?date/time : 2009-12-08, 07:43:38, 500ms
computer name : 226F081FC7DB4BA
user name : cata <admin>
registered owner : *
operating system : Windows XP Service Pack 2 build 2600
system language : English
system up time : 10 minutes 47 seconds
program up time : 582 milliseconds
processor : AMD Sempron(tm) 2500+
physical memory : 189/511 MB (free/total)
free disk space : (C:) 5.89 GB
display mode : 800x600, 32 bit
process id : $340
allocated memory : 7.56 MB
command line : "C:Program FilesRegistry Mechanicupdate.exe" -product=RM -subproduct=NRM -EXES=regmech.exe -SVCS=StartManSvc.exe -version=9.0.0.114 -code=0-0-0-0 -lang=English -PID=0
executable : update.exe
exec. date/time : 2009-10-14 15:43
version : 6.1.0.39
compiled with : BCB 2006/07
madExcept version : 3.0i
update.exe.mad : $0001a874, $bebb3b27, $db0ec290
callstack crc : $419ac587, $8aa30ff5, $8aa30ff5
exception number : 1
exception class : Exception
exception message : Cannot open AVI.
processes:
000 Idle 0 0
004 System 0 0 normal
1b0 smss.exe 0 0 normal C:WINDOWSsystem32
1ec csrss.exe 43 54 normal C:WINDOWSsystem32
204 winlogon.exe 40 11 high C:WINDOWSsystem32
230 services.exe 4 0 normal C:WINDOWSsystem32
23c lsass.exe 4 0 normal C:WINDOWSsystem32
2d4 svchost.exe 4 0 normal C:WINDOWSsystem32
300 svchost.exe 4 0 normal C:WINDOWSsystem32
348 svchost.exe 4 3 normal C:WINDOWSSystem32
378 svchost.exe 4 0 normal C:WINDOWSsystem32
3c8 svchost.exe 4 0 normal C:WINDOWSsystem32
4cc Explorer.EXE 160 66 normal C:WINDOWS
53c spoolsv.exe 5 0 normal C:WINDOWSsystem32
600 nod32krn.exe 9 2 normal C:Program FilesEset
630 StartManSvc.exe 5 0 normal C:Program FilesCommon FilesPC ToolssMonitor
670 svchost.exe 10 2 normal C:WINDOWSsystem32
154 alg.exe 5 0 normal C:WINDOWSSystem32
16c nod32kui.exe 345 270 normal C:Program FilesEset
178 winampa.exe 12 2 normal C:Program FilesWinamp
180 RunDll32.exe 18 6 normal C:WINDOWSsystem32
190 Monitor.exe 20 8 normal C:WINDOWSPixArtPAC207
1a0 MsnMsgr.Exe 69 30 normal C:Program FilesMSN Messenger
1c4 RegMech.exe 893 319 normal C:Program FilesRegistry Mechanic
56c ymsgr_tray.exe 72 6 normal C:Program FilesYahoo!Messenger
a78 firefox.exe 259 84 normal C:Program FilesMozilla Firefox
ad0 wuauclt.exe 12 4 normal C:WINDOWSsystem32
340 update.exe 91 47 normal C:Program FilesRegistry Mechanic
hardware:
+ Computer
- ACPI Uniprocessor PC
+ Disk drives
- Maxtor 6Y080L0
+ Display adapters
- Video Controller (VGA Compatible)
+ DVD/CD-ROM drives
- ASUS DVD-E616P2
+ Floppy disk controllers
- Standard floppy disk controller
+ Human Interface Devices
- USB Human Interface Device
+ IDE ATA/ATAPI controllers
- Primary IDE Channel
- Secondary IDE Channel
- SiS PCI IDE Controller
+ Imaging devices
- PC Camera (driver 1.0.4.14)
+ Keyboards
- Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
+ Mice and other pointing devices
- HID-compliant mouse
+ Network adapters
- SiS 900-Based PCI Fast Ethernet Adapter (driver 2.0.1039.1180)
+ Ports (COM & LPT)
- Communications Port (COM1)
- ECP Printer Port (LPT1)
+ Processors
- AMD Sempron(tm) 2500+
+ Sound, video and game controllers
- Audio Codecs
- C-Media AC97 Audio Device (driver 5.12.1.51)
- Legacy Audio Drivers
- Legacy Video Capture Devices
- Media Control Devices
- Standard Game Port
- Video Codecs
+ System devices
- ACPI Fixed Feature Button
- ACPI Power Button
- Direct memory access controller
- ISAPNP Read Data Port
- Logical Disk Manager
- Microcode Update Device
- Microsoft ACPI-Compliant System
- Microsoft System Management BIOS Driver
- Motherboard resources
- Numeric data processor
- PCI bus
- PCI standard host CPU bridge
- Plug and Play Software Device Enumerator
- Printer Port Logical Interface
- Programmable interrupt controller
- SIS PCI to ISA bridge
- SIS Processor to AGP Controller
- System CMOS/real time clock
- System speaker
- System timer
- Terminal Server Device Redirector
- Terminal Server Keyboard Driver
- Terminal Server Mouse Driver
- Volume Manager
+ Universal Serial Bus controllers
- SiS 7001 PCI to USB Open Host Controller
- SiS 7001 PCI to USB Open Host Controller
- SiS PCI to USB Enhanced Host Controller
- USB Root Hub
- USB Root Hub
- USB Root Hub
cpu registers:
eax = 013c5920
ebx = 012f8f70
ecx = 013c5920
edx = 004de858
esi = 00000000
edi = 00000001
eip = 004de858
esp = 0012ea14
ebp = 0012ea5c
Trimite mesajÎnapoiNu poți trimite un mesaj fără conținut!Nu este permisă folosirea de cod HTML in mesaje.Mesajul nu a fost trimis din motive de securitate. Va rugam sa ne contactati prin email pe adresa office@sunphoto.roMesajul nu a fost trimis din motive de posibil spam. Va rugam sa ne contactati prin email pe adresa office@sunphoto.roMesajul nu a fost trimis din motive de posibil spam. Ati trimis prea multe mesaje in ultimul timp.A apărut o eroare în timpul trimiterii mesajului. Vă rog încercați din nou.Mesajul a fost trimis.
computer name : 226F081FC7DB4BA
user name : cata <admin>
registered owner : *
operating system : Windows XP Service Pack 2 build 2600
system language : English
system up time : 10 minutes 47 seconds
program up time : 582 milliseconds
processor : AMD Sempron(tm) 2500+
physical memory : 189/511 MB (free/total)
free disk space : (C:) 5.89 GB
display mode : 800x600, 32 bit
process id : $340
allocated memory : 7.56 MB
command line : "C:Program FilesRegistry Mechanicupdate.exe" -product=RM -subproduct=NRM -EXES=regmech.exe -SVCS=StartManSvc.exe -version=9.0.0.114 -code=0-0-0-0 -lang=English -PID=0
executable : update.exe
exec. date/time : 2009-10-14 15:43
version : 6.1.0.39
compiled with : BCB 2006/07
madExcept version : 3.0i
update.exe.mad : $0001a874, $bebb3b27, $db0ec290
callstack crc : $419ac587, $8aa30ff5, $8aa30ff5
exception number : 1
exception class : Exception
exception message : Cannot open AVI.
Main ($33c):
004de858 +02c update.exe segment%99 public%6634
004de95f +01b update.exe segment%99 public%6637
004de577 +033 update.exe segment%99 public%6624
005a83d7 +00b update.exe segment%240 public%10724
005a9db7 +02b update.exe segment%240 public%10752
004bab2b +027 update.exe segment%61 public%5575
004bbc04 +010 update.exe segment%61 public%5613
004a22a3 +2bb update.exe segment%57 public%4758
004a629b +4fb update.exe segment%57 public%4905
004b841f +553 update.exe segment%61 public%5513
004a59c4 +02c update.exe segment%57 public%4900
00429238 +014 update.exe segment%11 public%2169
77d5f3e9 +044 USER32.dll SendMessageA
004b53dc +010 update.exe segment%61 public%5411
004ba76a +12e update.exe segment%61 public%5568
004a5f02 +162 update.exe segment%57 public%4905
004a59c4 +02c update.exe segment%57 public%4900
00429238 +014 update.exe segment%11 public%2169
7c90eae0 +010 ntdll.dll KiUserCallbackDispatcher
004a22a3 +2bb update.exe segment%57 public%4758
004a629b +4fb update.exe segment%57 public%4905
004b841f +553 update.exe segment%61 public%5513
004a59c4 +02c update.exe segment%57 public%4900
00429238 +014 update.exe segment%11 public%2169
7c90eae0 +010 ntdll.dll KiUserCallbackDispatcher
004a22a3 +2bb update.exe segment%57 public%4758
004a629b +4fb update.exe segment%57 public%4905
004b841f +553 update.exe segment%61 public%5513
004a1f30 +024 update.exe segment%57 public%4754
004a5762 +112 update.exe segment%57 public%4897
004a58a5 +0e5 update.exe segment%57 public%4898
004a8156 +026 update.exe segment%57 public%4991
004a22a3 +2bb update.exe segment%57 public%4758
004a629b +4fb update.exe segment%57 public%4905
004b841f +553 update.exe segment%61 public%5513
004a1f30 +024 update.exe segment%57 public%4754
004a0b62 +026 update.exe segment%57 public%4681
004b7d56 +03a update.exe segment%61 public%5508
004c050d +09d update.exe segment%61 public%5769
005afee4 +04c update.exe segment%387 public%10956
7c91312f +069 ntdll.dll RtlUnicodeStringToAnsiString
7c812907 +0b6 kernel32.dll GetVersionExA
thread $3c4:
>> stack not accessible
modules:
00400000 update.exe 6.1.0.39 C:Program FilesRegistry Mechanic
58d40000 Wship6.dll 5.1.2600.2180 C:WINDOWSsystem32
5ad70000 uxtheme.dll 6.0.2900.2523 C:WINDOWSsystem32
5b860000 NETAPI32.dll 5.1.2600.2756 C:WINDOWSsystem32
5d090000 COMCTL32.dll 5.82.2900.2649 C:WINDOWSsystem32
5edd0000 olepro32.dll 5.1.2600.2180 C:WINDOWSsystem32
666f0000 inetmib1.dll 5.1.2600.2180 C:WINDOWSsystem32
71a50000 mswsock.dll 5.1.2600.2180 C:WINDOWSSystem32
71aa0000 WS2HELP.dll 5.1.2600.2180 C:WINDOWSsystem32
71ab0000 ws2_32.dll 5.1.2600.2180 C:WINDOWSsystem32
71ad0000 WSOCK32.dll 5.1.2600.2180 C:WINDOWSsystem32
71bf0000 SAMLIB.dll 5.1.2600.2180 C:WINDOWSsystem32
71f60000 snmpapi.dll 5.1.2600.2180 C:WINDOWSsystem32
763b0000 comdlg32.dll 6.0.2900.2180 C:WINDOWSsystem32
76b20000 ATL.DLL 3.5.2284.0 C:WINDOWSsystem32
76d40000 MPRAPI.dll 5.1.2600.2180 C:WINDOWSsystem32
76d60000 iphlpapi.dll 5.1.2600.2180 C:WINDOWSsystem32
76e10000 adsldpc.dll 5.1.2600.2180 C:WINDOWSsystem32
76e80000 rtutils.dll 5.1.2600.2180 C:WINDOWSsystem32
76f20000 DNSAPI.dll 5.1.2600.2180 C:WINDOWSsystem32
76f60000 WLDAP32.dll 5.1.2600.2180 C:WINDOWSsystem32
76fb0000 winrnr.dll 5.1.2600.2180 C:WINDOWSSystem32
77120000 OLEAUT32.dll 5.1.2600.2180 C:WINDOWSsystem32
773d0000 comctl32.dll 6.0.2900.2649 C:WINDOWSWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b
774e0000 ole32.dll 5.1.2600.2726 C:WINDOWSsystem32
77690000 NTMARTA.DLL 5.1.2600.2180 C:WINDOWSsystem32
77920000 SETUPAPI.dll 5.1.2600.2180 C:WINDOWSsystem32
77c00000 version.dll 5.1.2600.2180 C:WINDOWSsystem32
77c10000 msvcrt.dll 7.0.2600.2180 C:WINDOWSsystem32
77cc0000 ACTIVEDS.dll 5.1.2600.2180 C:WINDOWSsystem32
77d40000 USER32.dll 5.1.2600.2622 C:WINDOWSsystem32
77dd0000 ADVAPI32.dll 5.1.2600.2180 C:WINDOWSsystem32
77e70000 RPCRT4.dll 5.1.2600.2794 C:WINDOWSsystem32
77f10000 GDI32.dll 5.1.2600.2770 C:WINDOWSsystem32
77f60000 SHLWAPI.dll 6.0.2900.2781 C:WINDOWSsystem32
77fe0000 Secur32.dll 5.1.2600.2180 C:WINDOWSsystem32
7c800000 kernel32.dll 5.1.2600.2180 C:WINDOWSsystem32
7c900000 ntdll.dll 5.1.2600.2180 C:WINDOWSsystem32
7c9c0000 SHELL32.dll 6.0.2900.2770 C:WINDOWSsystem32
processes:
000 Idle 0 0
004 System 0 0 normal
1b0 smss.exe 0 0 normal C:WINDOWSsystem32
1ec csrss.exe 43 54 normal C:WINDOWSsystem32
204 winlogon.exe 40 11 high C:WINDOWSsystem32
230 services.exe 4 0 normal C:WINDOWSsystem32
23c lsass.exe 4 0 normal C:WINDOWSsystem32
2d4 svchost.exe 4 0 normal C:WINDOWSsystem32
300 svchost.exe 4 0 normal C:WINDOWSsystem32
348 svchost.exe 4 3 normal C:WINDOWSSystem32
378 svchost.exe 4 0 normal C:WINDOWSsystem32
3c8 svchost.exe 4 0 normal C:WINDOWSsystem32
4cc Explorer.EXE 160 66 normal C:WINDOWS
53c spoolsv.exe 5 0 normal C:WINDOWSsystem32
600 nod32krn.exe 9 2 normal C:Program FilesEset
630 StartManSvc.exe 5 0 normal C:Program FilesCommon FilesPC ToolssMonitor
670 svchost.exe 10 2 normal C:WINDOWSsystem32
154 alg.exe 5 0 normal C:WINDOWSSystem32
16c nod32kui.exe 345 270 normal C:Program FilesEset
178 winampa.exe 12 2 normal C:Program FilesWinamp
180 RunDll32.exe 18 6 normal C:WINDOWSsystem32
190 Monitor.exe 20 8 normal C:WINDOWSPixArtPAC207
1a0 MsnMsgr.Exe 69 30 normal C:Program FilesMSN Messenger
1c4 RegMech.exe 893 319 normal C:Program FilesRegistry Mechanic
56c ymsgr_tray.exe 72 6 normal C:Program FilesYahoo!Messenger
a78 firefox.exe 259 84 normal C:Program FilesMozilla Firefox
ad0 wuauclt.exe 12 4 normal C:WINDOWSsystem32
340 update.exe 91 47 normal C:Program FilesRegistry Mechanic
hardware:
+ Computer
- ACPI Uniprocessor PC
+ Disk drives
- Maxtor 6Y080L0
+ Display adapters
- Video Controller (VGA Compatible)
+ DVD/CD-ROM drives
- ASUS DVD-E616P2
+ Floppy disk controllers
- Standard floppy disk controller
+ Human Interface Devices
- USB Human Interface Device
+ IDE ATA/ATAPI controllers
- Primary IDE Channel
- Secondary IDE Channel
- SiS PCI IDE Controller
+ Imaging devices
- PC Camera (driver 1.0.4.14)
+ Keyboards
- Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
+ Mice and other pointing devices
- HID-compliant mouse
+ Network adapters
- SiS 900-Based PCI Fast Ethernet Adapter (driver 2.0.1039.1180)
+ Ports (COM & LPT)
- Communications Port (COM1)
- ECP Printer Port (LPT1)
+ Processors
- AMD Sempron(tm) 2500+
+ Sound, video and game controllers
- Audio Codecs
- C-Media AC97 Audio Device (driver 5.12.1.51)
- Legacy Audio Drivers
- Legacy Video Capture Devices
- Media Control Devices
- Standard Game Port
- Video Codecs
+ System devices
- ACPI Fixed Feature Button
- ACPI Power Button
- Direct memory access controller
- ISAPNP Read Data Port
- Logical Disk Manager
- Microcode Update Device
- Microsoft ACPI-Compliant System
- Microsoft System Management BIOS Driver
- Motherboard resources
- Numeric data processor
- PCI bus
- PCI standard host CPU bridge
- Plug and Play Software Device Enumerator
- Printer Port Logical Interface
- Programmable interrupt controller
- SIS PCI to ISA bridge
- SIS Processor to AGP Controller
- System CMOS/real time clock
- System speaker
- System timer
- Terminal Server Device Redirector
- Terminal Server Keyboard Driver
- Terminal Server Mouse Driver
- Volume Manager
+ Universal Serial Bus controllers
- SiS 7001 PCI to USB Open Host Controller
- SiS 7001 PCI to USB Open Host Controller
- SiS PCI to USB Enhanced Host Controller
- USB Root Hub
- USB Root Hub
- USB Root Hub
cpu registers:
eax = 013c5920
ebx = 012f8f70
ecx = 013c5920
edx = 004de858
esi = 00000000
edi = 00000001
eip = 004de858
esp = 0012ea14
ebp = 0012ea5c
stack dump:
0012ea14 58 e8 4d 00 de fa ed 0e - 01 00 00 00 07 00 00 00 X.M.............
0012ea24 28 ea 12 00 58 e8 4d 00 - 20 59 3c 01 70 8f 2f 01 (...X.M..Y<.p./.
0012ea34 00 00 00 00 01 00 00 00 - 5c ea 12 00 44 ea 12 00 ...........D...
0012ea44 70 8f 2f 01 64 e9 4d 00 - cc ec 12 00 04 ab 4b 00 p./.d.M.......K.
0012ea54 00 89 32 01 14 00 14 00 - b4 eb 12 00 7c e5 4d 00 ..2.........|.M.
0012ea64 00 00 00 00 dc 83 5a 00 - 00 89 32 01 bc 9d 5a 00 ......Z...2...Z.
0012ea74 00 89 32 01 31 ab 4b 00 - 00 89 32 01 09 bc 4b 00 ..2.1.K...2...K.
0012ea84 00 89 32 01 54 ec 12 00 - a6 22 4a 00 cc ec 12 00 ..2.T...."J.....
0012ea94 c8 0f 75 02 54 ec 12 00 - 00 00 00 00 00 00 00 00 ..u.T...........
0012eaa4 00 00 00 00 00 00 00 00 - 00 4b e0 00 01 00 00 00 .........K......
0012eab4 18 4b e0 00 dc ea 12 00 - ad dd d4 77 fd 0b 01 57 .K.........w...W
0012eac4 ff ff ff ff 0c 00 00 00 - b0 eb 12 00 20 88 00 00 ................
0012ead4 00 00 00 00 ff ff ff ff - 10 eb 12 00 00 d8 d4 77 ...............w
0012eae4 fd 0b 01 57 00 4b e0 00 - ff ff ff ff b0 eb 12 00 ...W.K..........
0012eaf4 20 88 00 00 00 00 00 00 - 9c eb 12 00 58 eb 12 00 ............X...
0012eb04 97 5d f1 77 05 57 00 00 - 00 00 00 00 00 00 00 00 .].w.W..........
0012eb14 01 00 00 00 97 5d f1 77 - 78 eb 12 00 1d 6b 44 77 .....].wx....kDw
0012eb24 fd 0b 01 57 01 00 00 00 - 3c eb 12 00 00 00 00 00 ...W....<.......
0012eb34 c8 05 91 7c f8 4a e0 00 - 08 ec 12 00 51 05 91 7c ...|.J......Q..|
0012eb44 e8 12 e0 00 6d 05 91 7c - 8c ec 12 00 00 4b e0 00 ....m..|.....K..
disassembling:
004de82c public segment%99.public%6634 (update.exe): ; function entry point
004de82c push ebx
004de82d mov ebx, eax
004de82f mov dl, 1
004de831 mov eax, ebx
004de833 call -$dc ($4de75c) ; segment%99.public%6628 (update.exe)
004de833
004de838 sldt byte ptr [ebx+$268], 0
004de83f jnz loc_4de858
004de83f
004de841 mov ecx, [$5c4b48]
004de847 mov dl, 1
004de849 mov eax, [$40970c]
004de84e call -$cd69b ($4111b8) ; segment%5.public%1239 (update.exe)
004de84e
004de853 call -$d9ba4 ($404cb4) ; segment%0.public%216 (update.exe)
004de853
004de858 loc_4de858:
004de858 > pop ebx
004de859 retX'kfdl,s;.
wfgthylkdepofjprew['rioytp ri0,dw,xhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhEUS;SLF'EWORWQ]W][DLFKBGMJLA