date/time : 2014-04-25, 10:17:20, 171ms computer name - TopicsExpress

date/time : 2014-04-25, 10:17:20, 171ms computer name : HAMZA user name : SYSTEM registered owner : jeunesse operating system : Windows XP Service Pack 2 build 2600 system language : French system up time : 1 minute 6 seconds program up time : 5 seconds processors : 2x Pentium(R) Dual-Core CPU E5300 @ 2.60GHz physical memory : 1450/2046 MB (free/total) free disk space : (C:) 124,16 GB display mode : 1280x1024, 16 bit process id : $528 allocated memory : 8,23 MB command line : C:\Program Files\PC Tools AntiVirus\Update.exe -product=AV -mainexe=PCTAV.exe -version=6.1.0.25 -code=0-0-0-0 -silent /SDKDBVER=6.13110 executable : Update.exe exec. date/time : 2009-08-26 13:29 compiled with : BCB 2006/07 madExcept version : 3.0h callstack crc : $00f4a1c5, $be3363da, $be3363da exception number : 1 exception class : EAccessViolation exception message : Access violation at address 00F4A1C5. Read of address 00000A24. Main ($94): 00f4a1c5 +035 ??? 005aa644 +050 Update.exe uSmartUpdate 2182 +10 TfrmSmartUpdate.FinishSmartUpdate 005a8751 +14d Update.exe uSmartUpdate 1504 +46 TfrmSmartUpdate.BeginAutomatedExecution 005a85fa +00e Update.exe uSmartUpdate 1454 +1 TfrmSmartUpdate.CheckForAutomatedExecution 005a5add +11d Update.exe uSmartUpdate 431 +33 TfrmSmartUpdate.FormCreate 004046a5 +01d Update.exe System 613 +0 @AfterConstruction 004b595c +174 Update.exe Forms TCustomForm.Create 7c91e470 +010 ntdll.dll KiUserCallbackDispatcher 004bf06a +06e Update.exe Forms TApplication.CreateForm 005b0d58 +040 Update.exe Update 35 +5 initialization 7c922c1f +069 ntdll.dll RtlUnicodeStringToAnsiString 7c812ba4 +0b6 kernel32.dll GetVersionExA thread $e38: 7c91d218 +0a ntdll.dll NtDelayExecution 7c8023e7 +4b kernel32.dll SleepEx 7c80244c +0a kernel32.dll Sleep modules: >> internal error in plugin: 77bd19ff +0 ??? processes: 000 Idle 004 System normal 5ec smss.exe normal C:\WINDOWS\system32 61c csrss.exe normal C:\WINDOWS\system32 718 winlogon.exe high C:\WINDOWS\system32 744 services.exe normal C:\WINDOWS\system32 750 lsass.exe normal C:\WINDOWS\system32 088 Ati2evxx.exe normal C:\WINDOWS\system32 0b4 svchost.exe normal C:\WINDOWS\system32 0e0 svchost.exe normal C:\WINDOWS\system32 16c svchost.exe normal C:\WINDOWS\System32 198 svchost.exe normal C:\WINDOWS\system32 1c8 Ati2evxx.exe normal C:\WINDOWS\system32 278 svchost.exe normal C:\WINDOWS\system32 35c svchost.exe normal C:\WINDOWS\system32 420 spoolsv.exe normal C:\WINDOWS\system32 4d4 svchost.exe normal C:\WINDOWS\system32 0c0 Explorer.EXE normal C:\WINDOWS 254 firefox.exe normal C:\Program Files\Mozilla Firefox 28c WScript.exe normal C:\WINDOWS\System32 298 pdfsty.exe normal C:\Program Files\PDF Complete 2ac RTHDCPL.EXE normal C:\WINDOWS 2dc PCTAV.exe normal C:\Program Files\PC Tools AntiVirus 2ec rkfree.exe normal C:\Program Files\rkfree 2fc mwsoemon.exe normal C:\PROGRA~1\MYWEBS~1\bar\1.bin 304 realsched.exe normal C:\Program Files\Real\RealPlayer\update 318 DATAMN~1.EXE normal C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr 34c 9tbrmon.exe normal C:\Program Files\InternetSpeedTracker_9t\bar\1.bin 368 DaemonProcess.exe normal C:\Program Files\Mobogenie 390 MeeboNotifier.exe normal C:\Documents and Settings\jeunesse\Local Settings\Application Data\Meebo\Meebo Notifier 39c msmsgs.exe normal C:\Program Files\Messenger 3a4 SuperCopier2.exe normal C:\Program Files\SuperCopier2 384 buebud.exe normal C:\Documents and Settings\jeunesse 408 ctfmon.exe normal C:\WINDOWS\system32 44c FacebookUpdate.exe normal C:\Documents and Settings\jeunesse\Local Settings\Application Data\Facebook\Update 45c WMPNSCFG.exe normal C:\Program Files\Windows Media Player 510 Launcher.exe normal C:\Program Files\InternetEverywhere 520 SetPoint.exe normal C:\Program Files\Logitech\SetPoint 6cc iexplorer.exe normal C:\DOCUME~1\jeunesse\LOCALS~1\Temp\internet explorer 72c FacebookUpdate.exe normal C:\Documents and Settings\jeunesse\Local Settings\Application Data\Facebook\Update 810 KHALMNPR.EXE normal C:\Program Files\Fichiers communs\Logishrd\KHAL2 9bc mDNSResponder.exe normal C:\Program Files\Bonjour a50 openvpnas.exe normal C:\Program Files\Hotspot Shield\bin ad8 hsssrv.exe normal C:\Program Files\Hotspot Shield\HssWPR b0c hsswd.exe normal C:\Program Files\Hotspot Shield\bin b44 svchost.exe normal C:\WINDOWS\System32 ba8 MgAssist.exe normal C:\Program Files\Mobogenie bc4 mbbservice.exe normal C:\Documents and Settings\All Users\Application Data\MobileBrServ d40 NMSAccessU.exe normal C:\Program Files\CDBurnerXP d4c PCTAVSvc.exe normal C:\Program Files\PC Tools AntiVirus d5c StartManSvc.exe normal C:\Program Files\Fichiers communs\PC Tools\sMonitor d6c pdfsvc.exe normal C:\Program Files\PDF Complete de4 svchost.exe normal C:\WINDOWS\system32 e20 svchost.exe normal C:\WINDOWS\System32\system ec8 WTGService.exe normal C:\Program Files\InternetEverywhere f4c WMPNetwk.exe normal C:\Program Files\Windows Media Player f8c wuauclt.exe normal C:\WINDOWS\system32 ca4 wmiprvse.exe normal C:\WINDOWS\system32\wbem fb4 alg.exe normal C:\WINDOWS\System32 528 Update.exe normal C:\Program Files\PC Tools AntiVirus c6c firefox.exe normal C:\Program Files\Mozilla Firefox 898 MeeboAutoUpdater.exe normal C:\Documents and Settings\jeunesse\Local Settings\Application Data\Meebo\Meebo Notifier hardware: + Cartes graphiques - ATI Radeon HD 4600 Series (driver 8.661.0.0) + Cartes multifonction - OX16PCI952 PCI UARTs (unique bars) + Cartes réseau - Realtek RTL8139/810x Family Fast Ethernet NIC (driver 5.678.1003.2007) - Windows Mobile-based Internet Sharing Device #27 (driver 5.1.2600.2781) + Claviers - PS/2 Keyboard (driver 4.82.4.0) + Contrôleurs ATA/ATAPI IDE - Canal IDE principal - Canal IDE secondaire - Intel(R) 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0 (driver 8.2.0.1011) + Contrôleurs audio, vidéo et jeu - Audio Device on High Definition Audio Bus - Avnex Virtual Audio Device (driver 1.0.0.1) - Codecs audio - Codecs vidéo - Pilotes audio hérités - Périphériques de capture vidéo hérités - Périphériques MCI - Realtek High Definition Audio (driver 5.10.0.5508) + Contrôleurs de bus USB - Concentrateur USB racine - Concentrateur USB racine - Concentrateur USB racine - Concentrateur USB racine - Concentrateur USB racine - Intel(R) 82801G (ICH7 Family) USB Universal Host Controller - 27C8 (driver 8.2.0.1008) - Intel(R) 82801G (ICH7 Family) USB Universal Host Controller - 27C9 (driver 8.2.0.1008) - Intel(R) 82801G (ICH7 Family) USB Universal Host Controller - 27CA (driver 8.2.0.1008) - Intel(R) 82801G (ICH7 Family) USB Universal Host Controller - 27CB (driver 8.2.0.1008) - Intel(R) 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC (driver 8.2.0.1008) - Périphérique de stockage de masse USB - Périphérique USB composite + Lecteurs de CD-ROM/DVD-ROM - hp DVD-RAM GH40L - hp DVD-ROM TS-H353B + Lecteurs de disque - HUAWEI SD Storage USB Device - ST3320418AS + Moniteurs - Écran Plug-and-Play + Ordinateur - PC multiprocesseur ACPI + Ports (COM et LPT) - OX16PCI95x PCI Parallel port (Windows XP) (LPT3) - PCI Communications Port (COM3) - PCI Communications Port (COM4) + Processeurs - Pentium(R) Dual-Core CPU E5300 @ 2.60GHz - Pentium(R) Dual-Core CPU E5300 @ 2.60GHz + Périphériques dinterface utilisateur (HID) - Périphérique dinterface utilisateur USB + Périphériques système - Bouton de fonctionnalité définie ACPI - Bouton marche-arrêt ACPI - Bus PCI - Carte système - Compteur dévénement de haute précision - Contrôleur daccès direct en mémoire - Contrôleur dinterruptions programmable - Coprocesseur arithmétique - Gestionnaire de disque logique - Gestionnaire de volume - Haut-parleur système - Horloge système - Horloge système CMOS/temps réel - Intel(R) 82801G (ICH7 Family) PCI Express Root Port - 27D0 (driver 8.3.0.1011) - Intel(R) 82801G (ICH7 Family) SMBus Controller - 27DA (driver 8.3.0.1011) - Intel(R) 82801GB/GR (ICH7 Family) LPC Interface Controller - 27B8 (driver 8.3.0.1011) - Intel(R) G33/G31/P35/P31 Express Chipset PCI Express Root Port - 29C1 (driver 8.4.0.1018) - Intel(R) G33/G31/P35/P31 Express Chipset Processor to I/O Controller - 29C0 (driver 8.4.0.1018) - Interface logique du port imprimante - Microsoft UAA Bus Driver for High Definition Audio - Microsoft UAA Bus Driver for High Definition Audio - Pilote BIOS de gestion de systèmes Microsoft - Pilote clavier de Terminal Server - Pilote souris de Terminal Server - Pont Intel(R) 82801 PCI - 244E - Port de lecture de données ISAPNP - Périphérique concentrateur à microprogramme Intel(R) 82802 - Périphérique de mise à jour microcode - Redirecteur de périphérique Terminal Server - Ressources de la carte mère - Ressources de la carte mère - Ressources de la carte mère - Système compatible ACPI Microsoft - Énumérateur de périphérique logiciel Plug-and-Play + Souris et autres périphériques de pointage - Souris HID cpu registers: eax = 00f9c060 ebx = 0012f4d0 ecx = ffffffc4 edx = 0012f4c0 esi = ffffffc4 edi = ffffffff eip = 00f4a1c5 esp = 0012f4b8 ebp = 00000a28 stack dump: 0012f4b8 d6 c8 9d 9c 01 00 00 00 - 28 0a 00 00 d0 13 53 01 ........(.....S. 0012f4c8 c4 ff ff ff 01 00 00 00 - 14 f5 12 00 49 a6 5a 00 ............I.Z. 0012f4d8 ff ff ff ff c4 ff ff ff - 60 f6 5b 01 d0 13 53 01 ........`.[...S. 0012f4e8 56 87 5a 00 d0 13 53 01 - ff 85 5a 00 d0 13 53 01 V.Z...S...Z...S. 0012f4f8 e2 5a 5a 00 1c f5 12 00 - 20 4b 40 00 14 f5 12 00 .ZZ......K@..... 0012f508 d8 4f 5a 00 d0 13 53 01 - 00 00 00 00 38 f5 12 00 .OZ...S.....8... 0012f518 33 5d 4b 00 4c f5 12 00 - f0 48 40 00 38 f5 12 00 3][email protected]... 0012f528 28 0a 00 00 d8 4f 5a 00 - d0 13 53 01 d0 13 53 01 (....OZ...S...S. 0012f538 68 f5 12 00 8b 59 4b 00 - d8 4f 5a 00 d8 4f 5a 00 h....YK..OZ..OZ. 0012f548 a8 46 40 00 70 f5 12 00 - b7 46 40 00 68 f5 12 00 [email protected]@.h... 0012f558 28 0a 00 00 d8 4f 5a 00 - d8 4f 5a 00 d0 13 53 01 (....OZ..OZ...S. 0012f568 98 f6 12 00 61 59 4b 00 - a0 f6 12 00 59 46 40 00 ....aYK.....YF@. 0012f578 98 f6 12 00 d0 13 53 01 - 60 f3 5b 01 00 00 00 00 ......S.`.[..... 0012f588 5f a5 64 f2 e0 f5 12 00 - 94 04 d4 77 08 88 d1 77 _.d........w...w 0012f598 ff ff ff ff ff 87 d1 77 - 68 b3 d1 77 00 00 00 00 .......wh..w.... 0012f5a8 e2 0f 91 02 02 06 01 00 - 0c 00 00 00 00 00 00 00 ................ 0012f5b8 78 0d 5b 00 84 ff 9c 00 - 73 b3 d1 77 00 00 00 00 x.[.....s..w.... 0012f5c8 30 f6 12 00 60 f3 5b 01 - 98 88 59 04 01 00 00 00 0...`.[...Y..... 0012f5d8 c4 f5 12 00 60 d1 33 53 - d8 f6 12 00 94 04 d4 77 ....`.3S.......w 0012f5e8 78 b3 d1 77 ff ff ff ff - 73 b3 d1 77 d1 dc d1 77 x..w....s..w...w disassembling: 005aa5f4 public uSmartUpdate.TfrmSmartUpdate.FinishSmartUpdate: ; function entry point 005aa5f4 2172 push ebx 005aa5f5 push esi 005aa5f6 mov ebx, edx 005aa5f8 mov esi, eax 005aa5fa 2173 mov eax, esi 005aa5fc call -$21 ($5aa5e0) ; uSmartUpdate.TfrmSmartUpdate.CheckStartAlways 005aa5fc 005aa601 2174 call -$16c4a ($5939bc) ; uCommonOperations.CurrentModeNeedsInvisibleExecution 005aa601 005aa606 test al, al 005aa608 jz loc_5aa64c 005aa608 005aa60a 2176 mov eax, ebx 005aa60c call -$15591 ($595080) ; uCommonOperations.SaveExitCodeToRegistry 005aa60c 005aa611 test al, al 005aa613 jz loc_5aa61f 005aa613 005aa615 2177 mov eax, $5aa6e4 005aa61a call -$15493 ($59518c) ; uCommonOperations.SignalEvent 005aa61a 005aa61f loc_5aa61f: 005aa61f 2178 mov eax, [$5c9238] 005aa624 cmp byte ptr [eax], 0 005aa627 jz loc_5aa633 005aa627 005aa629 2179 mov eax, $5aa714 005aa62e call -$154a7 ($59518c) ; uCommonOperations.SignalEvent 005aa62e 005aa633 loc_5aa633: 005aa633 2180 mov eax, $5aa744 005aa638 call -$154b1 ($59518c) ; uCommonOperations.SignalEvent 005aa638 005aa63d 2182 push ebx 005aa63e call -$1a263f ($408004) ; Windows.GetCurrentProcess 005aa63e 005aa643 push eax 005aa644 > call -$1a226d ($4083dc) ; Windows.TerminateProcess 005aa644 005aa649 pop esi 005aa64a pop ebx 005aa64b ret 005aa64b 005aa64b ; --------------------------------------------------------- 005aa64b 005aa64c loc_5aa64c: 005aa64c 2185 cmp ebx, -$32 005aa64f jz loc_5aa660 005aa64f 005aa651 cmp ebx, -$1e 005aa654 jz loc_5aa660 005aa654 005aa656 cmp ebx, -$28 005aa659 jz loc_5aa660 005aa659 005aa65b cmp ebx, -$19 005aa65e jnz loc_5aa669 005aa65e 005aa660 loc_5aa660: 005aa660 2188 mov eax, esi 005aa662 call -$3333 ($5a7334) ; uSmartUpdate.TfrmSmartUpdate.ShowSubscriptionError 005aa662 005aa667 jmp loc_5aa6d7 005aa667 005aa667 ; --------------------------------------------------------- 005aa667 005aa669 loc_5aa669: 005aa669 2189 cmp ebx, $a 005aa66c jnz loc_5aa679 005aa66c 005aa66e mov dl, 1 005aa670 mov eax, esi 005aa672 call -$2aeb ($5a7b8c) ; uSmartUpdate.TfrmSmartUpdate.ShowCompletePage 005aa672 005aa677 jmp loc_5aa6d7 005aa677 005aa677 ; --------------------------------------------------------- 005aa677 005aa679 loc_5aa679: 005aa679 2190 cmp ebx, -$3c 005aa67c jnz loc_5aa687 005aa67c 005aa67e mov eax, esi 005aa680 call -$2cd ($5aa3b8) ; uSmartUpdate.TfrmSmartUpdate.ShowDownloadError 005aa680 005aa685 jmp loc_5aa6d7 005aa685 005aa685 ; --------------------------------------------------------- 005aa685 005aa687 loc_5aa687: 005aa687 2191 cmp ebx, -$64 005aa68a jnz loc_5aa695 005aa68a 005aa68c mov eax, esi 005aa68e call -$223 ($5aa470) ; uSmartUpdate.TfrmSmartUpdate.ShowNoAdminRightError 005aa68e 005aa693 jmp loc_5aa6d7 005aa693 005aa693 ; --------------------------------------------------------- 005aa693 005aa695 loc_5aa695: 005aa695 2192 test ebx, ebx 005aa697 jnz loc_5aa6a4 005aa697 005aa699 xor edx, edx 005aa69b mov eax, esi 005aa69d call -$2b16 ($5a7b8c) ; uSmartUpdate.TfrmSmartUpdate.ShowCompletePage 005aa69d 005aa6a2 jmp loc_5aa6d7 005aa6a2 005aa6a2 ; --------------------------------------------------------- 005aa6a2 005aa6a4 loc_5aa6a4: 005aa6a4 2193 cmp ebx, -$14 005aa6a7 jnz loc_5aa6b2 005aa6a7 005aa6a9 mov eax, esi 005aa6ab call -$3300 ($5a73b0) ; uSmartUpdate.TfrmSmartUpdate.ShowXMLError 005aa6ab 005aa6b0 jmp loc_5aa6d7 005aa6b0 005aa6b0 ; --------------------------------------------------------- 005aa6b0 005aa6b2 loc_5aa6b2: 005aa6b2 2197 mov eax, [$5c9238] 005aa6b7 cmp byte ptr [eax], 0 005aa6ba jz loc_5aa6c6 005aa6ba 005aa6bc 2198 mov eax, $5aa714 005aa6c1 call -$1553a ($59518c) ; uCommonOperations.SignalEvent 005aa6c1 005aa6c6 loc_5aa6c6: 005aa6c6 2199 mov eax, $5aa744 005aa6cb call -$15544 ($59518c) ; uCommonOperations.SignalEvent 005aa6cb 005aa6d0 2200 mov eax, ebx 005aa6d2 call -$1a54d7 ($405200) ; System.@Halt 005aa6d2 [...]

Hook up 9ja Hook up 9ja One cool sunny day akpors was relaxing

Day 6: Junin-Huanuco 180km We arose early to a very brisk 2

espectacular!!!!!!!!! si combináramos las causas de las

Dark Green and Gold Mariachi Sombrero pogkwwi, u5z2f2 t2diw1us7

FOR SALE THE EXCEL ALL-TERRAIN WHEELCHAIR Used once, new

Yeah, they was 2pac, the best rapper ever and ever. But SNOOP DOG,

# CARS ... NEW MODELS .... WHAT TO CHOOSE ....CAR OF THE DAY –

Cyber Monday Garmin FR60 Womens Black Fitness Watch with Heart

Owen Farrell leads Saracens Class of 2008 graduates who insist

The first trailer of the year is here. Its an animated movie based

Cách ngủ của 12 cung hoàng đạo Bạch Dương: Tung chăn

{FOR ONE NIGHT ONLY} Gummee Gloves are just $23 instead of the

Sahayi Charity organization Al-Kharj ,Saudi Arabiaharo Welfare

Dear friends, How’s everyone? Hope that all of you are doing

Dear Lord,We thank you and praise you for all that you have

Interesting Laws ….In Ohio (US) it is illegal to catch mice

BIMZ 0011 BERITA BAIK, KEPADA ANDA YANG INGIN MENINGKATKAN MUTU

Mopa airport jata mun sagleng pernem cho ugdas yeta na jaler kon

Ok, pour ceux qui me demande ce que je pense que la mosquée qui

Anggaplah CINTA ibarat GHAIB. Kadang datang kadang

Today is VIETNAM VETERANS DAY....I would like to say THANKS to my

1 ladka 1 ladki ko bhut chahta tha, ladke ne ladki ko prpose