Outlook Express crashes randomly - probably because of malware?
Hi, all. My Outlook Express is randomly crashing with an error code of 0xC0000008, at address 0x000000007C964ED1. Modules mentioned are msimn.exe (Outlook Express) and ntdll.dll. I have run virus scans from three different AV programs: my Computer Associates eTrust EZ Armor program, as well as two onlines scans at Housecall and PcPitStop. No viruses found. Then ran the three spyware programs I regularly use, scanning the entire system: Lavasoft AdAware 6, SpyBot Search & Destroy, and Microsoft AntiSpyware. Only found a few villains, which were removed. But the errors continue to happen. Also ran HijackThis to see if I could find anything nasty, but I wasn't successful.
I noticed one of cpc2004's posts on some similar questions that said to make available the Dr. Watson dump files at any website, so I have uploaded the following file:
http://home.earthlink.net/%7Elreynol929/ruXP/errordump/user.zip
at my "r u XPerienced?" website. This zip file contains the files user.dmp and drwtson32.log generated by one of the recent errors. I don't know how to use these dumps and logs to debug the problem, but hoping one of the experts who sees this question does...
I noticed one of cpc2004's posts on some similar questions that said to make available the Dr. Watson dump files at any website, so I have uploaded the following file:
http://home.earthlink.net/%7Elreynol929/ruXP/errordump/user.zip
at my "r u XPerienced?" website. This zip file contains the files user.dmp and drwtson32.log generated by one of the recent errors. I don't know how to use these dumps and logs to debug the problem, but hoping one of the experts who sees this question does...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Dr Watson log is a format dump and you can use notepad to view it. My debugging background is mainly at OS/390 main frame and AIX. For windows I am still at learning. No matter whether it is main-frame, unix or windows. The fundamental techique is basically the same.
Restriction
1) The dump is only a snap shoot when the problem occurs. If the probem is a storage overlaid, it is very hard to find out the culprit
2) We do not have the source code. It is very hard to debug to program without source code.
3) Basic knowledge of Windows Internal.
4) At mainframe and AIX, all the hardware error are well look after by CE. I have never to debug hardware problem.
At Windows a lot of system crashes and application crash are related to faulty hardware. You have to learn by experience how to identify a hardware problem and software problem.
.
Basic Technique
1) find out failing module name and datestamp of the module
2) nt status code (ie the abend code). For example c000001d (illegal instruction) is usually caused by faulty hardware
3) examine the stack trace to understand what happen when it crashes
4) examine the load module to find out any module which has known problem
5) search google using the failing module name.
As it is accumulative and you have to archive the doctor watson log manually.
Restriction
1) The dump is only a snap shoot when the problem occurs. If the probem is a storage overlaid, it is very hard to find out the culprit
2) We do not have the source code. It is very hard to debug to program without source code.
3) Basic knowledge of Windows Internal.
4) At mainframe and AIX, all the hardware error are well look after by CE. I have never to debug hardware problem.
At Windows a lot of system crashes and application crash are related to faulty hardware. You have to learn by experience how to identify a hardware problem and software problem.
.
Basic Technique
1) find out failing module name and datestamp of the module
2) nt status code (ie the abend code). For example c000001d (illegal instruction) is usually caused by faulty hardware
3) examine the stack trace to understand what happen when it crashes
4) examine the load module to find out any module which has known problem
5) search google using the failing module name.
As it is accumulative and you have to archive the doctor watson log manually.
Lee Tutor,
Is eTrust EZ Antivirus the culprit of your problem?
Is eTrust EZ Antivirus the culprit of your problem?
ASKER
Apparently. I have sent my DrWatson info to Computer Associates to see if they can fix the problem.
ASKER
http://support.microsoft.com/default.aspx?scid=kb;en-us;308538
Description of the Dr. Watson for Windows (Drwtsn32.exe) Tool