date/time : 2010-11-26, 10:33:21, 328ms computer name : CHANGEME user name : Administrator <admin> registered owner : CHANGE_ME / NONE

operating system : Windows XP Service Pack 3 build 2600 system language : English system up time : 1 hour 23 minutes program up time : 22 seconds processor : Intel(R) Pentium(R) 4 CPU 2.80GHz physical memory : 449/1022 MB (free/total) free disk space : (C:) 1012.81 MB (F:) 22.06 GB display mode : 1024x768, 32 bit process id : $f80 allocated memory : 10.37 MB executable : Sup_NetworkMon.exe exec. date/time : 2010-09-28 20:50 version : 1.0.0.0 compiled with : Delphi 2009 madExcept version : 3.0i callstack crc : $0f39f7da, $36615016, $36615016 exception number : 1 exception class : EAccessViolation exception message : Access violation at address 004D25F6 in module 'Sup_NetworkM on.exe'. Read of address 00000374. main thread ($1548): 004d25f6 +006 Sup_NetworkMon.exe 004d6fa2 +002 Sup_NetworkMon.exe 004f4bbf +067 Sup_NetworkMon.exe Click 004bbdb7 +06f Sup_NetworkMon.exe 004bc22a +066 Sup_NetworkMon.exe 004bb84e +2d2 Sup_NetworkMon.exe 004bb488 +024 Sup_NetworkMon.exe 004bf6e3 +097 Sup_NetworkMon.exe g 004bfbfe +3be Sup_NetworkMon.exe 004d2d34 +594 Sup_NetworkMon.exe 004bf46c +02c Sup_NetworkMon.exe 0047b848 +014 Sup_NetworkMon.exe 7e418a0b +00a USER32.dll 7e43a951 +672 USER32.dll 7e4663f8 +075 USER32.dll 7e45084e +016 USER32.dll 7e466574 +040 USER32.dll 004f4911 +03d Sup_NetworkMon.exe 004d2391 +015 Sup_NetworkMon.exe 004d6745 +0a9 Sup_NetworkMon.exe 004bb84e +2d2 Sup_NetworkMon.exe 004bfd53 +513 Sup_NetworkMon.exe 004d2d34 +594 Sup_NetworkMon.exe 004bb488 +024 Sup_NetworkMon.exe 004bf215 +10d Sup_NetworkMon.exe 004bf324 +0bc Sup_NetworkMon.exe te 004c1dd6 +026 Sup_NetworkMon.exe 004bb84e +2d2 Sup_NetworkMon.exe 004bfd53 +513 Sup_NetworkMon.exe 004d2d34 +594 Sup_NetworkMon.exe 004bb488 +024 Sup_NetworkMon.exe Forms Forms Main Controls Controls Controls Controls Controls Controls Forms Controls Classes TCustomForm.SetVisible TCustomForm.Hide 233 +9 TfrmFlowItem.img_CheckWindow TControl.Click TControl.WMLButtonUp TControl.WndProc TControl.Perform TWinControl.IsControlMouseMs TWinControl.WndProc TCustomForm.WndProc TWinControl.MainWndProc StdWndProc DispatchMessageW SoftModalMessageBox MessageBoxTimeoutW MessageBoxExW MessageBoxW 195 +3 TfrmFlowItem.FormShow TCustomForm.DoShow TCustomForm.CMShowingChanged TControl.WndProc TWinControl.WndProc TCustomForm.WndProc TControl.Perform TWinControl.UpdateShowing TWinControl.UpdateControlSta TWinControl.CMVisibleChanged TControl.WndProc TWinControl.WndProc TCustomForm.WndProc TControl.Perform

Main Forms Forms Controls Controls Forms Controls Controls Controls Controls Controls Controls Forms Controls

004ba08a 004d262a 004d1b71 004d1779 n 00404725 004d174f 004db3a2 004f9d81

+026 +03a +071 +011 +01d +18f +076 +0a9

Sup_NetworkMon.exe Sup_NetworkMon.exe Sup_NetworkMon.exe Sup_NetworkMon.exe Sup_NetworkMon.exe Sup_NetworkMon.exe Sup_NetworkMon.exe Sup_NetworkMon.exe

Controls Forms Forms Forms System 543 +0 Forms Forms NetworkMon 54 +24

TControl.SetVisible TCustomForm.SetVisible TCustomForm.DoCreate TCustomForm.AfterConstructio @AfterConstruction TCustomForm.Create TApplication.CreateForm initialization

modules: 00400000 Sup_NetworkMon.exe 1.0.0.0 f:\Program Files\IObit\Advanced System Care 3 10000000 idmmkb.dll 6.0.3.4 E:\Internet Download Manager 5ad70000 uxtheme.dll 6.0.2900.5512 C:\WINDOWS\system32 71aa0000 WS2HELP.dll 5.1.2600.5512 C:\WINDOWS\system32 71ab0000 WS2_32.dll 5.1.2600.5512 C:\WINDOWS\system32 71ad0000 wsock32.dll 5.1.2600.5512 C:\WINDOWS\system32 74720000 MSCTF.dll 5.1.2600.5512 C:\WINDOWS\system32 755c0000 msctfime.ime 5.1.2600.5512 C:\WINDOWS\system32 76380000 msimg32.dll 5.1.2600.5512 C:\WINDOWS\system32 76390000 IMM32.DLL 5.1.2600.5512 C:\WINDOWS\system32 763b0000 comdlg32.dll 6.0.2900.5512 C:\WINDOWS\system32 77120000 oleaut32.dll 5.1.2600.5512 C:\WINDOWS\system32 773d0000 comctl32.dll 6.0.2900.6028 C:\WINDOWS\WinSxS\x86_Microsoft.Window s.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202 774e0000 ole32.dll 5.1.2600.6010 C:\WINDOWS\system32 77c00000 version.dll 5.1.2600.5512 C:\WINDOWS\system32 77c10000 msvcrt.dll 7.0.2600.5512 C:\WINDOWS\system32 77dd0000 ADVAPI32.dll 5.1.2600.5755 C:\WINDOWS\system32 77e70000 RPCRT4.dll 5.1.2600.6022 C:\WINDOWS\system32 77f10000 GDI32.dll 5.1.2600.5698 C:\WINDOWS\system32 77f60000 SHLWAPI.dll 6.0.2900.5912 C:\WINDOWS\system32 77fe0000 Secur32.dll 5.1.2600.5834 C:\WINDOWS\system32 7c800000 kernel32.dll 5.1.2600.5781 C:\WINDOWS\system32 7c900000 ntdll.dll 5.1.2600.5755 C:\WINDOWS\system32 7c9c0000 shell32.dll 6.0.2900.6018 C:\WINDOWS\system32 7e410000 USER32.dll 5.1.2600.5512 C:\WINDOWS\system32 processes: 0000 Idle 0004 System 0244 smss.exe 0274 avgchsvx.exe 0328 csrss.exe 0348 winlogon.exe 037c services.exe 0388 lsass.exe 0428 svchost.exe 0498 svchost.exe 0504 svchost.exe 052c svchost.exe 05b0 svchost.exe 0628 svchost.exe 0698 spoolsv.exe 0714 svchost.exe 0734 AppleMobileDeviceService.exe Apple\Mobile Device Support 074c avgwdsvc.exe 0758 mDNSResponder.exe 0 0 0 0 0 46 4 6 4 0 11 4 0 0 4 0 4 4 4 0 0 0 0 0 14 2 3 1 0 38 1 0 0 4 0 1 5 2

normal normal C:\WINDOWS\system32 normal E:\Program Files\AVG\AVG10 high normal normal normal C:\WINDOWS\system32 C:\WINDOWS\system32 C:\WINDOWS\system32 C:\WINDOWS\system32

normal C:\WINDOWS\System32 normal C:\WINDOWS\system32 normal C:\WINDOWS\system32 normal C:\Program Files\Common Files\ normal E:\Program Files\AVG\AVG10 normal C:\Program Files\Bonjour

00ec svchost.exe 01cc AVGIDSAgent.exe ntity Protection\Agent\Bin 04d8 Explorer.EXE 05bc SearchIndexer.exe 07ac igfxtray.exe 07e0 hkcmd.exe 00fc avgnsx.exe 00d4 avgemcx.exe 0334 avgtray.exe 0890 ctfmon.exe 0acc avgidsmonitor.exe ntity Protection\agent\bin 0adc WindowsSearch.exe op Search 0d10 alg.exe 0e68 IEMonitor.exe 0fa8 svchost.exe 0b9c wscntfy.exe 03d4 avgrsx.exe 0fdc avgcsrvx.exe 0c68 Awc.exe d SystemCare 3 02d0 iexplore.exe orer 0ed8 iexplore.exe orer 0e04 terminal.exe der 4 06f0 Sup_SmartRAM.exe d SystemCare 3 0f14 msmsgs.exe 0a28 iexplore.exe orer 0a24 iexplore.exe orer 15b0 iexplore.exe orer 14cc Skype.exe 1048 skypePM.exe Manager 0f80 Sup_NetworkMon.exe d SystemCare 3 16f4 wuauclt.exe

4 4 351 4 13 11 4 4 121 153 4

2 6 237 5 5 17 2 1 29 74 2

normal C:\WINDOWS\system32 normal E:\Program Files\AVG\AVG10\Ide normal normal normal normal normal normal normal normal normal C:\WINDOWS C:\WINDOWS\system32 C:\WINDOWS\system32 C:\WINDOWS\system32 E:\Program Files\AVG\AVG10 E:\Program Files\AVG\AVG10 E:\Program Files\AVG\AVG10 C:\WINDOWS\system32 E:\Program Files\AVG\AVG10\Ide

182 78 normal C:\Program Files\Windows Deskt 0 28 4 20 0 0 1040 0 17 1 8 0 0 362 normal normal normal normal normal normal E:\Internet Download Manager C:\WINDOWS\System32 C:\WINDOWS\system32 E:\Program Files\AVG\AVG10 E:\Program Files\AVG\AVG10 f:\Program Files\IObit\Advance

500 181 normal C:\Program Files\Internet Expl 285 158 normal C:\Program Files\Internet Expl 360 254 normal F:\Program Files\Tadawulfx Tra 88 63 normal f:\Program Files\IObit\Advance

245 111 normal C:\Program Files\Messenger 174 100 normal C:\Program Files\Internet Expl 230 113 normal C:\Program Files\Internet Expl 177 118 normal C:\Program Files\Internet Expl 334 170 normal C:\Program Files\Skype\Phone 470 122 normal C:\Program Files\Skype\Plugin 165 57 normal f:\Program Files\IObit\Advance 4 4 normal C:\WINDOWS\system32

hardware: + Computer - ACPI Uniprocessor PC + Disk drives - SAMSUNG SP0802N + Display adapters - Intel(R) 82865G Graphics Controller (driver 6.14.10.4544) + DVD/CD-ROM drives - HL-DT-ST CDRW/DVD GCC4482 + Floppy disk controllers - Standard floppy disk controller + Human Interface Devices - USB Human Interface Device (driver 6.0.6000.0) + IDE ATA/ATAPI controllers - Intel(R) 82801EB Ultra ATA Storage Controllers - 24D1

+ + + + + + + +

- Intel(R) 82801EB Ultra ATA Storage Controllers - 24DB - Primary IDE Channel - Secondary IDE Channel Keyboards - Standard 101/102-Key or Microsoft Natural PS/2 Keyboard Mice and other pointing devices - HID-compliant mouse Monitors - Plug and Play Monitor Network adapters - Intel(R) PRO/1000 MT Network Connection (driver 8.6.11.0) Portable Devices - Nokia N73 (driver 7.0.55.0) Ports (COM & LPT) - Communications Port (COM1) - ECP Printer Port (LPT1) Processors - Intel(R) Pentium(R) 4 CPU 2.80GHz Sound, video and game controllers - Audio Codecs - Legacy Audio Drivers - Legacy Video Capture Devices - Media Control Devices - SoundMAX Integrated Digital Audio (driver 5.12.1.3555) - Video Codecs System devices - ACPI Fixed Feature Button - ACPI Power Button - Direct memory access controller - Intel(R) 82801 PCI Bridge - 244E - Intel(R) 82801EB LPC Interface Controller - 24D0 - Intel(R) 82801EB SMBus Controller - 24D3 - Intel(R) 82865G/PE/P/GV/82848P Processor to I/O Controller - 2570 - ISAPNP Read Data Port - Logical Disk Manager - Microcode Update Device - Microsoft ACPI-Compliant System - Microsoft System Management BIOS Driver - Numeric data processor - PCI bus - Plug and Play Software Device Enumerator - Printer Port Logical Interface - Programmable interrupt controller - System board - System board - System CMOS/real time clock - System speaker - System timer - Terminal Server Device Redirector - Terminal Server Keyboard Driver - Terminal Server Mouse Driver - Volume Manager Universal Serial Bus controllers - Intel(R) 82801EB USB Universal Host Controller - 24D2 - Intel(R) 82801EB USB Universal Host Controller - 24D4 - Intel(R) 82801EB USB Universal Host Controller - 24D7 - Intel(R) 82801EB USB Universal Host Controller - 24DE - Intel(R) 82801EB USB2 Enhanced Host Controller - 24DD - USB Root Hub - USB Root Hub

- USB Root Hub - USB Root Hub - USB Root Hub cpu eax ebx ecx edx esi edi eip esp ebp registers: = 00000000 = 00000000 = 0012f1f8 = 00000000 = 00000000 = 0012f390 = 004d25f6 = 0012f214 = 0012f384 bd eb 00 00 eb f4 00 00 f0 f2 26 00 00 00 19 f3 f3 f3 e0 0c 4b ae 0a 00 ae 12 00 00 fd 12 80 00 00 00 00 12 12 12 fd 83 00 00 00 00 00 00 00 00 7f 00 7c 00 00 00 10 00 00 00 7f 7c c0 bd 04 11 90 d0 14 10 00 00 ff 2a f0 00 e0 00 23 01 01 84 4a bd 00 00 f3 eb 00 00 e0 00 ff da f2 00 01 00 19 00 00 f3 b3 4b 00 00 12 ae 00 00 fd 00 ff 90 12 07 01 00 43 07 07 12 00 00 00 00 00 00 00 00 7f 00 ff 7c 00 00 00 00 7e 00 00 00 a7 d0 0a 11 51 44 01 80 8c 0c 00 c7 01 02 00 00 00 00 08 17 6f eb 00 00 b8 f3 00 0f f2 f3 26 24 b4 02 00 00 00 e0 89 b3 4d ae 00 00 4b 12 00 05 12 12 80 80 42 00 00 07 00 fd 15 42 00 00 00 00 00 00 00 fd 00 00 7c 7c 7e 00 00 00 00 7f 00 7e c4 2f 00 00 00 00 00 ff 00 a8 42 94 58 00 02 48 02 01 00 00 4b c2 00 00 00 00 00 ff 00 9a 25 00 03 00 02 f3 02 00 00 00 4f 4b 00 0a 0a 00 00 ff 00 83 80 00 7d 00 00 12 00 00 00 07 00 00 00 00 00 00 00 ff 00 7c 7c 00 00 00 00 00 00 00 00 00 H.K..J...oM..KO. ......K...../.K. ................ ................ ........Q.K..... l.......D....... ................ ................ ................ l.............. .&. .....&. B%. ....*.. .$. .... ..........B~X.}. ................ ................ ............H... ....#.C~........ ................ ................ G.. ......B~....

stack dump: 0012f214 48 0012f224 d0 0012f234 04 0012f244 00 0012f254 d0 0012f264 6c 0012f274 00 0012f284 00 0012f294 00 0012f2a4 6c 0012f2b4 08 0012f2c4 94 0012f2d4 00 0012f2e4 00 0012f2f4 ed 0012f304 cc 0012f314 cc 0012f324 cc 0012f334 00 0012f344 47

disassembling: [...] 004f4bab 004f4bb1 004f4bb3 004f4bb8 233 004f4bbd 004f4bbf > 004f4bc4 234 004f4bc6 004f4bcb 004f4bd0 004f4bd5 [...]

mov xor call mov mov call xor mov mov call pop

eax, [eax+$384] edx, edx -$596e4 ($49b4d4) eax, [$502c78] eax, [eax] -$1dc24 ($4d6fa0) ecx, ecx edx, $4f4bfc eax, $4f4c28 +$3417 ($4f7fec) ebx

; ExtCtrls.TTimer.SetEnabled ; Forms.TCustomForm.Hide

; PubFunc.SaveBoolToIni