You are on page 1of 9

date/time

computer name
user name
registered owner
operating system
system language
system up time
program up time
processor
physical memory
free disk space
display mode
process id
allocated memory
executable
exec. date/time
version
compiled with
madExcept version
callstack crc
exception number
exception class
exception message

:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:

2016-02-11, 15:19:01, 177ms


ACER-PC
acer <admin>
acer
Windows NT New Service Pack 1 build 7601
English
39 minutes 47 seconds
14 seconds
Intel(R) Celeron(R) CPU 560 @ 2.13GHz
1158/2038 MB (free/total)
(C:) 3,54 GB (D:) 88,55 GB
1280x800, 32 bit
$be4
27,80 MB
bsplayer.exe
2012-06-05 11:19
2.6.2.1068
Delphi 7
3.0h
$e14efc67, $6d2dfd70, $6d2dfd70
1
EInOutError
File not found.

main thread ($7f0):


006b1687 +007b bsplayer.exe
006b17ba +0012 bsplayer.exe
006b17fd +0025 bsplayer.exe
005bbd4b +001b bsplayer.exe
005bd7d8 +0090 bsplayer.exe
005be770 +00ac bsplayer.exe
0064c960 +0720 bsplayer.exe
006474ce +028e bsplayer.exe
004c6d5c +0188 bsplayer.exe
004c9ca7 +0157 bsplayer.exe
004d8c2d +0421 bsplayer.exe
004c9924 +002c bsplayer.exe
0047d888 +0014 bsplayer.exe
75882e3c +000a USER32.dll
004df1c3 +0083 bsplayer.exe
004df1fa +000a bsplayer.exe
004df41a +0096 bsplayer.exe
006ba6d1 +1201 bsplayer.exe
76bfee1a +0010 kernel32.dll

bscommon
bscommon
bscommon
subtitles
bsuirender
vidovrfrmu
mbsplayu
mbsplayu
Controls
Controls
Forms
Controls
Classes
Forms
Forms
Forms
bsplayer

2287
2306
2339
78
821
108
3987
1245
4667
6364

+7
+1
+1
+3
+19
+15
+227
+49
+53
+33

InitDllData
GetDllPosOfs
LoadPackedLibrary
SubtitlesModInitFromDLL
BSUIOSD.Create
Tvidovrfrm.Init
TMBSPlayer.OpenFile
TMBSPlayer.msgDisp
TControl.WndProc
TWinControl.WndProc
TCustomForm.WndProc
6259 +3 TWinControl.MainWndProc
31881 +0 StdWndProc
DispatchMessageA
TApplication.ProcessMessage
TApplication.HandleMessage
TApplication.Run
659 +420 initialization
BaseThreadInitThunk

thread $1530:
77086a42 +0a ntdll.dll
NtWaitForMultipleObjects
76bfee1a +10 kernel32.dll BaseThreadInitThunk
thread $f64:
77086a72 +0a ntdll.dll
NtWaitForWorkViaWorkerFactory
76bfee1a +10 kernel32.dll BaseThreadInitThunk
thread $eb4:
77086a72 +0a ntdll.dll
NtWaitForWorkViaWorkerFactory
76bfee1a +10 kernel32.dll BaseThreadInitThunk
thread $166c:
77086a72 +0a ntdll.dll
NtWaitForWorkViaWorkerFactory
76bfee1a +10 kernel32.dll BaseThreadInitThunk

thread $61c:
77086a72 +0a ntdll.dll
NtWaitForWorkViaWorkerFactory
76bfee1a +10 kernel32.dll BaseThreadInitThunk
thread $540:
>> stack not accessible
modules:
00400000 bsplayer.exe
2.6.2.1068
D:\Desktop
10000000 blekkoantiphishing.dll 1.0.1.70
C:\ProgramData\blekko Anti-Ph
ishing
6caf0000 ddraw.dll
6.1.7600.16385
C:\Windows\system32
6cd40000 dsound.dll
6.1.7600.16385
C:\Windows\system32
6fca0000 explorerframe.dll
6.1.7601.17514
C:\Windows\system32
6fe10000 WINMM.dll
6.1.7601.17514
C:\Windows\system32
6fe80000 wsock32.dll
6.1.7600.16385
C:\Windows\system32
71120000 winspool.drv
6.1.7601.17514
C:\Windows\system32
712d0000 rasadhlp.dll
6.1.7600.16385
C:\Windows\system32
71d20000 WINNSI.DLL
6.1.7600.16385
C:\Windows\system32
71d30000 IPHLPAPI.DLL
6.1.7601.17514
C:\Windows\system32
733e0000 ntmarta.dll
6.1.7600.16385
C:\Windows\system32
73520000 POWRPROF.dll
6.1.7600.16385
C:\Windows\system32
73880000 msimg32.dll
6.1.7600.16385
C:\Windows\system32
738f0000 DCIMAN32.dll
6.1.7601.18177
C:\Windows\system32
73900000 olepro32.dll
6.1.7601.17514
C:\Windows\system32
73a50000 wtsapi32.dll
6.1.7601.17514
C:\Windows\system32
73ac0000 WindowsCodecs.dll
6.2.9200.16809
C:\Windows\system32
73c20000 dwmapi.dll
6.1.7600.16385
C:\Windows\system32
73cd0000 DUser.dll
6.1.7600.16385
C:\Windows\system32
73d00000 DUI70.dll
6.1.7600.16385
C:\Windows\system32
73f50000 uxtheme.dll
6.1.7600.16385
C:\Windows\system32
73f90000 propsys.dll
7.0.7601.17514
C:\Windows\system32
740d0000 comctl32.dll
6.10.7601.17514
C:\Windows\WinSxS\x86_microso
ft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2
74530000 version.dll
6.1.7600.16385
C:\Windows\system32
74940000 DNSAPI.dll
6.1.7601.17570
C:\Windows\system32
74bf0000 WINSTA.dll
6.1.7601.17514
C:\Windows\system32
74f60000 SspiCli.dll
6.1.7601.18443
C:\Windows\system32
74fd0000 CRYPTBASE.dll
6.1.7600.16385
C:\Windows\system32
75110000 CFGMGR32.dll
6.1.7601.17514
C:\Windows\system32
75260000 DEVOBJ.dll
6.1.7600.16385
C:\Windows\system32
75280000 KERNELBASE.dll
6.1.7601.18409
C:\Windows\system32
753d0000 SETUPAPI.dll
6.1.7601.17514
C:\Windows\system32
755a0000 msvcrt.dll
7.0.7601.17744
C:\Windows\system32
75870000 USER32.dll
6.1.7601.17514
C:\Windows\system32
759a0000 advapi32.dll
6.1.7601.18247
C:\Windows\system32
75c00000 SHLWAPI.dll
6.1.7601.17514
C:\Windows\system32
75d80000 RPCRT4.dll
6.1.7601.18205
C:\Windows\system32
75e40000 OLEAUT32.dll
6.1.7601.17676
C:\Windows\system32
75ed0000 SHELL32.dll
6.1.7601.18429
C:\Windows\system32
76b20000 comdlg32.dll
6.1.7601.17514
C:\Windows\system32
76ba0000 LPK.dll
6.1.7601.18177
C:\Windows\system32
76bb0000 kernel32.dll
6.1.7601.18409
C:\Windows\system32
76c90000 GDI32.dll
6.1.7601.18275
C:\Windows\system32
76ce0000 USP10.dll
1.626.7601.18454 C:\Windows\system32
76d80000 CLBCatQ.DLL
2001.12.8530.16385 C:\Windows\system32
76e10000 MSCTF.dll
6.1.7600.16385
C:\Windows\system32
76ee0000 ole32.dll
6.1.7601.17514
C:\Windows\system32
77040000 ntdll.dll
6.1.7601.18247
C:\Windows\SYSTEM32

77180000
77190000
771c0000
771e0000
77220000

NSI.dll
IMM32.DLL
sechost.dll
WS2_32.dll
WLDAP32.dll

6.1.7600.16385
6.1.7601.17514
6.1.7600.16385
6.1.7601.17514
6.1.7601.17514

C:\Windows\system32
C:\Windows\system32
C:\Windows\SYSTEM32
C:\Windows\system32
C:\Windows\system32

hardware:
+ Batteries
- Microsoft AC Adapter
- Microsoft ACPI-Compliant Control Method Battery
- Microsoft Composite Battery
+ Computer
- ACPI x86-based PC
+ Disk drives
- USB Device
- WDC WD1600BEVT-22ZCT0 ATA Device
+ Display adapters
- Mobile Intel(R) 965 Express Chipset Family (driver 8.15.10.1930)
- Mobile Intel(R) 965 Express Chipset Family (driver 8.15.10.1930)
+ DVD/CD-ROM drives
- HL-DT-ST DVDRAM GSA-T40N ATA Device
- USB Device
+ IDE ATA/ATAPI controllers
- ATA Channel 0
- ATA Channel 0
- ATA Channel 1
- ATA Channel 1
- Intel(R) ICH8M 3 port Serial ATA Storage Controller - 2828
- Intel(R) ICH8M Ultra ATA Storage Controllers - 2850
+ Keyboards
- Standard PS/2 Keyboard
+ Mice and other pointing devices
- PS/2 Compatible Mouse
+ Modems
- Agere Systems HDA Modem
+ Monitors
- Generic PnP Monitor
+ Network adapters
- Broadcom 802.11g Network Adapter
- Broadcom NetLink (TM) Fast Ethernet (driver 10.100.4.0)
+ Portable Devices
- J:\
+ Processors
- Intel(R) Celeron(R) CPU
560 @ 2.13GHz
+ Sound, video and game controllers
- High Definition Audio Device
+ Storage volume shadow copies
- Generic volume shadow copy
+ System devices
- ACPI Fixed Feature Button
- ACPI Lid
- ACPI Power Button
- ACPI Sleep Button
- ACPI Thermal Zone
- Composite Bus Enumerator
- Direct memory access controller
- File as Volume Driver
- High Definition Audio Controller
- High precision event timer
- Intel(R) 82801 PCI Bridge - 2448

Intel(R) 82802 Firmware Hub Device


Intel(R) ICH8 Family PCI Express Root Port 1 - 283F
Intel(R) ICH8 Family PCI Express Root Port 2 - 2841
Intel(R) ICH8 Family PCI Express Root Port 3 - 2843
Intel(R) ICH8 Family PCI Express Root Port 4 - 2845
Intel(R) ICH8 Family SMBus Controller - 283E
Intel(R) ICH8M LPC Interface Controller - 2815
Microsoft ACPI-Compliant Embedded Controller
Microsoft ACPI-Compliant System
Microsoft System Management BIOS Driver
Microsoft Virtual Drive Enumerator Driver
Microsoft Windows Management Interface for ACPI
Microsoft Windows Management Interface for ACPI
Mobile Intel(R) PM965/GM965/GL960/GS965 Express Processor to DRAM Controller
- 2A00
- Motherboard resources
- Numeric data processor
- PCI bus
- Plug and Play Software Device Enumerator
- Programmable interrupt controller
- Remote Desktop Device Redirector Bus
- System CMOS/real time clock
- System timer
- Terminal Server Keyboard Driver
- Terminal Server Mouse Driver
- UMBus Enumerator
- UMBus Enumerator
- UMBus Root Bus Enumerator
- Volume Manager
+ Universal Serial Bus controllers
- Intel(R) ICH8 Family USB Universal Host Controller - 2830
- Intel(R) ICH8 Family USB Universal Host Controller - 2831
- Intel(R) ICH8 Family USB Universal Host Controller - 2832
- Intel(R) ICH8 Family USB Universal Host Controller - 2834
- Intel(R) ICH8 Family USB Universal Host Controller - 2835
- Intel(R) ICH8 Family USB2 Enhanced Host Controller - 2836
- Intel(R) ICH8 Family USB2 Enhanced Host Controller - 283A
- USB Mass Storage Device
- USB Root Hub
- USB Root Hub
- USB Root Hub
- USB Root Hub
- USB Root Hub
- USB Root Hub
- USB Root Hub
cpu
eax
ebx
ecx
edx
esi
edi
eip
esp
ebp

registers:
= 0219b3b8
= 006b1687
= 00000003
= 006b1687
= 006b1687
= 0012f8ec
= 006b1687
= 0012f5c0
= 0012f76c

stack dump:
0012f5c0 87 16 6b 00 de fa ed 0e - 01 00 00 00 07 00 00 00 ..k.............
0012f5d0 d4 f5 12 00 87 16 6b 00 - b8 b3 19 02 87 16 6b 00 ......k.......k.

0012f5e0
0012f5f0
0012f600
0012f610
0012f620
0012f630
0012f640
0012f650
0012f660
0012f670
0012f680
0012f690
0012f6a0
0012f6b0
0012f6c0
0012f6d0
0012f6e0
0012f6f0

87
00
87
14
01
a8
00
00
44
64
00
00
00
00
00
00
00
00

16
00
16
00
00
32
00
00
3a
76
00
00
00
00
00
00
00
00

disassembling:
[...]
006b166d
006b1672 2286
006b1677
006b167d
006b1682
006b1687 2287 >
006b168d
006b1692
006b1697
006b1699
006b169c
[...]

6b
00
6b
00
00
40
00
00
5c
32
00
00
00
00
00
00
00
00

00
00
00
00
00
00
00
00
44
2e
00
00
00
00
00
00
00
00

call
mov
lea
call
call
lea
call
call
mov
sub
lea

date/time
computer name
user name
registered owner
operating system
system language
system up time
program up time
processor
physical memory
free disk space
display mode
process id
allocated memory
executable
exec. date/time
version
compiled with
madExcept version
callstack crc
exception number
exception class
exception message

:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:

ec
40
84
00
00
38
00
00
65
64
00
00
00
00
00
00
00
00

f8
2c
f7
00
00
32
00
00
73
6c
00
00
00
00
00
00
00
00

12
40
12
00
00
40
00
00
6b
6c
00
00
00
00
00
00
00
00

00
00
00
00
00
00
00
00
74
00
00
00
00
00
00
00
00
00

6c
f0
0c
00
00
00
00
00
6f
00
00
00
00
00
00
00
00
00

f7
f8
4d
00
00
00
00
00
70
00
00
00
00
00
00
00
00
00

12
12
40
00
00
00
00
00
5c
00
00
00
00
00
00
00
00
00

-$2ae21e ($403454)
edx, 1
eax, [ebp-$154]
-$2adac6 ($403bbc)
-$2aea0b ($402c7c)
eax, [ebp-$154]
-$2ade36 ($40385c)
-$2aea1b ($402c7c)
edx, eax
edx, 4
eax, [ebp-$154]

00
00
00
00
00
00
00
00
62
00
00
00
00
00
00
00
00
00

f0
14
6c
b0
64
b4
00
00
73
00
00
00
00
00
00
00
00
00

f5
00
f7
d7
f7
3a
00
00
72
00
00
00
00
00
00
00
00
00

12
00
12
01
12
40
00
00
65
00
00
00
00
00
00
00
00
00

00
00
00
00
00
00
00
00
6e
00
00
00
00
00
00
00
00
00

..k.....l.......
....@,@.........
..k......M@.l...
................
............d...
.2@.82@......:@.
................
................
D:\Desktop\bsren
dv2.dll.........
................
................
................
................
................
................
................
................

; System.@Assign
; System.@ResetFile
; System.@_IOTest
; System.@FileSize
; System.@_IOTest

2016-02-12, 17:45:31, 72ms


ACER-PC
acer <admin>
acer
Windows NT New Service Pack 1 build 7601
English
2 minutes 56 seconds
5 seconds
Intel(R) Celeron(R) CPU 560 @ 2.13GHz
1318/2038 MB (free/total)
(C:) 3,66 GB (D:) 88,55 GB
1280x800, 32 bit
$a54
27,55 MB
bsplayer.exe
2012-06-05 11:19
2.6.2.1068
Delphi 7
3.0h
$e14efc67, $b7a49148, $b7a49148
1
EInOutError
File not found.

main thread ($f74):


006b1687 +007b bsplayer.exe bscommon

2287

+7 InitDllData

006b17ba
006b17fd
005bbd4b
005bd7d8
005be770
0064c960
00658232
006535c8
00651691
004c6ef4
0051486d
004c734a
00514a64
004c6d5c
004c9ca7
004c9924
0047d888
76932e3c
004df1c3
004df1fa
004df41a
006ba6d1
7561ee1a

+0012
+0025
+001b
+0090
+00ac
+0720
+007a
+15c4
+0585
+0064
+0009
+005e
+0048
+0188
+0157
+002c
+0014
+000a
+0083
+000a
+0096
+1201
+0010

bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
USER32.dll
bsplayer.exe
bsplayer.exe
bsplayer.exe
bsplayer.exe
kernel32.dll

bscommon
bscommon
subtitles
bsuirender
vidovrfrmu
mbsplayu
mbsplayu
mbsplayu
mbsplayu
Controls
bsMdfBtn
Controls
bsMdfBtn
Controls
Controls
Controls
Classes
Forms
Forms
Forms
bsplayer

2306
2339
78
821
108
3987
8256
6299
5826
4727
600
4863
670
4667
6364
6259
31881

+1
+1
+3
+19
+15
+227
+3
+292
+124
+9
+0
+6
+5
+53
+33
+3
+0

GetDllPosOfs
LoadPackedLibrary
SubtitlesModInitFromDLL
BSUIOSD.Create
Tvidovrfrm.Init
TMBSPlayer.OpenFile
TMBSPlayer.Play1Click
TMBSPlayer.FormKeyDown
TMBSPlayer.actDisp
TControl.Click
TbsMdfBtn.Click
TControl.WMLButtonUp
TbsMdfBtn.WMLButtonUp
TControl.WndProc
TWinControl.WndProc
TWinControl.MainWndProc
StdWndProc
DispatchMessageA
TApplication.ProcessMessage
TApplication.HandleMessage
TApplication.Run
659 +420 initialization
BaseThreadInitThunk

thread $b04:
77286a42 +0a ntdll.dll
NtWaitForMultipleObjects
7561ee1a +10 kernel32.dll BaseThreadInitThunk
thread $b10:
77286a72 +0a ntdll.dll
NtWaitForWorkViaWorkerFactory
7561ee1a +10 kernel32.dll BaseThreadInitThunk
thread $f88:
77286a72 +0a ntdll.dll
NtWaitForWorkViaWorkerFactory
7561ee1a +10 kernel32.dll BaseThreadInitThunk
thread $664:
77286a72 +0a ntdll.dll
NtWaitForWorkViaWorkerFactory
7561ee1a +10 kernel32.dll BaseThreadInitThunk
thread $b98:
77286a72 +0a ntdll.dll
NtWaitForWorkViaWorkerFactory
7561ee1a +10 kernel32.dll BaseThreadInitThunk
modules:
00400000
10000000
ishing
6a5c0000
6fea0000
70190000
70ab0000
70ac0000
70bb0000
70bd0000
712d0000
71660000
735f0000
73740000
73c90000

bsplayer.exe
2.6.2.1068
blekkoantiphishing.dll 1.0.1.70

D:\Desktop
C:\ProgramData\blekko Anti-Ph

msimg32.dll
WINMM.dll
explorerframe.dll
DCIMAN32.dll
ddraw.dll
olepro32.dll
dsound.dll
winspool.drv
wsock32.dll
ntmarta.dll
POWRPROF.dll
wtsapi32.dll

C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32
C:\Windows\system32

6.1.7600.16385
6.1.7601.17514
6.1.7601.17514
6.1.7601.18177
6.1.7600.16385
6.1.7601.17514
6.1.7600.16385
6.1.7601.17514
6.1.7600.16385
6.1.7600.16385
6.1.7600.16385
6.1.7601.17514

73cb0000 WindowsCodecs.dll
6.2.9200.16809
C:\Windows\system32
73e10000 dwmapi.dll
6.1.7600.16385
C:\Windows\system32
73ec0000 DUser.dll
6.1.7600.16385
C:\Windows\system32
73ef0000 DUI70.dll
6.1.7600.16385
C:\Windows\system32
74140000 uxtheme.dll
6.1.7600.16385
C:\Windows\system32
74180000 propsys.dll
7.0.7601.17514
C:\Windows\system32
742c0000 comctl32.dll
6.10.7601.17514
C:\Windows\WinSxS\x86_microso
ft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2
74720000 version.dll
6.1.7600.16385
C:\Windows\system32
75070000 WINSTA.dll
6.1.7601.17514
C:\Windows\system32
75160000 SspiCli.dll
6.1.7601.18443
C:\Windows\system32
751d0000 CRYPTBASE.dll
6.1.7600.16385
C:\Windows\system32
75390000 DEVOBJ.dll
6.1.7600.16385
C:\Windows\system32
753c0000 CFGMGR32.dll
6.1.7601.17514
C:\Windows\system32
75540000 KERNELBASE.dll
6.1.7601.18409
C:\Windows\system32
755d0000 kernel32.dll
6.1.7601.18409
C:\Windows\system32
758d0000 SHELL32.dll
6.1.7601.18429
C:\Windows\system32
76550000 SHLWAPI.dll
6.1.7601.17514
C:\Windows\system32
765b0000 NSI.dll
6.1.7600.16385
C:\Windows\system32
765c0000 MSCTF.dll
6.1.7600.16385
C:\Windows\system32
76690000 comdlg32.dll
6.1.7601.17514
C:\Windows\system32
768d0000 WLDAP32.dll
6.1.7601.17514
C:\Windows\system32
76920000 USER32.dll
6.1.7601.17514
C:\Windows\system32
769f0000 GDI32.dll
6.1.7601.18275
C:\Windows\system32
76a40000 USP10.dll
1.626.7601.18454 C:\Windows\system32
76c00000 SETUPAPI.dll
6.1.7601.17514
C:\Windows\system32
76da0000 OLEAUT32.dll
6.1.7601.17676
C:\Windows\system32
76e30000 RPCRT4.dll
6.1.7601.18205
C:\Windows\system32
76ee0000 sechost.dll
6.1.7600.16385
C:\Windows\SYSTEM32
76f10000 ole32.dll
6.1.7601.17514
C:\Windows\system32
770d0000 LPK.dll
6.1.7601.18177
C:\Windows\system32
770e0000 IMM32.DLL
6.1.7601.17514
C:\Windows\system32
77110000 CLBCatQ.DLL
2001.12.8530.16385 C:\Windows\system32
771a0000 advapi32.dll
6.1.7601.18247
C:\Windows\system32
77240000 ntdll.dll
6.1.7601.18247
C:\Windows\SYSTEM32
77380000 WS2_32.dll
6.1.7601.17514
C:\Windows\system32
773c0000 msvcrt.dll
7.0.7601.17744
C:\Windows\system32
hardware:
+ Batteries
- Microsoft AC Adapter
- Microsoft ACPI-Compliant Control Method Battery
- Microsoft Composite Battery
+ Computer
- ACPI x86-based PC
+ Disk drives
- WDC WD1600BEVT-22ZCT0 ATA Device
+ Display adapters
- Mobile Intel(R) 965 Express Chipset Family (driver 8.15.10.1930)
- Mobile Intel(R) 965 Express Chipset Family (driver 8.15.10.1930)
+ DVD/CD-ROM drives
- HL-DT-ST DVDRAM GSA-T40N ATA Device
+ IDE ATA/ATAPI controllers
- ATA Channel 0
- ATA Channel 0
- ATA Channel 1
- ATA Channel 1
- Intel(R) ICH8M 3 port Serial ATA Storage Controller - 2828
- Intel(R) ICH8M Ultra ATA Storage Controllers - 2850
+ Keyboards

- Standard PS/2 Keyboard


+ Mice and other pointing devices
- PS/2 Compatible Mouse
+ Modems
- Agere Systems HDA Modem
+ Monitors
- Generic PnP Monitor
+ Network adapters
- Broadcom 802.11g Network Adapter
- Broadcom NetLink (TM) Fast Ethernet (driver 10.100.4.0)
+ Processors
- Intel(R) Celeron(R) CPU
560 @ 2.13GHz
+ Sound, video and game controllers
- High Definition Audio Device
+ System devices
- ACPI Fixed Feature Button
- ACPI Lid
- ACPI Power Button
- ACPI Sleep Button
- ACPI Thermal Zone
- Composite Bus Enumerator
- Direct memory access controller
- File as Volume Driver
- High Definition Audio Controller
- High precision event timer
- Intel(R) 82801 PCI Bridge - 2448
- Intel(R) 82802 Firmware Hub Device
- Intel(R) ICH8 Family PCI Express Root Port 1 - 283F
- Intel(R) ICH8 Family PCI Express Root Port 2 - 2841
- Intel(R) ICH8 Family PCI Express Root Port 3 - 2843
- Intel(R) ICH8 Family PCI Express Root Port 4 - 2845
- Intel(R) ICH8 Family SMBus Controller - 283E
- Intel(R) ICH8M LPC Interface Controller - 2815
- Microsoft ACPI-Compliant Embedded Controller
- Microsoft ACPI-Compliant System
- Microsoft System Management BIOS Driver
- Microsoft Virtual Drive Enumerator Driver
- Microsoft Windows Management Interface for ACPI
- Microsoft Windows Management Interface for ACPI
- Mobile Intel(R) PM965/GM965/GL960/GS965 Express Processor to DRAM Controller
- 2A00
- Motherboard resources
- Numeric data processor
- PCI bus
- Plug and Play Software Device Enumerator
- Programmable interrupt controller
- Remote Desktop Device Redirector Bus
- System CMOS/real time clock
- System timer
- Terminal Server Keyboard Driver
- Terminal Server Mouse Driver
- UMBus Enumerator
- UMBus Root Bus Enumerator
- Volume Manager
+ Universal Serial Bus controllers
- Intel(R) ICH8 Family USB Universal Host Controller - 2830
- Intel(R) ICH8 Family USB Universal Host Controller - 2831
- Intel(R) ICH8 Family USB Universal Host Controller - 2832
- Intel(R) ICH8 Family USB Universal Host Controller - 2834
- Intel(R) ICH8 Family USB Universal Host Controller - 2835

cpu
eax
ebx
ecx
edx
esi
edi
eip
esp
ebp

Intel(R)
Intel(R)
USB Root
USB Root
USB Root
USB Root
USB Root
USB Root
USB Root

ICH8 Family USB2 Enhanced Host Controller - 2836


ICH8 Family USB2 Enhanced Host Controller - 283A
Hub
Hub
Hub
Hub
Hub
Hub
Hub

registers:
= 021aafc8
= 006b1687
= 00000003
= 006b1687
= 006b1687
= 0012f830
= 006b1687
= 0012f504
= 0012f6b0

stack dump:
0012f504 87
0012f514 18
0012f524 87
0012f534 00
0012f544 87
0012f554 14
0012f564 01
0012f574 a8
0012f584 00
0012f594 00
0012f5a4 44
0012f5b4 64
0012f5c4 00
0012f5d4 00
0012f5e4 00
0012f5f4 00
0012f604 00
0012f614 00
0012f624 00
0012f634 00

16
f5
16
00
16
00
00
32
00
00
3a
76
00
00
00
00
00
00
00
00

disassembling:
[...]
006b166d
006b1672 2286
006b1677
006b167d
006b1682
006b1687 2287 >
006b168d
006b1692
006b1697
006b1699
006b169c
[...]

6b
12
6b
00
6b
00
00
40
00
00
5c
32
00
00
00
00
00
00
00
00

00
00
00
00
00
00
00
00
00
00
44
2e
00
00
00
00
00
00
00
00

call
mov
lea
call
call
lea
call
call
mov
sub
lea

de
87
30
40
c8
00
00
38
00
00
65
64
00
00
00
00
00
00
00
00

fa
16
f8
2c
f6
00
00
32
00
00
73
6c
00
00
00
00
00
00
00
00

ed
6b
12
40
12
00
00
40
00
00
6b
6c
00
00
00
00
00
00
00
00

0e
00
00
00
00
00
00
00
00
00
74
00
00
00
00
00
00
00
00
00

01
c8
b0
34
0c
00
00
00
00
00
6f
00
00
00
00
00
00
00
00
00

00
af
f6
f8
4d
00
00
00
00
00
70
00
00
00
00
00
00
00
00
00

-$2ae21e ($403454)
edx, 1
eax, [ebp-$154]
-$2adac6 ($403bbc)
-$2aea0b ($402c7c)
eax, [ebp-$154]
-$2ade36 ($40385c)
-$2aea1b ($402c7c)
edx, eax
edx, 4
eax, [ebp-$154]

00
1a
12
12
40
00
00
00
00
00
5c
00
00
00
00
00
00
00
00
00

00
02
00
00
00
00
00
00
00
00
62
00
00
00
00
00
00
00
00
00

07
87
34
14
b0
b0
a8
b4
00
00
73
00
00
00
00
00
00
00
00
00

00
16
f5
00
f6
d7
f6
3a
00
00
72
00
00
00
00
00
00
00
00
00

00
6b
12
00
12
01
12
40
00
00
65
00
00
00
00
00
00
00
00
00

00
00
00
00
00
00
00
00
00
00
6e
00
00
00
00
00
00
00
00
00

..k.............
......k.......k.
..k.0.......4...
....@,@.4.......
..k......M@.....
................
................
.2@.82@......:@.
................
................
D:\Desktop\bsren
dv2.dll.........
................
................
................
................
................
................
................
................

; System.@Assign
; System.@ResetFile
; System.@_IOTest
; System.@FileSize
; System.@_IOTest