EurekaLog 7.4.8.0 RC 1 Application: ------------------------------------------------------ 1.1 Start Date : Tue, 2 Jul 2019 12:41:19 +0300 1.2 Name/Description: mcclient.exe 1.3 Version Number : 7.5.1.4 1.4 Parameters : 1.5 Compilation Date: Thu, 6 Jun 2019 15:49:56 +0300 1.6 Up Time : 2 minute(s), 15 second(s) Exception: -------------------------------------------------------------------------------------------------------------- 2.1 Date : Tue, 2 Jul 2019 12:43:35 +0300 2.2 Address : 00E3C2A2 2.3 Module Name : mcclient.exe 2.4 Module Version: 7.5.1.4 2.5 Type : EAccessViolation 2.6 Message : Access violation at address 00E3C2A2 in module 'mcclient.exe'. Read of address 00000058. 2.7 ID : 477A0000 2.8 Count : 1 2.9 Status : New 2.10 Note : 2.11 Sent : 1 User: ------------------------------------------------------- 3.1 ID : MCSCLAD001 3.2 Name : MSclad001 3.3 Email : 3.4 Company : 3.5 Privileges: SeShutdownPrivilege - OFF SeChangeNotifyPrivilege - ON SeUndockPrivilege - OFF SeIncreaseWorkingSetPrivilege - OFF SeTimeZonePrivilege - OFF Active Controls: ----------------------------------------------------------------------------------------------------------------------- 4.1 Form Class : TMainForm 4.2 Form Text : MyChat Client 7.5.1 - Усачева Л.Д. [ООО "Многофункциональный центр клинического питания"] (В сети) 4.3 Control Class: TRichViewEdit 4.4 Control Text : Computer: ----------------------------------------------------------------------------------------- 5.1 Name : MCSCLAD001PC 5.2 Total Memory : 4203663360 (3,91 Gb) 5.3 Free Memory : 1949691904 (1,82 Gb) 5.4 Total Disk : 485976174592 (452,60 Gb) 5.5 Free Disk : 399208435712 (371,79 Gb) 5.6 System Up Time : 39 minute(s), 54 second(s) 5.7 Processor : Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz 5.8 Display Mode : 1920 x 1080, 32 bit 5.9 Display DPI : 96 5.10 Video Card : Intel(R) HD Graphics 4600 (driver 10.18.10.3412 - RAM 1866950656) 5.11 Printer : HP LaserJet 400 MFP M425 PCL 6 (driver 6.1.7601.17514) 5.12 Virtual Machine: Operating System: ---------------------------------------------------- 6.1 Type : Microsoft Windows 7 (64 bit) 6.2 Build # : 7601 (6.1.7601.18015) 6.3 Update : Service pack 1 6.4 Language : Russian (0419) 6.5 Charset : 204/1251 6.6 Install Language: Russian (0419) 6.7 UI Language : Russian (0419) Network: --------------------------------- 7.1 IP Address: 192.168.125.057 7.2 Submask : 255.255.255.000 7.3 Gateway : 192.168.125.001 7.4 DNS 1 : 192.168.000.019 7.5 DNS 2 : 008.008.008.008 7.6 DHCP : ON Steps to reproduce: ------------ 8.1 Text: Custom Information: -------------------------------------------------------------------- 9.1 ServerHWID: 329673260_4366_6-13-7-600000000 9.2 License : COMMERCIAL 9.3 ClientHWID: B5414491BB0F4161E490447480D7342AAB4137208AE4192021 Call Stack Information: ----------------------------------------------------------------------------------------------------------------------------------------------- |Methods |Details|Stack |Address |Module |Offset |Unit |Class |Procedure/Method |Line | ----------------------------------------------------------------------------------------------------------------------------------------------- |*Exception Thread: ID=3576; Parent=0; Priority=0 | |Class=; Name=MAIN | |DeadLock=0; Wait Chain= | |Comment= | |---------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|04 |00000000|00E3C2A2|mcclient.exe |00A3C2A2|frame_private |TPrivateFrame|ThreadDone_DownloadOfflineFiles |1854[3] | |00000040|04 |0018FAB0|00E3A5EA|mcclient.exe |00A3A5EA|frame_private |TPrivateFrame|FTPOfflineDownloaderHandler |1182[24] | |00000040|03 |0018FAD0|00626F9D|mcclient.exe |00226F9D|Vcl.Controls |TControl |WndProc | | |00000040|03 |0018FBFC|0062BA31|mcclient.exe |0022BA31|Vcl.Controls |TWinControl |WndProc | | |00000040|04 |0018FC48|00E3D56E|mcclient.exe |00A3D56E|frame_private |TPrivateFrame|WndProc |2277[1] | |00000040|03 |0018FC64|0062B074|mcclient.exe |0022B074|Vcl.Controls |TWinControl |MainWndProc | | |00000040|03 |0018FC94|004F5428|mcclient.exe |000F5428|System.Classes | |StdWndProc | | |00000040|03 |0018FCAC|764062F7|user32.dll |000162F7|USER32 | | (possible gapfnScSendMessage+815) | | |00000040|03 |0018FCD8|76406D35|user32.dll |00016D35|USER32 | | (possible GetThreadDesktop+210) | | |00000040|03 |0018FD50|76406DE3|user32.dll |00016DE3|USER32 | | (possible GetThreadDesktop+384) | | |00000040|03 |0018FDAC|76406E41|user32.dll |00016E41|USER32 | | (possible GetThreadDesktop+478) | | |00000040|03 |0018FDE8|77E50137|ntdll.dll |00010137|ntdll | |KiUserCallbackDispatcher | | |00000040|03 |0018FE48|76410764|user32.dll |00020764|USER32 | | (possible PeekMessageW+402) | | |00000040|03 |0018FE74|00714DA4|mcclient.exe |00314DA4|Vcl.Forms |TApplication |ProcessMessage | | |00000040|04 |0018FEF4|0115BC6F|mcclient.exe |00D5BC6F|mcclient | |Initialization |487[290] | |00000040|03 |0018FF8C|75BE343B|kernel32.dll |0001343B|kernel32 | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=6332; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 18BC / 6332 ] is blocked | |Comment= | |---------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77E6018D|ntdll.dll |0002018D|ntdll | |ZwWaitForMultipleObjects | | |00000040|03 |0378FF8C|75BE343B|kernel32.dll |0001343B|kernel32 | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=6748; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 1A5C / 6748 ] is blocked | |Comment= | |---------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77E6018D|ntdll.dll |0002018D|ntdll | |ZwWaitForMultipleObjects | | |00000040|03 |053EFE70|75BE19F7|kernel32.dll |000119F7|kernel32 | |WaitForMultipleObjectsEx | | |00000040|03 |053EFEB8|7641087C|user32.dll |0002087C|USER32 | | (possible PeekMessageW+682) | | |00000040|03 |053EFF0C|76410B7C|user32.dll |00020B7C|USER32 | |MsgWaitForMultipleObjects | | |00000040|03 |053EFF28|6ED47991|GdiPlus.dll |00047991|gdiplus | | (possible GdipCreateSolidFill+2256) | | |00000040|03 |053EFF74|6ED478B4|GdiPlus.dll |000478B4|gdiplus | | (possible GdipCreateSolidFill+2035) | | |00000040|03 |053EFF8C|75BE343B|kernel32.dll |0001343B|kernel32 | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=2476; Parent=0; Priority=1 | |Class=; Name= | |DeadLock=0; Wait Chain= | |Comment= | |---------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77E5F989|ntdll.dll |0001F989|ntdll | |ZwRemoveIoCompletion | | |00000040|03 |0A80FF8C|75BE343B|kernel32.dll |0001343B|kernel32 | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=6464; Parent=0; Priority=-3 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 1940 / 6464 ] is blocked | |Comment= | |---------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77E5F901|ntdll.dll |0001F901|ntdll | |NtWaitForSingleObject | | |00000040|03 |0B1BFF00|75BE118F|kernel32.dll |0001118F|kernel32 | |WaitForSingleObjectEx | | |00000040|03 |0B1BFF18|75BE1143|kernel32.dll |00011143|kernel32 | |WaitForSingleObject | | |00000040|03 |0B1BFF8C|75BE343B|kernel32.dll |0001343B|kernel32 | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=4440; Parent=0; Priority=15 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 1158 / 4440 ] is blocked | |Comment= | |---------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77E5F901|ntdll.dll |0001F901|ntdll | |NtWaitForSingleObject | | |00000040|03 |0B2BFF38|75BE118F|kernel32.dll |0001118F|kernel32 | |WaitForSingleObjectEx | | |00000040|03 |0B2BFF50|75BE1143|kernel32.dll |00011143|kernel32 | |WaitForSingleObject | | |---------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=6112; Parent=0; Priority=2 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 17E0 / 6112 ] is blocked | |Comment= | |---------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77E6018D|ntdll.dll |0002018D|ntdll | |ZwWaitForMultipleObjects | | |00000040|03 |0B3FFEC8|75BE19F7|kernel32.dll |000119F7|kernel32 | |WaitForMultipleObjectsEx | | |00000040|03 |0B3FFF10|75BE2687|kernel32.dll |00012687|kernel32 | |WaitForMultipleObjects | | |00000040|03 |0B3FFF2C|692EDC9E|bass.dll |0001DC9E|bass | | (possible BASS_GetCPU+2473) | | |00000040|03 |0B3FFF8C|75BE343B|kernel32.dll |0001343B|kernel32 | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=4844; Parent=0; Priority=15 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 12EC / 4844 ] is blocked | |Comment= | |---------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77E5F901|ntdll.dll |0001F901|ntdll | |NtWaitForSingleObject | | |00000040|03 |0B53FF60|75BE118F|kernel32.dll |0001118F|kernel32 | |WaitForSingleObjectEx | | |00000040|03 |0B53FF98|77E79800|ntdll.dll |00039800|ntdll | | (possible RtlInitializeExceptionChain+97)| | |00000040|03 |0B53FFD8|77E797D0|ntdll.dll |000397D0|ntdll | | (possible RtlInitializeExceptionChain+49)| | |---------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=4740; Parent=0; Priority=-2 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 1284 / 4740 ] is blocked | |Comment= | |---------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77E5FDC1|ntdll.dll |0001FDC1|ntdll | |NtDelayExecution | | |00000040|03 |0BA8FEF8|76524662|KERNELBASE.dll|00014662|KERNELBASE | |Sleep | | |00000040|03 |0BA8FF08|004F28DD|mcclient.exe |000F28DD|System.Classes |TThread |Sleep | | |00000040|03 |0BA8FF4C|004F1A16|mcclient.exe |000F1A16|System.Classes | |ThreadProc | | |00000040|04 |0BA8FF7C|0059ABF4|mcclient.exe |0019ABF4|EThreadsManager| |NakedBeginThreadWrapper |1331[5] | |00000040|03 |0BA8FF8C|75BE343B|kernel32.dll |0001343B|kernel32 | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=6968; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain= | |Comment= | |---------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77E61F76|ntdll.dll |00021F76|ntdll | |NtWaitForWorkViaWorkerFactory | | |00000040|03 |0D28FF8C|75BE343B|kernel32.dll |0001343B|kernel32 | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=6196; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 1834 / 6196 ] is blocked | |Comment= | |---------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77E6018D|ntdll.dll |0002018D|ntdll | |ZwWaitForMultipleObjects | | |00000040|03 |06F0FEF8|75BE19F7|kernel32.dll |000119F7|kernel32 | |WaitForMultipleObjectsEx | | |00000040|03 |06F0FF40|75BE2687|kernel32.dll |00012687|kernel32 | |WaitForMultipleObjects | | |00000040|03 |06F0FF5C|743C1878|msiltcfg.dll |00001878|msiltcfg | | (possible RestartMsi+812) | | |00000040|03 |06F0FF8C|75BE343B|kernel32.dll |0001343B|kernel32 | |BaseThreadInitThunk | | ----------------------------------------------------------------------------------------------------------------------------------------------- Mosules Information: ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |Handle |Name |Description |Version |Size |Modified |Path | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |00400000|mcclient.exe | |7.5.1.4 |19665152|2019-06-06 15:51:30|C:\Users\MSclad001\AppData\Local\NSS\MyChat Client\ | |0A810000|AntiCAPS.dll | | |1024512 |2019-07-02 12:34:46|C:\Users\MSclad001\AppData\Local\MyChat Client\plugins\AntiCAPS\bin\ | |0AA60000|Beeper.dll | | |1023488 |2019-07-02 12:34:46|C:\Users\MSclad001\AppData\Local\MyChat Client\plugins\Beeper\bin\ | |11000000|libeay32.dll |OpenSSL Shared Library |1.0.2.14 |1371136 |2017-12-07 17:08:22|C:\Users\MSclad001\AppData\Local\NSS\MyChat Client\ | |12000000|ssleay32.dll |OpenSSL Shared Library |1.0.2.14 |337920 |2017-12-07 17:08:22|C:\Users\MSclad001\AppData\Local\NSS\MyChat Client\ | |5CD20000|ntshrui.dll |Расширения оболочки, обеспечивающие доступ к ресурсам |6.1.7601.17755 |442880 |2012-01-04 11:58:41|C:\Windows\System32\ | |5EEB0000|ieframe.dll |Браузер |11.0.9600.19377 |13706240|2019-05-25 03:17:34|C:\Windows\SysWOW64\ | |66C60000|api-ms-win-downlevel-shell32-l1-1-0.dll |ApiSet Stub DLL |6.2.9200.16492 |3072 |2013-01-14 00:11:07|C:\Windows\SysWOW64\ | |69030000|WindowsCodecs.dll |Microsoft Windows Codecs Library |6.2.9200.22551 |1230848 |2018-08-30 04:47:47|C:\Windows\System32\ | |692D0000|bass.dll |BASS |2.4.14.0 |127669 |2019-01-16 15:34:32|C:\Users\MSclad001\AppData\Local\NSS\MyChat Client\ | |69670000|sxs.dll |Fusion 2.5 |6.1.7601.17514 |380416 |2010-11-21 06:24:16|C:\Windows\SysWOW64\ | |6A230000|winmm.dll |MCI API DLL |6.1.7601.17514 |194048 |2010-11-21 06:24:16|C:\Windows\System32\ | |6A270000|msacm32.dll |Фильтр диспетчера аудиосжатия Microsoft |6.1.7600.16385 |72192 |2009-07-14 04:15:42|C:\Windows\System32\ | |6A2F0000|comctl32.dll |Библиотека общих элементов управления |5.82.7601.18837 |530432 |2015-04-24 20:56:58|C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\| |6AC20000|dwmapi.dll |Интерфейс API диспетчера окон рабочего стола (Майкрософт) |6.1.7601.18917 |67584 |2015-07-09 20:42:54|C:\Windows\System32\ | |6BEE0000|cscapi.dll |Offline Files Win32 API |6.1.7601.24197 |34304 |2018-06-29 18:09:59|C:\Windows\System32\ | |6BF10000|oleacc.dll |Active Accessibility Core Component |7.0.0.0 |233472 |2011-08-27 07:26:27|C:\Windows\System32\ | |6BF50000|winsta.dll |Winstation Library |6.1.7601.18540 |157696 |2014-07-17 04:40:03|C:\Windows\System32\ | |6C210000|mpr.dll |Библиотека маршрутизации для нескольких служб доступа |6.1.7600.16385 |64000 |2009-07-14 04:15:41|C:\Windows\System32\ | |6C9F0000|wsock32.dll |Windows Socket 32-Bit DLL |6.1.7600.16385 |15360 |2009-07-14 04:16:20|C:\Windows\System32\ | |6CB00000|dhcpcsvc6.DLL |Клиент DHCPv6 |6.1.7601.17970 |44032 |2012-10-09 20:40:31|C:\Windows\System32\ | |6CB10000|dhcpcsvc.dll |Служба DHCP-клиента |6.1.7600.16385 |61952 |2009-07-14 04:15:11|C:\Windows\System32\ | |6DA60000|propsys.dll |Система страниц свойств (Microsoft) |7.0.7601.17514 |988160 |2010-11-21 06:24:08|C:\Windows\System32\ | |6DCF0000|uxtheme.dll |Библиотека тем UxTheme (Microsoft) |6.1.7600.16385 |245760 |2009-07-14 04:11:24|C:\Windows\System32\ | |6DD70000|comctl32.dll |Библиотека элементов управления взаимодействия с пользователем|6.10.7601.24460 |1681408 |2019-05-09 18:17:10|C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24460_none_2b1e532a457961ba\ | |6DFE0000|webio.dll |API протоколов передачи по Веб |6.1.7601.23375 |316416 |2016-03-09 21:40:16|C:\Windows\SysWOW64\ | |6E030000|winhttp.dll |Службы HTTP Windows |6.1.7601.24000 |351744 |2018-01-01 05:00:14|C:\Windows\SysWOW64\ | |6E0A0000|FWPUCLNT.DLL |API пользовательского режима FWP/IPsec |6.1.7601.24000 |216576 |2018-01-01 05:00:02|C:\Windows\System32\ | |6E0E0000|rasadhlp.dll |Remote Access AutoDial Helper |6.1.7600.16385 |11776 |2009-07-14 04:16:12|C:\Windows\System32\ | |6E0F0000|dnsapi.dll |Динамическая библиотека API DNS-клиента |6.1.7601.24168 |269824 |2018-06-08 18:54:41|C:\Windows\System32\ | |6E230000|msi.dll |Windows Installer |5.0.7601.24460 |2368000 |2019-05-09 18:18:08|C:\Windows\System32\ | |6E880000|hunspelldll.dll | | |223232 |2006-05-27 16:34:22|C:\Users\MSclad001\AppData\Local\NSS\MyChat Client\ | |6EAD0000|pnrpnsp.dll |Поставщик пространства имен PNRP |6.1.7600.16385 |65024 |2009-07-14 04:16:12|C:\Windows\System32\ | |6EB00000|winrnr.dll |LDAP RnR Provider DLL |6.1.7600.16385 |20992 |2009-07-14 04:16:19|C:\Windows\System32\ | |6EB40000|msimg32.dll |GDIEXT Client DLL |6.1.7601.24467 |4608 |2019-05-23 04:58:32|C:\Windows\System32\ | |6EBC0000|NapiNSP.dll |Поставщик оболочки совместимости для имен электронной почты |6.1.7600.16385 |52224 |2009-07-14 04:16:02|C:\Windows\System32\ | |6EBD0000|nlaapi.dll |Network Location Awareness 2 |6.1.7601.24000 |52224 |2018-01-01 05:00:07|C:\Windows\System32\ | |6EBE0000|wship6.dll |Библиотека DLL помощника Winsock2 (TL/IPv6) |6.1.7600.16385 |10752 |2009-07-14 04:16:20|C:\Windows\System32\ | |6EBF0000|WSHTCPIP.DLL |Библиотека DLL помощника службы Winsock2 (TL/IPv4) |6.1.7600.16385 |9216 |2009-07-14 04:16:20|C:\Windows\System32\ | |6EC00000|mswsock.dll |Расширение поставщика службы API Microsoft Windows Sockets 2.0|6.1.7601.23451 |231424 |2016-05-11 18:19:16|C:\Windows\System32\ | |6EC40000|apphelp.dll |Клиентская библиотека совместимости приложений |6.1.7601.19050 |295936 |2015-10-29 20:49:58|C:\Windows\System32\ | |6ECA0000|rsaenh.dll |Microsoft Enhanced Cryptographic Provider |6.1.7600.16385 |242936 |2009-07-14 04:17:54|C:\Windows\System32\ | |6ECE0000|cryptsp.dll |Cryptographic Service Provider API |6.1.7601.24460 |80896 |2019-05-09 18:17:23|C:\Windows\System32\ | |6ED00000|GdiPlus.dll |Microsoft GDI+ |6.1.7601.24467 |1636352 |2019-05-23 04:58:18|C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.24467_none_5c08a697a00c8eef\ | |6EEA0000|winspool.drv |Драйвер диспетчера очереди Windows |6.1.7601.24383 |321536 |2019-02-16 08:50:54|C:\Windows\System32\ | |6F640000|samcli.dll |Security Accounts Manager Client DLL |6.1.7601.17514 |51200 |2010-11-21 06:23:54|C:\Windows\System32\ | |6F650000|wkscli.dll |Workstation Service Client DLL |6.1.7601.17514 |47104 |2010-11-21 06:23:51|C:\Windows\System32\ | |6F660000|srvcli.dll |Server Service Client DLL |6.1.7601.17514 |90112 |2010-11-21 06:24:16|C:\Windows\System32\ | |70E50000|netutils.dll |Net Win32 API Helpers DLL |6.1.7601.17514 |22528 |2010-11-21 06:24:16|C:\Windows\System32\ | |70E60000|netapi32.dll |Net Win32 API DLL |6.1.7601.17887 |57344 |2012-07-05 00:16:56|C:\Windows\System32\ | |70E80000|winnsi.dll |Network Store Information RPC interface |6.1.7601.23889 |16384 |2017-08-11 09:19:44|C:\Windows\System32\ | |70E90000|IPHLPAPI.DLL |IP Helper API |6.1.7601.17514 |103936 |2010-11-21 06:24:32|C:\Windows\System32\ | |70EB0000|secur32.dll |Security Support Provider Interface |6.1.7601.24475 |22016 |2019-05-16 18:18:56|C:\Windows\System32\ | |72C90000|ntmarta.dll |Поставщик Windows NT MARTA |6.1.7600.16385 |121856 |2009-07-14 04:16:11|C:\Windows\System32\ | |72E90000|powrprof.dll |DLL модуля поддержки профиля управления питанием |6.1.7600.16385 |145408 |2009-07-14 04:16:12|C:\Windows\System32\ | |735C0000|version.dll |Version Checking and File Installation Libraries |6.1.7600.16385 |21504 |2009-07-14 04:16:17|C:\Windows\System32\ | |735D0000|wtsapi32.dll |Windows Remote Desktop Session Host Server SDK APIs |6.1.7601.17514 |40448 |2010-11-21 06:23:54|C:\Windows\System32\ | |743C0000|msiltcfg.dll |Windows Installer Configuration API Stub |5.0.7600.16385 |15872 |2009-07-14 04:15:44|C:\Windows\System32\ | |744C0000|EhStorShell.dll |Библиотека DLL расширения оболочки Windows Enhanced Storage |6.1.7600.16385 |189952 |2009-07-14 04:15:14|C:\Windows\System32\ | |74A00000|AudioSes.dll |Сеанс обработки звука |6.1.7601.24475 |195072 |2019-05-16 18:17:52|C:\Windows\System32\ | |74A40000|MMDevAPI.dll |MMDevice API |6.1.7601.17514 |213504 |2010-11-21 06:23:51|C:\Windows\System32\ | |74B30000|avrt.dll |Multimedia Realtime Runtime |6.1.7600.16385 |14336 |2009-07-14 04:14:58|C:\Windows\System32\ | |74B40000|idndl.dll |Downlevel DLL |6.1.7600.16385 |33792 |2009-07-14 04:15:27|C:\Windows\System32\ | |74B80000|olepro32.dll | |6.1.7601.23452 |90624 |2016-05-12 18:18:31|C:\Windows\System32\ | |74BA0000|shdocvw.dll |Библиотека объектов документов и элементов управления оболочки|6.1.7601.23896 |180224 |2017-08-19 18:10:53|C:\Windows\System32\ | |74C20000|slc.dll |Software Licensing Client DLL |6.1.7600.16385 |27136 |2009-07-14 04:16:15|C:\Windows\System32\ | |74C60000|linkinfo.dll |Windows Volume Tracking |6.1.7600.16385 |22016 |2009-07-14 04:15:36|C:\Windows\System32\ | |74C70000|browcli.dll |Browser Service Client DLL |6.1.7601.17887 |41984 |2012-07-05 00:14:34|C:\Windows\System32\ | |75160000|sfc_os.dll |Windows File Protection |6.1.7600.16385 |40960 |2009-07-14 04:16:14|C:\Windows\System32\ | |75170000|sfc.dll |Windows File Protection |6.1.7600.16385 |2560 |2009-07-14 04:10:22|C:\Windows\SysWOW64\ | |75550000|CRYPTBASE.dll |Base cryptographic API DLL |6.1.7601.24475 |36352 |2019-05-16 17:45:38|C:\Windows\SysWOW64\ | |75560000|sspicli.dll |Security Support Provider Interface |6.1.7601.24475 |96768 |2019-05-16 18:19:09|C:\Windows\SysWOW64\ | |755C0000|ws2_32.dll |32-разрядная библиотека Windows Socket 2.0 |6.1.7601.23451 |206336 |2016-05-11 18:19:26|C:\Windows\SysWOW64\ | |75600000|profapi.dll |User Profile Basic API |6.1.7600.16385 |31744 |2009-07-14 04:16:12|C:\Windows\SysWOW64\ | |75610000|imagehlp.dll |Windows NT Image Helper |6.1.7601.18288 |159232 |2013-10-19 04:36:59|C:\Windows\SysWOW64\ | |75640000|setupapi.dll |Windows Setup API |6.1.7601.17514 |1667584 |2010-11-21 06:23:51|C:\Windows\SysWOW64\ | |757E0000|msvcrt.dll |Windows NT CRT DLL |7.0.7601.17744 |690688 |2011-12-16 10:52:58|C:\Windows\SysWOW64\ | |75890000|cfgmgr32.dll |Configuration Manager DLL |6.1.7601.17621 |145920 |2011-05-24 13:39:38|C:\Windows\SysWOW64\ | |758C0000|msctf.dll |Серверная библиотека MSCTF |6.1.7601.23915 |830464 |2017-09-13 18:09:01|C:\Windows\SysWOW64\ | |75990000|iertutil.dll |Run time utility for Internet Explorer |11.0.9600.19377 |2297344 |2019-05-25 03:42:39|C:\Windows\SysWOW64\ | |75BD0000|kernel32.dll |Библиотека клиента Windows NT BASE API |6.1.7601.24475 |1114112 |2019-05-16 18:19:09|C:\Windows\SysWOW64\ | |75D70000|api-ms-win-downlevel-normaliz-l1-1-0.dll|ApiSet Stub DLL |6.2.9200.16492 |2560 |2013-01-14 00:17:02|C:\Windows\SysWOW64\ | |75D80000|normaliz.dll |Unicode Normalization DLL |6.1.7600.16385 |2048 |2009-07-14 04:09:00|C:\Windows\SysWOW64\ | |75DF0000|api-ms-win-downlevel-version-l1-1-0.dll |ApiSet Stub DLL |6.2.9200.16492 |3072 |2013-01-14 00:11:07|C:\Windows\SysWOW64\ | |75E00000|api-ms-win-downlevel-advapi32-l1-1-0.dll|ApiSet Stub DLL |6.2.9200.16492 |10752 |2013-01-14 00:16:42|C:\Windows\SysWOW64\ | |75E10000|sechost.dll |Host for SCM/SDDL/LSA Lookup APIs |6.1.7601.18869 |92160 |2015-05-25 21:01:39|C:\Windows\SysWOW64\ | |75E30000|api-ms-win-downlevel-user32-l1-1-0.dll |ApiSet Stub DLL |6.2.9200.16492 |4096 |2013-01-14 00:11:21|C:\Windows\SysWOW64\ | |75E40000|ole32.dll |Microsoft OLE для Windows |6.1.7601.24440 |1425920 |2019-04-16 18:17:31|C:\Windows\SysWOW64\ | |75FA0000|usp10.dll |Uniscribe Unicode script processor |1.626.7601.24467 |628224 |2019-05-23 04:58:39|C:\Windows\SysWOW64\ | |76040000|urlmon.dll |Расширения OLE32 для Win32 |11.0.9600.19377 |1323008 |2019-05-25 02:59:06|C:\Windows\SysWOW64\ | |762C0000|comdlg32.dll |Библиотека общих диалоговых окон |6.1.7601.17514 |485888 |2010-11-21 06:23:48|C:\Windows\SysWOW64\ | |76340000|nsi.dll |NSI User-mode interface DLL |6.1.7601.23889 |8704 |2017-08-11 09:19:39|C:\Windows\SysWOW64\ | |76350000|api-ms-win-downlevel-shlwapi-l1-1-0.dll |ApiSet Stub DLL |6.2.9200.16492 |9728 |2013-01-14 00:17:03|C:\Windows\SysWOW64\ | |76390000|imm32.dll |Multi-User Windows IMM32 API Client DLL |6.1.7601.17514 |119808 |2010-11-21 06:24:25|C:\Windows\System32\ | |763F0000|user32.dll |Многопользовательская библиотека клиента USER API Windows |6.1.7601.23594 |833024 |2016-11-10 19:19:40|C:\Windows\SysWOW64\ | |764F0000|userenv.dll |Userenv |6.1.7601.24453 |83968 |2019-04-25 18:18:26|C:\Windows\SysWOW64\ | |76510000|KERNELBASE.dll |Библиотека клиента Windows NT BASE API |6.1.7601.24475 |275968 |2019-05-16 18:19:09|C:\Windows\SysWOW64\ | |76560000|clbcatq.dll |COM+ Configuration Catalog |2001.12.8530.16385|522240 |2009-07-14 04:15:03|C:\Windows\SysWOW64\ | |765F0000|oleaut32.dll | |6.1.7601.24440 |583680 |2019-04-16 18:17:31|C:\Windows\SysWOW64\ | |76690000|wininet.dll |Расширения Интернета для Win32 |11.0.9600.19377 |4386304 |2019-05-25 03:02:21|C:\Windows\SysWOW64\ | |76AD0000|api-ms-win-downlevel-ole32-l1-1-0.dll |ApiSet Stub DLL |6.2.9200.16492 |5632 |2013-01-14 00:11:08|C:\Windows\SysWOW64\ | |76AE0000|advapi32.dll |Расширенная библиотека API Windows 32 |6.1.7601.24475 |644096 |2019-05-16 18:17:51|C:\Windows\SysWOW64\ | |76B90000|psapi.dll |Process Status Helper |6.1.7600.16385 |6144 |2009-07-14 04:16:12|C:\Windows\SysWOW64\ | |76BA0000|shlwapi.dll |Библиотека небольших программ оболочки |6.1.7601.17514 |350208 |2010-11-21 06:23:48|C:\Windows\SysWOW64\ | |76C00000|Wldap32.dll |Win32 LDAP API DLL |6.1.7601.23889 |271360 |2017-08-11 09:19:44|C:\Windows\SysWOW64\ | |76C50000|lpk.dll |Language Pack |6.1.7601.24439 |25600 |2019-04-14 08:40:22|C:\Windows\SysWOW64\ | |76C60000|gdi32.dll |GDI Client DLL |6.1.7601.24467 |313344 |2019-05-23 04:58:40|C:\Windows\SysWOW64\ | |76CF0000|rpcrt4.dll |Библиотека удаленного вызова процедур |6.1.7601.24475 |666112 |2019-05-16 18:19:09|C:\Windows\SysWOW64\ | |76DF0000|devobj.dll |Device Information Set DLL |6.1.7601.17621 |64512 |2011-05-24 13:40:05|C:\Windows\SysWOW64\ | |76E10000|shell32.dll |Общая библиотека оболочки Windows |6.1.7601.24468 |12880384|2019-05-25 02:59:03|C:\Windows\SysWOW64\ | |77E40000|ntdll.dll |Системная библиотека NT |6.1.7601.24475 |1314112 |2019-05-16 18:21:03|C:\Windows\SysWOW64\ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Processes Information: ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |ID |Name |Description |Version |Memory |Priority |Threads|Path | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |0 |[System Process] | | |0 | |4 | | |4 |System | | |0 |Normal |204 | | |464 |smss.exe | | |0 |Above-Normal|2 | | |472 |services.exe | | |0 |Normal |7 | | |528 |csrss.exe | | |0 |High |11 | | |784 |svchost.exe | | |0 |Normal |11 | | |840 |csrss.exe | | |0 |High |9 | | |876 |winlogon.exe | | |0 |High |3 | | |888 |lsass.exe | | |0 |Normal |13 | | |908 |lsm.exe | | |0 |Normal |10 | | |1000|wininit.exe | | |0 |High |3 | | |1008|svchost.exe | | |0 |Normal |10 | | |1068|svchost.exe | | |0 |Normal |20 | | |1108|svchost.exe | | |0 |Normal |21 | | |1136|svchost.exe | | |0 |Normal |36 | | |1164|svchost.exe | | |0 |Normal |36 | | |1244|audiodg.exe | | |23179264 |Normal |12 |C:\Windows\System32\ | |1292|svchost.exe | | |0 |Normal |6 | | |1408|AnyDesk.exe | |5.2.1.0 |32296960 |High |6 |C:\Users\MSclad001\Documents\MyChat\75 - Яковлев Д.В\ | |1424|DisplayLinkManager.exe | | |0 |Normal |21 | | |1488|HPLaserJetService.exe | | |0 |Normal |18 | | |1508|svchost.exe | | |0 |Normal |5 | | |1600|DisplayLinkUserAgent.exe| | |0 |High |7 | | |1632|svchost.exe | | |0 |Normal |16 | | |1648|HPBDSService.exe | | |0 |Normal |6 | | |1700|svchost.exe | | |0 |Normal |10 | | |1772|spoolsv.exe | | |0 |Normal |15 | | |1824|svchost.exe | | |0 |Normal |19 | | |1960|armsvc.exe | | |0 |Normal |4 | | |2032|avp.exe | | |0 |Normal |148 | | |2064|HeciServer.exe | | |0 |Normal |4 | | |2096|svchost.exe | | |0 |Normal |4 | | |2140|SCCM_Agent.exe | | |0 |Normal |3 | | |2184|Server.exe | | |0 |Normal |2 | | |2208|pdf24.exe | | |0 |Normal |6 | | |2468|WUDFHost.exe | | |0 |Normal |8 | | |2544|mstsc.exe |Подключение к удаленному рабочему столу |6.2.9200.17053|202608640|Normal |29 |C:\Windows\System32\ | |2644|svchost.exe | | |0 |Normal |4 | | |2664|svchost.exe | | |0 |Normal |9 | | |3080|WmiPrvSE.exe | | |0 |Normal |8 | | |3292|hpwuschd2.exe |hpwuSchd Application |80.1.1.0 |4157440 |Normal |1 |C:\Program Files (x86)\HP\HP Software Update\ | |3608|HPStatusAlerts.exe |HPStatusAlerts |50.34.153.0 |19660800 |Normal |15 |C:\Program Files (x86)\HP\StatusAlerts\bin\ | |3628|taskhost.exe | | |37056512 |Normal |11 |C:\Windows\System32\ | |3636|avp.exe |Kaspersky Endpoint Security for Windows |11.0.1.90 |6533120 |Normal |14 |C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\ | |3736|dwm.exe | | |145117184|High |8 |C:\Windows\System32\ | |3760|explorer.exe |Проводник |6.1.7601.23537|107896832|Normal |38 |C:\Windows\ | |3824|iusb3mon.exe |iusb3mon |2.5.0.19 |6193152 |Normal |4 |C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\| |3860|AnyDesk.exe | |5.2.1.0 |18698240 |Normal |4 |C:\Users\MSclad001\Documents\MyChat\75 - Яковлев Д.В\ | |3948|hkcmd.exe | | |7467008 |Normal |3 |C:\Windows\System32\ | |3956|igfxpers.exe | | |7708672 |Normal |4 |C:\Windows\System32\ | |3988|igfxsrvc.exe | | |8572928 |Normal |4 |C:\Windows\System32\ | |4048|hppfaxprintersrv.exe |hppfaxprintersrv |5.0.7.20 |7888896 |Normal |4 |C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\ | |4176|SearchIndexer.exe | | |0 |Normal |15 | | |4192|taskeng.exe | | |0 |Below-Normal|4 | | |4200|CCFManager.exe |Intel® Common Connectivity Framework Manager|3.0.0.0 |42835968 |Normal |18 |C:\Program Files\Intel\ConnectCenter\bin\ | |4248|AnyDesk.exe | |5.2.1.0 |23498752 |Normal |8 |C:\Users\MSclad001\Documents\MyChat\75 - Яковлев Д.В\ | |4460|PWMDBSVC.exe | | |0 |Normal |5 | | |4564|wmpnetwk.exe | | |0 |Normal |9 | | |4672|vapm.exe | | |0 |Normal |21 | | |4676|Jhi_service.exe | | |0 |Normal |4 | | |4688|rundll32.exe |Хост-процесс Windows (Rundll32) |6.1.7601.23755|4595712 |Normal |1 |C:\Windows\SysWOW64\ | |4720|SCHTASK.exe |Power Manager Power Agenda |1.0.0.1 |6811648 |Normal |3 |C:\Program Files (x86)\Lenovo\PowerMgr\ | |4752|rundll32.exe |Хост-процесс Windows (Rundll32) |6.1.7601.23755|11685888 |Normal |6 |C:\Windows\System32\ | |4760|taskeng.exe |Обработчик планировщика заданий |6.1.7601.17514|7221248 |Normal |6 |C:\Windows\System32\ | |4796|RAVCpl64.exe |Диспетчер Realtek HD |1.0.0.912 |1265664 |Below-Normal|11 |C:\Program Files\Realtek\Audio\HDA\ | |4876|RAVBg64.exe |HD Audio Background Process |1.0.0.171 |1064960 |Below-Normal|7 |C:\Program Files\Realtek\Audio\HDA\ | |4900|svchost.exe | | |0 |Normal |19 | | |5108|unsecapp.exe | | |0 |Normal |5 | | |5164|klnagent.exe | | |0 |Normal |34 | | |5396|STCServ.exe | | |0 |Normal |43 | | |5676|avpsus.exe | | |0 |Normal |17 | | |5780|IAStorDataMgrSvc.exe | | |0 |Normal |8 | | |5784|WmiPrvSE.exe | | |0 |Normal |9 | | |5856|AnyDesk.exe | |5.2.1.0 |31440896 |Normal |14 |C:\Users\MSclad001\Documents\MyChat\75 - Яковлев Д.В\ | |5908|SUService.exe | | |0 |Normal |9 | | |5932|OSPPSVC.EXE | | |0 |Normal |5 | | |6304|SearchFilterHost.exe | | |0 |Low |7 | | |6852|SearchProtocolHost.exe | | |0 |Low |8 | | |6988|explorer.exe |Проводник |6.1.7601.23537|48943104 |Normal |21 |C:\Windows\ | |7016|mcclient.exe | |7.5.1.4 |111009792|Normal |15 |C:\Users\MSclad001\AppData\Local\NSS\MyChat Client\ | |7100|AnyDesk.exe | |5.2.1.0 |70148096 |Normal |20 |C:\Users\MSclad001\Documents\MyChat\75 - Яковлев Д.В\ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Assembler Information: ------------------------------------------------------------------------------------------------------------------------------------------------------------------- ; Base Address: $E3C000, Allocation Base: $400000, Region Size: 3276800 ; Allocation Protect: PAGE_EXECUTE_WRITECOPY, Protect: PAGE_EXECUTE_READ ; State: MEM_COMMIT, Type: MEM_IMAGE ; ; ; frame_private.TPrivateFrame.ThreadDone_DownloadOfflineFiles (Line=1851 - Offset=0) ; ---------------------------------------------------------------------------------- 00E3C278 55 PUSH EBP 00E3C279 8BEC MOV EBP, ESP 00E3C27B 83C4F4 ADD ESP, -$0C 00E3C27E 53 PUSH EBX 00E3C27F 56 PUSH ESI 00E3C280 33D2 XOR EDX, EDX 00E3C282 8955FC MOV