EurekaLog 7.4.8.0 RC 1 Application: ------------------------------------------------------------- 1.1 Start Date : Mon, 4 Nov 2019 09:03:06 +0700 1.2 Name/Description: mcclient.exe 1.3 Version Number : 7.7.0.0 1.4 Parameters : 1.5 Compilation Date: Fri, 6 Sep 2019 20:10:55 +0700 1.6 Up Time : 5 hour(s), 32 minute(s), 22 second(s) Exception: ------------------------------------------------------------------------------------------------------------- 2.1 Date : Mon, 4 Nov 2019 14:35:29 +0700 2.2 Address : 0040B38C 2.3 Module Name : mcclient.exe 2.4 Module Version: 7.7.0.0 2.5 Type : EExternalException 2.6 Message : Access violation at address 0040B38C in module 'mcclient.exe'. Read of address FFFFFFF9 . Module:_mcclient.exe Code:_C0000005 (EXCEPTION_ACCESS_VIOLATION) Address:_0040B38C (0000B38C). 2.7 ID : E33B0000 2.8 Count : 1 2.9 Status : New 2.10 Note : 2.11 Sent : 1 User: ------------------------------------------------------- 3.1 ID : Manager 3.2 Name : qwerty1232212@outlook.com 3.3 Email : 3.4 Company : 3.5 Privileges: SeLockMemoryPrivilege - OFF SeShutdownPrivilege - OFF SeChangeNotifyPrivilege - ON SeUndockPrivilege - OFF SeIncreaseWorkingSetPrivilege - OFF SeTimeZonePrivilege - OFF Active Controls: ---------------------------------------------------------- 4.1 Form Class : ApplicationManager_DesktopShellWindow 4.2 Form Text : 4.3 Control Class: TRichViewEdit 4.4 Control Text : Computer: ------------------------------------------------------------------------------------- 5.1 Name : MANAGERPC15 5.2 Total Memory : 4127490048 (3,84 Gb) 5.3 Free Memory : 1441202176 (1,34 Gb) 5.4 Total Disk : 41891655680 (39,01 Gb) 5.5 Free Disk : 39805816832 (37,07 Gb) 5.6 System Up Time : 18 day(s), 19 hour(s), 32 minute(s), 32 second(s) 5.7 Processor : Intel(R) Celeron(R) CPU N3350 @ 1.10GHz 5.8 Display Mode : 1366 x 768, 32 bit 5.9 Display DPI : 96 5.10 Video Card : Intel(R) HD Graphics (driver 25.20.100.6373 - RAM 1073741824) 5.11 Printer : RICOH SP 325SNw PCL 6 (driver 6.0.6001.18000) 5.12 Virtual Machine: Operating System: ----------------------------------------------------- 6.1 Type : Microsoft Windows 10 (64 bit) 6.2 Build # : 18362 (10.0.18362.329) 6.3 Update : 6.4 Language : Russian (0419) 6.5 Charset : 204/1251 6.6 Install Language: Russian (0419) 6.7 UI Language : Russian (0419) Network: --------------------------------------------------------------------- 7.1 IP Address: 192.168.001.099 - 000.000.000.000 - 000.000.000.000 7.2 Submask : 255.255.255.000 - 000.000.000.000 - 000.000.000.000 7.3 Gateway : 192.168.001.095 - 000.000.000.000 - 000.000.000.000 7.4 DNS 1 : 192.168.001.095 - 000.000.000.000 - 000.000.000.000 7.5 DNS 2 : 000.000.000.000 - 000.000.000.000 - 000.000.000.000 7.6 DHCP : ON - ON - ON Steps to reproduce: ------------ 8.1 Text: Custom Information: ---------------------------------------------------------------------- 9.1 ServerHWID: 323790096_4298_6-7-10-654356374 9.2 License : COMMERCIAL 9.3 ClientHWID: 201E5E422DAC43840E2A0B41203A41B21631D203941D0A432014 Call Stack Information: --------------------------------------------------------------------------------------------------------------------------------------------------- |Methods |Details|Stack |Address |Module |Offset |Unit |Class |Procedure/Method |Line | --------------------------------------------------------------------------------------------------------------------------------------------------- |*Exception Thread: ID=7612; Parent=0; Priority=0 | |Class=; Name=MAIN | |DeadLock=0; Wait Chain= | |Comment= | |-------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|0040B38C|mcclient.exe |0000B38C|System | |_LStrClr | | |00000020|03 |0019FAF4|0040B509|mcclient.exe |0000B509|System | |_UStrFromPWCharLen | | |00000020|03 |0019FB04|0040C8E0|mcclient.exe |0000C8E0|System | |_UStrCopy | | |00000020|04 |0019FB14|01134749|mcclient.exe |00D34749|unique_utils | |GetParams |62[7] | |00000020|04 |0019FB48|01134802|mcclient.exe |00D34802|unique_utils |TUniqueInstance |OnNative |73[4] | |00000020|04 |0019FB74|01133FCF|mcclient.exe |00D33FCF|simpleipc |TSimpleIPCServer|ReadMessage |389[6] | |00000020|04 |0019FB90|0113338F|mcclient.exe |00D3338F|simpleipc | |MsgWndProc |94[13] | |00000020|03 |0019FBA0|774243BB|ntdll.dll |000443BB|ntdll | |RtlActivateActivationContextUnsafeFast | | |00000020|03 |0019FBC0|756048E9|user32.dll |000448E9|user32 | | (possible AddClipboardFormatListener+73) | | |00000020|03 |0019FBEC|755E6137|user32.dll |00026137|user32 | | (possible CallWindowProcW+2855) | | |00000020|03 |0019FC14|00409F94|mcclient.exe |00009F94|System |TMonitor |Enter | | |00000020|03 |0019FC1C|00409E5C|mcclient.exe |00009E5C|System |TMonitor |CheckOwningThread | | |00000020|03 |0019FC24|0040A116|mcclient.exe |0000A116|System |TMonitor |Exit | | |00000020|03 |0019FC30|0040A167|mcclient.exe |0000A167|System |TMonitor |Exit | | |00000020|03 |0019FC68|755E5F85|user32.dll |00025F85|user32 | | (possible CallWindowProcW+2421) | | |00000020|03 |0019FCD0|755E5CD5|user32.dll |00025CD5|user32 | | (possible CallWindowProcW+1733) | | |00000020|03 |0019FD08|755E6137|user32.dll |00026137|user32 | | (possible CallWindowProcW+2855) | | |00000020|03 |0019FD34|75601F48|user32.dll |00041F48|user32 | | (possible CreateMenu+152) | | |00000020|03 |0019FD64|755EE6D1|user32.dll |0002E6D1|user32 | | (possible IsRectEmpty+529) | | |00000020|03 |0019FD74|774541CB|ntdll.dll |000741CB|ntdll | | (possible KiUserCallbackDispatcher+75) | | |00000020|03 |0019FDCC|755EC568|user32.dll |0002C568|user32 | | (possible PeekMessageW+488) | | |00000020|03 |0019FE08|0040A384|mcclient.exe |0000A384|System |TMonitor |TryEnter | | |00000020|03 |0019FE18|0040A116|mcclient.exe |0000A116|System |TMonitor |Exit | | |00000020|03 |0019FE20|755EC4DB|user32.dll |0002C4DB|user32 | |PeekMessageW | | |00000020|03 |0019FE5C|00714D5C|mcclient.exe |00314D5C|Vcl.Forms |TApplication |ProcessMessage | | |00000020|03 |0019FE88|00714E7E|mcclient.exe |00314E7E|Vcl.Forms |TApplication |HandleMessage | | |00000020|03 |0019FEAC|007151B9|mcclient.exe |003151B9|Vcl.Forms |TApplication |Run | | |00000020|03 |0019FEB4|007151C6|mcclient.exe |003151C6|Vcl.Forms |TApplication |Run | | |00000020|04 |0019FEDC|01151C98|mcclient.exe |00D51C98|mcclient | |Initialization |491[285] | |00000020|03 |0019FF74|753F6357|kernel32.dll |00016357|KERNEL32 | |BaseThreadInitThunk | | |-------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=7988; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 1F34 / 7988 ] is blocked | |Comment= | |-------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|768E708C|win32u.dll |0000708C|win32u | |NtUserMsgWaitForMultipleObjectsEx | | |00000020|03 |052DFE78|755EE063|user32.dll |0002E063|user32 | | (possible MsgWaitForMultipleObjectsEx+275)| | |00000020|03 |052DFED8|755EC4DB|user32.dll |0002C4DB|user32 | |PeekMessageW | | |00000020|03 |052DFEF0|755EDF29|user32.dll |0002DF29|user32 | |MsgWaitForMultipleObjects | | |00000020|03 |052DFF14|74835660|GdiPlus.dll |00075660|gdiplus | | (possible GdiplusStartup+6704) | | |00000020|03 |052DFF5C|748355F8|GdiPlus.dll |000755F8|gdiplus | | (possible GdiplusStartup+6600) | | |00000020|03 |052DFF74|753F6357|kernel32.dll |00016357|KERNEL32 | |BaseThreadInitThunk | | |-------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=10124; Parent=0; Priority=1 | |Class=; Name= | |DeadLock=0; Wait Chain= | |Comment= | |-------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77451DEC|ntdll.dll |00071DEC|ntdll | |NtRemoveIoCompletion | | |00000020|03 |0AB7FF40|73571BDC|mswsock.dll |00011BDC|mswsock | | (possible sethostname+4012) | | |00000020|03 |0AB7FF74|753F6357|kernel32.dll |00016357|KERNEL32 | |BaseThreadInitThunk | | |-------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=3880; Parent=0; Priority=13 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 0F28 / 3880 ] is blocked | |Comment= | |-------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77451D9C|ntdll.dll |00071D9C|ntdll | |ZwWaitForSingleObject | | |00000020|03 |0B3FFE8C|7606E213|KERNELBASE.dll|000FE213|KERNELBASE | |WaitForSingleObjectEx | | |00000020|03 |0B3FFF00|7606E16D|KERNELBASE.dll|000FE16D|KERNELBASE | |WaitForSingleObject | | |00000020|01 |0B3FFF14|74482748|bass.dll |00002748| | | | | |00000020|03 |0B3FFF74|753F6357|kernel32.dll |00016357|KERNEL32 | |BaseThreadInitThunk | | |-------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=9332; Parent=0; Priority=15 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 2474 / 9332 ] is blocked | |Comment= | |-------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77451D9C|ntdll.dll |00071D9C|ntdll | |ZwWaitForSingleObject | | |00000020|03 |0B53FEC4|7606E213|KERNELBASE.dll|000FE213|KERNELBASE | |WaitForSingleObjectEx | | |00000020|03 |0B53FF38|7606E16D|KERNELBASE.dll|000FE16D|KERNELBASE | |WaitForSingleObject | | |00000020|03 |0B53FF74|753F6357|kernel32.dll |00016357|KERNEL32 | |BaseThreadInitThunk | | |-------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=2640; Parent=0; Priority=2 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 0A50 / 2640 ] is blocked | |Comment= | |-------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|7745232C|ntdll.dll |0007232C|ntdll | |NtWaitForMultipleObjects | | |00000020|03 |0B67FD64|7607BA1D|KERNELBASE.dll|0010BA1D|KERNELBASE | |WaitForMultipleObjectsEx | | |00000020|03 |0B67FEE0|7607D7C1|KERNELBASE.dll|0010D7C1|KERNELBASE | |InitOnceExecuteOnce | | |00000020|03 |0B67FEF8|7607B8D3|KERNELBASE.dll|0010B8D3|KERNELBASE | |WaitForMultipleObjects | | |00000020|03 |0B67FF14|7449DC9E|bass.dll |0001DC9E|bass | | (possible BASS_GetCPU+2473) | | |00000020|03 |0B67FF74|753F6357|kernel32.dll |00016357|KERNEL32 | |BaseThreadInitThunk | | |-------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=8348; Parent=0; Priority=15 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 209C / 8348 ] is blocked | |Comment= | |-------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77451D9C|ntdll.dll |00071D9C|ntdll | |ZwWaitForSingleObject | | |00000020|03 |0B7BFEEC|7606E213|KERNELBASE.dll|000FE213|KERNELBASE | |WaitForSingleObjectEx | | |00000020|03 |0B7BFF28|7606E270|KERNELBASE.dll|000FE270|KERNELBASE | | (possible WaitForSingleObjectEx+240) | | |00000020|03 |0B7BFF48|7605F5ED|KERNELBASE.dll|000EF5ED|KERNELBASE | |LoadLibraryA | | |00000020|01 |0B7BFF60|74481E11|bass.dll |00001E11| | | | | |00000020|03 |0B7BFF74|753F6357|kernel32.dll |00016357|KERNEL32 | |BaseThreadInitThunk | | |-------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=1040; Parent=0; Priority=-2 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ 0410 / 1040 ] is blocked | |Comment= | |-------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|774520BC|ntdll.dll |000720BC|ntdll | |NtDelayExecution | | |00000020|03 |0959FE78|7607E7E9|KERNELBASE.dll|0010E7E9|KERNELBASE | |SleepEx | | |00000020|03 |0959FEC8|755EE94C|user32.dll |0002E94C|user32 | |PostMessageW | | |00000020|03 |0959FEE0|7607E77A|KERNELBASE.dll|0010E77A|KERNELBASE | |Sleep | | |00000020|03 |0959FEF0|004F2895|mcclient.exe |000F2895|System.Classes |TThread |Sleep | | |00000020|04 |0959FEF8|00F25568|mcclient.exe |00B25568|mcclcore |TParse |Execute |544[25] | |00000020|04 |0959FF08|0059AB8D|mcclient.exe |0019AB8D|EThreadsManager| |ThreadDataUnlock |1315[2] | |00000020|04 |0959FF0C|0059AB8D|mcclient.exe |0019AB8D|EThreadsManager| |ThreadDataUnlock |1315[2] | |00000020|03 |0959FF34|004F19CE|mcclient.exe |000F19CE|System.Classes | |ThreadProc | | |00000020|03 |0959FF3C|004F19D9|mcclient.exe |000F19D9|System.Classes | |ThreadProc | | |00000020|04 |0959FF50|0059AB8D|mcclient.exe |0019AB8D|EThreadsManager| |ThreadDataUnlock |1315[2] | |00000020|04 |0959FF54|0059AB8D|mcclient.exe |0019AB8D|EThreadsManager| |ThreadDataUnlock |1315[2] | |00000020|04 |0959FF64|0059ABAC|mcclient.exe |0019ABAC|EThreadsManager| |NakedBeginThreadWrapper |1331[5] | |00000020|03 |0959FF74|753F6357|kernel32.dll |00016357|KERNEL32 | |BaseThreadInitThunk | | --------------------------------------------------------------------------------------------------------------------------------------------------- Mosules Information: ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |Handle |Name |Description |Version |Size |Modified |Path | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |00400000|mcclient.exe | |7.7.0.0 |19619584|2019-09-06 16:14:56|D:\USER\MyChat\ | |0AB80000|AntiCAPS.dll | | |1024512 |2019-04-26 14:37:16|C:\Users\Manager\AppData\Local\MyChat\plugins\AntiCAPS\bin\ | |0ADD0000|Beeper.dll | | |1023488 |2019-04-26 14:37:16|C:\Users\Manager\AppData\Local\MyChat\plugins\Beeper\bin\ | |0B020000|VNCServer.dll | | |1109504 |2019-04-26 14:37:16|C:\Users\Manager\AppData\Local\MyChat\plugins\VNCServer\bin\ | |11000000|libeay32.dll |OpenSSL Shared Library |1.0.2.14 |1371136 |2017-12-07 17:08:22|D:\USER\MyChat\ | |12000000|ssleay32.dll |OpenSSL Shared Library |1.0.2.14 |337920 |2017-12-07 17:08:22|D:\USER\MyChat\ | |6C3E0000|winnsi.dll |Network Store Information RPC interface |6.2.18362.1 |28552 |2019-03-19 11:44:36|C:\Windows\System32\ | |6E880000|hunspelldll.dll | | |223232 |2006-05-27 16:34:22|D:\USER\MyChat\ | |6EE60000|WindowsCodecs.dll |Microsoft Windows Codecs Library |6.2.18362.1 |1484896 |2019-03-19 11:45:13|C:\Windows\System32\ | |6F5B0000|ntmarta.dll |Поставщик Windows NT MARTA |6.2.18362.1 |152896 |2019-03-19 11:45:22|C:\Windows\System32\ | |6F5E0000|CoreMessaging.dll |Microsoft CoreMessaging Dll |6.2.18362.1 |553896 |2019-03-19 11:45:19|C:\Windows\System32\ | |6F670000|CoreUIComponents.dll |Microsoft Core UI Components Dll |6.2.18362.207 |2490712 |2019-09-29 21:18:21|C:\Windows\System32\ | |6F8D0000|TextInputFramework.dll|"TextInputFramework.DYNLINK" |6.2.18362.207 |531464 |2019-09-29 21:18:26|C:\Windows\System32\ | |6FD60000|WinTypes.dll |Библиотека DLL основных типов Windows |6.2.18362.267 |892488 |2019-09-29 21:18:38|C:\Windows\System32\ | |6FE40000|AudioSes.dll |Сеанс обработки звука |6.2.18362.329 |1154952 |2019-09-29 21:18:14|C:\Windows\System32\ | |6FF60000|MMDevAPI.dll |MMDevice API |6.2.18362.329 |401832 |2019-09-29 21:18:15|C:\Windows\System32\ | |6FFD0000|ntshrui.dll |Расширения оболочки, обеспечивающие общий доступ |6.2.18362.329 |380416 |2019-09-29 21:18:49|C:\Windows\System32\ | |70040000|dnsapi.dll |Динамическая библиотека API DNS-клиента |6.2.18362.267 |588256 |2019-09-29 21:18:37|C:\Windows\System32\ | |702A0000|rmclient.dll |Resource Manager Client |6.2.18362.267 |116728 |2019-09-29 21:18:34|C:\Windows\System32\ | |702C0000|twinapi.appcore.dll |twinapi.appcore |6.2.18362.1 |1985928 |2019-03-19 11:45:16|C:\Windows\System32\ | |704B0000|DXCore.dll |DXCore |6.2.18362.1 |85416 |2019-03-19 11:45:16|C:\Windows\System32\ | |704D0000|dxgi.dll |DirectX Graphics Infrastructure |6.2.18362.329 |775768 |2019-09-29 21:18:21|C:\Windows\System32\ | |705A0000|dcomp.dll |Microsoft DirectComposition Library |6.2.18362.145 |1473488 |2019-09-29 21:18:36|C:\Windows\System32\ | |70710000|d3d11.dll |Direct3D 11 Runtime |6.2.18362.329 |1957000 |2019-09-29 21:18:21|C:\Windows\System32\ | |708F0000|dataexchange.dll |Data exchange |6.2.18362.1 |182784 |2019-03-19 11:45:13|C:\Windows\System32\ | |72190000|cscapi.dll |Offline Files Win32 API |6.2.18362.1 |40960 |2019-03-19 11:45:32|C:\Windows\System32\ | |72280000|olepro32.dll |OLEPRO32.DLL |6.2.18362.113 |88064 |2019-09-29 21:18:48|C:\Windows\System32\ | |72900000|avrt.dll |Среда выполнения мультимедиа в реальном времени |6.2.18362.1 |27536 |2019-03-19 11:45:07|C:\Windows\System32\ | |72910000|devobj.dll |Device Information Set DLL |6.2.18362.1 |137864 |2019-03-19 11:45:22|C:\Windows\System32\ | |72940000|rsaenh.dll |Microsoft Enhanced Cryptographic Provider |6.2.18362.1 |185912 |2019-03-19 11:45:22|C:\Windows\System32\ | |72BD0000|srvcli.dll |Server Service Client DLL |6.2.18362.1 |74864 |2019-03-19 11:45:22|C:\Windows\System32\ | |72C60000|wkscli.dll |Workstation Service Client DLL |6.2.18362.1 |58336 |2019-03-19 11:45:22|C:\Windows\System32\ | |72CA0000|dhcpcsvc.dll |Служба DHCP-клиента |6.2.18362.267 |70144 |2019-09-29 21:18:37|C:\Windows\System32\ | |73000000|linkinfo.dll |Windows Volume Tracking |6.2.18362.1 |23552 |2019-03-19 11:45:32|C:\Windows\System32\ | |73010000|dhcpcsvc6.DLL |Клиент DHCPv6 |6.2.18362.267 |58368 |2019-09-29 21:18:37|C:\Windows\System32\ | |73030000|rasadhlp.dll |Remote Access AutoDial Helper |6.2.18362.1 |12800 |2019-03-19 11:45:30|C:\Windows\System32\ | |73060000|nlaapi.dll |Network Location Awareness 2 |6.2.18362.1 |70144 |2019-03-19 11:45:29|C:\Windows\System32\ | |73550000|wshbth.dll |Windows Sockets Helper DLL |6.2.18362.1 |50688 |2019-03-19 11:45:17|C:\Windows\System32\ | |73560000|mswsock.dll |Расширение поставщика службы API Microsoft Windows Sockets 2.0|6.2.18362.1 |324920 |2019-03-19 11:45:20|C:\Windows\System32\ | |735C0000|pnrpnsp.dll |Поставщик пространства имен PNRP |6.2.18362.1 |70656 |2019-03-19 11:46:09|C:\Windows\System32\ | |735E0000|FWPUCLNT.DLL |API пользовательского режима FWP/IPsec |6.2.18362.113 |311296 |2019-09-29 21:18:34|C:\Windows\System32\ | |73770000|NapiNSP.dll |Поставщик оболочки совместимости для имен электронной почты |6.2.18362.1 |54784 |2019-03-19 11:45:12|C:\Windows\System32\ | |73880000|msimg32.dll |GDIEXT Client DLL |6.2.18362.175 |7168 |2019-09-29 21:18:39|C:\Windows\System32\ | |738C0000|winrnr.dll |LDAP RnR Provider DLL |6.2.18362.1 |23552 |2019-03-19 11:45:22|C:\Windows\System32\ | |738D0000|idndl.dll |Downlevel DLL |6.2.18362.1 |7680 |2019-03-19 11:45:25|C:\Windows\System32\ | |73B80000|iertutil.dll |Служебная программа времени выполнения для Internet Explorer |11.0.18362.329 |2258640 |2019-09-29 21:18:40|C:\Windows\System32\ | |73F60000|dwmapi.dll |Интерфейс API диспетчера окон рабочего стола (Майкрософт) |6.2.18362.267 |135000 |2019-09-29 21:18:36|C:\Windows\System32\ | |74360000|winsta.dll |Winstation Library |6.2.18362.53 |279624 |2019-09-29 21:18:17|C:\Windows\System32\ | |743B0000|wtsapi32.dll |Windows Remote Desktop Session Host Server SDK APIs |6.2.18362.1 |52872 |2019-03-19 11:45:10|C:\Windows\System32\ | |743C0000|uxtheme.dll |Библиотека тем UxTheme (Microsoft) |6.2.18362.329 |476672 |2019-09-29 21:18:17|C:\Windows\System32\ | |74440000|samcli.dll |Security Accounts Manager Client DLL |6.2.18362.1 |70144 |2019-03-19 11:45:22|C:\Windows\System32\ | |74460000|msacm32.dll |Фильтр диспетчера аудиосжатия Microsoft |6.2.18362.1 |93680 |2019-03-19 11:45:07|C:\Windows\System32\ | |74480000|bass.dll |BASS |2.4.14.0 |127669 |2019-01-16 15:34:32|D:\USER\MyChat\ | |744E0000|comctl32.dll |Библиотека элементов управления взаимодействия с пользователем|6.10.18362.356 |2146104 |2019-09-29 21:18:46|C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.356_none_2e71e654278b50d2\ | |746F0000|propsys.dll |Система страниц свойств (Майкрософт) |7.0.18362.267 |800048 |2019-09-29 21:18:33|C:\Windows\System32\ | |747C0000|GdiPlus.dll |Microsoft GDI+ |6.2.18362.356 |1458176 |2019-09-29 21:18:32|C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.356_none_5f5cd939821dcaa0\ | |74930000|IPHLPAPI.DLL |API вспомогательного приложения IP |6.2.18362.1 |196776 |2019-03-19 11:45:20|C:\Windows\System32\ | |74970000|oleacc.dll |Active Accessibility Core Component |7.2.18362.1 |320000 |2019-03-19 11:45:30|C:\Windows\System32\ | |749D0000|winmm.dll |MCI API DLL |6.2.18362.1 |134320 |2019-03-19 11:45:07|C:\Windows\System32\ | |74A00000|netutils.dll |Net Win32 API Helpers DLL |6.2.18362.1 |37160 |2019-03-19 11:45:22|C:\Windows\System32\ | |74A10000|WINMMBASE.dll |Base Multimedia Extension API DLL |6.2.18362.1 |131176 |2019-03-19 11:45:07|C:\Windows\System32\ | |74A40000|netapi32.dll |Net Win32 API DLL |6.2.18362.1 |68680 |2019-03-19 11:45:10|C:\Windows\System32\ | |74A60000|wsock32.dll |Windows Socket 32-Bit DLL |6.2.18362.1 |16384 |2019-03-19 11:45:12|C:\Windows\System32\ | |74A70000|winspool.drv |Драйвер диспетчера очереди Windows |6.2.18362.267 |415232 |2019-09-29 21:18:15|C:\Windows\System32\ | |74AE0000|comctl32.dll |Библиотека общих элементов управления |5.82.18362.356 |568120 |2019-09-29 21:18:46|C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.18362.356_none_71d539095ae5ad3b\| |74B70000|mpr.dll |Библиотека маршрутизации для нескольких служб доступа |6.2.18362.1 |89856 |2019-03-19 11:45:22|C:\Windows\System32\ | |74B90000|version.dll |Version Checking and File Installation Libraries |6.2.18362.1 |27328 |2019-03-19 11:45:32|C:\Windows\System32\ | |74BA0000|CRYPTBASE.dll |Base cryptographic API DLL |6.2.18362.1 |31752 |2019-03-19 11:45:07|C:\Windows\System32\ | |74BB0000|sspicli.dll |Security Support Provider Interface |6.2.18362.1 |121888 |2019-03-19 11:45:07|C:\Windows\System32\ | |74BD0000|ws2_32.dll |32-разрядная библиотека Windows Socket 2.0 |6.2.18362.1 |379112 |2019-03-19 11:45:07|C:\Windows\System32\ | |74C30000|advapi32.dll |Расширенная библиотека API Windows 32 |6.2.18362.329 |488056 |2019-09-29 21:18:16|C:\Windows\System32\ | |74CB0000|normaliz.dll |Unicode Normalization DLL |6.2.18362.1 |5120 |2019-03-19 11:45:22|C:\Windows\System32\ | |74CC0000|psapi.dll |Process Status Helper |6.2.18362.1 |17008 |2019-03-19 11:45:19|C:\Windows\System32\ | |74CD0000|shell32.dll |Общая библиотека оболочки Windows |6.2.18362.356 |5762032 |2019-09-29 21:18:50|C:\Windows\System32\ | |75250000|bcryptPrimitives.dll |Windows Cryptographic Primitives Library |6.2.18362.295 |386320 |2019-09-29 21:17:44|C:\Windows\System32\ | |752B0000|comdlg32.dll |Библиотека общих диалоговых окон |6.2.18362.329 |691712 |2019-09-29 21:18:49|C:\Windows\System32\ | |75360000|msvcp_win.dll |Microsoft® C Runtime Library |6.2.18362.267 |500992 |2019-09-29 21:18:37|C:\Windows\System32\ | |753E0000|kernel32.dll |Библиотека клиента Windows NT BASE API |6.2.18362.329 |628400 |2019-09-29 21:18:18|C:\Windows\System32\ | |754C0000|ole32.dll |Microsoft OLE для Windows |6.2.18362.113 |1007160 |2019-09-29 21:18:36|C:\Windows\System32\ | |755C0000|user32.dll |Многопользовательская библиотека клиента USER API Windows |6.2.18362.267 |1661544 |2019-09-29 21:18:35|C:\Windows\System32\ | |75760000|powrprof.dll |DLL модуля поддержки профиля управления питанием |6.2.18362.1 |267528 |2019-03-19 11:45:22|C:\Windows\System32\ | |757B0000|shlwapi.dll |Библиотека небольших программ оболочки |6.2.18362.1 |275240 |2019-03-19 11:45:32|C:\Windows\System32\ | |75900000|gdi32full.dll |GDI Client DLL |6.2.18362.356 |1413624 |2019-09-29 21:18:39|C:\Windows\System32\ | |75AC0000|imagehlp.dll |Windows NT Image Helper |6.2.18362.1 |97816 |2019-03-19 11:44:36|C:\Windows\System32\ | |75AE0000|kernel.appcore.dll |AppModel API Host |6.2.18362.1 |51336 |2019-03-19 11:45:16|C:\Windows\System32\ | |75AF0000|sechost.dll |Host for SCM/SDDL/LSA Lookup APIs |6.2.18362.267 |478800 |2019-09-29 21:18:15|C:\Windows\System32\ | |75BC0000|oleaut32.dll |OLEAUT32.DLL |6.2.18362.329 |593112 |2019-09-29 21:18:38|C:\Windows\System32\ | |75CF0000|combase.dll |Microsoft COM для Windows |6.2.18362.356 |2586816 |2019-09-29 21:18:37|C:\Windows\System32\ | |75F70000|KERNELBASE.dll |Библиотека клиента Windows NT BASE API |6.2.18362.356 |2081976 |2019-09-29 21:17:44|C:\Windows\System32\ | |76170000|cryptsp.dll |Cryptographic Service Provider API |6.2.18362.1 |68192 |2019-03-19 11:45:20|C:\Windows\System32\ | |761F0000|imm32.dll |Multi-User Windows IMM32 API Client DLL |6.2.18362.1 |143568 |2019-03-19 11:45:22|C:\Windows\System32\ | |76220000|profapi.dll |User Profile Basic API |6.2.18362.1 |85416 |2019-03-19 11:45:07|C:\Windows\System32\ | |76240000|nsi.dll |NSI User-mode interface DLL |6.2.18362.1 |20352 |2019-03-19 11:44:36|C:\Windows\System32\ | |76250000|msvcrt.dll |Windows NT CRT DLL |7.0.18362.1 |776472 |2019-03-19 11:45:07|C:\Windows\System32\ | |76310000|clbcatq.dll |COM+ Configuration Catalog |2001.12.10941.16384|512304 |2019-03-19 11:45:19|C:\Windows\System32\ | |767F0000|gdi32.dll |GDI Client DLL |6.2.18362.1 |127552 |2019-03-19 11:45:16|C:\Windows\System32\ | |76820000|rpcrt4.dll |Библиотека удаленного вызова процедур |6.2.18362.1 |768488 |2019-03-19 11:45:07|C:\Windows\System32\ | |768E0000|win32u.dll |Win32u |6.2.18362.356 |89328 |2019-09-29 21:18:35|C:\Windows\System32\ | |76900000|SHCore.dll |SHCORE |6.2.18362.1 |538160 |2019-03-19 11:45:19|C:\Windows\System32\ | |76B00000|msctf.dll |Серверная библиотека MSCTF |6.2.18362.356 |1054656 |2019-09-29 21:18:16|C:\Windows\System32\ | |76C10000|umpdc.dll | | |46656 |2019-03-19 11:45:16|C:\Windows\System32\ | |76C80000|ucrtbase.dll |Microsoft® C Runtime Library |6.2.18362.267 |1178608 |2019-09-29 21:18:37|C:\Windows\System32\ | |76DA0000|windows.storage.dll |API хранения Microsoft WinRT |6.2.18362.356 |6081744 |2019-09-29 21:18:33|C:\Windows\System32\ | |77370000|cfgmgr32.dll |Configuration Manager DLL |6.2.18362.1 |236520 |2019-03-19 11:45:22|C:\Windows\System32\ | |773B0000|bcrypt.dll |Библиотека криптографических примитивов Windows |6.2.18362.267 |96032 |2019-09-29 21:18:37|C:\Windows\System32\ | |773E0000|ntdll.dll |Системная библиотека NT |6.2.18362.356 |1664168 |2019-09-29 21:18:15|C:\Windows\System32\ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Processes Information: ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |ID |Name |Description |Version |Memory |Priority |Threads|Path | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |0 |[System Process] | | |0 | |2 | | |4 |System | | |0 |Normal |142 | | |88 |Registry | | |0 |Normal |4 | | |272 |svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |8 | | |344 |smss.exe | | |0 |Above-Normal|2 | | |480 |svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |5 | | |576 |csrss.exe | | |0 |High |10 | | |588 |ShellExperienceHost.exe |Windows Shell Experience Host |6.2.18362.329 |59047936 |Normal |12 |C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ | |660 |wininit.exe | | |0 |High |1 | | |732 |mcclient.exe | |7.7.0.0 |28196864 |Normal |5 |D:\USER\MyChat\ | |772 |ctfmon.exe |CTF-загрузчик |6.2.18362.1 |19816448 |High |8 |C:\Windows\System32\ | |796 |services.exe | | |0 |Normal |7 | | |804 |lsass.exe | | |0 |Normal |8 | | |864 |svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |18132992 |Normal |4 |C:\Windows\System32\ | |868 |svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |10 | | |912 |fontdrvhost.exe |Usermode Font Driver Host |6.2.18362.356 |0 |Normal |5 | | |920 |svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |2 | | |988 |svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |12 | | |1128|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |11 | | |1136|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |3 | | |1164|SearchUI.exe |Search and Cortana application |6.2.18362.329 |46178304 |Normal |29 |C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ | |1176|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |3 | | |1184|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |4 | | |1252|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |3 | | |1328|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |7 | | |1364|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |2 | | |1392|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |3 | | |1444|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |6 | | |1544|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |3 | | |1600|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |6 | | |1652|fontdrvhost.exe |Usermode Font Driver Host |6.2.18362.356 |0 |Normal |5 | | |1672|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |5 | | |1692|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |7 | | |1716|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |3 | | |1792|Memory Compression | | |0 |Normal |62 | | |1804|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |6 | | |1816|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |2 | | |1852|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |3 | | |1872|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |6 | | |1896|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |4 | | |1936|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |13 | | |1952|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |9 | | |1964|firefox.exe |Firefox |70.0.1.7242 |122363904|Normal |18 |C:\Program Files\Mozilla Firefox\ | |1992|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |9 | | |2028|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |8 | | |2072|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |2 | | |2140|dasHost.exe | | |0 |Normal |3 | | |2204|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |6 | | |2324|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |11 | | |2384|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |4 | | |2452|spoolsv.exe | | |0 |Normal |10 | | |2464|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |4 | | |2516|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |12 | | |2544|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |5 | | |2708|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |6 | | |2716|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |12 | | |2732|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |15 | | |2752|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |9 | | |2772|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |8 | | |2776|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |6 | | |2784|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |3 | | |2864|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |2 | | |2872|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |5 | | |2892|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |3 | | |2904|UpdaterDisabler.exe | | |0 |Normal |2 | | |2912|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |7 | | |2928|winvnc.exe | | |0 |Normal |2 | | |2996|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |5 | | |3024|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |5 | | |3160|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |12 | | |3212|splwow64.exe |Print driver host for applications |6.2.18362.239 |11390976 |Normal |4 |C:\Windows\ | |3288|firefox.exe |Firefox |70.0.1.7242 |47345664 |Low |17 |C:\Program Files\Mozilla Firefox\ | |3380|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |19869696 |Normal |4 |C:\Windows\System32\ | |3436|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |2 | | |3560|MicrosoftEdgeSH.exe | | |9605120 |Normal |9 |C:\Windows\System32\ | |3852|explorer.exe |Проводник |6.2.18362.329 |95551488 |Normal |51 |C:\Windows\ | |3900|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |2 | | |3972|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |6 | | |4068|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |5 | | |4084|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |10 | | |4132|WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe|WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe|6.2.18362.329 |41050112 |Normal |10 |C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\ | |4172|dasHost.exe | | |0 |Normal |1 | | |4204|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |19070976 |Normal |8 |C:\Windows\System32\ | |4252|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |5 | | |4304|audiodg.exe | | |13463552 |Normal |8 |C:\Windows\System32\ | |4472|SgrmBroker.exe | | |0 |Normal |5 | | |4516|winvnc.exe | | |0 |Normal |7 | | |4528|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |4 | | |4656|StartMenuExperienceHost.exe | | |54050816 |Normal |8 |C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\| |4680|firefox.exe |Firefox |70.0.1.7242 |47554560 |Normal |8 |C:\Program Files\Mozilla Firefox\ | |4688|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |4 | | |4704|csrss.exe | | |0 |High |13 | | |4736|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |3 | | |4848|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |9 | | |4908|browser_broker.exe | | |7704576 |Normal |2 |C:\Windows\System32\ | |4948|RuntimeBroker.exe | | |14524416 |Normal |2 |C:\Windows\System32\ | |5004|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |2 | | |5016|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |24264704 |Normal |3 |C:\Windows\System32\ | |5256|HWDeviceService64.exe | | |0 |Normal |4 | | |5264|YandexDisk.exe |Яндекс.Диск |1.4.22.5513 |56799232 |Normal |37 |C:\Users\Manager\AppData\Roaming\Yandex\YandexDisk\ | |5316|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |3 | | |5448|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |4 | | |5656|firefox.exe |Firefox |70.0.1.7242 |297402368|Normal |24 |C:\Program Files\Mozilla Firefox\ | |5676|soffice.exe |OpenOffice 4.1.6 |4.0.9790.500 |6823936 |Normal |1 |D:\USER\OpenOffice\program\ | |5904|firefox.exe |Firefox |70.0.1.7242 |458452992|Normal |53 |C:\Program Files\Mozilla Firefox\ | |5984|SecurityHealthSystray.exe | | |8130560 |Normal |1 |C:\Windows\System32\ | |6060|SearchIndexer.exe |Индексатор службы Microsoft Windows Search |7.0.18362.329 |0 |Normal |15 | | |6196|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |8 | | |6608|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |2 | | |6784|RuntimeBroker.exe | | |12509184 |Normal |1 |C:\Windows\System32\ | |6820|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |4 | | |6824|SecurityHealthService.exe | | |0 |Normal |47 | | |6844|soffice.bin |OpenOffice 4.1.6 |4.0.9790.500 |30380032 |Normal |5 |D:\USER\OpenOffice\program\ | |6956|dwm.exe | | |0 |High |14 | | |7004|RuntimeBroker.exe | | |7053312 |Normal |1 |C:\Windows\System32\ | |7084|MicrosoftEdge.exe |Microsoft Edge |11.0.18362.329|10063872 |Normal |34 |C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\ | |7132|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |4 | | |7280|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |4 | | |7528|sihost.exe | | |23523328 |Normal |8 |C:\Windows\System32\ | |8016|svchost.exe |Хост-процесс для служб Windows |6.2.18362.1 |0 |Normal |15 | | |8228|RuntimeBroker.exe | | |23392256 |Normal |3 |C:\Windows\System32\ | |8312|firefox.exe |Firefox |70.0.1.7242 |256176128|Normal |18 |C:\Program Files\Mozilla Firefox\ | |8524|NisSrv.exe | | |0 |Normal |6 | | |8636|MsMpEng.exe | | |0 |Normal |23 | | |8700|RuntimeBroker.exe | | |15126528 |Normal |2 |C:\Windows\System32\ | |8704|mcclient.exe | |7.7.0.0 |61304832 |Normal |14 |D:\USER\MyChat\ | |9260|1cv8c.exe |1cv8c |8.3.14.1779 |171536384|Normal |9 |C:\Program Files (x86)\1cv8\8.3.14.1779\bin\ | |9536|winlogon.exe | | |0 |High |5 | | |9612|MicrosoftEdgeCP.exe | | |22298624 |Normal |16 |C:\Windows\System32\ | |9648|taskhostw.exe | | |12627968 |Normal |8 |C:\Windows\System32\ | |9764|firefox.exe |Firefox |70.0.1.7242 |51830784 |Low |17 |C:\Program Files\Mozilla Firefox\ | |9996|ApplicationFrameHost.exe | | |22962176 |Normal |2 |C:\Windows\System32\ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Assembler Information: -------------------------------------------------------------------------- ; Base Address: $40B000, Allocation Base: $400000, Region Size: 13922304 ; Allocation Protect: PAGE_EXECUTE_WRITECOPY, Protect: PAGE_EXECUTE_READ ; State: MEM_COMMIT, Type: MEM_IMAGE ; ; ; System._UStrClr (Line=0 - Offset=12) ; ------------------------------------ 0040B368 8B4AF8 MOV ECX, [EDX-8] 0040B36B 49 DEC ECX 0040B36C 7C10 JL +$10 ; ($0040B37E) System._UStrClr (Line=0) 0040B36E ?? ; unaccessible location Registers: ----------------------------- EAX: 0D022C2C EDI: 0C975234 EBX: 0D022C2C ESI: 071386CE ECX: 0000000E EBP: 0019FB10 EDX: 00000001 ESP: 0019FAF4 EIP: 0040B38C FLG: 00010202 EXP: 0040B38C STK: 0019FAF4 Stack: Memory Dump: ------------------ --------------------------------------------------------------------------- 09165D44: 04A826C0 0040B38C: 8B 4A F8 49 7C 10 F0 FF 4A F8 75 0A 50 8D 42 F4 .J.I|...J.u.P.B. 09165D40: 0000004A 0040B39C: E8 2F B7 FF FF 58 C3 90 8B 10 85 D2 74 0E C7 00 ./...X......t... 09165D3C: 00000000 0040B3AC: 00 00 00 00 50 52 E8 ED 97 FF FF 58 C3 8D 40 00 ....PR.....X..@. 09165D38: 0019FB44 0040B3BC: 53 56 89 C3 89 D6 8B 13 85 D2 74 1A C7 03 00 00 SV........t..... 09165D34: 011347A4 0040B3CC: 00 00 8B 4A F8 49 7C 0E F0 FF 4A F8 75 08 8D 42 ...J.I|...J.u..B 09165D30: 0019FB50 0040B3DC: F4 E8 EE B6 FF FF 83 C3 04 4E 75 DA 5E 5B C3 90 .........Nu.^[.. 09165D2C: 0D022C2C 0040B3EC: 53 56 89 C3 89 D6 8B 13 85 D2 74 1A C7 03 00 00 SV........t..... 09165D28: 0113474E 0040B3FC: 00 00 8B 4A F8 49 7C 0E F0 FF 4A F8 75 08 8D 42 ...J.I|...J.u..B 09165D24: 0019FB44 0040B40C: F4 E8 BE B6 FF FF 83 C3 04 4E 75 DA 5E 5B C3 90 .........Nu.^[.. 09165D20: 00000006 0040B41C: 53 56 89 C3 89 D6 8B 03 85 C0 74 0C C7 03 00 00 SV........t..... 09165D1C: 00000011 0040B42C: 00 00 50 E8 70 97 FF FF 83 C3 04 4E 75 E8 5E 5B ..P.p......Nu.^[ 09165D18: 0040C8E5 0040B43C: C3 8D 40 00 85 C0 74 0A 8B 50 F8 42 7E 04 F0 FF ..@...t..P.B~... 09165D14: 00000011 0040B44C: 40 F8 C3 90 85 C0 74 0A 8B 50 F8 42 7E 04 F0 FF @.....t..P.B~... 09165D10: 0000000B 0040B45C: 40 F8 C3 90 8B 10 85 D2 74 18 50 8B 4A FC D1 E9 @.......t.P.J... 09165D0C: 071386C4 0040B46C: 51 52 E8 21 97 FF FF 5A 85 C0 0F 84 C0 FE FF FF QR.!...Z........ 09165D08: 0040B50E 0040B47C: 89 02 C3 90 55 8B EC 53 56 8B 75 08 85 F6 75 06 ....U..SV.u...u.