This is what happens at CPL 3:
debugger_Windows95segment117.7z
Edit: So the invalid value is at physical memory location 20a1b0.
It's popped right before the instruction (POP [ESP+08]). The stack was at physical address 20a1a8 at that point.
Further upm that's written by a PUSH DWORD DS:[1320] instruction(FF/5). DS was 12F at that point.
It's source seems to have been memory location 1bac0(paged)/233ac0(physical).
Tracing it back, I arrive at the previous instruction(immediately before the RETF), which loads the address using a POP into [ESP+08], which is the code segment it's returning to.
Tracing back it's source, I arrive at:
0117:000064c9 66 FF 36 20 13 push dword ds:[1320]
Which pushes said value on the stack.
Further back, there's some calculation:
Copy code to clipboard 1 0117:00004a46 8B F0 mov si,ax RealRAM(p):0020f014=0b(); RAM(p):0026f014=0b(); Physical(p):0026f014=0b(); Paged(p):00012014=0b(); Normal(p):00004a54=0b(); RealRAM(p):0020f015=f6(?); RAM(p):0026f015=f6(?); Physical(p):0026f015=f6(?); Paged(p):00012015=f6(?); Normal(p):00004a55=f6(?)
2 Registers:
3 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
4 ESP: 00001e90 EBP: 00001ea2 ESI: 00000165 EDI: 00001ff8
5 CS: 0117 DS: 0097 ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
6 EIP: 00004a46 EFLAGS: 00000206
7 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
8 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
9 DR6: 00000000 DR7: 00000000
10 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
11 FLAGSINFO: 00000000000000vr0n00odItsz0a0P1c
12 0117:00004a48 EB 10 jmp 00004a5a RealRAM(p):0020f016=75(u); RAM(p):0026f016=75(u); Physical(p):0026f016=75(u); Paged(p):00012016=75(u); Normal(p):00004a56=75(u); RealRAM(p):0020f017=39(9); RAM(p):0026f017=39(9); Physical(p):0026f017=39(9); Paged(p):00012017=39(9); Normal(p):00004a57=39(9); RealRAM(p):0020f01a=2e(.); RAM(p):0026f01a=2e(.); Physical(p):0026f01a=2e(.); Paged(p):0001201a=2e(.); Normal(p):00004a5a=2e(.); RealRAM(p):0020f01b=8e(?); RAM(p):0026f01b=8e(?); Physical(p):0026f01b=8e(?); Paged(p):0001201b=8e(?); Normal(p):00004a5b=8e(?); RealRAM(p):0020f01c=1e(); RAM(p):0026f01c=1e(); Physical(p):0026f01c=1e(); Paged(p):0001201c=1e(); Normal(p):00004a5c=1e(); RealRAM(p):0020f01d=02(); RAM(p):0026f01d=02(); Physical(p):0026f01d=02(); Paged(p):0001201d=02(); Normal(p):00004a5d=02(); RealRAM(p):0020f01e=00( ); RAM(p):0026f01e=00( ); Physical(p):0026f01e=00( ); Paged(p):0001201e=00( ); Normal(p):00004a5e=00( ); RealRAM(p):0020f01f=29()); RAM(p):0026f01f=29()); Physical(p):0026f01f=29()); Paged(p):0001201f=29()); Normal(p):00004a5f=29()); RealRAM(p):0020f020=0e(); RAM(p):0026f020=0e(); Physical(p):0026f020=0e(); Paged(p):00012020=0e(); Normal(p):00004a60=0e(); RealRAM(p):0020f021=ae(?); RAM(p):0026f021=ae(?); Physical(p):0026f021=ae(?); Paged(p):00012021=ae(?); Normal(p):00004a61=ae(?); RealRAM(p):0020f022=13(); RAM(p):0026f022=13(); Physical(p):0026f022=13(); Paged(p):00012022=13(); Normal(p):00004a62=13(); RealRAM(p):0020f023=81(?); RAM(p):0026f023=81(?); Physical(p):0026f023=81(?); Paged(p):00012023=81(?); Normal(p):00004a63=81(?); RealRAM(p):0020f024=3e(>); RAM(p):0026f024=3e(>); Physical(p):0026f024=3e(>); Paged(p):00012024=3e(>); Normal(p):00004a64=3e(>); RealRAM(p):0020f025=ae(?); RAM(p):0026f025=ae(?); Physical(p):0026f025=ae(?); Paged(p):00012025=ae(?); Normal(p):00004a65=ae(?); RealRAM(p):0020f026=13(); RAM(p):0026f026=13(); Physical(p):0026f026=13(); Paged(p):00012026=13(); Normal(p):00004a66=13(); RealRAM(p):0020f027=00( ); RAM(p):0026f027=00( ); Physical(p):0026f027=00( ); Paged(p):00012027=00( ); Normal(p):00004a67=00( ); RealRAM(p):0020f028=01(); RAM(p):0026f028=01(); Physical(p):0026f028=01(); Paged(p):00012028=01(); Normal(p):00004a68=01(); RealRAM(p):0020f029=73(s); RAM(p):0026f029=73(s); Physical(p):0026f029=73(s); Paged(p):00012029=73(s); Normal(p):00004a69=73(s)
13 Registers:
14 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
15 ESP: 00001e90 EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
16 CS: 0117 DS: 0097 ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
17 EIP: 00004a48 EFLAGS: 00000206
18 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
19 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
20 DR6: 00000000 DR7: 00000000
21 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
22 FLAGSINFO: 00000000000000vr0n00odItsz0a0P1c
23 MMU: Reading from real(r): 00854128=9f (?)
24 Reading from RAM(r): 008b4128=9f (?)
25 Reading from physical memory(r): 008b4128=9f (?)
26 Reading from paged memory(r): 008b4128=9f (?)
27 MMU: Reading from real(r): 00854129=4b (K)
28 Reading from RAM(r): 008b4129=4b (K)
29 Reading from physical memory(r): 008b4129=4b (K)
30 Reading from paged memory(r): 008b4129=4b (K)
31 MMU: Reading from real(r): 0085412a=a0 (?)
32 Reading from RAM(r): 008b412a=a0 (?)
33 Reading from physical memory(r): 008b412a=a0 (?)
34 Reading from paged memory(r): 008b412a=a0 (?)
35 MMU: Reading from real(r): 0085412b=a7 (?)
36 Reading from RAM(r): 008b412b=a7 (?)
37 Reading from physical memory(r): 008b412b=a7 (?)
38 Reading from paged memory(r): 008b412b=a7 (?)
39 MMU: Reading from real(r): 0085412c=01 ()
40 Reading from RAM(r): 008b412c=01 ()
41 Reading from physical memory(r): 008b412c=01 ()
42 Reading from paged memory(r): 008b412c=01 ()
43 MMU: Reading from real(r): 0085412d=f3 (?)
44 Reading from RAM(r): 008b412d=f3 (?)
45 Reading from physical memory(r): 008b412d=f3 (?)
46 Reading from paged memory(r): 008b412d=f3 (?)
47 MMU: Reading from real(r): 0085412e=00 ( )
48 Reading from RAM(r): 008b412e=00 ( )
49 Reading from physical memory(r): 008b412e=00 ( )
50 Reading from paged memory(r): 008b412e=00 ( )
51 MMU: Reading from real(r): 0085412f=00 ( )
52 Reading from RAM(r): 008b412f=00 ( )
53 Reading from physical memory(r): 008b412f=00 ( )
54 Reading from paged memory(r): 008b412f=00 ( )
55 0117:00004a5a 2E 8E 1E 02 00 mov ds,word cs:[0002] RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):00245037=00( ); RAM(r):002a5037=00( ); Physical(r):002a5037=00( ); RealRAM(r):00245036=29()); RAM(r):002a5036=29()); Physical(r):002a5036=29()); RealRAM(r):00245035=a2(?); RAM(r):002a5035=a2(?); Physical(r):002a5035=a2(?); RealRAM(r):00245034=67(g); RAM(r):002a5034=67(g); Physical(r):002a5034=67(g); RealRAM(r):0023a5c2=2f(/); RAM(r):0029a5c2=2f(/); Physical(r):0029a5c2=2f(/); Paged(r):0000d5c2=2f(/); RealRAM(r):0023a5c3=01(); RAM(r):0029a5c3=01(); Physical(r):0029a5c3=01(); Paged(r):0000d5c3=01(); RealRAM(r):00226803=00( ); RAM(r):00286803=00( ); Physical(r):00286803=00( ); RealRAM(r):00226802=2a(*); RAM(r):00286802=2a(*); Physical(r):00286802=2a(*); RealRAM(r):00226801=12(); RAM(r):00286801=12(); Physical(r):00286801=12(); RealRAM(r):00226800=67(g); RAM(r):00286800=67(g); Physical(r):00286800=67(g); RealRAM(r):0024125f=00( ); RAM(r):002a125f=00( ); Physical(r):002a125f=00( ); RealRAM(r):0024125e=8b(?); RAM(r):002a125e=8b(?); Physical(r):002a125e=8b(?); RealRAM(r):0024125d=42(B); RAM(r):002a125d=42(B); Physical(r):002a125d=42(B); RealRAM(r):0024125c=67(g); RAM(r):002a125c=67(g); Physical(r):002a125c=67(g)
56 Registers:
57 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
58 ESP: 00001e90 EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
59 CS: 0117 DS: 0097 ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
60 EIP: 00004a5a EFLAGS: 00000206
… Show last 225 lines 61 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
62 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
63 DR6: 00000000 DR7: 00000000
64 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
65 FLAGSINFO: 00000000000000vr0n00odItsz0a0P1c
66 RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024504b=00( ); RAM(r):002a504b=00( ); Physical(r):002a504b=00( ); RealRAM(r):0024504a=26(&); RAM(r):002a504a=26(&); Physical(r):002a504a=26(&); RealRAM(r):00245049=f2(?); RAM(r):002a5049=f2(?); Physical(r):002a5049=f2(?); RealRAM(r):00245048=67(g); RAM(r):002a5048=67(g); Physical(r):002a5048=67(g); RealRAM(p):0020f02a=2b(+); RAM(p):0026f02a=2b(+); Physical(p):0026f02a=2b(+); Paged(p):0001202a=2b(+); Normal(p):00004a6a=2b(+); RealRAM(p):0020f02b=2e(.); RAM(p):0026f02b=2e(.); Physical(p):0026f02b=2e(.); Paged(p):0001202b=2e(.); Normal(p):00004a6b=2e(.); RealRAM(p):0020f02c=0f(); RAM(p):0026f02c=0f(); Physical(p):0026f02c=0f(); Paged(p):0001202c=0f(); Normal(p):00004a6c=0f(); RealRAM(p):0020f02d=03(); RAM(p):0026f02d=03(); Physical(p):0026f02d=03(); Paged(p):0001202d=03(); Normal(p):00004a6d=03(); RealRAM(p):0020f02e=1e(); RAM(p):0026f02e=1e(); Physical(p):0026f02e=1e(); Paged(p):0001202e=1e(); Normal(p):00004a6e=1e(); RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024506f=00( ); RAM(r):002a506f=00( ); Physical(r):002a506f=00( ); RealRAM(r):0024506e=23(#); RAM(r):002a506e=23(#); Physical(r):002a506e=23(#); RealRAM(r):0024506d=32(2); RAM(r):002a506d=32(2); Physical(r):002a506d=32(2); RealRAM(r):0024506c=67(g); RAM(r):002a506c=67(g); Physical(r):002a506c=67(g); RealRAM(r):001d3b4e=d7(?); RAM(r):00233b4e=d7(?); Physical(r):00233b4e=d7(?); Paged(r):0001bb4e=d7(?); RealRAM(r):001d3b4f=01(); RAM(r):00233b4f=01(); Physical(r):00233b4f=01(); Paged(r):0001bb4f=01()
67 0117:00004a5f 29 0E AE 13 sub word ds:[13ae],cx Paged(w):0001bb4e=d4(?); Physical(w):00233b4e=d4(?); RAM(w):00233b4e=d4(?); RealRAM(w):001d3b4e=d4(?); Paged(w):0001bb4f=01(); Physical(w):00233b4f=01(); RAM(w):00233b4f=01(); RealRAM(w):001d3b4f=01()
68 Registers:
69 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
70 ESP: 00001e90 EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
71 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
72 EIP: 00004a5f EFLAGS: 00000206
73 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
74 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
75 DR6: 00000000 DR7: 00000000
76 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
77 FLAGSINFO: 00000000000000vr0n00odItsz0a0P1c
78 0117:00004a63 81 3E AE 13 00 01 cmp word ds:[13ae],0100 RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024504b=00( ); RAM(r):002a504b=00( ); Physical(r):002a504b=00( ); RealRAM(r):0024504a=26(&); RAM(r):002a504a=26(&); Physical(r):002a504a=26(&); RealRAM(r):00245049=f2(?); RAM(r):002a5049=f2(?); Physical(r):002a5049=f2(?); RealRAM(r):00245048=67(g); RAM(r):002a5048=67(g); Physical(r):002a5048=67(g); RealRAM(p):0020f02f=06(); RAM(p):0026f02f=06(); Physical(p):0026f02f=06(); Paged(p):0001202f=06(); Normal(p):00004a6f=06(); RealRAM(p):0020f030=00( ); RAM(p):0026f030=00( ); Physical(p):0026f030=00( ); Paged(p):00012030=00( ); Normal(p):00004a70=00( ); RealRAM(p):0020f031=81(?); RAM(p):0026f031=81(?); Physical(p):0026f031=81(?); Paged(p):00012031=81(?); Normal(p):00004a71=81(?); RealRAM(p):0020f032=fb(?); RAM(p):0026f032=fb(?); Physical(p):0026f032=fb(?); Paged(p):00012032=fb(?); Normal(p):00004a72=fb(?); RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024506f=00( ); RAM(r):002a506f=00( ); Physical(r):002a506f=00( ); RealRAM(r):0024506e=23(#); RAM(r):002a506e=23(#); Physical(r):002a506e=23(#); RealRAM(r):0024506d=32(2); RAM(r):002a506d=32(2); Physical(r):002a506d=32(2); RealRAM(r):0024506c=67(g); RAM(r):002a506c=67(g); Physical(r):002a506c=67(g); RealRAM(r):001d3b4e=d4(?); RAM(r):00233b4e=d4(?); Physical(r):00233b4e=d4(?); Paged(r):0001bb4e=d4(?); RealRAM(r):001d3b4f=01(); RAM(r):00233b4f=01(); Physical(r):00233b4f=01(); Paged(r):0001bb4f=01()
79 Registers:
80 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
81 ESP: 00001e90 EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
82 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
83 EIP: 00004a63 EFLAGS: 00000206
84 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
85 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
86 DR6: 00000000 DR7: 00000000
87 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
88 FLAGSINFO: 00000000000000vr0n00odItsz0a0P1c
89 0117:00004a69 73 2B jnc 00004a96 RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024504b=00( ); RAM(r):002a504b=00( ); Physical(r):002a504b=00( ); RealRAM(r):0024504a=26(&); RAM(r):002a504a=26(&); Physical(r):002a504a=26(&); RealRAM(r):00245049=f2(?); RAM(r):002a5049=f2(?); Physical(r):002a5049=f2(?); RealRAM(r):00245048=67(g); RAM(r):002a5048=67(g); Physical(r):002a5048=67(g); RealRAM(p):0020f033=00( ); RAM(p):0026f033=00( ); Physical(p):0026f033=00( ); Paged(p):00012033=00( ); Normal(p):00004a73=00( ); RealRAM(p):0020f034=f0(?); RAM(p):0026f034=f0(?); Physical(p):0026f034=f0(?); Paged(p):00012034=f0(?); Normal(p):00004a74=f0(?); RealRAM(p):0020f035=77(w); RAM(p):0026f035=77(w); Physical(p):0026f035=77(w); Paged(p):00012035=77(w); Normal(p):00004a75=77(w); RealRAM(p):0020f036=1f(); RAM(p):0026f036=1f(); Physical(p):0026f036=1f(); Paged(p):00012036=1f(); Normal(p):00004a76=1f(); RealRAM(p):0020f037=50(P); RAM(p):0026f037=50(P); Physical(p):0026f037=50(P); Paged(p):00012037=50(P); Normal(p):00004a77=50(P); RealRAM(p):0020f038=51(Q); RAM(p):0026f038=51(Q); Physical(p):0026f038=51(Q); Paged(p):00012038=51(Q); Normal(p):00004a78=51(Q); RealRAM(p):0020f056=83(?); RAM(p):0026f056=83(?); Physical(p):0026f056=83(?); Paged(p):00012056=83(?); Normal(p):00004a96=83(?); RealRAM(p):0020f057=3e(>); RAM(p):0026f057=3e(>); Physical(p):0026f057=3e(>); Paged(p):00012057=3e(>); Normal(p):00004a97=3e(>); RealRAM(p):0020f058=32(2); RAM(p):0026f058=32(2); Physical(p):0026f058=32(2); Paged(p):00012058=32(2); Normal(p):00004a98=32(2); RealRAM(p):0020f059=12(); RAM(p):0026f059=12(); Physical(p):0026f059=12(); Paged(p):00012059=12(); Normal(p):00004a99=12(); RealRAM(p):0020f05a=00( ); RAM(p):0026f05a=00( ); Physical(p):0026f05a=00( ); Paged(p):0001205a=00( ); Normal(p):00004a9a=00( ); RealRAM(p):0020f05b=74(t); RAM(p):0026f05b=74(t); Physical(p):0026f05b=74(t); Paged(p):0001205b=74(t); Normal(p):00004a9b=74(t); RealRAM(p):0020f05c=23(#); RAM(p):0026f05c=23(#); Physical(p):0026f05c=23(#); Paged(p):0001205c=23(#); Normal(p):00004a9c=23(#); RealRAM(p):0020f05d=66(f); RAM(p):0026f05d=66(f); Physical(p):0026f05d=66(f); Paged(p):0001205d=66(f); Normal(p):00004a9d=66(f); RealRAM(p):0020f05e=50(P); RAM(p):0026f05e=50(P); Physical(p):0026f05e=50(P); Paged(p):0001205e=50(P); Normal(p):00004a9e=50(P); RealRAM(p):0020f05f=67(g); RAM(p):0026f05f=67(g); Physical(p):0026f05f=67(g); Paged(p):0001205f=67(g); Normal(p):00004a9f=67(g); RealRAM(p):0020f060=66(f); RAM(p):0026f060=66(f); Physical(p):0026f060=66(f); Paged(p):00012060=66(f); Normal(p):00004aa0=66(f); RealRAM(p):0020f061=8d(?); RAM(p):0026f061=8d(?); Physical(p):0026f061=8d(?); Paged(p):00012061=8d(?); Normal(p):00004aa1=8d(?); RealRAM(p):0020f062=44(D); RAM(p):0026f062=44(D); Physical(p):0026f062=44(D); Paged(p):00012062=44(D); Normal(p):00004aa2=44(D); RealRAM(p):0020f063=ce(?); RAM(p):0026f063=ce(?); Physical(p):0026f063=ce(?); Paged(p):00012063=ce(?); Normal(p):00004aa3=ce(?); RealRAM(p):0020f064=f8(?); RAM(p):0026f064=f8(?); Physical(p):0026f064=f8(?); Paged(p):00012064=f8(?); Normal(p):00004aa4=f8(?); RealRAM(p):0020f065=d1(?); RAM(p):0026f065=d1(?); Physical(p):0026f065=d1(?); Paged(p):00012065=d1(?); Normal(p):00004aa5=d1(?)
90 Registers:
91 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
92 ESP: 00001e90 EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
93 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
94 EIP: 00004a69 EFLAGS: 00000206
95 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
96 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
97 DR6: 00000000 DR7: 00000000
98 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
99 FLAGSINFO: 00000000000000vr0n00odItsz0a0P1c
100 0117:00004a96 83 3E 32 12 00 cmp word ds:[1232],0000 RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024506f=00( ); RAM(r):002a506f=00( ); Physical(r):002a506f=00( ); RealRAM(r):0024506e=23(#); RAM(r):002a506e=23(#); Physical(r):002a506e=23(#); RealRAM(r):0024506d=32(2); RAM(r):002a506d=32(2); Physical(r):002a506d=32(2); RealRAM(r):0024506c=67(g); RAM(r):002a506c=67(g); Physical(r):002a506c=67(g); RealRAM(r):001d39d2=00( ); RAM(r):002339d2=00( ); Physical(r):002339d2=00( ); Paged(r):0001b9d2=00( ); RealRAM(r):001d39d3=80(?); RAM(r):002339d3=80(?); Physical(r):002339d3=80(?); Paged(r):0001b9d3=80(?)
101 Registers:
102 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
103 ESP: 00001e90 EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
104 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
105 EIP: 00004a96 EFLAGS: 00000206
106 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
107 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
108 DR6: 00000000 DR7: 00000000
109 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
110 FLAGSINFO: 00000000000000vr0n00odItsz0a0P1c
111 0117:00004a9b 74 23 jz 00004ac0 RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024504b=00( ); RAM(r):002a504b=00( ); Physical(r):002a504b=00( ); RealRAM(r):0024504a=26(&); RAM(r):002a504a=26(&); Physical(r):002a504a=26(&); RealRAM(r):00245049=f2(?); RAM(r):002a5049=f2(?); Physical(r):002a5049=f2(?); RealRAM(r):00245048=67(g); RAM(r):002a5048=67(g); Physical(r):002a5048=67(g); RealRAM(p):0020f066=e8(?); RAM(p):0026f066=e8(?); Physical(p):0026f066=e8(?); Paged(p):00012066=e8(?); Normal(p):00004aa6=e8(?); RealRAM(p):0020f067=3b(;); RAM(p):0026f067=3b(;); Physical(p):0026f067=3b(;); Paged(p):00012067=3b(;); Normal(p):00004aa7=3b(;); RealRAM(p):0020f068=06(); RAM(p):0026f068=06(); Physical(p):0026f068=06(); Paged(p):00012068=06(); Normal(p):00004aa8=06(); RealRAM(p):0020f069=32(2); RAM(p):0026f069=32(2); Physical(p):0026f069=32(2); Paged(p):00012069=32(2); Normal(p):00004aa9=32(2); RealRAM(p):0020f06a=12(); RAM(p):0026f06a=12(); Physical(p):0026f06a=12(); Paged(p):0001206a=12(); Normal(p):00004aaa=12()
112 Registers:
113 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
114 ESP: 00001e90 EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
115 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
116 EIP: 00004a9b EFLAGS: 00000286
117 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
118 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
119 DR6: 00000000 DR7: 00000000
120 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
121 FLAGSINFO: 00000000000000vr0n00odItSz0a0P1c
122 0117:00004a9d 66 50 push eax RealRAM(p):0020f06b=66(f); RAM(p):0026f06b=66(f); Physical(p):0026f06b=66(f); Paged(p):0001206b=66(f); Normal(p):00004aab=66(f); RealRAM(p):0020f06c=58(X); RAM(p):0026f06c=58(X); Physical(p):0026f06c=58(X); Paged(p):0001206c=58(X); Normal(p):00004aac=58(X); RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024507f=00( ); RAM(r):002a507f=00( ); Physical(r):002a507f=00( ); RealRAM(r):0024507e=20( ); RAM(r):002a507e=20( ); Physical(r):002a507e=20( ); RealRAM(r):0024507d=a2(?); RAM(r):002a507d=a2(?); Physical(r):002a507d=a2(?); RealRAM(r):0024507c=67(g); RAM(r):002a507c=67(g); Physical(r):002a507c=67(g); Paged(w):0001f19c=48(H); Paged(w):0001f19d=01(); Paged(w):0001f19e=01(); Paged(w):0001f19f=00( ); Physical(w):0020a19c=48(H); RAM(w):0020a19c=48(H); RealRAM(w):001aa19c=48(H); Physical(w):0020a19d=01(); RAM(w):0020a19d=01(); RealRAM(w):001aa19d=01(); Physical(w):0020a19e=01(); RAM(w):0020a19e=01(); RealRAM(w):001aa19e=01(); Physical(w):0020a19f=00( ); RAM(w):0020a19f=00( ); RealRAM(w):001aa19f=00( )
123 Registers:
124 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
125 ESP: 00001e90 EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
126 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
127 EIP: 00004a9d EFLAGS: 00000286
128 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
129 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
130 DR6: 00000000 DR7: 00000000
131 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
132 FLAGSINFO: 00000000000000vr0n00odItSz0a0P1c
133 0117:00004a9f 67 66 8D 44 CE F8 lea eax,dword ds:[esi+ecx*8-08] RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024504b=00( ); RAM(r):002a504b=00( ); Physical(r):002a504b=00( ); RealRAM(r):0024504a=26(&); RAM(r):002a504a=26(&); Physical(r):002a504a=26(&); RealRAM(r):00245049=f2(?); RAM(r):002a5049=f2(?); Physical(r):002a5049=f2(?); RealRAM(r):00245048=67(g); RAM(r):002a5048=67(g); Physical(r):002a5048=67(g); RealRAM(p):0020f06d=72(r); RAM(p):0026f06d=72(r); Physical(p):0026f06d=72(r); Paged(p):0001206d=72(r); Normal(p):00004aad=72(r); RealRAM(p):0020f06e=11(); RAM(p):0026f06e=11(); Physical(p):0026f06e=11(); Paged(p):0001206e=11(); Normal(p):00004aae=11()
134 Registers:
135 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
136 ESP: 00001e8c EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
137 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
138 EIP: 00004a9f EFLAGS: 00000286
139 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
140 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
141 DR6: 00000000 DR7: 00000000
142 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
143 FLAGSINFO: 00000000000000vr0n00odItSz0a0P1c
144 0117:00004aa5 D1 E8 shr ax,1 RealRAM(p):0020f06f=8b(?); RAM(p):0026f06f=8b(?); Physical(p):0026f06f=8b(?); Paged(p):0001206f=8b(?); Normal(p):00004aaf=8b(?); RealRAM(p):0020f070=de(?); RAM(p):0026f070=de(?); Physical(p):0026f070=de(?); Paged(p):00012070=de(?); Normal(p):00004ab0=de(?); RealRAM(p):0020f071=33(3); RAM(p):0026f071=33(3); Physical(p):0026f071=33(3); Paged(p):00012071=33(3); Normal(p):00004ab1=33(3); RealRAM(p):0020f072=f6(?); RAM(p):0026f072=f6(?); Physical(p):0026f072=f6(?); Paged(p):00012072=f6(?); Normal(p):00004ab2=f6(?); RealRAM(p):0020f073=80(?); RAM(p):0026f073=80(?); Physical(p):0026f073=80(?); Paged(p):00012073=80(?); Normal(p):00004ab3=80(?); RealRAM(p):0020f074=cb(?); RAM(p):0026f074=cb(?); Physical(p):0026f074=cb(?); Paged(p):00012074=cb(?); Normal(p):00004ab4=cb(?)
145 Registers:
146 EAX: 00000158 EBX: 000000f8 ECX: 00000003 EDX: 00000160
147 ESP: 00001e8c EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
148 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
149 EIP: 00004aa5 EFLAGS: 00000286
150 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
151 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
152 DR6: 00000000 DR7: 00000000
153 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
154 FLAGSINFO: 00000000000000vr0n00odItSz0a0P1c
155 0117:00004aa7 3B 06 32 12 cmp ax,word ds:[1232] RealRAM(p):0020f075=07(); RAM(p):0026f075=07(); Physical(p):0026f075=07(); Paged(p):00012075=07(); Normal(p):00004ab5=07(); RealRAM(p):0020f076=b8(?); RAM(p):0026f076=b8(?); Physical(p):0026f076=b8(?); Paged(p):00012076=b8(?); Normal(p):00004ab6=b8(?); RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024506f=00( ); RAM(r):002a506f=00( ); Physical(r):002a506f=00( ); RealRAM(r):0024506e=23(#); RAM(r):002a506e=23(#); Physical(r):002a506e=23(#); RealRAM(r):0024506d=32(2); RAM(r):002a506d=32(2); Physical(r):002a506d=32(2); RealRAM(r):0024506c=67(g); RAM(r):002a506c=67(g); Physical(r):002a506c=67(g); RealRAM(r):001d39d2=00( ); RAM(r):002339d2=00( ); Physical(r):002339d2=00( ); Paged(r):0001b9d2=00( ); RealRAM(r):001d39d3=80(?); RAM(r):002339d3=80(?); Physical(r):002339d3=80(?); Paged(r):0001b9d3=80(?)
156 Registers:
157 EAX: 000000ac EBX: 000000f8 ECX: 00000003 EDX: 00000160
158 ESP: 00001e8c EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
159 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
160 EIP: 00004aa7 EFLAGS: 00000216
161 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
162 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
163 DR6: 00000000 DR7: 00000000
164 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
165 FLAGSINFO: 00000000000000vr0n00odItsz0A0P1c
166 RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024504b=00( ); RAM(r):002a504b=00( ); Physical(r):002a504b=00( ); RealRAM(r):0024504a=26(&); RAM(r):002a504a=26(&); Physical(r):002a504a=26(&); RealRAM(r):00245049=f2(?); RAM(r):002a5049=f2(?); Physical(r):002a5049=f2(?); RealRAM(r):00245048=67(g); RAM(r):002a5048=67(g); Physical(r):002a5048=67(g); RealRAM(p):0020f077=01(); RAM(p):0026f077=01(); Physical(p):0026f077=01(); Paged(p):00012077=01(); Normal(p):00004ab7=01(); RealRAM(p):0020f078=00( ); RAM(p):0026f078=00( ); Physical(p):0026f078=00( ); Paged(p):00012078=00( ); Normal(p):00004ab8=00( ); RealRAM(p):0020f079=cd(?); RAM(p):0026f079=cd(?); Physical(p):0026f079=cd(?); Paged(p):00012079=cd(?); Normal(p):00004ab9=cd(?); RealRAM(p):0020f07a=31(1); RAM(p):0026f07a=31(1); Physical(p):0026f07a=31(1); Paged(p):0001207a=31(1); Normal(p):00004aba=31(1); RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024507f=00( ); RAM(r):002a507f=00( ); Physical(r):002a507f=00( ); RealRAM(r):0024507e=20( ); RAM(r):002a507e=20( ); Physical(r):002a507e=20( ); RealRAM(r):0024507d=a2(?); RAM(r):002a507d=a2(?); Physical(r):002a507d=a2(?); RealRAM(r):0024507c=67(g); RAM(r):002a507c=67(g); Physical(r):002a507c=67(g)
167 0117:00004aab 66 58 pop eax RealRAM(r):001aa19c=48(H); RAM(r):0020a19c=48(H); Physical(r):0020a19c=48(H); Paged(r):0001f19c=48(H); RealRAM(r):001aa19d=01(); RAM(r):0020a19d=01(); Physical(r):0020a19d=01(); Paged(r):0001f19d=01(); RealRAM(r):001aa19e=01(); RAM(r):0020a19e=01(); Physical(r):0020a19e=01(); Paged(r):0001f19e=01(); RealRAM(r):001aa19f=00( ); RAM(r):0020a19f=00( ); Physical(r):0020a19f=00( ); Paged(r):0001f19f=00( )
168 Registers:
169 EAX: 000000ac EBX: 000000f8 ECX: 00000003 EDX: 00000160
170 ESP: 00001e8c EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
171 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
172 EIP: 00004aab EFLAGS: 00000a87
173 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
174 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
175 DR6: 00000000 DR7: 00000000
176 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
177 FLAGSINFO: 00000000000000vr0n00OdItSz0a0P1C
178 0117:00004aad 72 11 jc 00004ac0 RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024504b=00( ); RAM(r):002a504b=00( ); Physical(r):002a504b=00( ); RealRAM(r):0024504a=26(&); RAM(r):002a504a=26(&); Physical(r):002a504a=26(&); RealRAM(r):00245049=f2(?); RAM(r):002a5049=f2(?); Physical(r):002a5049=f2(?); RealRAM(r):00245048=67(g); RAM(r):002a5048=67(g); Physical(r):002a5048=67(g); RealRAM(p):0020f07b=8d(?); RAM(p):0026f07b=8d(?); Physical(p):0026f07b=8d(?); Paged(p):0001207b=8d(?); Normal(p):00004abb=8d(?); RealRAM(p):0020f07c=5f(_); RAM(p):0026f07c=5f(_); Physical(p):0026f07c=5f(_); Paged(p):0001207c=5f(_); Normal(p):00004abc=5f(_); RealRAM(p):0020f080=2e(.); RAM(p):0026f080=2e(.); Physical(p):0026f080=2e(.); Paged(p):00012080=2e(.); Normal(p):00004ac0=2e(.); RealRAM(p):0020f081=8e(?); RAM(p):0026f081=8e(?); Physical(p):0026f081=8e(?); Paged(p):00012081=8e(?); Normal(p):00004ac1=8e(?); RealRAM(p):0020f082=1e(); RAM(p):0026f082=1e(); Physical(p):0026f082=1e(); Paged(p):00012082=1e(); Normal(p):00004ac2=1e(); RealRAM(p):0020f083=06(); RAM(p):0026f083=06(); Physical(p):0026f083=06(); Paged(p):00012083=06(); Normal(p):00004ac3=06(); RealRAM(p):0020f084=00( ); RAM(p):0026f084=00( ); Physical(p):0026f084=00( ); Paged(p):00012084=00( ); Normal(p):00004ac4=00( ); RealRAM(p):0020f085=1e(); RAM(p):0026f085=1e(); Physical(p):0026f085=1e(); Paged(p):00012085=1e(); Normal(p):00004ac5=1e(); RealRAM(p):0020f086=2e(.); RAM(p):0026f086=2e(.); Physical(p):0026f086=2e(.); Paged(p):00012086=2e(.); Normal(p):00004ac6=2e(.); RealRAM(p):0020f087=8e(?); RAM(p):0026f087=8e(?); Physical(p):0026f087=8e(?); Paged(p):00012087=8e(?); Normal(p):00004ac7=8e(?); RealRAM(p):0020f088=1e(); RAM(p):0026f088=1e(); Physical(p):0026f088=1e(); Paged(p):00012088=1e(); Normal(p):00004ac8=1e(); RealRAM(p):0020f089=02(); RAM(p):0026f089=02(); Physical(p):0026f089=02(); Paged(p):00012089=02(); Normal(p):00004ac9=02(); RealRAM(p):0020f08a=00( ); RAM(p):0026f08a=00( ); Physical(p):0026f08a=00( ); Paged(p):0001208a=00( ); Normal(p):00004aca=00( ); RealRAM(p):0020f08b=66(f); RAM(p):0026f08b=66(f); Physical(p):0026f08b=66(f); Paged(p):0001208b=66(f); Normal(p):00004acb=66(f); RealRAM(p):0020f08c=83(?); RAM(p):0026f08c=83(?); Physical(p):0026f08c=83(?); Paged(p):0001208c=83(?); Normal(p):00004acc=83(?); RealRAM(p):0020f08d=3e(>); RAM(p):0026f08d=3e(>); Physical(p):0026f08d=3e(>); Paged(p):0001208d=3e(>); Normal(p):00004acd=3e(>); RealRAM(p):0020f08e=e0(?); RAM(p):0026f08e=e0(?); Physical(p):0026f08e=e0(?); Paged(p):0001208e=e0(?); Normal(p):00004ace=e0(?); RealRAM(p):0020f08f=12(); RAM(p):0026f08f=12(); Physical(p):0026f08f=12(); Paged(p):0001208f=12(); Normal(p):00004acf=12()
179 Registers:
180 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
181 ESP: 00001e90 EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
182 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
183 EIP: 00004aad EFLAGS: 00000a87
184 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
185 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
186 DR6: 00000000 DR7: 00000000
187 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
188 FLAGSINFO: 00000000000000vr0n00OdItSz0a0P1C
189 MMU: Reading from real(r): 00854090=ff (?)
190 Reading from RAM(r): 008b4090=ff (?)
191 Reading from physical memory(r): 008b4090=ff (?)
192 Reading from paged memory(r): 008b4090=ff (?)
193 MMU: Reading from real(r): 00854091=1f ()
194 Reading from RAM(r): 008b4091=1f ()
195 Reading from physical memory(r): 008b4091=1f ()
196 Reading from paged memory(r): 008b4091=1f ()
197 MMU: Reading from real(r): 00854092=00 ( )
198 Reading from RAM(r): 008b4092=00 ( )
199 Reading from physical memory(r): 008b4092=00 ( )
200 Reading from paged memory(r): 008b4092=00 ( )
201 MMU: Reading from real(r): 00854093=70 (p)
202 Reading from RAM(r): 008b4093=70 (p)
203 Reading from physical memory(r): 008b4093=70 (p)
204 Reading from paged memory(r): 008b4093=70 (p)
205 MMU: Reading from real(r): 00854094=09 ( )
206 Reading from RAM(r): 008b4094=09 ( )
207 Reading from physical memory(r): 008b4094=09 ( )
208 Reading from paged memory(r): 008b4094=09 ( )
209 MMU: Reading from real(r): 00854095=f3 (?)
210 Reading from RAM(r): 008b4095=f3 (?)
211 Reading from physical memory(r): 008b4095=f3 (?)
212 Reading from paged memory(r): 008b4095=f3 (?)
213 MMU: Reading from real(r): 00854096=00 ( )
214 Reading from RAM(r): 008b4096=00 ( )
215 Reading from physical memory(r): 008b4096=00 ( )
216 Reading from paged memory(r): 008b4096=00 ( )
217 MMU: Reading from real(r): 00854097=80 (?)
218 Reading from RAM(r): 008b4097=80 (?)
219 Reading from physical memory(r): 008b4097=80 (?)
220 Reading from paged memory(r): 008b4097=80 (?)
221 0117:00004ac0 2E 8E 1E 06 00 mov ds,word cs:[0006] RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):00245037=00( ); RAM(r):002a5037=00( ); Physical(r):002a5037=00( ); RealRAM(r):00245036=29()); RAM(r):002a5036=29()); Physical(r):002a5036=29()); RealRAM(r):00245035=a2(?); RAM(r):002a5035=a2(?); Physical(r):002a5035=a2(?); RealRAM(r):00245034=67(g); RAM(r):002a5034=67(g); Physical(r):002a5034=67(g); RealRAM(r):0023a5c6=97(?); RAM(r):0029a5c6=97(?); Physical(r):0029a5c6=97(?); Paged(r):0000d5c6=97(?); RealRAM(r):0023a5c7=00( ); RAM(r):0029a5c7=00( ); Physical(r):0029a5c7=00( ); Paged(r):0000d5c7=00( ); RealRAM(r):00226803=00( ); RAM(r):00286803=00( ); Physical(r):00286803=00( ); RealRAM(r):00226802=2a(*); RAM(r):00286802=2a(*); Physical(r):00286802=2a(*); RealRAM(r):00226801=12(); RAM(r):00286801=12(); Physical(r):00286801=12(); RealRAM(r):00226800=67(g); RAM(r):00286800=67(g); Physical(r):00286800=67(g); RealRAM(r):0024125f=00( ); RAM(r):002a125f=00( ); Physical(r):002a125f=00( ); RealRAM(r):0024125e=8b(?); RAM(r):002a125e=8b(?); Physical(r):002a125e=8b(?); RealRAM(r):0024125d=42(B); RAM(r):002a125d=42(B); Physical(r):002a125d=42(B); RealRAM(r):0024125c=67(g); RAM(r):002a125c=67(g); Physical(r):002a125c=67(g)
222 Registers:
223 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
224 ESP: 00001e90 EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
225 CS: 0117 DS: 012f ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
226 EIP: 00004ac0 EFLAGS: 00000a87
227 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
228 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
229 DR6: 00000000 DR7: 00000000
230 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
231 FLAGSINFO: 00000000000000vr0n00OdItSz0a0P1C
232 0117:00004ac5 1E push ds RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024504b=00( ); RAM(r):002a504b=00( ); Physical(r):002a504b=00( ); RealRAM(r):0024504a=26(&); RAM(r):002a504a=26(&); Physical(r):002a504a=26(&); RealRAM(r):00245049=f2(?); RAM(r):002a5049=f2(?); Physical(r):002a5049=f2(?); RealRAM(r):00245048=67(g); RAM(r):002a5048=67(g); Physical(r):002a5048=67(g); RealRAM(p):0020f090=00( ); RAM(p):0026f090=00( ); Physical(p):0026f090=00( ); Paged(p):00012090=00( ); Normal(p):00004ad0=00( ); RealRAM(p):0020f091=74(t); RAM(p):0026f091=74(t); Physical(p):0026f091=74(t); Paged(p):00012091=74(t); Normal(p):00004ad1=74(t); RealRAM(p):0020f092=13(); RAM(p):0026f092=13(); Physical(p):0026f092=13(); Paged(p):00012092=13(); Normal(p):00004ad2=13(); RealRAM(p):0020f093=0f(); RAM(p):0026f093=0f(); Physical(p):0026f093=0f(); Paged(p):00012093=0f(); Normal(p):00004ad3=0f(); RealRAM(p):0020f094=a0(?); RAM(p):0026f094=a0(?); Physical(p):0026f094=a0(?); Paged(p):00012094=a0(?); Normal(p):00004ad4=a0(?); RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024507f=00( ); RAM(r):002a507f=00( ); Physical(r):002a507f=00( ); RealRAM(r):0024507e=20( ); RAM(r):002a507e=20( ); Physical(r):002a507e=20( ); RealRAM(r):0024507d=a2(?); RAM(r):002a507d=a2(?); Physical(r):002a507d=a2(?); RealRAM(r):0024507c=67(g); RAM(r):002a507c=67(g); Physical(r):002a507c=67(g); Paged(w):0001f19e=97(?); Paged(w):0001f19f=00( ); Physical(w):0020a19e=97(?); RAM(w):0020a19e=97(?); RealRAM(w):001aa19e=97(?); Physical(w):0020a19f=00( ); RAM(w):0020a19f=00( ); RealRAM(w):001aa19f=00( )
233 Registers:
234 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
235 ESP: 00001e90 EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
236 CS: 0117 DS: 0097 ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
237 EIP: 00004ac5 EFLAGS: 00000a87
238 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
239 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
240 DR6: 00000000 DR7: 00000000
241 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
242 FLAGSINFO: 00000000000000vr0n00OdItSz0a0P1C
243 MMU: Reading from real(r): 00854128=9f (?)
244 Reading from RAM(r): 008b4128=9f (?)
245 Reading from physical memory(r): 008b4128=9f (?)
246 Reading from paged memory(r): 008b4128=9f (?)
247 MMU: Reading from real(r): 00854129=4b (K)
248 Reading from RAM(r): 008b4129=4b (K)
249 Reading from physical memory(r): 008b4129=4b (K)
250 Reading from paged memory(r): 008b4129=4b (K)
251 MMU: Reading from real(r): 0085412a=a0 (?)
252 Reading from RAM(r): 008b412a=a0 (?)
253 Reading from physical memory(r): 008b412a=a0 (?)
254 Reading from paged memory(r): 008b412a=a0 (?)
255 MMU: Reading from real(r): 0085412b=a7 (?)
256 Reading from RAM(r): 008b412b=a7 (?)
257 Reading from physical memory(r): 008b412b=a7 (?)
258 Reading from paged memory(r): 008b412b=a7 (?)
259 MMU: Reading from real(r): 0085412c=01 ()
260 Reading from RAM(r): 008b412c=01 ()
261 Reading from physical memory(r): 008b412c=01 ()
262 Reading from paged memory(r): 008b412c=01 ()
263 MMU: Reading from real(r): 0085412d=f3 (?)
264 Reading from RAM(r): 008b412d=f3 (?)
265 Reading from physical memory(r): 008b412d=f3 (?)
266 Reading from paged memory(r): 008b412d=f3 (?)
267 MMU: Reading from real(r): 0085412e=00 ( )
268 Reading from RAM(r): 008b412e=00 ( )
269 Reading from physical memory(r): 008b412e=00 ( )
270 Reading from paged memory(r): 008b412e=00 ( )
271 MMU: Reading from real(r): 0085412f=00 ( )
272 Reading from RAM(r): 008b412f=00 ( )
273 Reading from physical memory(r): 008b412f=00 ( )
274 Reading from paged memory(r): 008b412f=00 ( )
275 0117:00004ac6 2E 8E 1E 02 00 mov ds,word cs:[0002] RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):0024504b=00( ); RAM(r):002a504b=00( ); Physical(r):002a504b=00( ); RealRAM(r):0024504a=26(&); RAM(r):002a504a=26(&); Physical(r):002a504a=26(&); RealRAM(r):00245049=f2(?); RAM(r):002a5049=f2(?); Physical(r):002a5049=f2(?); RealRAM(r):00245048=67(g); RAM(r):002a5048=67(g); Physical(r):002a5048=67(g); RealRAM(p):0020f095=06(); RAM(p):0026f095=06(); Physical(p):0026f095=06(); Paged(p):00012095=06(); Normal(p):00004ad5=06(); RealRAM(r):00226003=00( ); RAM(r):00286003=00( ); Physical(r):00286003=00( ); RealRAM(r):00226002=2a(*); RAM(r):00286002=2a(*); Physical(r):00286002=2a(*); RealRAM(r):00226001=52(R); RAM(r):00286001=52(R); Physical(r):00286001=52(R); RealRAM(r):00226000=67(g); RAM(r):00286000=67(g); Physical(r):00286000=67(g); RealRAM(r):00245037=00( ); RAM(r):002a5037=00( ); Physical(r):002a5037=00( ); RealRAM(r):00245036=29()); RAM(r):002a5036=29()); Physical(r):002a5036=29()); RealRAM(r):00245035=a2(?); RAM(r):002a5035=a2(?); Physical(r):002a5035=a2(?); RealRAM(r):00245034=67(g); RAM(r):002a5034=67(g); Physical(r):002a5034=67(g); RealRAM(r):0023a5c2=2f(/); RAM(r):0029a5c2=2f(/); Physical(r):0029a5c2=2f(/); Paged(r):0000d5c2=2f(/); RealRAM(r):0023a5c3=01(); RAM(r):0029a5c3=01(); Physical(r):0029a5c3=01(); Paged(r):0000d5c3=01(); RealRAM(r):00226803=00( ); RAM(r):00286803=00( ); Physical(r):00286803=00( ); RealRAM(r):00226802=2a(*); RAM(r):00286802=2a(*); Physical(r):00286802=2a(*); RealRAM(r):00226801=12(); RAM(r):00286801=12(); Physical(r):00286801=12(); RealRAM(r):00226800=67(g); RAM(r):00286800=67(g); Physical(r):00286800=67(g); RealRAM(r):0024125f=00( ); RAM(r):002a125f=00( ); Physical(r):002a125f=00( ); RealRAM(r):0024125e=8b(?); RAM(r):002a125e=8b(?); Physical(r):002a125e=8b(?); RealRAM(r):0024125d=42(B); RAM(r):002a125d=42(B); Physical(r):002a125d=42(B); RealRAM(r):0024125c=67(g); RAM(r):002a125c=67(g); Physical(r):002a125c=67(g)
276 Registers:
277 EAX: 00010148 EBX: 000000f8 ECX: 00000003 EDX: 00000160
278 ESP: 00001e8e EBP: 00001ea2 ESI: 00000148 EDI: 00001ff8
279 CS: 0117 DS: 0097 ES: 00bf FS: 0000 GS: 0000 SS: 008f TR: 0018 LDTR: 00b8
280 EIP: 00004ac6 EFLAGS: 00000a87
281 CR0: 80000001 CR1: 00000000 CR2: 80113000 CR3: 00286000
282 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
283 DR6: 00000000 DR7: 00000000
284 GDTR: 0000c003887c01f7 IDTR: 0000800a700002ff
285 FLAGSINFO: 00000000000000vr0n00OdItSz0a0P1C
Perhaps some kind of descriptor table building?