000000 00000000 00000000 00000000 <nosymbols>
*----> Raw Stack Dump <----*
0ac3ff60 28 3b 57 7c 3c 01 00 00 - 00 00 00 00 00 00 00 00 (;W|<...........
0ac3ff70 91 20 f8 77 40 be 13 00 - 3c 01 00 00 e8 bf 13 00 . .w@...<.......
0ac3ff80 e8 bf 13 00 60 20 f8 77 - 50 3b 57 7c 3c 01 00 00 ....` .wP;W|<...
0ac3ff90 ff ff ff ff 00 00 00 00 - df 41 56 77 3c 01 00 00 .........AVw<...
0ac3ffa0 ff ff ff ff 85 41 56 77 - 00 00 00 00 ec ff c3 0a .....AVw........
0ac3ffb0 40 be 13 00 00 00 00 00 - 8b 43 57 7c 40 be 13 00 @........CW|@...
0ac3ffc0 85 41 56 77 00 00 00 00 - 40 be 13 00 00 90 fd 7f .AVw....@.......
0ac3ffd0 00 30 00 00 c0 ff c3 0a - 00 30 00 00 ff ff ff ff .0.......0......
0ac3ffe0 97 e5 57 7c a8 a0 57 7c - 00 00 00 00 00 00 00 00 ..W|..W|........
0ac3fff0 00 00 00 00 85 41 56 77 - 40 be 13 00 00 00 00 00 .....AVw@.......
0ac40000 08 00 00 00 02 01 00 00 - ee ff ee ff 00 00 00 00 ................
0ac40010 00 00 77 01 00 20 1b 00 - 00 00 c4 0a 00 02 00 00 ..w.. ..........
0ac40020 40 00 c4 0a 00 00 e4 0a - b2 01 00 00 01 00 00 00 @...............
0ac40030 88 05 77 01 00 00 00 00 - 00 1d c8 0a 00 00 00 00 ..w.............
0ac40040 e1 15 08 00 02 01 08 00 - 00 00 00 00 00 00 00 00 ................
0ac40050 08 00 00 00 f9 ff f3 ff - ee ff fa ff 03 00 0a 00 ................
0ac40060 ff ff e6 ff f2 ff ab ff - aa fe 86 fb 48 f7 f8 f3 ............H...
0ac40070 77 f1 a8 ef b5 f0 d3 f3 - 27 f7 89 fa da fd 94 00 w.......'.......
0ac40080 65 02 85 04 b7 07 30 0a - cd 0d 85 10 94 10 88 0d e.....0.........
0ac40090 f1 09 de 06 43 04 6e 01 - 1b ff 3b fd 5b fa 47 f7 ....C.n...;.[.G.
State Dump for Thread Id 0x3c4
eax=77575bb9 ebx=000001b0 ecx=77570000 edx=00000000 esi=0af3ff98 edi=77e15f6c
eip=77e11555 esp=0af3ff58 ebp=0af3ff78 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246
function: ScrollDC
77e11533 8d542404 lea edx,[esp+0x4] ss:0b9b9e3f=????????
77e11537 cd2e int 2e
77e11539 c21c00 ret 0x1c
77e1153c b838110000 mov eax,0x1138
77e11541 8d542404 lea edx,[esp+0x4] ss:0b9b9e3f=????????
77e11545 cd2e int 2e
77e11547 c20400 ret 0x4
77e1154a b89a110000 mov eax,0x119a
77e1154f 8d542404 lea edx,[esp+0x4] ss:0b9b9e3f=????????
77e11553 cd2e int 2e
77e11555 c21000 ret 0x10
77e11558 6a01 push 0x1
77e1155a 58 pop eax
77e1155b c20800 ret 0x8
77e1155e b839110000 mov eax,0x1139
77e11563 8d542404 lea edx,[esp+0x4] ss:0b9b9e3f=????????
77e11567 cd2e int 2e
77e11569 c20800 ret 0x8
*----> Stack Back Trace <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0AF3FF78 77575C36 0AF3FF98 00000000 00000000 00000000 user32!ScrollDC
0AF3FFB4 7C57438B 000001B0 77595428 0012488C 000001B0 winmm!midiOutGetNumDevs
0AF3FFEC 00000000 77575BB9 000001B0 00000000 00000008 kernel32!TlsSetValue
*----> Raw Stack Dump <----*
0af3ff58 a8 5f e1 77 98 ff f3 0a - 00 00 00 00 00 00 00 00 ._.w............
0af3ff68 00 00 00 00 b0 01 00 00 - 00 00 00 00 6c 5f e1 77 ............l_.w
0af3ff78 b4 ff f3 0a 36 5c 57 77 - 98 ff f3 0a 00 00 00 00 ....6\Ww........
0af3ff88 00 00 00 00 00 00 00 00 - 28 54 59 77 8c 48 12 00 ........(TYw.H..
0af3ff98 20 ca 1a 82 ff ff ff ff - 7b 14 43 80 00 00 00 00 .......{.C.....
0af3ffa8 00 00 00 00 00 00 00 00 - 7f 17 43 80 ec ff f3 0a ..........C.....
0af3ffb8 8b 43 57 7c b0 01 00 00 - 28 54 59 77 8c 48 12 00 .CW|....(TYw.H..
0af3ffc8 b0 01 00 00 00 70 fd 7f - 00 00 57 77 c0 ff f3 0a .....p....Ww....
0af3ffd8 00 00 57 77 ff ff ff ff - 97 e5 57 7c a8 a0 57 7c ..Ww......W|..W|
0af3ffe8 00 00 00 00 00 00 00 00 - 00 00 00 00 b9 5b 57 77 .............[Ww
0af3fff8 b0 01 00 00 00 00 00 00 - 08 00 00 00 03 01 00 00 ................
0af40008 ee ff ee ff 00 00 00 00 - 00 00 78 01 00 50 15 00 ..........x..P..
0af40018 00 00 f4 0a 00 04 00 00 - 40 00 f4 0a 00 00 34 0b ........@.....4.
0af40028 55 01 00 00 01 00 00 00 - 98 05 78 01 00 00 00 00 U.........x.....
0af40038 c8 fb 1d 0b 00 00 00 00 - 3d 94 08 00 03 01 08 00 ........=.......
0af40048 61 61 61 63 2e 70 00 00 - 00 00 00 00 00 00 00 00 aaac.p..........
0af40058 8b 44 05 00 0e 00 00 00 - 61 61 61 64 2e 72 73 64 .D......aaad.rsd
0af40068 00 00 00 00 00 00 00 00 - cb 4a 05 00 0e 00 00 00 .........J......
0af40078 61 61 61 65 2e 70 00 00 - 00 00 00 00 00 00 00 00 aaae.p..........
0af40088 21 4b 05 00 0e 00 00 00 - 61 61 67 61 2e 61 00 00 !K......aaga.a..
State Dump for Thread Id 0x574
eax=77d358be ebx=00155d30 ecx=00123ea8 edx=00000000 esi=00149bd0 edi=00000100
eip=77f83310 esp=0b85fe28 ebp=0b85ff74 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206
function: ZwReplyWaitReceivePortEx
77f83305 b8ac000000 mov eax,0xac
77f8330a 8d542404 lea edx,[esp+0x4] ss:0c2d9d0f=????????
77f8330e cd2e int 2e
77f83310 c21400 ret 0x14
*----> Stack Back Trace <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0B85FF74 77D37B4C 77D35924 00149BD0 77D33E01 00130000 ntdll!ZwReplyWaitReceivePortEx
0B85FFA8 77D358D6 00155D08 0B85FFEC 7C57438B 00155D30 rpcrt4!NdrCorrelationInitialize
0B85FFB4 7C57438B 00155D30 77D33E01 00130000 00155D30 rpcrt4!RpcBindingFree
0B85FFEC 00000000 00000000 00000000 00000000 00000000 kernel32!TlsSetValue
State Dump for Thread Id 0x430
eax=77ab502c ebx=00000102 ecx=01020100 edx=00000000 esi=77f82826 edi=0b95ff74
eip=77f82831 esp=0b95ff60 ebp=0b95ff7c iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206
function: NtDelayExecution
77f82826 b832000000 mov eax,0x32
77f8282b 8d542404 lea edx,[esp+0x4] ss:0c3d9e47=00000000
77f8282f cd2e int 2e
77f82831 c20800 ret 0x8
77f82834 53 push ebx
77f82835 51 push ecx
77f82836 6a00 push 0x0
77f82838 c70701000000 mov dword ptr [edi],0x1 ds:0b95ff74=dc3cba00
77f8283e ff750c push dword ptr [ebp+0xc] ss:0c3d9e62=00000000
77f82841 50 push eax
77f82842 e879fdffff call RtlMultiByteToUnicodeN (77f825c0)
77f82847 e928fcffff jmp RtlConsoleMultiByteToUnicodeN+0x333 (77f82474)
*----> Stack Back Trace <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0B95FF7C 7C573A22 0000EA60 00000000 77AB8FFB 0000EA60 ntdll!NtDelayExecution
00007530 00000000 00000000 00000000 00000000 00000000 kernel32!Sleep
*----> Raw Stack Dump <----*
0b95ff60 4e 3a 57 7c 00 00 00 00 - 74 ff 95 0b ce 3a 57 7c N:W|....t....:W|
0b95ff70 c8 85 15 00 00 ba 3c dc - ff ff ff ff 30 75 00 00 ......<.....0u..
0b95ff80 22 3a 57 7c 60 ea 00 00 - 00 00 00 00 fb 8f ab 77 ":W|`..........w
0b95ff90 60 ea 00 00 ee 50 ab 77 - 00 00 00 00 00 00 a5 77 `....P.w.......w
0b95ffa0 c8 85 15 00 ec ff 95 0b - c8 85 15 00 46 50 ab 77 ............FP.w
0b95ffb0 45 7d a6 77 30 7d a6 77 - 8b 43 57 7c c8 85 15 00 E}.w0}.w.CW|....
0b95ffc0 45 7d a6 77 30 7d a6 77 - c8 85 15 00 00 50 fd 7f E}.w0}.w.....P..
0b95ffd0 00 01 02 01 c0 ff 95 0b - 00 01 02 01 ff ff ff ff ................
0b95ffe0 97 e5 57 7c a8 a0 57 7c - 00 00 00 00 00 00 00 00 ..W|..W|........
0b95fff0 00 00 00 00 2c 50 ab 77 - c8 85 15 00 00 00 00 00 ....,P.w........
0b960000 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0b960010 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0b960020 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0b960030 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0b960040 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0b960050 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0b960060 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0b960070 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0b960080 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0b960090 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
State Dump for Thread Id 0x148
eax=7757927f ebx=77593780 ecx=77fcc3d5 edx=00000000 esi=77593a78 edi=00000002
eip=77f8287e esp=0ce4ff4c ebp=77f82060 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000202
function: NtWaitForMultipleObjects
77f82873 b8e9000000 mov eax,0xe9
77f82878 8d542404 lea edx,[esp+0x4] ss:0d8c9e33=????????
77f8287c cd2e int 2e
77f8287e c21400 ret 0x14
*----> Stack Back Trace <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
77F82060 8B000000 83042454 0F00147A 017B9C85 42FF9000 ntdll!NtWaitForMultipleObjects
180D8B64 00000000 00000000 00000000 00000000 00000000 <nosymbols>
*----> Raw Stack Dump <----*
0ce4ff4c 2f 93 57 77 02 00 00 00 - 74 ff e4 0c 01 00 00 00 /.Ww....t.......
0ce4ff5c 01 00 00 00 00 00 00 00 - 04 4f 7b 00 00 00 78 01 .........O{...x.
0ce4ff6c ec ff e4 0c 00 00 00 00 - 84 01 00 00 6c 02 00 00 ............l...
0ce4ff7c 00 00 00 00 00 00 00 00 - c2 12 43 80 00 00 00 00 ..........C.....
0ce4ff8c 97 02 00 00 fb 12 43 80 - c0 80 27 82 a0 4d 2a 82 ......C...'..M*.
0ce4ff9c ff ff ff ff 7b 14 43 80 - 00 00 00 00 00 00 00 00 ....{.C.........
0ce4ffac 00 00 00 00 7f 17 43 80 - bf 80 f8 77 8b 43 57 7c ......C....w.CW|
0ce4ffbc 00 00 00 00 04 4f 7b 00 - 00 00 78 01 00 00 00 00 .....O{...x.....
0ce4ffcc 00 c0 fd 7f d5 c3 fc 77 - c0 ff e4 0c d5 c3 fc 77 .......w.......w
0ce4ffdc ff ff ff ff 97 e5 57 7c - a8 a0 57 7c 00 00 00 00 ......W|..W|....
0ce4ffec 00 00 00 00 00 00 00 00 - 7f 92 57 77 00 00 00 00 ..........Ww....
0ce4fffc 00 00 00 00 00 00 0b 0d - 00 00 ca 09 00 00 00 00 ................
0ce5000c 00 00 00 00 00 10 25 00 - 00 10 25 00 50 07 00 00 ......%...%.P...
0ce5001c 00 0b 00 00 00 00 09 00 - 00 00 2a 00 00 00 47 4a ..........*...GJ
0ce5002c 00 00 71 4a 00 00 97 4f - 00 00 a7 69 00 00 41 6e ..qJ...O...i..An
0ce5003c 00 00 29 9d 00 00 5d 9d - 00 00 45 a0 00 00 19 4a ..)...]...E....J
0ce5004c 00 00 02 05 0c 0a 90 08 - 02 00 00 02 00 00 00 00 ................
0ce5005c 00 00 6b 69 74 61 00 00 - 00 00 6d 64 31 73 74 69 ..kita....md1sti
0ce5006c 6e 00 64 69 72 00 00 00 - 00 00 63 6c 00 00 00 00 n.dir.....cl....
0ce5007c 00 00 62 61 00 00 00 00 - 00 00 76 69 65 77 00 00 ..ba......view..