Anda di halaman 1dari 5

date/time

: 2016-05-23, 07:20:56, 786ms


computer name
: DADAN-PC
user name
: dadan
registered owner : dadan
operating system : Windows 7 Service Pack 1 build 7601
system language : Indonesian
system up time
: 6 minutes 57 seconds
program up time : 2 minutes 37 seconds
processors
: 4x Intel(R) Atom(TM) CPU N570 @ 1.66GHz
physical memory : 863/2036 MB (free/total)
free disk space : (C:) 2,38 GB
display mode
: 1024x600, 32 bit
process id
: $9a8
allocated memory : 71,50 MB
command line
: "C:\Program Files\TeraCopy\teracopy.exe" Move *"C:\Users\dad
an\AppData\Roaming\TeraCopy\FileList.dat" "D:\Data aplikasi\memory hp gua"
executable
: teracopy.exe
exec. date/time : 2013-12-07 16:04
version
: 2.3.0.0
compiled with
: Delphi XE2
madExcept version : 3.0o
teracopy.exe.mad : $0000a8d0, $28564387, $cb1f2015
contact name
: dadan hauri
contact email
: dadanhauri@gmail.com
callstack crc
: $75675b3b, $be80791f, $be80791f
exception number : 1
exception class : EOutOfMemory
exception message : Out of memory.
thread $11b0:
004cee48 +388
004a60fd +00d
004a6167 +037
75f8ef1a +010
>> created by
75f8de8d +01b

teracopy.exe
teracopy.exe
teracopy.exe
kernel32.dll
thread $1148
kernel32.dll

segment%54 public%4209
segment%32 public%3659
segment%32 public%3660
BaseThreadInitThunk
at:
CreateThread

main thread ($f48):


760941ee +e2 user32.dll
IsDialogMessageW
75f8ef1a +10 kernel32.dll BaseThreadInitThunk
thread $aa4:
76fc6a26 +0a ntdll.dll
NtWaitForMultipleObjects
75f8ef1a +10 kernel32.dll BaseThreadInitThunk
thread $1148:
004a60fd +0d teracopy.exe segment%32 public%3659
004a6167 +37 teracopy.exe segment%32 public%3660
75f8ef1a +10 kernel32.dll
BaseThreadInitThunk
>> created by thread $ac4 at:
75f8de8d +1b kernel32.dll
CreateThread
modules:
00400000
10000000
Manager
6eef0000
6ff30000
71180000
73810000

teracopy.exe
idmmkb.dll

2.3.0.0
6.19.9.1

C:\Program Files\TeraCopy
C:\Program Files\Internet Download

winmm.dll
explorerframe.dll
wsock32.dll
DUser.dll

6.1.7601.17514
6.1.7601.19135
6.1.7600.16385
6.1.7600.16385

C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32

73840000 DUI70.dll
6.1.7600.16385
C:\Windows\system32
73b90000 comctl32.dll
6.10.7601.18837
C:\Windows\WinSxS\x86_microsoft.wi
ndows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
73d30000 propsys.dll
7.0.7601.17514
C:\Windows\system32
73e30000 dwmapi.dll
6.1.7601.18917
C:\Windows\system32
73e50000 uxtheme.dll
6.1.7600.16385
C:\Windows\system32
740f0000 ntmarta.dll
6.1.7600.16385
C:\Windows\system32
743f0000 version.dll
6.1.7600.16385
C:\Windows\system32
74df0000 SspiCli.dll
6.1.7601.19160
C:\Windows\system32
74e60000 CRYPTBASE.dll
6.1.7601.19160
C:\Windows\system32
75180000 KERNELBASE.dll
6.1.7601.19135
C:\Windows\system32
751e0000 CFGMGR32.dll
6.1.7601.17514
C:\Windows\system32
75230000 DEVOBJ.dll
6.1.7600.16385
C:\Windows\system32
75270000 comdlg32.dll
6.1.7601.17514
C:\Windows\system32
752f0000 shell32.dll
6.1.7601.19135
C:\Windows\system32
75f40000 kernel32.dll
6.1.7601.19135
C:\Windows\system32
76080000 user32.dll
6.1.7601.19061
C:\Windows\system32
76150000 NSI.dll
6.1.7600.16385
C:\Windows\system32
76190000 msvcrt.dll
7.0.7601.17744
C:\Windows\system32
76240000 USP10.dll
1.626.7601.19054 C:\Windows\system32
762e0000 GDI32.dll
6.1.7601.19091
C:\Windows\system32
76330000 IMM32.DLL
6.1.7601.17514
C:\Windows\system32
76350000 RPCRT4.dll
6.1.7601.19160
C:\Windows\system32
76400000 advapi32.dll
6.1.7601.19160
C:\Windows\system32
764b0000 MSCTF.dll
6.1.7601.18731
C:\Windows\system32
76580000 WS2_32.dll
6.1.7601.17514
C:\Windows\system32
767d0000 sechost.dll
6.1.7601.18869
C:\Windows\SYSTEM32
767f0000 SHLWAPI.dll
6.1.7601.17514
C:\Windows\system32
76850000 SetupApi.dll
6.1.7601.17514
C:\Windows\system32
76a00000 oleaut32.dll
6.1.7601.19144
C:\Windows\system32
76a90000 ole32.dll
6.1.7601.19131
C:\Windows\system32
76f80000 ntdll.dll
6.1.7601.19160
C:\Windows\SYSTEM32
770d0000 WLDAP32.dll
6.1.7601.17514
C:\Windows\system32
77130000 CLBCatQ.DLL
2001.12.8530.16385 C:\Windows\system32
771c0000 LPK.dll
6.1.7601.19146
C:\Windows\system32
processes:
0000 Idle
0004 System
0180 smss.exe
0208 csrss.exe
0240 wininit.exe
0248 csrss.exe
0270 services.exe
0288 lsass.exe
0290 lsm.exe
02c8 winlogon.exe
0320 svchost.exe
037c svchost.exe
03c0 svchost.exe
03fc svchost.exe
0420 svchost.exe
044c svchost.exe
048c audiodg.exe
04ac svchost.exe
0544 svchost.exe
0598 AvastSvc.exe
05b0 wlanext.exe
05b8 conhost.exe
0660 Explorer.EXE

0
0
0
0
0
1
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
1

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
596

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
368 normal

C:\Windows

066c Dwm.exe
069c spoolsv.exe
06a8 taskeng.exe
06c8 svchost.exe
06f0 taskhost.exe
0218 GoogleUpdate.exe
000c taskeng.exe
051c SM?RTP.exe
0810 avgsvcx.exe
082c ABService.exe
087c ChgService.exe
089c svchost.exe
08c8 NitroPDFDriverService9.exe
0970 Nitro_UpdateService.exe
09a0 NLSSRV32.EXE
0a60 RtHDVCpl.exe
Audio\HDA
0a80 igfxtray.exe
0a94 hkcmd.exe
0aa8 igfxsrvc.exe
0ac8 igfxpers.exe
0af0 SynTPEnh.exe
s\SynTP
0c88 svchost.exe
0e80 ConnectifyService.exe
0f1c Connectifyd.exe
0f70 SearchIndexer.exe
0f80 conhost.exe
0fe0 sppsvc.exe
0e14 svchost.exe
0e74 AvastUI.exe
0654 SynTPHelper.exe
0d38 BJMYPRT.EXE
Printer
0cd0 CNSEMAIN.EXE
lution Menu EX
1020 avguix.exe
ework\Common
1028 Connectify.exe
fy
1094 IDMan.exe
Download Manager
10c8 wcmmon.exe
x
10d0 Skype.exe
one
13dc IEMonitor.exe
Download Manager
13f8 WmiPrvSE.exe
1630 unsecapp.exe
1070 WmiPrvSE.exe
15b4 svchost.exe
1628 wmpnetwk.exe
17fc WUDFHost.exe
1034 TrustedInstaller.exe
09a8 teracopy.exe
hardware:
+ Batteries
- Microsoft AC Adapter

1
0
0
0
1
0
1
1
0
0
0
0
0
0
0
1

14
0
0
0
26
0
0
0
0
0
0
0
0
0
0
54

2 high
0
0
0
20 normal
0
0
0
0
0
0
0
0
0
0
20 normal

C:\Windows\system32

1
1
1
1
1

11
9
9
9
88

6
17
3
5
43

C:\Windows\System32
C:\Windows\System32
C:\Windows\system32
C:\Windows\System32
C:\Program Files\Synaptic

0
0
0
0
0
0
0
1
1
1

0
0
0
0
0
0
0
0
0
29

0
0
0
0
0
0
0
0
0
15 normal

C:\Program Files\Canon\My

1 172 30 normal

C:\Program Files\Canon\So

1 9

14 normal

C:\Program Files\AVG\Fram

1 100 181 normal

C:\Program Files\Connecti

1 103 71 normal

C:\Program Files\Internet

1 26 16 normal

C:\Program Files\WebcamMa

1 119 118 normal

C:\Program Files\Skype\Ph

1 18 16 normal

C:\Program Files\Internet

0
1
0
0
0
0
0
1

C:\Program Files\TeraCopy

0
0
0
0
0
0
0
143

normal
normal
normal
normal
above normal

0
0
0
0
0
0
0
87 normal

C:\Windows\system32

C:\Program Files\Realtek\

+
+

+
+
+
+
+
+
+
+
+
+

+
+

- Microsoft ACPI-Compliant Control Method Battery


- Microsoft Composite Battery
Computer
- ACPI x86-based PC
Disk drives
- Linux File-CD Gadget USB Device
- Linux File-CD Gadget USB Device
- ST9320325AS
Display adapters
- Intel(R) Graphics Media Accelerator 3150 (driver 8.15.10.2567)
- Intel(R) Graphics Media Accelerator 3150 (driver 8.15.10.2567)
IDE ATA/ATAPI controllers
- Intel(R) ICH7R/DH SATA AHCI Controller (driver 11.1.5.1001)
Imaging devices
- WebCam
Keyboards
- Standard PS/2 Keyboard
Memory technology driver
- Realtek PCIE CardReader (driver 6.3.9600.28150)
Mice and other pointing devices
- Synaptics PS/2 Port TouchPad (driver 17.0.6.21)
Monitors
- Generic PnP Monitor
Network adapters
- Broadcom 802.11n Network Adapter (driver 6.30.223.215)
- Realtek PCIe FE Family Controller (driver 7.82.317.2014)
Portable Devices
- F:\
- H:\
Processors
- Intel(R) Atom(TM) CPU N570 @ 1.66GHz
- Intel(R) Atom(TM) CPU N570 @ 1.66GHz
- Intel(R) Atom(TM) CPU N570 @ 1.66GHz
- Intel(R) Atom(TM) CPU N570 @ 1.66GHz
Sound, video and game controllers
- Realtek High Definition Audio (driver 6.0.1.7209)
- WebcamMax, WDM Video Capture (driver 7.0.0.88)
System devices
- ACPI Fixed Feature Button
- ACPI Lid
- ACPI Power Button
- ACPI Sleep Button
- ACPI Thermal Zone
- Composite Bus Enumerator
- Direct memory access controller
- File as Volume Driver
- High Definition Audio Controller
- High precision event timer
- Intel(R) 82801 PCI Bridge - 2448
- Intel(R) 82802 Firmware Hub Device
- Intel(R) N10 Family DMI Bridge - A010 (driver 9.1.9.1005)
- Intel(R) N10/ICH7 Family PCI Express Root Port - 27D0 (driver 9.1.9.1005)
- Intel(R) N10/ICH7 Family PCI Express Root Port - 27D2 (driver 9.1.9.1005)
- Intel(R) N10/ICH7 Family PCI Express Root Port - 27D4 (driver 9.1.9.1005)
- Intel(R) N10/ICH7 Family SMBus Controller - 27DA (driver 9.1.9.1005)
- Intel(R) NM10 Family LPC Interface Controller - 27BC (driver 9.1.9.1005)
- Microsoft ACPI-Compliant Embedded Controller
- Microsoft ACPI-Compliant System
- Microsoft System Management BIOS Driver
- Microsoft Virtual Drive Enumerator Driver

- Microsoft Watchdog Timer


- Microsoft Windows Management Interface for ACPI
- Motherboard resources
- Numeric data processor
- PCI bus
- Plug and Play Software Device Enumerator
- Programmable interrupt controller
- Remote Desktop Device Redirector Bus
- System CMOS/real time clock
- System timer
- Terminal Server Keyboard Driver
- Terminal Server Mouse Driver
- UMBus Enumerator
- UMBus Enumerator
- UMBus Root Bus Enumerator
- Volume Manager
+ Universal Serial Bus controllers
- Intel(R) N10/ICH7 Family USB Universal Host Controller
1006)
- Intel(R) N10/ICH7 Family USB Universal Host Controller
1006)
- Intel(R) N10/ICH7 Family USB Universal Host Controller
1006)
- Intel(R) N10/ICH7 Family USB2 Enhanced Host Controller
1006)
- USB Composite Device
- USB Composite Device
- USB Mass Storage Device
- USB Root Hub
- USB Root Hub
- USB Root Hub
- USB Root Hub
disassembling:
[...]
004cee34 mov
004cee38 mov
004cee3b add
004cee3e mov
004cee43 call
004cee48 > mov
004cee4b mov
004cee4e xor
004cee50 call
004cee55 jz
004cee5b mov
[...]

- 27C8 (driver 9.1.9.


- 27C9 (driver 9.1.9.
- 27CB (driver 9.1.9.
- 27CC (driver 9.1.9.

byte ptr [eax+$2c], 0


eax, [ebp-$c]
eax, $28
edx, $4cf438
-$c7884 ($4075c4)
; segment%0.public%300 (teracopy.exe)
eax, [ebp-$c]
eax, [eax+$c]
edx, edx
-$c6ecd ($407f88)
; segment%0.public%344 (teracopy.exe)
loc_4cef42
eax, [ebp-$c]