File details
File name: recordingmanager.exe
Name: RealPlayer (32-bit)
Description: RealPlayer Downloader
Version: 15.0.6.14
Size: 429.2 KB
Original file name: RecordingManager.exe
Digital certificate
Certificate authority:
ThawteResource utilization
 | CPU utilization averages |
Total CPU: 0.0240930563%
Privileged CPU:
0.0043446495%
User CPU:
0.01974840677097%
Privileged CPU time: 3104.42 ms
Privileged CPU time /min: 0 ms
CPU cycle count:
321,664,934 | Memory utilization averages |
Committed memory:
206.56 MBPeak committed memory: 214.66 MB
Paged memory:
16.66 MBPeak paged memory: 17.72 MB
Paged system memory:
330.61 KBNon-paged system memory: 18.45 KB
Working set memory:
26.1 MBPeak working set memory: 26.86 MB
Min working set memory: 68 KB
Private memory:
16.66 MBPage faults:
28,340Page faults /min: 0
| Process I/O averages |
Total read operations:
784Total read transfer: 3.93 MB
Total write operations:
7,008Total write transfer: 54.47 MB
Total other operations:
27,248Total other transfer: 21.53 MB
| GUI Object Averages |
GDI objects:
54Peak GDI objects: 62
USER objects:
65Peak USER objects: 74
Resources
Handle count average: 375
Thread count average: 20
Thread resource averages
Total CPU: 0.473355641509%
Privileged CPU: 0.206334510401%
User CPU: 0.267021131108%
CPU Cycle count /sec: 17,614,671
Module memory size: 440 KB
Total CPU: 0.127868970998%
Privileged CPU: 0.083723731011%
User CPU: 0.044145239987%
CPU Cycle count /sec: 2,511,761
Module memory size: 612 KB
Total CPU: 0.010639913618%
Privileged CPU: 0.001519987660%
User CPU: 0.009119925958%
CPU Cycle count /sec: 1,236,746
Module memory size: 80 KB
msvcrt.dll
Total CPU: 0.006095315558%
Privileged CPU: 0.001523828890%
User CPU: 0.004571486669%
CPU Cycle count /sec: 101,206
Module memory size: 688 KB
wininet.dll
Total CPU: 0.001519844000%
Privileged CPU: 0.000000000000%
User CPU: 0.001519844000%
CPU Cycle count /sec: 34,758
Module memory size: 1.11 MB
msvcr90.dll
Total CPU: 0.001518772654%
Privileged CPU: 0.001518772654%
User CPU: 0.000000000000%
CPU Cycle count /sec: 3,076,588
Module memory size: 652 KB
Process details
Runs as (owner): User
Integrety level: Medium Windows platform: 32-bit
Parent Process
Process Command "C:\Program Files\real\realplayer\RecordingManager.exe" /m "video/x-flv" /t "????? ???? ?? ?? ???? - ?? ???? ???????? - YouTube" /pageurl "httC://www.youtube.com/watch?v=3F4aOW9jIe8" /objecturl "httC://s.ytimg.com/yts/swfbin/watch_as3-vflawXYEN.swf" /u "httC://o-o---preferred---sn-9uxa-qvie---v14---lscache3.c.youtube.com/videoplayback?algorithm=throttle-factor&burst=40&cp=U0hUSVNPUF9JTkNONF9LSVRCOmVEM3Zsay1xSHJn&cpn=tVOOSTesfQUR0b1n&expire=1354342144&factor=1.25&fexp=909708%2C904821%2C916623%2C
Network connectivity
UDP: LISTENING on port 65507
TCP: 82.148.98.145 on port 49629
Image hashes
MD5: 3b9688041688abc22e06d3d81f1b23f8
SHA-1: ccbe189c7353cf4d3bc063df047ca3d10cc2b0ab
SHA-256: 8e51ffc52f1775ea81509b20a45b2b8d52667d4df94e445f4e6a3ffb7233e990
PE image details
Subsystem: Windows GUI
Langauge*: Microsoft Visual C++ 9.0
File packed: No
Import Table advapi32.dll
RegSetValueA
RegCloseKey
RegOpenKeyA
RegOpenKeyExA
RegDeleteValueA
RegQueryValueA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExW
RegOpenKeyExW
FreeSid
RegQueryValueExA
gdi32.dll
kernel32.dll
GetSystemInfo
GetVersion
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
SetCurrentDirectoryA
GetCurrentDirectoryA
IsBadWritePtr
VirtualProtect
IsBadReadPtr
WideCharToMultiByte
SetUnhandledExceptionFilter
TerminateThread
WaitForSingleObject
CreateThread
GetCurrentThreadId
MultiByteToWideChar
lstrlenA
lstrlenW
GetCurrentProcessId
SetEnvironmentVariableA
GetEnvironmentVariableA
GetCurrentProcess
WriteFile
GetTickCount
VirtualQuery
OpenProcess
SetFilePointer
SetProcessWorkingSetSize
CreateEventA
LocalFree
WaitForMultipleObjects
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
CreateProcessA
Sleep
FreeLibraryAndExitThread
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
GetSystemDirectoryA
GetLocaleInfoW
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetThreadContext
MoveFileA
UnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
CreateDirectoryA
GetModuleFileNameA
CreateFileA
DeleteFileA
GetVersionExA
InterlockedExchange
SetErrorMode
LoadLibraryA
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
CreateMutexA
GetLastError
ReleaseMutex
CloseHandle
OpenEventA
SetEvent
GetModuleHandleA
HeapSize
SetLastError
GetProcessHeap
GlobalMemoryStatus
msvcp90.dll
msvcr90.dll
ole32.dll
StringFromCLSID
CoTaskMemFree
shell32.dll
ShellExecuteA
SHGetFolderPathA
shlwapi.dll
PathAddBackslashA
PathAppendA
user32.dll
GetDC
DefWindowProcA
RegisterWindowMessageA
PostQuitMessage
EndPaint
SetLastErrorEx
GetWindowPlacement
SystemParametersInfoA
IsIconic
SetForegroundWindow
GetForegroundWindow
AttachThreadInput
FlashWindow
GetWindowThreadProcessId
BeginPaint
ReleaseDC
CharNextA
GetSystemMetrics
DestroyMenu
DestroyIcon
GetSubMenu
MessageBoxA
IsWindow
SetMenuDefaultItem
FindWindowA
SendMessageA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
PostMessageA
version.dll
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA