strace ./kav.exe execve("./kav.exe", ["./kav.exe"], [/* 34 vars */]) = 0 brk(0) = 0x17d9000 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79c4662000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=93524, ...}) = 0 mmap(NULL, 93524, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f79c464b000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/x86_64-linux-gnu/libtinfo.so.5", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\301\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0644, st_size=159200, ...}) = 0 mmap(NULL, 2255936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f79c421b000 mprotect(0x7f79c423d000, 2097152, PROT_NONE) = 0 mmap(0x7f79c443d000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7f79c443d000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\r\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0644, st_size=14768, ...}) = 0 mmap(NULL, 2109704, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f79c4017000 mprotect(0x7f79c4019000, 2097152, PROT_NONE) = 0 mmap(0x7f79c4219000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f79c4219000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\30\2\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1802936, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79c464a000 mmap(NULL, 3917016, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f79c3c5a000 mprotect(0x7f79c3e0d000, 2093056, PROT_NONE) = 0 mmap(0x7f79c400c000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b2000) = 0x7f79c400c000 mmap(0x7f79c4012000, 17624, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f79c4012000 close(3) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79c4649000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79c4648000 arch_prctl(ARCH_SET_FS, 0x7f79c4649700) = 0 mprotect(0x7f79c400c000, 16384, PROT_READ) = 0 mprotect(0x7f79c4219000, 4096, PROT_READ) = 0 mprotect(0x7f79c443d000, 16384, PROT_READ) = 0 mprotect(0x6df000, 4096, PROT_READ) = 0 mprotect(0x7f79c4664000, 4096, PROT_READ) = 0 munmap(0x7f79c464b000, 93524) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 open("/dev/tty", O_RDWR|O_NONBLOCK) = 3 close(3) = 0 brk(0) = 0x17d9000 brk(0x17da000) = 0x17da000 open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=8474144, ...}) = 0 mmap(NULL, 8474144, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f79c3445000 close(3) = 0 brk(0x17db000) = 0x17db000 brk(0x17dc000) = 0x17dc000 getuid() = 0 getgid() = 0 geteuid() = 0 getegid() = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 brk(0x17dd000) = 0x17dd000 open("/proc/meminfo", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79c4661000 read(3, "MemTotal: 2039360 kB\nMemF"..., 1024) = 1024 close(3) = 0 munmap(0x7f79c4661000, 4096) = 0 brk(0x17de000) = 0x17de000 rt_sigaction(SIGCHLD, {SIG_DFL, [], SA_RESTORER|SA_RESTART, 0x7f79c3c904c0}, {SIG_DFL, [], 0}, 8) = 0 rt_sigaction(SIGCHLD, {SIG_DFL, [], SA_RESTORER|SA_RESTART, 0x7f79c3c904c0}, {SIG_DFL, [], SA_RESTORER|SA_RESTART, 0x7f79c3c904c0}, 8) = 0 rt_sigaction(SIGINT, {SIG_DFL, [], SA_RESTORER, 0x7f79c3c904c0}, {SIG_DFL, [], 0}, 8) = 0 rt_sigaction(SIGINT, {SIG_DFL, [], SA_RESTORER, 0x7f79c3c904c0}, {SIG_DFL, [], SA_RESTORER, 0x7f79c3c904c0}, 8) = 0 rt_sigaction(SIGQUIT, {SIG_DFL, [], SA_RESTORER, 0x7f79c3c904c0}, {SIG_DFL, [], 0}, 8) = 0 rt_sigaction(SIGQUIT, {SIG_DFL, [], SA_RESTORER, 0x7f79c3c904c0}, {SIG_DFL, [], SA_RESTORER, 0x7f79c3c904c0}, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigaction(SIGQUIT, {SIG_IGN, [], SA_RESTORER, 0x7f79c3c904c0}, {SIG_DFL, [], SA_RESTORER, 0x7f79c3c904c0}, 8) = 0 uname({sys="Linux", node="gnom-AOD257", ...}) = 0 brk(0x17df000) = 0x17df000 brk(0x17e0000) = 0x17e0000 brk(0x17e1000) = 0x17e1000 stat("/home/gnom", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 stat(".", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 getpid() = 6200 open("/usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=26258, ...}) = 0 mmap(NULL, 26258, PROT_READ, MAP_SHARED, 3, 0) = 0x7f79c465b000 close(3) = 0 brk(0x17e2000) = 0x17e2000 getppid() = 6199 brk(0x17e3000) = 0x17e3000 getpgrp() = 6199 rt_sigaction(SIGCHLD, {0x441a00, [], SA_RESTORER|SA_RESTART, 0x7f79c3c904c0}, {SIG_DFL, [], SA_RESTORER|SA_RESTART, 0x7f79c3c904c0}, 8) = 0 getrlimit(RLIMIT_NPROC, {rlim_cur=15795, rlim_max=15795}) = 0 brk(0x17e4000) = 0x17e4000 brk(0x17e5000) = 0x17e5000 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 open("./kav.exe", O_RDONLY) = 3 ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, 0x7fff01c32d58) = -1 ENOTTY (Inappropriate ioctl for device) lseek(3, 0, SEEK_CUR) = 0 read(3, "#! /bin/bash\nLD_LIBRARY_PATH=/ho"..., 80) = 80 lseek(3, 0, SEEK_SET) = 0 getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=4*1024}) = 0 fcntl(255, F_GETFD) = -1 EBADF (Bad file descriptor) dup2(3, 255) = 255 close(3) = 0 fcntl(255, F_SETFD, FD_CLOEXEC) = 0 fcntl(255, F_GETFL) = 0x8000 (flags O_RDONLY|O_LARGEFILE) fstat(255, {st_mode=S_IFREG|0777, st_size=142, ...}) = 0 lseek(255, 0, SEEK_CUR) = 0 brk(0x17e6000) = 0x17e6000 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 read(255, "#! /bin/bash\nLD_LIBRARY_PATH=/ho"..., 142) = 142 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 brk(0x17e7000) = 0x17e7000 rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f79c46499d0) = 6201 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigaction(SIGINT, {0x43f140, [], SA_RESTORER, 0x7f79c3c904c0}, {SIG_DFL, [], SA_RESTORER, 0x7f79c3c904c0}, 8) = 0 wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 197}], 0, NULL) = 6201 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 --- SIGCHLD (Child exited) @ 0 (0) --- wait4(-1, 0x7fff01c32658, WNOHANG, NULL) = -1 ECHILD (No child processes) rt_sigreturn(0xffffffffffffffff) = 0 rt_sigaction(SIGINT, {SIG_DFL, [], SA_RESTORER, 0x7f79c3c904c0}, {0x43f140, [], SA_RESTORER, 0x7f79c3c904c0}, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 read(255, "", 142) = 0 exit_group(197) = ?