Bug Report

date/time
: 2011-12-27, 15:45:39, 622ms

computer name
: USER-PC
user name
: user <admin>
registered owner : user
operating system : Windows 7 build 7600
system language : Indonesian
system up time
: 1 minute 2 seconds
program up time : 12 seconds
processors
: 4x Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
physical memory : 1044/1783 MB (free/total)
free disk space : (C:) 74,18 GB (E:) 101,67 GB
display mode
: 1366x768, 32 bit
process id
: $5dc
allocated memory : 28,21 MB
command line
: E:\antivr\PCMAV.exe /RTP
executable
: PCMAV.exe
exec. date/time : 2011-08-01 14:05
version
: 5.4.0.0
compiled with
: Delphi 2006/07
madExcept version : 3.0m beta 1
PCMAV.exe.mad
: $00026970, $36ce3f01, $40a83269
callstack crc
: $a002e6b1, $387c663b, $387c663b
count
: 2
exception number : 1
exception class : EAccessViolation
exception message : Access violation at address 00603334 in module 'PCMAV.exe'.
Read of address 00000364.
main thread ($5e0):
00603334 +038 PCMAV.exe
004a6b4b +2bb PCMAV.exe
004aab42 +4fa PCMAV.exe
004bca33 +553 PCMAV.exe
004aa26c +02c PCMAV.exe
00475ed0 +014 PCMAV.exe
771b642b +02b ntdll.dll
772be133 +04f USER32.dll
004c39d6 +02a PCMAV.exe
004c40af +67b PCMAV.exe
771b642b +02b ntdll.dll
772c2fd7 +125 USER32.dll
006160c5 +045 PCMAV.exe
0060ac0d +095 PCMAV.exe
004bb67d +031 PCMAV.exe
004bb2d5 +011 PCMAV.exe
00404b55 +01d PCMAV.exe
004bb2ac +174 PCMAV.exe
004c49af +073 PCMAV.exe
0068c1a6 +0fa PCMAV.exe
76c01172 +010 kernel32.dll
segment%270
segment%54
segment%54
segment%58
segment%54
segment%31
segment%58
segment%58
segment%31
public%12188
public%4989
public%5136
public%5748
public%5131
public%3530
KiUserCallbackDispatcher
DefWindowProcA
public%5983
public%5985
public%3530
KiUserCallbackDispatcher
PeekMessageA
public%12350
public%12255
public%5712
public%5708
public%214
public%5707
public%3530
public%214
public%6004
public%13188
BaseThreadInitThunk
segment%276
segment%270
segment%58
segment%58
segment%0
segment%58
segment%31
segment%0
segment%58
segment%420
thread $cfc (TgtTimerThread):

771b5e6a +0a ntdll.dll
753d1796 +66 KERNELBASE.dll
76bfeffe +3e kernel32.dll
76bfefad +0d kernel32.dll
005d51fc +10 PCMAV.exe
segment%221
NtWaitForSingleObject
WaitForSingleObjectEx
WaitForSingleObjectEx
WaitForSingleObject
public%11305
00452c63 +2b PCMAV.exe

segment%23
0047475c +34 PCMAV.exe
segment%31
004056f4 +28 PCMAV.exe
segment%0
segment%23
00452baf +37 PCMAV.exe
segment%23
76c01172 +10 kernel32.dll
>> created by main thread ($5e0) at:
005d5183 +1b PCMAV.exe
segment%221
public%2339
public%3423
public%250
public%2337
public%2338
BaseThreadInitThunk
public%11302
thread $d00 (TWndProc): <suspended>

0061609f +1f PCMAV.exe segment%276 public%12350
thread $d04:
771b5e4a +0a ntdll.dll
NtWaitForMultipleObjects
76c01172 +10 kernel32.dll BaseThreadInitThunk
processes:
000 Idle
004 System
10c smss.exe
178 csrss.exe
1a0 wininit.exe
1a8 csrss.exe
1d8 services.exe
1e8 lsass.exe
1f0 lsm.exe
260 winlogon.exe
280 svchost.exe
2cc svchost.exe
320 svchost.exe
34c svchost.exe
370 svchost.exe
3c0 audiodg.exe
420 svchost.exe
498 svchost.exe
56c spoolsv.exe
588 taskeng.exe
5bc svchost.exe
5dc PCMAV.exe
600 taskhost.exe
63c Dwm.exe
660 Explorer.EXE
6a0 EngineServer.exe
VirusScan Enterprise
6bc FrameworkService.exe
Common Framework
72c GrooveMonitor.exe
ft Office\Office12
744 VsTskMgr.exe
784 mfevtps.exe
290 naPrdMgr.exe
Common Framework
634 svchost.exe
114 TuneUpUtilitiesService32.exe
Utilities 2010
3d8 Mcshield.exe
82c mfeann.exe
0
0
0
0
0
1
0
0
0
1
0
0
0
0
0
0
0
0
0
1
0
1
1
1
1
0
0
0
0
0
0
174
0
0
0
6
0
0
0
0
0
0
0
0
0
10
0
106
24
14
350
0
0
0
0
0
0
78
0
0
0
0
0
0
0
0
0
0
0
0
0
3
0
75
21
2
233
0
normal
normal
high
normal
normal
normal
normal
high
normal
normal
normal
normal
normal
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\System32
C:\Windows\System32
C:\Windows\system32
normal
normal
normal
normal
normal
below normal
normal
high
normal
normal
C:\Windows\system32
C:\Windows\system32
C:\Windows\System32
C:\Windows\system32
C:\Windows\system32
E:\antivr
C:\Windows\system32
C:\Windows\system32
C:\Windows
C:\Program Files\McAfee\
0 0
normal
1 9
normal
C:\Program Files\Microso
0 0
normal
0 0
0 0
0
0
normal
normal
C:\Windows\system32
0 0
0 0
0
0
normal
normal
C:\Windows\system32
C:\Program Files\TuneUp
0 0
high
0 0
normal
848 conhost.exe
b70 SearchIndexer.exe
c34 LogonUI.exe
cpu
eax
ebx
ecx
edx
esi
edi
eip
esp
ebp
0 0 0 normal
0 0 0 normal
1 115 20 high
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
registers:
= 00000000
= 018b27f0
= 00000000
= 00000000
= 0012f7d4
= 0012f860
= 00603334
= 0012f604
= 0012f734
stack dump:
0012f604 f0
0012f614 11
0012f624 08
0012f634 00
0012f644 78
0012f654 d0
0012f664 01
0012f674 78
0012f684 b6
0012f694 00
0012f6a4 17
0012f6b4 00
0012f6c4 11
0012f6d4 fc
0012f6e4 88
0012f6f4 00
0012f704 d8
0012f714 4f
0012f724 00
0012f734 74
27
00
73
00
05
fb
00
f8
72
00
04
00
00
f6
02
00
98
e1
00
f7
8b
00
2c
00
97
75
00
12
2c
00
0a
00
00
12
02
00
31
2b
00
12
01
00
77
00
00
7b
00
00
77
00
74
00
00
00
00
00
77
77
00
00
d4
d4
88
48
84
00
01
e3
fd
00
ef
00
f8
00
11
00
78
1c
01
47
f7
f7
02
f6
f6
00
00
62
f7
00
86
00
93
00
00
00
05
fa
00
ab
12
12
02
12
12
00
00
31
09
00
2c
00
ad
00
00
00
97
75
00
4a
00
00
00
00
00
00
00
77
74
00
77
00
00
00
00
00
00
7b
00
00
4e
c0
11
72
1c
00
54
94
88
88
6e
07
03
07
d4
0c
48
60
01
d4
6b
f6
00
8e
73
00
f6
7f
02
02
02
00
00
00
f7
f7
f7
f8
00
f7
4a
12
00
2c
2c
00
12
4b
02
02
04
00
00
00
12
12
12
12
00
12
00
00
00
77
77
00
00
0c
00
00
00
00
00
00
00
00
00
00
00
00
60
3c
00
d8
b6
dc
4f
fe
11
d8
03
1c
e0
00
80
72
84
d4
18
5c
f8
f6
00
98
72
9e
e1
ff
00
9e
00
00
f6
00
60
8e
e1
f7
f7
f7
12
12
00
31
2c
28
2b
ff
00
28
00
03
12
00
28
2c
2b
12
12
12
00
00
00
77
77
00
77
ff
00
00
00
00
00
00
03
77
77
00
00
00
.'......NkJ.`...
............<...
.s,w............
....H...r.,w..1w
x........s,w.r,w
..u{..........(.
........T...O.+w
x....b1w..K.....
.r,w...t........
..............(.
...t..,wn.......
................
................
................
.............`(.
............r.,w
..1wx...H.....+w
O.+w..u{`.......
................
t...G.J.....\...
disassembling:
006032fc public segment%270.public%12188 (PCMAV.exe): ; function entry point
006032fc push
ebx
006032fd push
esi
006032fe mov
esi, edx
00603300 mov
ebx, eax
00603302 mov
byte ptr [$6f6a35], 1
00603309 xor
edx, edx
0060330b mov
eax, ebx
0060330d call
+$9ae ($603cc0)
; segment%270.public%12194 (PCMAV.exe)
0060330d
00603312 push
$64
00603314 call
-$1a4271 ($45f0a8)
00603314
00603319 mov
dword ptr [esi+$c], 1
00603320 xor
edx, edx
00603322 mov
eax, [ebx+$4b8]
00603328 mov
ecx, [eax]
0060332a call
dword ptr [ecx+$30]
0060332a
0060332d mov
eax, [$69d790]
00603332 mov
eax, [eax]
00603334 > mov
eax, [eax+$364]
0060333a cmp
byte ptr [eax+$37], 0
0060333e jz
loc_60334b
0060333e
00603340 mov
edx, [$69d790]
00603346 call
-$11caa3 ($4e68a8)
00603346
0060334b loc_60334b:
0060334b mov
eax, [ebx+$528]
00603351 test
eax, eax
00603353 jz
loc_603361
00603353
00603355 call
+$14b2e ($617e88)
00603355
0060335a push
1
0060335c call
-$1a42b9 ($45f0a8)
0060335c
00603361 loc_603361:
00603361 mov
eax, [ebx+$360]
00603367 cmp
byte ptr [eax+$37], 0
0060336b jz
loc_603372
0060336b
0060336d call
-$11caca ($4e68a8)
0060336d
00603372 loc_603372:
00603372 mov
edx, esi
00603374 mov
eax, ebx
00603376 call
-$1438a3 ($4bfad8)
00603376
0060337b pop
esi
0060337c pop
ebx
0060337d ret

Bug Report

Diunggah oleh

Informasi Dokumen

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Bug Report

Diunggah oleh

Hak Cipta:

Format Tersedia

date/time

: 2011-12-27, 15:45:39, 622ms

thread $cfc (TgtTimerThread):

00452c63 +2b PCMAV.exe

thread $d00 (TWndProc): <suspended>

Anda mungkin juga menyukai