date/time : 2009-12-18, 21:51:03, 22ms computer name : ACIDEN-PC user name : Aciden registered owner : Aciden operating system : Windows 7 build 7600 system language : Russian system up time : 7 hours 10 minutes program up time : 1 minute 37 seconds processors : 2x Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz physical memory : 1727/3003 MB (free/total) free disk space : (C:) 49,56 GB display mode : 1366x768, 32 bit process id : $1614 allocated memory : 91,53 MB executable : infium.exe exec. date/time : 2009-12-18 19:56 version : 9.0.3.3 compiled with : Delphi 7 madExcept version : 3.0k callstack crc : $6bfec0d2, $581d288a, $ad13cc65 exception number : 1 exception class : EFCreateError exception message : Cannot create file "C:\QIP Infium 9033.jpg". Отказано в доступе. main thread ($15dc): 00500fd7 +09f infium.exe TntClasses 651 +7 TTntFileStream.Create 004da10e +032 infium.exe Controls 7212 +5 TWinControl.WMNCHitTest 005528d9 +00d infium.exe VirtualTrees 16582 +1 TBaseVirtualTree.WMNCHitTest 004d46ab +1df infium.exe Controls 4645 +53 TControl.WndProc 0055885f +013 infium.exe VirtualTrees 20451 +2 TBaseVirtualTree.HandleHotTrack 004d4cac +034 infium.exe Controls 4807 +1 TControl.MouseMove 0055adf4 +248 infium.exe VirtualTrees 21848 +50 TBaseVirtualTree.MouseMove 004d4d47 +08b infium.exe Controls 4819 +8 TControl.WMMouseMove 004d46ab +1df infium.exe Controls 4645 +53 TControl.WndProc 004d8186 +09a infium.exe Controls 6320 +11 TWinControl.WndProc 004d7e4c +034 infium.exe Controls 6237 +3 TWinControl.MainWndProc 75971172 +010 kernel32.dll BaseThreadInitThunk thread $848 (TPainterThread): 00590b92 +3e infium.exe ImagingComponents 2016 +5 TPainterThread.Create thread $1654: 77465e4a +000a ntdll.dll NtWaitForMultipleObjects 7576686c +0000 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +0089 kernel32.dll WaitForMultipleObjectsEx 75d390b8 +a43f user32.dll MsgWaitForMultipleObjectsEx 75d359f9 +001a user32.dll MsgWaitForMultipleObjects 75971172 +0010 kernel32.dll BaseThreadInitThunk thread $6cc: 77465e7a +0a ntdll.dll NtWaitForWorkViaWorkerFactory 75971172 +10 kernel32.dll BaseThreadInitThunk thread $106c: 77465e7a +0a ntdll.dll NtWaitForWorkViaWorkerFactory 75971172 +10 kernel32.dll BaseThreadInitThunk thread $75c: 77465e7a +0a ntdll.dll NtWaitForWorkViaWorkerFactory 75971172 +10 kernel32.dll BaseThreadInitThunk thread $1278: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 75971172 +10 kernel32.dll BaseThreadInitThunk thread $230: 77465e6a +0a ntdll.dll NtWaitForSingleObject 75761796 +66 KERNELBASE.dll WaitForSingleObjectEx 7596effe +3e kernel32.dll WaitForSingleObjectEx 7596efad +0d kernel32.dll WaitForSingleObject 004511c1 +0d infium.exe madExcept CallThreadProcSafe 0045122b +37 infium.exe madExcept ThreadExceptFrame 75971172 +10 kernel32.dll BaseThreadInitThunk >> created by thread $ff4 at: 77594d5c +00 WS2_32.dll thread $1300: 774657ea +0a ntdll.dll NtRemoveIoCompletion 75971172 +10 kernel32.dll BaseThreadInitThunk thread $370: 77464c1a +0a ntdll.dll NtDelayExecution 75761870 +4f KERNELBASE.dll SleepEx 75761813 +0a KERNELBASE.dll Sleep 75971172 +10 kernel32.dll BaseThreadInitThunk thread $e78: 77465e6a +0a ntdll.dll NtWaitForSingleObject 75761796 +66 KERNELBASE.dll WaitForSingleObjectEx 7596effe +3e kernel32.dll WaitForSingleObjectEx 7596efad +0d kernel32.dll WaitForSingleObject 004511c1 +0d infium.exe madExcept CallThreadProcSafe 0045122b +37 infium.exe madExcept ThreadExceptFrame 75971172 +10 kernel32.dll BaseThreadInitThunk >> created by main thread ($15dc) at: 77594d5c +00 WS2_32.dll thread $15e4: 77464c1a +0a ntdll.dll NtDelayExecution 75761870 +4f KERNELBASE.dll SleepEx 75761813 +0a KERNELBASE.dll Sleep 75971172 +10 kernel32.dll BaseThreadInitThunk thread $15d0: 75d38fbd +26 user32.dll GetMessageW 75971172 +10 kernel32.dll BaseThreadInitThunk thread $15b8: 77465e6a +0a ntdll.dll NtWaitForSingleObject 7758302b +5b WS2_32.dll WahReferenceContextByHandle 77584a1d +9c WS2_32.dll select 7747da43 +60 ntdll.dll bsearch 774728c3 +78 ntdll.dll RtlAnsiStringToUnicodeString 75971172 +10 kernel32.dll BaseThreadInitThunk thread $156c: 77465e7a +0a ntdll.dll NtWaitForWorkViaWorkerFactory 75971172 +10 kernel32.dll BaseThreadInitThunk thread $b90: 77465e6a +0a ntdll.dll NtWaitForSingleObject 75761796 +66 KERNELBASE.dll WaitForSingleObjectEx 7596effe +3e kernel32.dll WaitForSingleObjectEx 75971172 +10 kernel32.dll BaseThreadInitThunk thread $e94: 77465e7a +0a ntdll.dll NtWaitForWorkViaWorkerFactory 75971172 +10 kernel32.dll BaseThreadInitThunk thread $17a0 (TWorkerThread): 77465e6a +0a ntdll.dll NtWaitForSingleObject 75761796 +66 KERNELBASE.dll WaitForSingleObjectEx 7596effe +3e kernel32.dll WaitForSingleObjectEx 7596efad +0d kernel32.dll WaitForSingleObject 005420f3 +17 infium.exe VirtualTrees 5213 +3 TWorkerThread.Execute 004512df +2b infium.exe madExcept HookedTThreadExecute 00479892 +36 infium.exe Classes 9372 +7 ThreadProc 00404c18 +28 infium.exe System 11562 +33 ThreadWrapper 004511c1 +0d infium.exe madExcept CallThreadProcSafe 0045122b +37 infium.exe madExcept ThreadExceptFrame 75971172 +10 kernel32.dll BaseThreadInitThunk >> created by main thread ($15dc) at: 0054203a +16 infium.exe VirtualTrees 5176 +1 TWorkerThread.Create thread $11b0: 77464c1a +0a ntdll.dll NtDelayExecution 75761870 +4f KERNELBASE.dll SleepEx 75761813 +0a KERNELBASE.dll Sleep 75971172 +10 kernel32.dll BaseThreadInitThunk thread $139c: 77464c1a +0a ntdll.dll NtDelayExecution 75761870 +4f KERNELBASE.dll SleepEx 75761813 +0a KERNELBASE.dll Sleep 75971172 +10 kernel32.dll BaseThreadInitThunk thread $1564: 77464c1a +0a ntdll.dll NtDelayExecution 75761870 +4f KERNELBASE.dll SleepEx 75761813 +0a KERNELBASE.dll Sleep 75971172 +10 kernel32.dll BaseThreadInitThunk thread $7e4: 77464c1a +0a ntdll.dll NtDelayExecution 75761870 +4f KERNELBASE.dll SleepEx 75761813 +0a KERNELBASE.dll Sleep 75971172 +10 kernel32.dll BaseThreadInitThunk thread $1450: 75d328aa +3b user32.dll GetMessageA 004511c1 +0d infium.exe madExcept CallThreadProcSafe 0045122b +37 infium.exe madExcept ThreadExceptFrame 75971172 +10 kernel32.dll BaseThreadInitThunk >> created by main thread ($15dc) at: 73a56fcd +00 winmm.dll thread $d04: 77465e6a +0a ntdll.dll NtWaitForSingleObject 7758c305 +66 WS2_32.dll WSARecv 70fe17d6 +2e wsock32.dll recv 12262594 +54 OPENLIBEAY32.dll BIO_read 1245a2eb +4b OPENSSLEAY32.DLL SSL_read 75971172 +10 kernel32.dll BaseThreadInitThunk thread $a34: 77465e6a +0a ntdll.dll NtWaitForSingleObject 7758c305 +66 WS2_32.dll WSARecv 70fe17d6 +2e wsock32.dll recv 75971172 +10 kernel32.dll BaseThreadInitThunk thread $15a0: 77465e6a +0a ntdll.dll NtWaitForSingleObject 7758c305 +66 WS2_32.dll WSARecv 70fe17d6 +2e wsock32.dll recv 75971172 +10 kernel32.dll BaseThreadInitThunk thread $15c8: 77465e6a +0a ntdll.dll NtWaitForSingleObject 7758c305 +66 WS2_32.dll WSARecv 70fe17d6 +2e wsock32.dll recv 12262594 +54 OPENLIBEAY32.dll BIO_read 1245a2eb +4b OPENSSLEAY32.DLL SSL_read 75971172 +10 kernel32.dll BaseThreadInitThunk thread $2ec: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 7596f299 +13 kernel32.dll WaitForMultipleObjects 75971172 +10 kernel32.dll BaseThreadInitThunk thread $12e0: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 7596f299 +13 kernel32.dll WaitForMultipleObjects 75971172 +10 kernel32.dll BaseThreadInitThunk thread $16f4: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 7596f299 +13 kernel32.dll WaitForMultipleObjects 75971172 +10 kernel32.dll BaseThreadInitThunk thread $17a4: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 7596f299 +13 kernel32.dll WaitForMultipleObjects 75971172 +10 kernel32.dll BaseThreadInitThunk thread $cac: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 75971172 +10 kernel32.dll BaseThreadInitThunk thread $604: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 75971172 +10 kernel32.dll BaseThreadInitThunk thread $1670: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 75971172 +10 kernel32.dll BaseThreadInitThunk thread $670: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 75971172 +10 kernel32.dll BaseThreadInitThunk thread $e14: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 75971172 +10 kernel32.dll BaseThreadInitThunk thread $10ec: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 75971172 +10 kernel32.dll BaseThreadInitThunk thread $838: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 75971172 +10 kernel32.dll BaseThreadInitThunk thread $16e0: 77465e4a +0a ntdll.dll NtWaitForMultipleObjects 7576686c +00 KERNELBASE.dll WaitForMultipleObjectsEx 7596f125 +89 kernel32.dll WaitForMultipleObjectsEx 75971172 +10 kernel32.dll BaseThreadInitThunk thread $758: 77465e7a +0a ntdll.dll NtWaitForWorkViaWorkerFactory 75971172 +10 kernel32.dll BaseThreadInitThunk thread $e0c: 77465e6a +00a ntdll.dll NtWaitForSingleObject 75761796 +066 KERNELBASE.dll WaitForSingleObjectEx 7596effe +03e kernel32.dll WaitForSingleObjectEx 7596efad +00d kernel32.dll WaitForSingleObject 70f85e83 +20d WINHTTP.dll WinHttpSendRequest 75971172 +010 kernel32.dll BaseThreadInitThunk modules: 00400000 infium.exe 9.0.3.3 C:\QIP Infium 9033.7 025c0000 btmmhook.dll 6.1.0.2200 C:\Windows\system32 05430000 InfICQ.dll C:\QIP Infium 9033.7\Protos\InfICQ 05950000 MRA.dll 1.0.0.4 C:\QIP Infium 9033.7\Protos\MRA 083b0000 SoundLibSPN.dll 1.3.0.0 C:\QIP Infium 9033.7\Core 096c0000 SndSupport.dll 3.3.0.2 C:\QIP Infium 9033.7\Core 10000000 NVSVC.DLL 7.15.11.7449 C:\Windows\system32 12200000 MousePhone.dll 1.0.0.0 C:\QIP Infium 9033.7\Core 12220000 OPENLIBEAY32.dll 0.9.8.11 C:\QIP Infium 9033.7\Core 12440000 OPENSSLEAY32.DLL 0.9.8.11 C:\QIP Infium 9033.7\Core 12560000 voip.dll C:\QIP Infium 9033.7\Core 127c0000 YLUSBTEL.dll 2.0.0.28 C:\QIP Infium 9033.7\Core 12e60000 Jabber.dll 0.1.1.15 C:\QIP Infium 9033.7\Protos\Jabber 13500000 pics.dll C:\QIP Infium 9033.7\Protos\MRA 13680000 XIMSS.dll 0.1.4.4 C:\QIP Infium 9033.7\Protos\XIMSS 6eb00000 gameux.dll 6.1.7600.16385 C:\Windows\System32 6ed80000 shdocvw.dll 6.1.7600.16385 C:\Windows\System32 6f4a0000 Cabinet.dll 6.1.7600.16385 C:\Windows\system32 6f4d0000 cryptnet.dll 6.1.7600.16385 C:\Windows\system32 6f7a0000 LINKINFO.dll 6.1.7600.16385 C:\Windows\system32 6f7f0000 wer.dll 6.1.7600.16385 C:\Windows\System32 6f860000 ntshrui.dll 6.1.7600.16385 C:\Windows\system32 6f8d0000 CSCDLL.dll 6.1.7600.16385 C:\Windows\System32 6f8e0000 cscui.dll 6.1.7600.16385 C:\Windows\System32 6f950000 EhStorShell.dll 6.1.7600.16385 C:\Windows\system32 6fa10000 CSCAPI.dll 6.1.7600.16385 C:\Windows\system32 6fb50000 explorerframe.dll 6.1.7600.16385 C:\Windows\system32 70190000 rasadhlp.dll 6.1.7600.16385 C:\Windows\system32 70f30000 webio.dll 6.1.7600.16385 C:\Windows\system32 70f80000 WINHTTP.dll 6.1.7600.16385 C:\Windows\system32 70fe0000 wsock32.dll 6.1.7600.16385 C:\Windows\system32 71290000 sensapi.dll 6.1.7600.16385 C:\Windows\system32 712a0000 pnrpnsp.dll 6.1.7600.16385 C:\Windows\system32 714c0000 wshbth.dll 6.1.7600.16385 C:\Windows\system32 714d0000 napinsp.dll 6.1.7600.16385 C:\Windows\system32 714e0000 winrnr.dll 6.1.7600.16385 C:\Windows\System32 71c90000 fwpuclnt.dll 6.1.7600.16385 C:\Windows\System32 72b40000 Social.dll C:\QIP Infium 9033.7\Protos\Social 72d50000 D3d8.dll 6.1.7600.16385 C:\Windows\system32 73190000 WINNSI.DLL 6.1.7600.16385 C:\Windows\system32 731a0000 IPHLPAPI.DLL 6.1.7600.16385 C:\Windows\system32 731e0000 winspool.drv 6.1.7600.16385 C:\Windows\system32 73610000 slc.dll 6.1.7600.16385 C:\Windows\system32 73620000 midimap.dll 6.1.7600.16385 C:\Windows\system32 73630000 MSACM32.dll 6.1.7600.16385 C:\Windows\system32 73650000 msimg32.dll 6.1.7600.16385 C:\Windows\system32 73660000 msacm32.drv 6.1.7600.16385 C:\Windows\system32 73680000 DSound.dll 6.1.7600.16385 C:\Windows\system32 73700000 oleacc.dll 7.0.0.0 C:\Windows\system32 73740000 AUDIOSES.DLL 6.1.7600.16385 C:\Windows\system32 738a0000 NLAapi.dll 6.1.7600.16385 C:\Windows\system32 73950000 peerdist.dll 6.1.7600.16385 C:\Windows\system32 73980000 ksuser.dll 6.1.7600.16385 C:\Windows\system32 73990000 wdmaud.drv 6.1.7600.16385 C:\Windows\system32 73a50000 winmm.dll 6.1.7600.16385 C:\Windows\system32 73a90000 rtutils.dll 6.1.7600.16385 C:\Windows\system32 73aa0000 rasman.dll 6.1.7600.16385 C:\Windows\system32 73ac0000 RASAPI32.dll 6.1.7600.16385 C:\Windows\system32 73b40000 mscms.dll 6.1.7600.16385 C:\Windows\system32 73c10000 oledlg.dll 6.1.7600.16385 C:\Windows\system32 73c90000 WindowsCodecs.dll 6.1.7600.16385 C:\Windows\system32 73d90000 XmlLite.dll 1.3.1000.0 C:\Windows\System32 73dc0000 dwmapi.dll 6.1.7600.16385 C:\Windows\system32 73e50000 ntmarta.dll 6.1.7600.16385 C:\Windows\system32 73e90000 olepro32.dll 6.1.7600.16385 C:\Windows\system32 73ef0000 DUser.dll 6.1.7600.16385 C:\Windows\system32 73f20000 DUI70.dll 6.1.7600.16385 C:\Windows\system32 73fe0000 gdiplus.dll 6.1.7600.16385 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca 74170000 MMDevAPI.DLL 6.1.7600.16385 C:\Windows\system32 741b0000 uxtheme.dll 6.1.7600.16385 C:\Windows\system32 741f0000 POWRPROF.dll 6.1.7600.16385 C:\Windows\system32 742a0000 PROPSYS.dll 7.0.7600.16385 C:\Windows\system32 743a0000 comctl32.dll 6.10.7600.16385 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc 74540000 HID.DLL 6.1.7600.16385 C:\Windows\system32 74920000 AVRT.dll 6.1.7600.16385 C:\Windows\system32 74930000 security.dll 6.1.7600.16385 C:\Windows\system32 74940000 d3d8thk.dll 6.1.7600.16385 C:\Windows\system32 74a60000 version.dll 6.1.7600.16385 C:\Windows\system32 74af0000 wshtcpip.dll 6.1.7600.16385 C:\Windows\System32 74b70000 WTSAPI32.dll 6.1.7600.16385 C:\Windows\system32 74bb0000 GPAPI.dll 6.1.7600.16385 C:\Windows\system32 74bd0000 USERENV.dll 6.1.7600.16385 C:\Windows\system32 74c90000 credssp.dll 6.1.7600.16385 C:\Windows\system32 74cd0000 bcryptprimitives.dll 6.1.7600.16385 C:\Windows\system32 74d70000 DEVRTL.dll 6.1.7600.16385 C:\Windows\system32 74d90000 rsaenh.dll 6.1.7600.16385 C:\Windows\system32 74e00000 schannel.DLL 6.1.7600.16385 C:\Windows\system32 74e70000 DNSAPI.dll 6.1.7600.16385 C:\Windows\system32 74f50000 msv1_0.DLL 6.1.7600.16420 C:\Windows\system32 74fa0000 mswsock.dll 6.1.7600.16385 C:\Windows\System32 74fe0000 CRYPTSP.dll 6.1.7600.16385 C:\Windows\system32 750e0000 bcrypt.dll 6.1.7600.16385 C:\Windows\system32 75100000 ncrypt.dll 6.1.7600.16385 C:\Windows\system32 75140000 AUTHZ.dll 6.1.7600.16385 C:\Windows\system32 751c0000 cryptdll.dll 6.1.7600.16385 C:\Windows\system32 75390000 wship6.dll 6.1.7600.16385 C:\Windows\System32 753c0000 srvcli.dll 6.1.7600.16385 C:\Windows\system32 753e0000 WINSTA.dll 6.1.7600.16385 C:\Windows\system32 75460000 Secur32.dll 6.1.7600.16385 C:\Windows\system32 75480000 SSPICLI.DLL 6.1.7600.16385 C:\Windows\system32 754a0000 apphelp.dll 6.1.7600.16385 C:\Windows\system32 754f0000 CRYPTBASE.dll 6.1.7600.16385 C:\Windows\system32 75570000 profapi.dll 6.1.7600.16385 C:\Windows\system32 755e0000 MSASN1.dll 6.1.7600.16415 C:\Windows\system32 755f0000 CFGMGR32.dll 6.1.7600.16385 C:\Windows\system32 75620000 DEVOBJ.dll 6.1.7600.16385 C:\Windows\system32 75640000 CRYPT32.dll 6.1.7600.16385 C:\Windows\system32 75760000 KERNELBASE.dll 6.1.7600.16385 C:\Windows\system32 757b0000 WINTRUST.dll 6.1.7600.16385 C:\Windows\system32 75870000 GDI32.dll 6.1.7600.16385 C:\Windows\system32 75920000 kernel32.dll 6.1.7600.16385 C:\Windows\system32 75a00000 SHLWAPI.dll 6.1.7600.16385 C:\Windows\system32 75a60000 SETUPAPI.dll 6.1.7600.16385 C:\Windows\system32 75c00000 sechost.dll 6.1.7600.16385 C:\Windows\SYSTEM32 75c50000 MSCTF.dll 6.1.7600.16385 C:\Windows\system32 75d20000 user32.dll 6.1.7600.16385 C:\Windows\system32 75df0000 shell32.dll 6.1.7600.16385 C:\Windows\system32 76a40000 advapi32.dll 6.1.7600.16385 C:\Windows\system32 76ae0000 comdlg32.dll 6.1.7600.16385 C:\Windows\system32 76b60000 RPCRT4.dll 6.1.7600.16385 C:\Windows\system32 76c10000 iertutil.dll 8.0.7600.16385 C:\Windows\system32 76e10000 wininet.dll 8.0.7600.16385 C:\Windows\system32 76f10000 ole32.dll 6.1.7600.16385 C:\Windows\system32 77070000 msvcrt.dll 7.0.7600.16385 C:\Windows\system32 77120000 USP10.dll 1.626.7600.16385 C:\Windows\system32 771c0000 CLBCatQ.DLL 2001.12.8530.16385 C:\Windows\system32 77250000 oleaut32.dll 6.1.7600.16385 C:\Windows\system32 772e0000 urlmon.dll 8.0.7600.16385 C:\Windows\system32 77420000 ntdll.dll 6.1.7600.16385 C:\Windows\SYSTEM32 77560000 LPK.dll 6.1.7600.16385 C:\Windows\system32 77570000 NSI.dll 6.1.7600.16385 C:\Windows\system32 77580000 WS2_32.dll 6.1.7600.16385 C:\Windows\system32 775d0000 Normaliz.dll 6.1.7600.16385 C:\Windows\system32 775e0000 imm32.dll 6.1.7600.16385 C:\Windows\system32 77600000 WLDAP32.dll 6.1.7600.16385 C:\Windows\system32 processes: 0000 Idle 0 0 0 0004 System 0 0 0 0144 smss.exe 0 0 0 01b8 csrss.exe 0 0 0 01f4 wininit.exe 0 0 0 0208 csrss.exe 1 0 0 0238 services.exe 0 0 0 0258 winlogon.exe 1 0 0 0260 lsass.exe 0 0 0 0268 lsm.exe 0 0 0 02fc svchost.exe 0 0 0 0338 nvvsvc.exe 0 0 0 0360 svchost.exe 0 0 0 03bc svchost.exe 0 0 0 03f0 svchost.exe 0 0 0 0414 svchost.exe 0 0 0 04d0 svchost.exe 0 0 0 0528 rundll32.exe 1 0 0 05c0 svchost.exe 0 0 0 0634 spoolsv.exe 0 0 0 067c svchost.exe 0 0 0 06d8 avp.exe 0 0 0 070c EvtEng.exe 0 0 0 0734 svchost.exe 0 0 0 07c0 PsiService_2.exe 0 0 0 07ec RegSrvc.exe 0 0 0 00f8 svchost.exe 0 0 0 02ac TuneUpUtilitiesService32.exe 0 0 0 04a8 VESMgr.exe 0 0 0 0818 dllhost.exe 0 0 0 0870 VESMgrSub.exe 1 0 0 09c0 taskhost.exe 1 26 20 normal C:\Windows\system32 0a08 TuneUpUtilitiesApp32.exe 1 225 102 normal C:\Program Files\TuneUp Utilities 2010 0a14 Dwm.exe 1 15 2 high C:\Windows\system32 0a40 Explorer.EXE 1 450 248 normal C:\Windows 0c6c svchost.exe 0 0 0 0da8 svchost.exe 0 0 0 0e30 WUDFHost.exe 0 0 0 0f78 avp.exe 1 48 26 normal C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010 0f9c ipoint.exe 1 12 38 normal C:\Program Files\Microsoft IntelliPoint 0fbc Apoint.exe 1 68 35 normal C:\Program Files\Apoint 0920 hkcmd.exe 1 9 5 normal C:\Windows\System32 0930 igfxpers.exe 1 9 4 normal C:\Windows\System32 097c igfxsrvc.exe 1 9 5 normal C:\Windows\system32 053c BTTray.exe 1 16 21 normal C:\Program Files\WIDCOMM\Bluetooth Software 0798 ApMsgFwd.exe 1 0 0 0eb0 BtStackServer.exe 1 9 7 normal C:\Program Files\WIDCOMM\Bluetooth Software 0e84 Apntex.exe 1 13 5 normal C:\Program Files\Apoint 0e80 conhost.exe 1 27 10 normal C:\Windows\system32 0fd0 wmpnetwk.exe 0 0 0 0980 svchost.exe 0 0 0 13fc svchost.exe 0 0 0 128c TOTALCMD.EXE 1 333 162 normal C:\totalcmd 17fc opera.exe 1 867 116 normal C:\Program Files\Opera 12bc infium.exe 1 581 152 normal C:\QIP Infium 9033.6 1614 infium.exe 1 1703 394 normal C:\QIP Infium 9033.7 0950 audiodg.exe 0 0 0 cpu registers: eax = 0e631b90 ebx = 01e046d8 ecx = 00000000 edx = 00500fdc esi = 002fdf5c edi = 0d2c0878 eip = 00500fdc esp = 0012f6e0 ebp = 0012f75c stack dump: 0012f6e0 b7 cc 4f 00 34 89 40 00 - 98 04 07 00 81 02 00 00 ..O.4.@......... 0012f6f0 00 00 00 00 0f 00 00 c0 - 30 f8 12 00 20 f9 12 00 ........0....... 0012f700 81 02 00 00 f4 13 62 0e - ae 46 4d 00 81 02 00 00 ......b..FM..... 0012f710 f4 13 62 0e 4d 41 52 43 - 00 00 00 00 a0 0c 00 00 ..b.MARC........ 0012f720 00 00 00 00 40 0a 00 00 - 00 00 00 00 2d 00 25 00 ....@.......-.%. 0012f730 44 00 34 00 50 f7 12 00 - 08 73 d3 75 20 00 14 00 D.4.P....s.u.... 0012f740 1c 00 00 00 00 00 00 00 - 74 06 00 00 68 f7 12 00 ........t...h... 0012f750 08 73 d3 75 f8 02 1d 00 - 1c 00 00 00 00 00 00 00 .s.u............ 0012f760 7c f7 12 00 08 73 d3 75 - d6 05 08 00 1c 00 00 00 |....s.u........ 0012f770 00 00 00 00 74 06 00 00 - 88 f7 12 00 72 8e d3 75 ....t.......r..u 0012f780 d8 98 d8 75 03 00 00 00 - c4 f7 12 00 1c 73 d3 75 ...u.........s.u 0012f790 b6 72 d3 75 66 79 d6 eb - 00 00 00 00 40 f8 12 00 .r.ufy......@... 0012f7a0 1c 00 00 00 01 00 00 00 - 00 00 00 00 94 f7 12 00 ................ 0012f7b0 b6 72 d3 75 58 f8 12 00 - e3 62 d8 75 62 fc 17 9e .r.uX....b.ub... 0012f7c0 fe ff ff ff b6 72 d3 75 - ef 86 d3 75 d6 05 08 00 .....r.u...u.... 0012f7d0 1c 00 00 00 00 00 00 00 - 74 06 00 00 1c 00 00 00 ........t....... 0012f7e0 cd ab ba dc 00 00 00 00 - 40 f8 12 00 1c 00 00 00 ........@....... 0012f7f0 00 f8 12 00 1c f8 12 00 - d8 98 d8 75 b6 72 d3 75 ...........u.r.u 0012f800 68 f8 12 00 ae 22 47 77 - 66 0b d5 76 00 00 00 00 h...."Gwf..v.... 0012f810 9c 01 22 00 00 00 22 00 - 94 f8 12 00 f4 13 62 0e .."...".......b. disassembling: [...] 00500f9c call +$3677 ($504618) ; TntSysUtils.WideExpandFileName 00500f9c 00500fa1 mov eax, [ebp-$1c] 00500fa4 mov [ebp-$18], eax 00500fa7 mov byte ptr [ebp-$14], $f 00500fab mov eax, [ebp-8] 00500fae mov [ebp-$10], eax 00500fb1 mov byte ptr [ebp-$c], $f 00500fb5 lea eax, [ebp-$18] 00500fb8 push eax 00500fb9 push 1 00500fbb lea edx, [ebp-$20] 00500fbe mov eax, [$8b2480] 00500fc3 call -$f9cf8 ($4072d0) ; System.LoadResString 00500fc3 00500fc8 mov ecx, [ebp-$20] 00500fcb mov dl, 1 00500fcd mov eax, [$46b184] 00500fd2 call -$a44ab ($45cb2c) ; SysUtils.Exception.CreateFmt 00500fd2 00500fd7 > call -$fc9ec ($4045f0) ; System.@RaiseExcept 00500fd7 00500fdc jmp loc_50103e 00500fdc 00500fdc ; --------------------------------------------------------- 00500fdc 00500fde loc_500fde: 00500fde 658 movzx edx, ax 00500fe1 mov eax, esi 00500fe3 call +$36c0 ($5046a8) ; TntSysUtils.WideFileOpen 00500fe3 00500fe8 659 test eax, eax 00500fea jge loc_50103e 00500fea 00500fec 661 call -$f9035 ($407fbc) ; Windows.GetLastError 00500fec 00500ff1 lea edx, [ebp-8] 00500ff4 call +$3aff ($504af8) ; TntSysUtils.WideSysErrorMessage 00500ff4 00500ff9 662 lea edx, [ebp-$24] 00500ffc mov eax, esi [...]