Re: question for dumps

2008-01-28 Thread Juan Carlos Montes
I'm working in a new patch to add the new channel to can dump the buffers. regards, Dmitry Timoshkov wrote: Juan Carlos Montes [EMAIL PROTECTED] wrote: At this time, i have dumps for WriteFile, ReadFile, WSASendTo and WSARecvFrom. But i need it for Registry set value functions... Do you

Re: question for dumps

2008-01-25 Thread Juan Carlos Montes
Ok, i can make the patch. what do you need to make the new channel? I use this code to dump: // Insert to dump buffers // Inserted by Juan Carlos Montes // Date: 23/01/08 char file_name[255] = ; sprintf( file_name

Re: question for dumps

2008-01-23 Thread Juan Carlos Montes
I dont like change the source to use all versions of wine... but... I'll try make a debugger to dump the memory. So... thanks a lot. Stefan Dösinger escribió: Am Dienstag, 22. Januar 2008 16:19:54 schrieb Juan Carlos Montes: Hi all, I need dump the data using the debug log

Re: question for dumps

2008-01-23 Thread Juan Carlos Montes
I'll send u a mail to detail the process, :) Alex Villací­s Lasso escribió: Juan Carlos Montes escribió: I dont like change the source to use all versions of wine... but... I'll try make a debugger to dump the memory. So... thanks a lot. Stefan Dösinger escribió: Am Dienstag, 22

question for dumps

2008-01-22 Thread Juan Carlos Montes
, -- ___ Juan Carlos Montes Senra INTECO-CERT Instituto Nacional de Tecnologías de la Comunicación email: [EMAIL PROTECTED] | [EMAIL PROTECTED] Tlf. 0034 987 877 189 - ext. 532 ___

Re: Bow and question

2008-01-08 Thread Juan Carlos Montes
actions that the malware make. If the malware bypass the protection and infect the machine... no problem, format, image and new malware to check, :) -- ___ Juan Carlos Montes Senra INTECO-CERT Instituto Nacional de

Re: Bow and question

2008-01-08 Thread Juan Carlos Montes Senra
... -- ___ Juan Carlos Montes Senra INTECO-CERT Instituto Nacional de Tecnologías de la Comunicación email: [EMAIL PROTECTED] | [EMAIL PROTECTED] Tlf. 0034 987 877 189 - ext. 532 ___

Re: Bow and question

2008-01-03 Thread Juan Carlos Montes Senra
one in VisualBasic. We was needed to install the visualbasic runtime, but it was the only problem. Well, if you need anything, tell me it, :) thanks another time, ___ Juan Carlos Montes Senra INTECO-CERT Instituto

Re: Bow and question

2008-01-03 Thread Juan Carlos Montes Senra
one in VisualBasic. We was needed to install the visualbasic runtime, but it was the only problem. Well, if you need anything, tell me it, :) thanks another time, ___ Juan Carlos Montes Senra INTECO-CERT Instituto Nacional