EurekaLog 7.9.0.0 D1ABA1B7D457384FACF27851A4CB5B98 243750AAB682C049909AEBD650CF56C5 DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 B4596F7D6A21BA4F81A30F589E36EDA2 Application: ------------------------------------------------------------------------- 1.1 Start Date : Fri, 27 Nov 2020 12:56:52 +0300 1.2 Name/Description: mcclient.exe - (mcclient) 1.3 Version Number : 8.2.0.2 1.4 Parameters : 1.5 Compilation Date: Wed, 25 Nov 2020 15:13:34 +0300 1.6 Up Time : 10 second(s) 1.7 Elevated : 1 1.10 RAM : 148365312 (141,49 Mb); Max: 157577216 (150,28 Mb) 1.11 Private : 116039680 (110,66 Mb); Max: 116060160 (110,68 Mb) 1.12 Virtual : 308834304 (294,53 Mb) Exception: -------------------------------------------------------------------------------- 2.1 Date : Fri, 27 Nov 2020 12:57:02 +0300 2.2 Address : 00FC7724 2.3 Module Name : mcclient.exe - (mcclient) 2.4 Module Version: 8.2.0.2 2.5 Type : ENetHTTPClientException 2.6 Message : Error sending data: (12175) Произошла ошибка безопасности. 2.7 ID : 86D51E17 2.8 Count : 1 2.9 Status : New 2.10 Note : 2.11 Sent : 1 User: ---------------------------------------------------------------- 3.1 ID : bkp 3.2 Name : abc 3.3 Email : 3.4 Company : 3.5 Privileges: SeLockMemoryPrivilege - OFF SeIncreaseQuotaPrivilege - OFF SeSecurityPrivilege - OFF SeTakeOwnershipPrivilege - OFF SeLoadDriverPrivilege - OFF SeSystemProfilePrivilege - OFF SeSystemtimePrivilege - OFF SeProfileSingleProcessPrivilege - OFF SeIncreaseBasePriorityPrivilege - OFF SeCreatePagefilePrivilege - OFF SeBackupPrivilege - OFF SeRestorePrivilege - OFF SeShutdownPrivilege - OFF SeDebugPrivilege - ON SeSystemEnvironmentPrivilege - OFF SeChangeNotifyPrivilege - ON (default) SeRemoteShutdownPrivilege - OFF SeUndockPrivilege - OFF SeManageVolumePrivilege - OFF SeImpersonatePrivilege - ON (default) SeCreateGlobalPrivilege - ON (default) SeIncreaseWorkingSetPrivilege - OFF SeTimeZonePrivilege - OFF SeCreateSymbolicLinkPrivilege - OFF 3.6 Admin : limited 3.7 Restricted: 0 Active Controls: -------------------------------------- 4.1 Form Class : TFormDownloadFile 4.2 Form Text : Загрузка файла... 4.3 Control Class: TFormDownloadFile 4.4 Control Text : Загрузка файла... Computer: --------------------------------------------------------------------------------------------------------------------- 5.1 Name : BUMBLE 5.2 Total Memory : 8529248256 (7,94 Gb) 5.3 Free Memory : 930992128 (887,86 Mb) 5.4 Total Disk : 999878029312 (931,21 Gb) 5.5 Free Disk : 287125626880 (267,41 Gb) 5.6 System Up Time : 2 day(s), 45 minute(s), 0 second(s) / 2 day(s), 45 minute(s), 4 second(s) 5.7 Processor : Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz 5.8 Display Mode : \\.\DISPLAY1[PRIMARY]: 1920x1080x32 96 DPI @ 0x0, \\.\DISPLAY2: 1920x1200x32 96 DPI @ 0x-1200 5.9 Display DPI : 96 5.10 Video Card : NVIDIA GeForce GTX 1050 Ti (driver 24.21.13.9793 - RAM 4293918720) 5.11 Printer : Xerox WorkCentre 3210 PCL 6 (driver 5.2.3790.1830) 5.12 Virtual Machine: 5.13 System Idle : few seconds Operating System: ---------------------------------------------------- 6.1 Type : Microsoft Windows 7 (64 bit) 6.2 Build # : 7601 (6.1.7601.18015) 6.3 Update : Service pack 1 6.4 Language : Russian (0419) 6.5 Charset : 204/1251 6.6 Install Language: Russian (0419) 6.7 UI Language : Russian (0419) 6.8 Edition : Media Center Professional 6.9 UAC : 0 Network: -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 7.1 IP Address : fe80::7c73:7950:c312:9895%21 - 169.254.152.149 - 192.168.001.077 - fe80::e4b4:23a6:94a:9fc8%16 - 169.254.159.200 - fe80::5efe:169.254.159.200%17 - fe80::100:7f:fffe%13 - fe80::5efe:192.168.1.77%18 7.2 Submask : /64 - 255.255.000.000 - 255.255.255.000 - /64 - 255.255.000.000 - /128 - /64 - /128 7.3 Gateway : - 000.000.000.000 - 192.168.001.254 - - 000.000.000.000 - - - 7.4 DNS 1 : fec0:0:0:ffff::1%1 - 000.000.000.000 - 208.067.222.222 - fec0:0:0:ffff::1%1 - 000.000.000.000 - fec0:0:0:ffff::1%1 - - 7.5 DNS 2 : fec0:0:0:ffff::2%1 - 000.000.000.000 - 208.067.220.220 - fec0:0:0:ffff::2%1 - 000.000.000.000 - fec0:0:0:ffff::2%1 - - 7.6 DHCP : ON - ON - OFF - OFF - - OFF - OFF 7.7 Description: [UNPLGGD] Подключение по локальной сети 5 - Подключение по - VirtualBox Host-Only Network - [UNPLGGD] TUNNEL : is - - [UNPLGGD] TUNNEL - [UNPLGGD] TUNNEL : Steps to reproduce: ------------ 8.1 Text: Custom Information: --------------------------------------------------------------------- 9.1 ServerHWID: 386705330_5026_6-14-9-652345520 9.2 License : COMMERCIAL 9.3 ClientHWID: 1931472945A420201340C205C40A40F426360120225A4D5F40A Call Stack Information: ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |Methods |Details|Stack |Address |Module |Offset |Source |Unit |Class |Procedure/Method |Line | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |*Exception Thread: ID=5012; Parent=0; Priority=0 | |Class=; Name=MAIN | |DeadLock=0; Wait Chain= | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|00FC7724|mcclient.exe |00BC7724|System.Net.HttpClient.Win.pas |System.Net.HttpClient.Win |TWinHTTPClient |HandleExecuteError | | |00000060|03 |0018F6F0|00FC79E9|mcclient.exe |00BC79E9|System.Net.HttpClient.Win.pas |System.Net.HttpClient.Win |TWinHTTPClient |DoExecuteRequest | | |00000020|03 |0018F72C|00527A9C|mcclient.exe |00127A9C|System.Classes.pas |System.Classes |TMemoryStream |SetSize | | |00000060|03 |0018F754|00FD2956|mcclient.exe |00BD2956|System.Net.HttpClient.pas |System.Net.HttpClient |THTTPClient |ExecuteHTTPInternal | | |00000060|03 |0018F810|00FD2C30|mcclient.exe |00BD2C30|System.Net.HttpClient.pas |System.Net.HttpClient |THTTPClient |ExecuteHTTP | | |00000060|03 |0018F820|00FD1CC2|mcclient.exe |00BD1CC2|System.Net.HttpClient.pas |System.Net.HttpClient |THTTPClient |Execute | | |00000060|03 |0018F85C|00FD26C1|mcclient.exe |00BD26C1|System.Net.HttpClient.pas |System.Net.HttpClient |THTTPClient |DoExecute | | |00000060|03 |0018F888|00FD38C4|mcclient.exe |00BD38C4|System.Net.HttpClient.pas |System.Net.HttpClient |THTTPClient |Head | | |00000060|04 |0018F8E0|00FDD360|mcclient.exe |00BDD360|fm_LoadAnyFileFromServer.pas |fm_LoadAnyFileFromServer |TFormDownloadFile |StartDownload |230[6] | |00000060|04 |0018F924|00FDCDDF|mcclient.exe |00BDCDDF|fm_LoadAnyFileFromServer.pas |fm_LoadAnyFileFromServer |TFormDownloadFile |Create |165[13] | |00000060|04 |0018F94C|01015772|mcclient.exe |00C15772|myOnChatMessageClickEvents.pas|myOnChatMessageClickEvents| |OnClickImage |335[45] | |00000060|04 |0018F9CC|0111A062|mcclient.exe |00D1A062|inpdataedittools.pas |inpdataedittools | |UniversalOnRVMouseUp |4244[53] | |00000060|04 |0018FA30|0101481C|mcclient.exe |00C1481C|FrameConversation.pas |FrameConversation |TConversationFrame |rvRVMouseUp |1903[1] | |00000060|04 |0018FA54|00B0A8AB|mcclient.exe |0070A8AB|RVRVData.pas |RVRVData |TRichViewRVData |DoRVMouseUp |465[2] | |00000060|04 |0018FA78|00B59389|mcclient.exe |00759389|CRVFData.pas |CRVFData |TCustomRVFormattedData |MouseUp |8709[88] | |00000020|03 |0018FACC|0069204A|mcclient.exe |0029204A|Vcl.Controls.pas |Vcl.Controls |TWinControl |GetAllocatedWindowHandle | | |00000020|03 |0018FAD4|0068587F|mcclient.exe |0028587F|Vcl.Controls.pas |Vcl.Controls |TControl |GetCurrentPPI | | |00000060|04 |0018FAF4|00A683C9|mcclient.exe |006683C9|RVCtrlData.pas |RVCtrlData |TRVControlData |MouseUp |390[2] | |00000060|04 |0018FB10|00B197B4|mcclient.exe |007197B4|RichView.pas |RichView |TCustomRichView |MouseUp |2342[12] | |00000020|03 |0018FB2C|74DA29BD|user32.dll |000229BD|USER32.dll |USER32 | | (possible GetKeyState+158) | | |00000020|03 |0018FB30|74DA29A1|user32.dll |000229A1|USER32.dll |USER32 | | (possible GetKeyState+130) | | |00000060|03 |0018FB4C|00688020|mcclient.exe |00288020|Vcl.Controls.pas |Vcl.Controls |TControl |DoMouseUp | | |00000020|03 |0018FB64|006880AE|mcclient.exe |002880AE|Vcl.Controls.pas |Vcl.Controls |TControl |WMLButtonUp | | |00000020|03 |0018FBA0|00687696|mcclient.exe |00287696|Vcl.Controls.pas |Vcl.Controls |TControl |WndProc | | |00000020|03 |0018FBE4|74D96F99|user32.dll |00016F99|USER32.dll |USER32 | | (possible GetThreadDesktop+822) | | |00000020|03 |0018FBF4|0040B35F|mcclient.exe |0000B35F|System.pas |System |TMonitor |TryEnter | | |00000020|03 |0018FBFC|0040AEAC|mcclient.exe |0000AEAC|System.pas |System |TMonitor |Enter | | |00000020|03 |0018FC04|76505752|gdi32.dll |00015752|GDI32.dll |GDI32 | | (possible DeleteObject+201) | | |00000020|03 |0018FC0C|0040AD18|mcclient.exe |0000AD18|System.pas |System |TMonitor |CheckOwningThread | | |00000020|03 |0018FC14|0068C180|mcclient.exe |0028C180|Vcl.Controls.pas |Vcl.Controls |TWinControl |WndProc | | |00000020|03 |0018FC20|0040B096|mcclient.exe |0000B096|System.pas |System |TMonitor |Exit | | |00000020|03 |0018FC38|0040B384|mcclient.exe |0000B384|System.pas |System |TMonitor |TryEnter | | |00000020|03 |0018FC40|0040AEAC|mcclient.exe |0000AEAC|System.pas |System |TMonitor |Enter | | |00000020|03 |0018FC50|0040AD18|mcclient.exe |0000AD18|System.pas |System |TMonitor |CheckOwningThread | | |00000020|03 |0018FC58|0040B03A|mcclient.exe |0000B03A|System.pas |System |TMonitor |Exit | | |00000020|03 |0018FC64|0040B096|mcclient.exe |0000B096|System.pas |System |TMonitor |Exit | | |00000020|03 |0018FC6C|006609FF|mcclient.exe |002609FF|Vcl.Graphics.pas |Vcl.Graphics | |FreeMemoryContexts | | |00000020|03 |0018FC70|00660A0A|mcclient.exe |00260A0A|Vcl.Graphics.pas |Vcl.Graphics | |FreeMemoryContexts | | |00000020|03 |0018FC7C|0068BB00|mcclient.exe |0028BB00|Vcl.Controls.pas |Vcl.Controls |TWinControl |MainWndProc | | |00000020|03 |0018FC84|0068BB15|mcclient.exe |0028BB15|Vcl.Controls.pas |Vcl.Controls |TWinControl |MainWndProc | | |00000020|03 |0018FC88|0068BB20|mcclient.exe |0028BB20|Vcl.Controls.pas |Vcl.Controls |TWinControl |MainWndProc | | |00000020|03 |0018FC90|0068BB2A|mcclient.exe |0028BB2A|Vcl.Controls.pas |Vcl.Controls |TWinControl |MainWndProc | | |00000020|03 |0018FC94|74DA0DDD|user32.dll |00020DDD|USER32.dll |USER32 | | (possible IsWindowInDestroy+56) | | |00000020|03 |0018FC98|74DA2ABC|user32.dll |00022ABC|USER32.dll |USER32 | |GetCapture | | |00000020|03 |0018FCA0|0068BCEF|mcclient.exe |0028BCEF|Vcl.Controls.pas |Vcl.Controls |TWinControl |IsControlMouseMsg | | |00000020|03 |0018FCAC|00538950|mcclient.exe |00138950|System.Classes.pas |System.Classes | |StdWndProc | | |00000060|03 |0018FCCC|0068C57E|mcclient.exe |0028C57E|Vcl.Controls.pas |Vcl.Controls |TWinControl |WndProc | | |00000020|03 |0018FCF4|763A3B55|msctf.dll |00003B55|MSCTF.dll |MSCTF | | (possible TF_Notify+312) | | |00000020|03 |0018FD0C|763BE526|msctf.dll |0001E526|MSCTF.dll |MSCTF | | (possible TF_CreateCicLoadWinStaMutex+1936)| | |00000060|04 |0018FD20|00B22205|mcclient.exe |00722205|RichView.pas |RichView |TCustomRichView |WndProc |6679[21] | |00000060|03 |0018FD34|0068BB00|mcclient.exe |0028BB00|Vcl.Controls.pas |Vcl.Controls |TWinControl |MainWndProc | | |00000020|03 |0018FD48|0068BB2A|mcclient.exe |0028BB2A|Vcl.Controls.pas |Vcl.Controls |TWinControl |MainWndProc | | |00000060|03 |0018FD64|00538950|mcclient.exe |00138950|System.Classes.pas |System.Classes | |StdWndProc | | |00000060|03 |0018FD7C|74D962F7|user32.dll |000162F7|USER32.dll |USER32 | | (possible gapfnScSendMessage+815) | | |00000060|03 |0018FDA8|74D96D35|user32.dll |00016D35|USER32.dll |USER32 | | (possible GetThreadDesktop+210) | | |00000020|03 |0018FDEC|74D96CE3|user32.dll |00016CE3|USER32.dll |USER32 | | (possible GetThreadDesktop+128) | | |00000060|03 |0018FE20|74D977BF|user32.dll |000177BF|USER32.dll |USER32 | | (possible CharPrevW+307) | | |00000020|03 |0018FE60|74D979EA|user32.dll |000179EA|USER32.dll |USER32 | |KillTimer | | |00000060|03 |0018FE80|74D97885|user32.dll |00017885|USER32.dll |USER32 | |DispatchMessageW | | |00000020|03 |0018FE90|00783A9F|mcclient.exe |00383A9F|Vcl.Forms.pas |Vcl.Forms |TApplication |ProcessMessage | | |00000020|03 |0018FEAC|00783AE2|mcclient.exe |00383AE2|Vcl.Forms.pas |Vcl.Forms |TApplication |HandleMessage | | |00000020|03 |0018FED0|00783E15|mcclient.exe |00383E15|Vcl.Forms.pas |Vcl.Forms |TApplication |Run | | |00000020|03 |0018FED8|00783E22|mcclient.exe |00383E22|Vcl.Forms.pas |Vcl.Forms |TApplication |Run | | |00000030|03 |0018FEE4|00783E5D|mcclient.exe |00383E5D|Vcl.Forms.pas |Vcl.Forms |TApplication |Run | | |00000020|04 |0018FF00|014B5513|mcclient.exe |010B5513|mcclient.dpr |mcclient | |Initialization |496[265] | |00000030|04 |0018FF08|014B554B|mcclient.exe |010B554B|mcclient.dpr |mcclient | |Initialization |501[270] | |7FFF7FFE|03 |0018FF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=12676; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ $3184 / 12676 ] is blocked | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|7734018D|ntdll.dll |0002018D|ntdll.dll |ntdll | |ZwWaitForMultipleObjects | | |00004020|03 |0491FDF8|7736F6AA|ntdll.dll |0004F6AA|ntdll.dll |ntdll | | (possible _allmul+1130) | | |7FFF7FFE|03 |0491FF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=7492; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain= | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77341F76|ntdll.dll |00021F76|ntdll.dll |ntdll | |NtWaitForWorkViaWorkerFactory | | |00004020|03 |04ABFE3C|7736FA99|ntdll.dll |0004FA99|ntdll.dll |ntdll | | (possible TpSetTimer+749) | | |7FFF7FFE|03 |04ABFF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=12912; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ $3270 / 12912 ] is blocked | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|7734018D|ntdll.dll |0002018D|ntdll.dll |ntdll | |ZwWaitForMultipleObjects | | |00004020|03 |0534FDD4|76EF176F|KERNELBASE.dll |0001176F|KERNELBASE.dll |KERNELBASE | | (possible WaitForMultipleObjectsEx+250) | | |00000060|03 |0534FE70|75C51A03|kernel32.dll |00011A03|kernel32.dll |kernel32 | |WaitForMultipleObjectsEx | | |00000020|03 |0534FE9C|006633FD|mcclient.exe |002633FD|Vcl.Graphics.pas |Vcl.Graphics |TBitmap |SetMonochrome | | |00000060|03 |0534FEB8|74DA0864|user32.dll |00020864|USER32.dll |USER32 | | (possible PeekMessageW+682) | | |00000060|03 |0534FF0C|74DA0B64|user32.dll |00020B64|USER32.dll |USER32 | |MsgWaitForMultipleObjects | | |00000060|03 |0534FF28|7459791A|GdiPlus.dll |0004791A|gdiplus.dll |gdiplus | | (possible GdipCreateSolidFill+2256) | | |00000060|03 |0534FF74|7459783D|GdiPlus.dll |0004783D|gdiplus.dll |gdiplus | | (possible GdipCreateSolidFill+2035) | | |7FFF7FFE|03 |0534FF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=5540; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain= | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77341F76|ntdll.dll |00021F76|ntdll.dll |ntdll | |NtWaitForWorkViaWorkerFactory | | |00004020|03 |091CFE3C|7736FA99|ntdll.dll |0004FA99|ntdll.dll |ntdll | | (possible TpSetTimer+749) | | |7FFF7FFE|03 |091CFF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=12384; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain= | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77341F76|ntdll.dll |00021F76|ntdll.dll |ntdll | |NtWaitForWorkViaWorkerFactory | | |00004020|03 |0930FE3C|7736FA99|ntdll.dll |0004FA99|ntdll.dll |ntdll | | (possible TpSetTimer+749) | | |7FFF7FFE|03 |0930FF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=11504; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain= | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77341F76|ntdll.dll |00021F76|ntdll.dll |ntdll | |NtWaitForWorkViaWorkerFactory | | |00004020|03 |0970FE3C|7736FA99|ntdll.dll |0004FA99|ntdll.dll |ntdll | | (possible TpSetTimer+749) | | |7FFF7FFE|03 |0970FF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=7652; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ $1DE4 / 7652 ] is blocked | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|7734018D|ntdll.dll |0002018D|ntdll.dll |ntdll | |ZwWaitForMultipleObjects | | |00004020|03 |079AFCD0|76EF176F|KERNELBASE.dll |0001176F|KERNELBASE.dll |KERNELBASE | | (possible WaitForMultipleObjectsEx+250) | | |00000020|03 |079AFD34|0040E598|mcclient.exe |0000E598|System.pas |System | |_FinalizeRecord | | |00000020|03 |079AFD3C|0040E5AB|mcclient.exe |0000E5AB|System.pas |System | |_FinalizeRecord | | |00000060|03 |079AFD6C|75C51A03|kernel32.dll |00011A03|kernel32.dll |kernel32 | |WaitForMultipleObjectsEx | | |00000020|03 |079AFDA4|746F2707|winmm.dll |00002707|winmm.dll |winmm | |timeGetTime | | |00000060|03 |079AFDB4|75C52697|kernel32.dll |00012697|kernel32.dll |kernel32 | |WaitForMultipleObjects | | |00000060|04 |079AFDD0|013F29C1|mcclient.exe |00FF29C1|DSiWin32.pas |DSiWin32 | |DSiWaitForTwoObjects |2623[3] | |00000060|04 |079AFDF0|01445EDB|mcclient.exe |01045EDB|OtlComm.pas |OtlComm |TOmniCommunicationEndpoint|ReceiveWait |574[16] | |00000060|04 |079AFE3C|0142CC59|mcclient.exe |0102CC59|OtlThreadPool.pas |OtlThreadPool |TOTPWorkerThread |GetMsg |916[4] | |00000060|04 |079AFE64|0142C6A2|mcclient.exe |0102C6A2|OtlThreadPool.pas |OtlThreadPool |TOTPWorkerThread |Execute |843[14] | |00000020|04 |079AFE78|0142C76F|mcclient.exe |0102C76F|OtlThreadPool.pas |OtlThreadPool |TOTPWorkerThread |Execute |858[29] | |00000060|03 |079AFF4C|00534C79|mcclient.exe |00134C79|System.Classes.pas |System.Classes | |ThreadProc | | |00000020|03 |079AFF54|00534C84|mcclient.exe |00134C84|System.Classes.pas |System.Classes | |ThreadProc | | |00000020|03 |079AFF60|00534CD7|mcclient.exe |00134CD7|System.Classes.pas |System.Classes | |ThreadProc | | |00000060|04 |079AFF7C|006153CC|mcclient.exe |002153CC|EThreadsManager.pas |EThreadsManager | |NakedBeginThreadWrapper |1353[5] | |7FFF7FFE|03 |079AFF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=7252; Parent=0; Priority=1 | |Class=; Name= | |DeadLock=0; Wait Chain= | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|7733F989|ntdll.dll |0001F989|ntdll.dll |ntdll | |ZwRemoveIoCompletion | | |7FFF7FFE|03 |0CFCFF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=11552; Parent=0; Priority=-3 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ $2D20 / 11552 ] is blocked | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|7733F901|ntdll.dll |0001F901|ntdll.dll |ntdll | |NtWaitForSingleObject | | |00004020|03 |0D7EFE94|76EF1623|KERNELBASE.dll |00011623|KERNELBASE.dll |KERNELBASE | |WaitForSingleObjectEx | | |00000060|03 |0D7EFF00|75C5118F|kernel32.dll |0001118F|kernel32.dll |kernel32 | |WaitForSingleObjectEx | | |00000060|03 |0D7EFF18|75C51143|kernel32.dll |00011143|kernel32.dll |kernel32 | |WaitForSingleObject | | |00000060|01 |0D7EFF2C|77A02748|bass.dll |00002748| | | | | | |7FFF7FFE|03 |0D7EFF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=11112; Parent=0; Priority=15 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ $2B68 / 11112 ] is blocked | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|7733F901|ntdll.dll |0001F901|ntdll.dll |ntdll | |NtWaitForSingleObject | | |00004020|03 |0D93FECC|76EF1623|KERNELBASE.dll |00011623|KERNELBASE.dll |KERNELBASE | |WaitForSingleObjectEx | | |00000020|03 |0D93FF10|773529C8|ntdll.dll |000329C8|ntdll.dll |ntdll | |RtlQueryPerformanceCounter | | |00000020|03 |0D93FF14|75C6FE22|kernel32.dll |0002FE22|kernel32.dll |kernel32 | | (possible CreateEventExA+75) | | |00000060|03 |0D93FF38|75C5118F|kernel32.dll |0001118F|kernel32.dll |kernel32 | |WaitForSingleObjectEx | | |00000060|03 |0D93FF50|75C51143|kernel32.dll |00011143|kernel32.dll |kernel32 | |WaitForSingleObject | | |7FFF7FFE|03 |0D93FF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=12056; Parent=0; Priority=2 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ $2F18 / 12056 ] is blocked | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|7734018D|ntdll.dll |0002018D|ntdll.dll |ntdll | |ZwWaitForMultipleObjects | | |00004020|03 |0DA7FE2C|76EF176F|KERNELBASE.dll |0001176F|KERNELBASE.dll |KERNELBASE | | (possible WaitForMultipleObjectsEx+250) | | |00000060|03 |0DA7FEC8|75C51A03|kernel32.dll |00011A03|kernel32.dll |kernel32 | |WaitForMultipleObjectsEx | | |00000060|03 |0DA7FF10|75C52697|kernel32.dll |00012697|kernel32.dll |kernel32 | |WaitForMultipleObjects | | |00000060|03 |0DA7FF2C|77A1DC9E|bass.dll |0001DC9E|bass.dll |bass | | (possible BASS_GetCPU+2473) | | |7FFF7FFE|03 |0DA7FF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=4856; Parent=0; Priority=15 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ $12F8 / 4856 ] is blocked | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|7733F901|ntdll.dll |0001F901|ntdll.dll |ntdll | |NtWaitForSingleObject | | |00004020|03 |0DBBFEF4|76EF1623|KERNELBASE.dll |00011623|KERNELBASE.dll |KERNELBASE | |WaitForSingleObjectEx | | |00000020|03 |0DBBFF30|76EF15C1|KERNELBASE.dll |000115C1|KERNELBASE.dll |KERNELBASE | |WaitForSingleObjectEx | | |00000020|03 |0DBBFF38|7734E721|ntdll.dll |0002E721|ntdll.dll |ntdll | | (possible RtlMultiByteToUnicodeN+276) | | |00000020|03 |0DBBFF48|76EF2EC7|KERNELBASE.dll |00012EC7|KERNELBASE.dll |KERNELBASE | |LoadLibraryExA | | |00000060|03 |0DBBFF60|75C5118F|kernel32.dll |0001118F|kernel32.dll |kernel32 | |WaitForSingleObjectEx | | |00000060|01 |0DBBFF78|77A01E11|bass.dll |00001E11| | | | | | |7FFF7FFE|03 |0DBBFF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=4004; Parent=0; Priority=-2 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ $0FA4 / 4004 ] is blocked | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|7733FDC1|ntdll.dll |0001FDC1|ntdll.dll |ntdll | |NtDelayExecution | | |00004020|03 |09EFFEA0|76EF3D91|KERNELBASE.dll |00013D91|KERNELBASE.dll |KERNELBASE | |SleepEx | | |00000060|03 |09EFFF08|76EF4662|KERNELBASE.dll |00014662|KERNELBASE.dll |KERNELBASE | |Sleep | | |00000060|03 |09EFFF18|00535A61|mcclient.exe |00135A61|System.Classes.pas |System.Classes |TThread |Sleep | | |00000020|04 |09EFFF20|011AC790|mcclient.exe |00DAC790|mcclcore.pas |mcclcore |TParse |Execute |531[24] | |00000060|03 |09EFFF4C|00534C79|mcclient.exe |00134C79|System.Classes.pas |System.Classes | |ThreadProc | | |00000020|03 |09EFFF54|00534C84|mcclient.exe |00134C84|System.Classes.pas |System.Classes | |ThreadProc | | |00000020|03 |09EFFF60|00534CD7|mcclient.exe |00134CD7|System.Classes.pas |System.Classes | |ThreadProc | | |00000060|04 |09EFFF7C|006153CC|mcclient.exe |002153CC|EThreadsManager.pas |EThreadsManager | |NakedBeginThreadWrapper |1353[5] | |7FFF7FFE|03 |09EFFF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=12720; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain= | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77341F76|ntdll.dll |00021F76|ntdll.dll |ntdll | |NtWaitForWorkViaWorkerFactory | | |00004020|03 |0A46FE3C|7736FA99|ntdll.dll |0004FA99|ntdll.dll |ntdll | | (possible TpSetTimer+749) | | |7FFF7FFE|03 |0A46FF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=9072; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain=thread: [ $2370 / 9072 ] is blocked | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|7733FE3D|ntdll.dll |0001FE3D|ntdll.dll |ntdll | |ZwFsControlFile | | |00004020|03 |0AAFFF28|76EE7AD8|KERNELBASE.dll |00007AD8|KERNELBASE.dll |KERNELBASE | |ConnectNamedPipe | | |00000020|03 |0AAFFF54|75C513EA|kernel32.dll |000113EA|kernel32.dll |kernel32 | | (possible InterlockedIncrement+10) | | |00000060|01 |0AAFFF6C|6E6B9514|DropboxExt.46.0.dll|00009514| | | | | | |7FFF7FFE|03 |0AAFFF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | | |Running Thread: ID=6652; Parent=0; Priority=0 | |Class=; Name= | |DeadLock=0; Wait Chain= | |Comment= | |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |7FFFFFFE|03 |00000000|77341F76|ntdll.dll |00021F76|ntdll.dll |ntdll | |NtWaitForWorkViaWorkerFactory | | |00004020|03 |1037FE3C|7736FA99|ntdll.dll |0004FA99|ntdll.dll |ntdll | | (possible TpSetTimer+749) | | |7FFF7FFE|03 |1037FF8C|75C5344B|kernel32.dll |0001344B|kernel32.dll |kernel32 | |BaseThreadInitThunk | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Mosules Information: ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |Handle |Name |Description |Version |Size |Modified |Path | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |00400000|mcclient.exe |mcclient |8.2.0.2 |26542576|2020-11-25 18:18:40|C:\Program Files (x86)\MyChat Client\ | |0CFF0000|Beeper.dll | | |1184256 |2020-11-26 14:09:43|C:\Users\bkp\AppData\Local\MyChat Client\plugins\Beeper\bin\ | |10200000|cpsspap.dll |Модуль поддержки SSL в SSP/AP |4.0.6100.0 |266304 |2019-03-11 00:10:42|C:\Windows\System32\ | |11000000|libeay32.dll |OpenSSL Shared Library |1.0.2.14 |1371136 |2017-12-07 16:08:22|C:\Program Files (x86)\MyChat Client\ | |12000000|ssleay32.dll |OpenSSL Shared Library |1.0.2.14 |337920 |2017-12-07 16:08:22|C:\Program Files (x86)\MyChat Client\ | |65C50000|schannel.dll |TLS / SSL Security Provider |6.1.7601.24387 |254464 |2019-03-06 06:01:19|C:\Windows\SysWOW64\ | |65CA0000|WindowsCodecs.dll |Microsoft Windows Codecs Library |6.2.9200.16809 |1230336 |2014-02-04 05:04:22|C:\Windows\System32\ | |68370000|powrprof.dll |DLL модуля поддержки профиля управления питанием |6.1.7600.16385 |145408 |2009-07-14 04:16:12|C:\Windows\System32\ | |6B730000|mpr.dll |Библиотека маршрутизации для нескольких служб доступа |6.1.7600.16385 |64000 |2009-07-14 04:15:41|C:\Windows\System32\ | |6C620000|jsoncpp.dll | | |178688 |2020-09-02 02:15:42|C:\Program Files (x86)\Bdrive\NetDrive3\ | |6C660000|api-ms-win-crt-locale-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |12128 |2015-11-19 17:06:05|C:\Windows\System32\ | |6C670000|msvcp140.dll |Microsoft® C Runtime Library |14.21.27702.2 |446512 |2019-05-02 20:14:38|C:\Windows\System32\ | |6C770000|api-ms-win-crt-math-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |22368 |2015-11-19 17:06:05|C:\Windows\System32\ | |6C780000|api-ms-win-crt-environment-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |12128 |2015-11-19 17:06:05|C:\Windows\System32\ | |6C790000|api-ms-win-crt-filesystem-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |13664 |2015-11-19 17:06:05|C:\Windows\System32\ | |6C980000|oleacc.dll |Active Accessibility Core Component |7.0.0.0 |233472 |2014-06-17 14:11:14|C:\Windows\System32\ | |6CBE0000|api-ms-win-crt-utility-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |12128 |2015-11-19 17:06:05|C:\Windows\System32\ | |6CBF0000|api-ms-win-crt-time-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |14176 |2015-11-19 17:06:05|C:\Windows\System32\ | |6D0B0000|api-ms-win-crt-convert-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |15712 |2015-11-19 17:06:05|C:\Windows\System32\ | |6D0C0000|api-ms-win-crt-stdio-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |17760 |2015-11-19 17:06:05|C:\Windows\System32\ | |6D0D0000|api-ms-win-crt-string-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |17760 |2015-11-19 17:06:05|C:\Windows\System32\ | |6D0E0000|api-ms-win-crt-heap-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |12640 |2015-11-19 17:06:05|C:\Windows\System32\ | |6D330000|api-ms-win-core-file-l1-2-0.dll |ApiSet Stub DLL |10.0.10586.9 |11616 |2015-11-19 17:06:05|C:\Windows\System32\ | |6D340000|api-ms-win-core-processthreads-l1-1-1.dll|ApiSet Stub DLL |10.0.10586.9 |12128 |2015-11-19 17:06:05|C:\Windows\System32\ | |6D350000|api-ms-win-core-localization-l1-2-0.dll |ApiSet Stub DLL |10.0.10586.9 |14176 |2015-11-19 17:06:05|C:\Windows\System32\ | |6D360000|ucrtbase.dll |Microsoft® C Runtime Library |10.0.10586.9 |922432 |2015-11-19 17:06:05|C:\Windows\System32\ | |6D450000|api-ms-win-crt-runtime-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |16224 |2015-11-19 17:06:05|C:\Windows\System32\ | |6D460000|VCRUNTIME140.dll |Microsoft® C Runtime Library |14.21.27702.2 |79920 |2019-05-02 20:14:48|C:\Windows\System32\ | |6D4A0000|api-ms-win-core-file-l2-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |11616 |2015-11-19 17:06:05|C:\Windows\System32\ | |6D4B0000|api-ms-win-core-timezone-l1-1-0.dll |ApiSet Stub DLL |10.0.10586.9 |11616 |2015-11-19 17:06:05|C:\Windows\System32\ | |6DC50000|avrt.dll |Multimedia Realtime Runtime |6.1.7600.16385 |14336 |2009-07-14 04:14:58|C:\Windows\System32\ | |6DC60000|AudioSes.dll |Сеанс обработки звука |6.1.7601.18741 |195584 |2015-02-03 06:12:12|C:\Windows\System32\ | |6DCA0000|MMDevAPI.dll |MMDevice API |6.1.7601.17514 |213504 |2010-11-21 06:23:51|C:\Windows\System32\ | |6DF50000|slc.dll |Software Licensing Client DLL |6.1.7600.16385 |27136 |2009-07-14 04:16:15|C:\Windows\System32\ | |6DF60000|ntshrui.dll |Расширения оболочки, обеспечивающие доступ к ресурсам |6.1.7601.17755 |442880 |2014-06-17 14:23:28|C:\Windows\System32\ | |6E6B0000|DropboxExt.46.0.dll |Dropbox Shell Extension |1.0.46.0 |486920 |2020-10-06 21:45:44|C:\Users\bkp\AppData\Roaming\Dropbox\bin\ | |6E730000|cscapi.dll |Offline Files Win32 API |6.1.7601.17514 |34816 |2010-11-21 06:24:02|C:\Windows\System32\ | |6E740000|linkinfo.dll |Windows Volume Tracking |6.1.7600.16385 |22016 |2009-07-14 04:15:36|C:\Windows\System32\ | |6E7E0000|PhotoMetadataHandler.dll |Photo Metadata Handler |6.1.7600.16385 |316928 |2009-07-14 04:16:12|C:\Windows\SysWOW64\ | |6E860000|idndl.dll |Downlevel DLL |6.1.7600.16385 |33792 |2009-07-14 04:15:27|C:\Windows\System32\ | |6E880000|hunspelldll.dll | | |223232 |2006-05-27 15:34:22|C:\Program Files (x86)\MyChat Client\ | |6E8C0000|thumbcache.dll |Кэш эскизов Майкрософт |6.1.7601.17514 |82944 |2010-11-21 06:24:08|C:\Windows\SysWOW64\ | |6E8E0000|msacm32.dll |Фильтр диспетчера аудиосжатия Microsoft |6.1.7600.16385 |72192 |2009-07-14 04:15:42|C:\Windows\System32\ | |6E900000|NetDriveShell_NetDrive3.dll |Bdrive NetDriveShell.dll |3.9.0.10 |698976 |2020-11-13 04:13:46|C:\Program Files (x86)\Bdrive\NetDrive3\ | |6EA60000|cpschan.dll |Модуль исправления функционирования SChannel |4.0.5093.0 |49680 |2019-03-11 00:10:24|C:\Program Files (x86)\Common Files\Crypto Pro\AppCompat\ | |6EC40000|samcli.dll |Security Accounts Manager Client DLL |6.1.7601.17514 |51200 |2010-11-21 06:23:54|C:\Windows\System32\ | |6EC90000|olepro32.dll | |6.1.7601.17514 |90112 |2010-11-21 06:24:03|C:\Windows\System32\ | |6F150000|browcli.dll |Browser Service Client DLL |6.1.7601.17887 |41984 |2014-06-17 14:36:48|C:\Windows\System32\ | |6F1C0000|dwmapi.dll |Интерфейс API диспетчера окон рабочего стола (Майкрософт) |6.1.7600.16385 |67072 |2009-07-14 04:15:13|C:\Windows\System32\ | |6F310000|api-ms-win-core-synch-l1-2-0.dll |ApiSet Stub DLL |10.0.10586.9 |12128 |2015-11-19 17:06:05|C:\Windows\System32\ | |6F340000|winsta.dll |Winstation Library |6.1.7601.18540 |157696 |2014-07-17 04:40:03|C:\Windows\System32\ | |6F550000|uxtheme.dll |Библиотека тем UxTheme (Microsoft) |6.1.7600.16385 |245760 |2009-07-14 04:11:24|C:\Windows\System32\ | |71560000|comctl32.dll |Библиотека общих элементов управления |5.82.7601.18201 |530432 |2014-06-17 15:26:37|C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\| |73DE0000|wer.dll |Библиотека сообщений об ошибках Windows |6.1.7601.24392 |382976 |2019-02-15 18:58:57|C:\Windows\System32\ | |73F50000|wship6.dll |Библиотека DLL помощника Winsock2 (TL/IPv6) |6.1.7600.16385 |10752 |2009-07-14 04:16:20|C:\Windows\System32\ | |73F60000|wkscli.dll |Workstation Service Client DLL |6.1.7601.17514 |47104 |2010-11-21 06:23:51|C:\Windows\System32\ | |73F70000|srvcli.dll |Server Service Client DLL |6.1.7601.17514 |90112 |2010-11-21 06:24:16|C:\Windows\System32\ | |73F90000|netutils.dll |Net Win32 API Helpers DLL |6.1.7601.17514 |22528 |2010-11-21 06:24:16|C:\Windows\System32\ | |73FA0000|netapi32.dll |Net Win32 API DLL |6.1.7601.17887 |57344 |2014-06-17 14:36:48|C:\Windows\System32\ | |73FC0000|wsock32.dll |Windows Socket 32-Bit DLL |6.1.7600.16385 |15360 |2009-07-14 04:16:20|C:\Windows\System32\ | |74070000|rasadhlp.dll |Remote Access AutoDial Helper |6.1.7600.16385 |11776 |2009-07-14 04:16:12|C:\Windows\System32\ | |74080000|FWPUCLNT.DLL |API пользовательского режима FWP/IPsec |6.1.7601.18283 |216576 |2014-06-17 15:22:06|C:\Windows\System32\ | |740C0000|credssp.dll |Credential Delegation Security Package |6.1.7601.24387 |17408 |2019-03-06 06:00:51|C:\Windows\System32\ | |740D0000|mdnsNSP.dll |Bonjour Namespace Provider |3.1.0.1 |122128 |2015-08-12 16:03:38|C:\Program Files (x86)\Bonjour\ | |74100000|WLIDNSP.DLL |Microsoft® Windows Live ID Namespace Provider |7.250.4225.0 |145280 |2010-09-21 13:03:14|C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\ | |74130000|winrnr.dll |LDAP RnR Provider DLL |6.1.7600.16385 |20992 |2009-07-14 04:16:19|C:\Windows\System32\ | |74150000|dnsapi.dll |Динамическая библиотека API DNS-клиента |6.1.7601.17570 |270336 |2011-03-03 08:38:01|C:\Windows\System32\ | |741A0000|wtsapi32.dll |Windows Remote Desktop Session Host Server SDK APIs |6.1.7601.17514 |40448 |2010-11-21 06:23:54|C:\Windows\System32\ | |741B0000|pnrpnsp.dll |Поставщик пространства имен PNRP |6.1.7600.16385 |65024 |2009-07-14 04:16:12|C:\Windows\System32\ | |741D0000|rsaenh.dll |Microsoft Enhanced Cryptographic Provider |6.1.7600.16385 |242936 |2009-07-14 04:17:54|C:\Windows\System32\ | |74210000|NapiNSP.dll |Поставщик оболочки совместимости для имен электронной почты |6.1.7600.16385 |52224 |2009-07-14 04:16:02|C:\Windows\System32\ | |74220000|WSHTCPIP.DLL |Библиотека DLL помощника службы Winsock2 (TL/IPv4) |6.1.7600.16385 |9216 |2009-07-14 04:16:20|C:\Windows\System32\ | |74230000|mswsock.dll |Расширение поставщика службы API Microsoft Windows Sockets 2.0|6.1.7601.18254 |231424 |2014-06-17 15:34:34|C:\Windows\System32\ | |74270000|cpadvai.dll |Модуль исправления функционирования advapi32 |4.0.5254.0 |55432 |2019-03-11 00:06:48|C:\Program Files (x86)\Common Files\Crypto Pro\AppCompat\ | |74280000|cryptsp.dll |Cryptographic Service Provider API |6.1.7601.18741 |81408 |2015-02-03 06:12:14|C:\Windows\System32\ | |742A0000|dhcpcsvc.dll |Служба DHCP-клиента |6.1.7600.16385 |61952 |2009-07-14 04:15:11|C:\Windows\System32\ | |742C0000|nlaapi.dll |Network Location Awareness 2 |6.1.7601.17761 |52224 |2014-06-17 14:49:30|C:\Windows\System32\ | |74330000|dhcpcsvc6.dll |Клиент DHCPv6 |6.1.7601.17970 |44032 |2014-06-17 14:54:00|C:\Windows\System32\ | |74340000|winnsi.dll |Network Store Information RPC interface |6.1.7600.16385 |16896 |2009-07-14 04:16:19|C:\Windows\System32\ | |74350000|IPHLPAPI.DLL |IP Helper API |6.1.7601.17514 |103936 |2010-11-21 06:24:32|C:\Windows\System32\ | |743F0000|ntmarta.dll |Поставщик Windows NT MARTA |6.1.7600.16385 |121856 |2009-07-14 04:16:11|C:\Windows\System32\ | |74420000|winspool.drv |Драйвер диспетчера очереди Windows |6.1.7601.24383 |321536 |2019-02-16 08:50:54|C:\Windows\System32\ | |74480000|cpcrypt.dll |Модуль исправления функционирования crypt32 |4.0.5253.0 |100064 |2019-03-11 00:08:00|C:\Program Files (x86)\Common Files\Crypto Pro\AppCompat\ | |744A0000|webio.dll |API протоколов передачи по Веб |6.1.7601.17725 |314880 |2014-06-17 14:14:27|C:\Windows\System32\ | |744F0000|winhttp.dll |Службы HTTP Windows |6.1.7601.17514 |351232 |2010-11-21 06:24:08|C:\Windows\System32\ | |74550000|GdiPlus.dll |Microsoft GDI+ |6.1.7601.24385 |1634816 |2019-02-22 05:55:42|C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.24385_none_5c0ad4dfa00a8e0a\ | |746F0000|winmm.dll |MCI API DLL |6.1.7601.17514 |194048 |2010-11-21 06:24:16|C:\Windows\System32\ | |74770000|version.dll |Version Checking and File Installation Libraries |6.1.7600.16385 |21504 |2009-07-14 04:16:17|C:\Windows\System32\ | |74780000|msimg32.dll |GDIEXT Client DLL |6.1.7601.24385 |4608 |2019-02-22 05:56:00|C:\Windows\System32\ | |74790000|apphelp.dll |Клиентская библиотека совместимости приложений |6.1.7601.17514 |295936 |2010-11-21 06:24:14|C:\Windows\System32\ | |747F0000|secur32.dll |Security Support Provider Interface |6.1.7601.24387 |22016 |2019-03-06 06:01:19|C:\Windows\System32\ | |74800000|detoured.dll |Marks process affected by Microsoft Research Detours Package |2.1.335.0 |20632 |2019-03-11 00:16:10|C:\Program Files (x86)\Common Files\Crypto Pro\AppCompat\ | |74810000|cpwinet.dll |Модуль исправления функционирования wininet.dll |4.0.4786.0 |38296 |2019-03-11 00:11:02|C:\Program Files (x86)\Common Files\Crypto Pro\AppCompat\ | |74830000|comctl32.dll |Библиотека элементов управления взаимодействия с пользователем|6.10.7601.24380 |1681408 |2019-02-07 18:57:47|C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24380_none_2b2053e245779417\ | |749D0000|propsys.dll |Система страниц свойств (Microsoft) |7.0.7601.17514 |988160 |2010-11-21 06:24:08|C:\Windows\System32\ | |74C90000|CRYPTBASE.dll |Base cryptographic API DLL |6.1.7601.24387 |36352 |2019-03-06 05:36:49|C:\Windows\SysWOW64\ | |74CA0000|sspicli.dll |Security Support Provider Interface |6.1.7601.24387 |96768 |2019-03-06 06:01:22|C:\Windows\SysWOW64\ | |74D00000|psapi.dll |Process Status Helper |6.1.7600.16385 |6144 |2009-07-14 04:16:12|C:\Windows\SysWOW64\ | |74D10000|imagehlp.dll |Windows NT Image Helper |6.1.7601.18288 |159232 |2014-06-17 15:35:58|C:\Windows\SysWOW64\ | |74D40000|lpk.dll |Language Pack |6.1.7601.18177 |25600 |2014-06-17 15:18:07|C:\Windows\SysWOW64\ | |74D50000|cfgmgr32.dll |Configuration Manager DLL |6.1.7601.17621 |145920 |2014-06-17 14:09:01|C:\Windows\SysWOW64\ | |74D80000|user32.dll |Многопользовательская библиотека клиента USER API Windows |6.1.7601.17514 |833024 |2010-11-21 06:24:20|C:\Windows\SysWOW64\ | |74E80000|shell32.dll |Общая библиотека оболочки Windows |6.1.7601.18517 |12874240|2014-06-25 04:41:30|C:\Windows\SysWOW64\ | |75AD0000|imm32.dll |Multi-User Windows IMM32 API Client DLL |6.1.7601.17514 |119808 |2010-11-21 06:24:25|C:\Windows\System32\ | |75B30000|Wldap32.dll |Win32 LDAP API DLL |6.1.7601.17514 |269824 |2010-11-21 06:24:16|C:\Windows\SysWOW64\ | |75BB0000|userenv.dll |Userenv |6.1.7601.17514 |81920 |2010-11-21 06:24:16|C:\Windows\SysWOW64\ | |75BD0000|profapi.dll |User Profile Basic API |6.1.7600.16385 |31744 |2009-07-14 04:16:12|C:\Windows\SysWOW64\ | |75C40000|kernel32.dll |Библиотека клиента Windows NT BASE API |6.1.7601.24387 |1114112 |2019-03-06 06:01:22|C:\Windows\SysWOW64\ | |75D50000|clbcatq.dll |COM+ Configuration Catalog |2001.12.8530.16385|522240 |2009-07-14 04:15:03|C:\Windows\SysWOW64\ | |75DE0000|crypt32.dll |API32 криптографии |6.1.7601.18741 |1174528 |2015-02-03 06:12:14|C:\Windows\SysWOW64\ | |76060000|advapi32.dll |Расширенная библиотека API Windows 32 |6.1.7601.24387 |644096 |2019-03-06 06:00:42|C:\Windows\SysWOW64\ | |76110000|oleaut32.dll | |6.1.7601.24383 |583680 |2019-02-16 08:50:51|C:\Windows\SysWOW64\ | |761B0000|ws2_32.dll |32-разрядная библиотека Windows Socket 2.0 |6.1.7601.17514 |206848 |2010-11-21 06:23:55|C:\Windows\SysWOW64\ | |761F0000|devobj.dll |Device Information Set DLL |6.1.7601.17621 |64512 |2014-06-17 14:09:01|C:\Windows\SysWOW64\ | |76210000|sechost.dll |Host for SCM/SDDL/LSA Lookup APIs |6.1.7600.16385 |92160 |2009-07-14 04:16:13|C:\Windows\SysWOW64\ | |76230000|nsi.dll |NSI User-mode interface DLL |6.1.7600.16385 |8704 |2009-07-14 04:16:11|C:\Windows\SysWOW64\ | |76240000|ole32.dll |Microsoft OLE для Windows |6.1.7601.24383 |1425920 |2019-02-16 08:50:51|C:\Windows\SysWOW64\ | |763A0000|msctf.dll |Серверная библиотека MSCTF |6.1.7600.16385 |828928 |2009-07-14 04:15:43|C:\Windows\SysWOW64\ | |76470000|comdlg32.dll |Библиотека общих диалоговых окон |6.1.7601.17514 |485888 |2010-11-21 06:23:48|C:\Windows\SysWOW64\ | |764F0000|gdi32.dll |GDI Client DLL |6.1.7601.23688 |312832 |2017-02-10 19:17:38|C:\Windows\SysWOW64\ | |76590000|setupapi.dll |Windows Setup API |6.1.7601.17514 |1667584 |2010-11-21 06:23:51|C:\Windows\SysWOW64\ | |76730000|api-ms-win-downlevel-shlwapi-l1-1-0.dll |ApiSet Stub DLL |6.2.9200.16492 |9728 |2014-06-18 16:23:28|C:\Windows\SysWOW64\ | |76740000|rpcrt4.dll |Библиотека удаленного вызова процедур |6.1.7601.24387 |666112 |2019-03-06 06:01:22|C:\Windows\SysWOW64\ | |76830000|shlwapi.dll |Библиотека небольших программ оболочки |6.1.7601.17514 |350208 |2010-11-21 06:23:48|C:\Windows\SysWOW64\ | |76890000|api-ms-win-downlevel-user32-l1-1-0.dll |ApiSet Stub DLL |6.2.9200.16492 |4096 |2014-06-18 16:23:28|C:\Windows\SysWOW64\ | |768A0000|api-ms-win-downlevel-normaliz-l1-1-0.dll |ApiSet Stub DLL |6.2.9200.16492 |2560 |2014-06-18 16:23:28|C:\Windows\SysWOW64\ | |768B0000|msvcrt.dll |Windows NT CRT DLL |7.0.7601.17744 |690688 |2014-06-17 14:26:27|C:\Windows\SysWOW64\ | |76960000|msasn1.dll |ASN.1 Runtime APIs |6.1.7601.17514 |34304 |2010-11-21 06:23:48|C:\Windows\SysWOW64\ | |76970000|wininet.dll |Расширения Интернета для Win32 |11.0.9600.17420 |1892864 |2014-11-06 04:52:35|C:\Windows\SysWOW64\ | |76BE0000|iertutil.dll |Run time utility for Internet Explorer |11.0.9600.17420 |2277376 |2014-11-06 06:05:30|C:\Windows\SysWOW64\ | |76E20000|api-ms-win-downlevel-advapi32-l1-1-0.dll |ApiSet Stub DLL |6.2.9200.16492 |10752 |2014-06-18 16:23:28|C:\Windows\SysWOW64\ | |76E30000|normaliz.dll |Unicode Normalization DLL |6.1.7600.16385 |2048 |2009-07-14 04:09:00|C:\Windows\SysWOW64\ | |76E40000|usp10.dll |Uniscribe Unicode script processor |1.626.7601.23688 |628736 |2017-02-10 19:17:36|C:\Windows\SysWOW64\ | |76EE0000|KERNELBASE.dll |Библиотека клиента Windows NT BASE API |6.1.7601.24387 |275968 |2019-03-06 06:01:22|C:\Windows\SysWOW64\ | |76F30000|api-ms-win-downlevel-version-l1-1-0.dll |ApiSet Stub DLL |6.2.9200.16492 |3072 |2014-06-18 16:23:28|C:\Windows\SysWOW64\ | |77320000|ntdll.dll |Системная библиотека NT |6.1.7601.24387 |1314104 |2019-03-06 06:02:42|C:\Windows\SysWOW64\ | |779A0000|Faultrep.dll |Библиотека отчетов о сбоях в пользовательском режиме Windows |6.1.7601.24392 |320512 |2019-02-15 18:58:43|C:\Windows\System32\ | |77A00000|bass.dll |BASS |2.4.14.0 |127669 |2019-01-16 14:34:32|C:\Program Files (x86)\MyChat Client\ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Processes Information: ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |ID |Name |Description |Version |Memory |Priority |Threads|Path |User |Session| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |156 |USBSafelyRemove.exe |USB Safely Remove - an enhanced replacement for Windows safe removal tool|5.2.3.1205 |10575872 |Normal |8 |C:\Program Files (x86)\USB Safely Remove\ |bkp |1 | |568 |AVGUI.exe |AVG Antivirus |20.8.5684.0 |6311936 |Above-Normal|10 |C:\Program Files\AVG\Antivirus\ |bkp |1 | |680 |csrss.exe |Процесс исполнения клиент-сервер |6.1.7600.16385|98242560 |Normal |18 |C:\Windows\SysNative\ |система|1 | |860 |RtkNGUI64.exe |Диспетчер Realtek HD |1.0.378.0 |1372160 |Normal |12 |C:\Program Files\Realtek\Audio\HDA\ |bkp |1 | |956 |taskhost.exe |Хост-процесс для задач Windows |6.1.7601.18010|6602752 |Normal |11 |C:\Windows\SysNative\ |bkp |1 | |1008 |winlogon.exe |Программа входа в систему Windows |6.1.7601.18540|2629632 |High |5 |C:\Windows\SysNative\ |система|1 | |1136 |Dropbox.exe |Dropbox |110.4.458.0 |1429504 |Normal |7 |C:\Users\bkp\AppData\Roaming\Dropbox\bin\ |bkp |1 | |1296 |WacomHost.exe |Wacom Load Agent |1.0.0.2 |229376 |Normal |2 |C:\Program Files\Tablet\Pen\ |система|1 | |1540 |chrome.exe |Google Chrome |86.0.4240.198 |83537920 |Normal |17 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |1544 |tv_x64.exe |TeamViewer |15.11.6.0 |1589248 |Normal |5 |C:\Program Files (x86)\TeamViewer\ |система|1 | |1876 |MKey.exe |Universal driver for multimedia keyboards |1.3.5.3423 |7421952 |High |165 |C:\Program Files (x86)\MKey\ |bkp |1 | |2152 |chrome.exe |Google Chrome |86.0.4240.198 |89862144 |Low |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |2532 |PDFTools.exe |PDF Tools |2.3.0.0 |565248 |Normal |1 |C:\Program Files (x86)\Glorylogic\PDF Shaper\ |bkp |1 | |3096 |AVGUI.exe |AVG Antivirus |20.8.5684.0 |40751104 |Normal |43 |C:\Program Files\AVG\Antivirus\ |bkp |1 | |3156 |Pen_TouchUser.exe |Touch User Mode Driver |5.3.3.3 |3620864 |Above-Normal|11 |C:\Program Files\Tablet\Pen\ |bkp |1 | |3324 |taskeng.exe |Обработчик планировщика заданий |6.1.7601.17514|3420160 |Normal |5 |C:\Windows\System32\ |bkp |1 | |3392 |dwm.exe |Диспетчер окон рабочего стола |6.1.7600.16385|152686592 |High |7 |C:\Windows\SysNative\ |bkp |1 | |3620 |tv_w32.exe |TeamViewer |15.11.6.0 |1761280 |Normal |5 |C:\Program Files (x86)\TeamViewer\ |система|1 | |3808 |chrome.exe |Google Chrome |86.0.4240.198 |216076288 |Normal |39 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |4600 |Kryptex.exe |Kryptex |4.11.25.957 |5324800 |Normal |8 |C:\Users\bkp\AppData\Local\Programs\kryptex-app\ |bkp |1 | |4624 |chrome.exe |Google Chrome |86.0.4240.198 |38289408 |Low |17 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |4740 |Pen_Tablet.exe |Tablet Service for consumer driver |5.3.3.3 |5009408 |Above-Normal|23 |C:\Program Files\Tablet\Pen\ |система|1 | |4744 |explorer.exe |Проводник |6.1.7601.17567|94978048 |Normal |52 |C:\Windows\ |bkp |1 | |4804 |chrome.exe |Google Chrome |86.0.4240.198 |36233216 |Normal |15 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |4840 |Pen_TabletUser.exe |Tablet user module for consumer driver |5.3.3.3 |917504 |Normal |3 |C:\Program Files\Tablet\Pen\ |bkp |1 | |5024 |TeamViewer.exe |TeamViewer |15.11.6.0 |11407360 |Normal |15 |C:\Program Files (x86)\TeamViewer\ |bkp |1 | |5584 |AIMP.exe |AIMP |4.1.2.1880 |24317952 |Normal |12 |C:\Program Files (x86)\AIMP3\ |bkp |1 | |5848 |pCloud.exe |pCloud Drive |3.9.11.0 |29437952 |Normal |39 |C:\Program Files\pCloud Drive\ |bkp |1 | |6024 |chrome.exe |Google Chrome |86.0.4240.198 |55943168 |Normal |16 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |6200 |AnyDesk.exe |AnyDesk |5.4.2.0 |1662976 |Normal |7 |C:\Program Files (x86)\AnyDesk\ |bkp |1 | |6240 |conhost.exe |Окно консоли узла |6.1.7601.24387|6664192 |Normal |2 |C:\Windows\SysNative\ |bkp |1 | |6244 |BambooCore.exe |BambooDock back-end application |1.0.0.0 |1396736 |Normal |3 |C:\Program Files (x86)\Bamboo Dock\ |bkp |1 | |6636 |mcclient.exe |mcclient |8.2.0.2 |132263936 |Normal |21 |C:\Program Files (x86)\MyChat Client\ |bkp |1 | |6752 |Telegram.exe |Telegram Desktop |2.4.7.0 |169594880 |Normal |33 |C:\Users\bkp\AppData\Roaming\Telegram Desktop\ |bkp |1 | |6940 |Dropbox.exe |Dropbox |110.4.458.0 |113983488 |Normal |156 |C:\Users\bkp\AppData\Roaming\Dropbox\bin\ |bkp |1 | |7012 |AVGUI.exe |AVG Antivirus |20.8.5684.0 |10407936 |Normal |12 |C:\Program Files\AVG\Antivirus\ |bkp |1 | |7316 |chrome.exe |Google Chrome |86.0.4240.198 |292073472 |Above-Normal|22 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |7488 |Dropbox.exe |Dropbox |110.4.458.0 |2908160 |Normal |6 |C:\Users\bkp\AppData\Roaming\Dropbox\bin\ |bkp |1 | |7532 |chrome.exe |Google Chrome |86.0.4240.198 |5840896 |Normal |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |7612 |chrome.exe |Google Chrome |86.0.4240.198 |2314240 |Normal |9 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |7708 |chrome.exe |Google Chrome |86.0.4240.198 |9072640 |Normal |8 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |7800 |chrome.exe |Google Chrome |86.0.4240.198 |14544896 |Normal |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |7864 |chrome.exe |Google Chrome |86.0.4240.198 |16527360 |Normal |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |7884 |chrome.exe |Google Chrome |86.0.4240.198 |94232576 |Normal |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |7920 |chrome.exe |Google Chrome |86.0.4240.198 |36864000 |Normal |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |8040 |chrome.exe |Google Chrome |86.0.4240.198 |15921152 |Normal |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |8224 |chrome.exe |Google Chrome |86.0.4240.198 |5447680 |Normal |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |8300 |chrome.exe |Google Chrome |86.0.4240.198 |37285888 |Normal |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |8368 |chrome.exe |Google Chrome |86.0.4240.198 |27889664 |Normal |15 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |8516 |Kryptex.exe |Kryptex |4.11.25.957 |74477568 |Normal |26 |C:\Users\bkp\AppData\Local\Programs\kryptex-app\ |bkp |1 | |8588 |chrome.exe |Google Chrome |86.0.4240.198 |29843456 |Normal |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |8596 |chrome.exe |Google Chrome |86.0.4240.198 |37396480 |Normal |15 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |8788 |chrome.exe |Google Chrome |86.0.4240.198 |76410880 |Low |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |8848 |Kryptex.exe |Kryptex |4.11.25.957 |14073856 |Normal |11 |C:\Users\bkp\AppData\Local\Programs\kryptex-app\ |bkp |1 | |8928 |chrome.exe |Google Chrome |86.0.4240.198 |23769088 |Low |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |8948 |chrome.exe |Google Chrome |86.0.4240.198 |99262464 |Low |17 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |9012 |ACDSeePro6InTouch2.exe|acdID InTouch2 |3.2.22.0 |2752512 |Normal |8 |C:\Program Files\ACD Systems\ACDSee Pro\6.0\ |bkp |1 | |9112 |chrome.exe |Google Chrome |86.0.4240.198 |4497408 |Normal |11 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |9212 |chrome.exe |Google Chrome |86.0.4240.198 |104902656 |Low |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |9232 |rundll32.exe |Хост-процесс Windows (Rundll32) |6.1.7600.16385|610304 |Normal |1 |C:\Windows\System32\ |bkp |1 | |9800 |chrome.exe |Google Chrome |86.0.4240.198 |170168320 |Low |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |10176|chrome.exe |Google Chrome |86.0.4240.198 |62840832 |Normal |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |10420|thunderbird.exe |Thunderbird |78.5.0.7625 |269352960 |Normal |82 |C:\Program Files (x86)\Mozilla Thunderbird\ |bkp |1 | |10904|QtWebEngineProcess.exe|Qt Qtwebengineprocess |5.13.2.0 |5378048 |Low |14 |C:\Users\bkp\AppData\Roaming\Dropbox\bin\110.4.458\ |bkp |1 | |11076|Kryptex.exe |Kryptex |4.11.25.957 |66007040 |Above-Normal|21 |C:\Users\bkp\AppData\Local\Programs\kryptex-app\ |bkp |1 | |11120|QtWebEngineProcess.exe|Qt Qtwebengineprocess |5.13.2.0 |24551424 |Low |14 |C:\Users\bkp\AppData\Roaming\Dropbox\bin\110.4.458\ |bkp |1 | |11372|chrome.exe |Google Chrome |86.0.4240.198 |247939072 |Low |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |11548|conhost.exe |Окно консоли узла |6.1.7601.24387|0 |Normal |1 |C:\Windows\SysNative\ | |1 | |11564|chrome.exe |Google Chrome |86.0.4240.198 |144400384 |Normal |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |11684|Kryptex.exe |Kryptex |4.11.25.957 |62840832 |Low |17 |C:\Users\bkp\AppData\Local\Programs\kryptex-app\ |bkp |1 | |11740|chrome.exe |Google Chrome |86.0.4240.198 |150036480 |Low |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |11852|kryptex5.exe |XMRig miner |5.11.2.0 |2430509056|Normal |13 |C:\Users\bkp\AppData\Roaming\Kryptex\miners\kryptex5\|bkp |1 | |12184|chrome.exe |Google Chrome |86.0.4240.198 |306376704 |Low |16 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |12224|nvidia-smi.exe | | |0 |Normal |1 | | |1 | |12408|chrome.exe |Google Chrome |86.0.4240.198 |82579456 |Low |14 |C:\Program Files (x86)\Google\Chrome\Application\ |bkp |1 | |12432|conhost.exe |Окно консоли узла |6.1.7601.24387|2211840 |Normal |1 |C:\Windows\SysNative\ |bkp |1 | |12532|mstsc.exe |Подключение к удаленному рабочему столу |6.2.9200.17053|10506240 |Normal |17 |C:\Windows\System32\ |bkp |1 | |12604|Kryptex.exe |Kryptex |4.11.25.957 |58400768 |Normal |24 |C:\Users\bkp\AppData\Local\Programs\kryptex-app\ |bkp |1 | |12812|ACDSeePro9.exe |ACDSee Pro 9 |9.0.0.439 |212791296 |Normal |56 |C:\Program Files (x86)\ACD Systems\ACDSee Pro\9.0\ |bkp |1 | |12820|powershell.exe |Windows PowerShell |6.1.7600.16385|25567232 |Normal |5 |C:\Windows\System32\WindowsPowerShell\v1.0\ |bkp |1 | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Assembler Information: -------------------------------------------------------------------------------------------------------------------------------------------------------------------- ; Base Address: $FC7000, Allocation Base: $400000, Region Size: 5173248 ; Allocation Protect: PAGE_EXECUTE_WRITECOPY, Protect: PAGE_EXECUTE_READ ; State: MEM_COMMIT, Type: MEM_IMAGE ; ; ; System.Net.HttpClient.TWinHTTPClient.HandleExecuteError (Line=0 - Offset=101) ; ----------------------------------------------------------------------------- 00FC76F1 C645F000 MOV BYTE PTR [EBP-$10], 0 00FC76F5 8D4DE8 LEA ECX, [EBP-$18] 00FC76F8 8B1538F17401 MOV EDX, [$0174F138] 00FC76FE 8BC3 MOV EAX, EBX 00FC7700 E88FF64BFF CALL -$B40971 ; ($00486D94) System.SysErrorMessage 00FC7705 8B45E8 MOV EAX, [EBP-$18] 00FC7708 8945F4 MOV [EBP-$0C], EAX 00FC770B C645F811 MOV BYTE PTR [EBP-8], $11 00FC770F 8D45EC LEA EAX, [EBP-$14] 00FC7712 50 PUSH EAX 00FC7713 6A01 PUSH 1 00FC7715 8B4DFC MOV ECX, [EBP-4] 00FC7718 B201 MOV DL, 1 00FC771A A194B3FC00 MOV EAX, [$00FCB394] ; Delphi Class "ENetHTTPClientException" 00FC771F E8C00D4CFF CALL -$B3F240 ; ($004884E4) System.Exception.CreateResFmt ; ; Line=0 - Offset=152 ; ------------------- 00FC7724 E8E34244FF CALL -$BBBD1D ; ($0040BA0C) System._RaiseExcept ; <-- EXCEPTION 00FC7729 E989000000 JMP +$89 ; ($00FC77B7) System.Net.HttpClient.TWinHTTPClient.HandleExecuteError (Line=0) 00FC772E B303 MOV BL, 3 00FC7730 E982000000 JMP +$82 ; ($00FC77B7) System.Net.HttpClient.TWinHTTPClient.HandleExecuteError (Line=0) 00FC7735 B304 MOV BL, 4 00FC7737 EB7E JMP +$7E ; ($00FC77B7) System.Net.HttpClient.TWinHTTPClient.HandleExecuteError (Line=0) 00FC7739 81FBF12E0000 CMP EBX, $00002EF1 00FC773F 7529 JNZ +$29 ; ($00FC776A) System.Net.HttpClient.TWinHTTPClient.HandleExecuteError (Line=0) 00FC7741 0FB705E877FC00 MOVZX EAX, WORD PTR [$00FC77E8] ; Data as ANSI: ''; Data as UNICODE: 'Ā' System.Net.HttpClient.TWinHTTPClient.HandleExecuteError (Line=0) 00FC7748 663B86A8000000 CMP AX, [ESI+$000000A8] 00FC774F 7519 JNZ +$19 ; ($00FC776A) System.Net.HttpClient.TWinHTTPClient.HandleExecuteError (Line=0) 00FC7751 8B0D38AD5501 MOV ECX, [$0155AD38] ; Data as ANSI: '4.V..щ'; Data as UNICODE: 'ᘴŖ蘭' 00FC7757 B201 MOV DL, 1 00FC7759 A1ECB5FC00 MOV EAX, [$00FCB5EC] ; Delphi Class "ENetHTTPCertificateException" 00FC775E E8B10C4CFF CALL -$B3F34F ; ($00488414) System.Exception.CreateRes 00FC7763 E8A44244FF CALL -$BBBD5C ; ($0040BA0C) System._RaiseExcept 00FC7768 EB4D JMP +$4D ; ($00FC77B7) System.Net.HttpClient.TWinHTTPClient.HandleExecuteError (Line=0) Registers: ----------------------------- EAX: 0018F634 EDI: 0CE7C860 EBX: 00002F8F ESI: 0702F6B0 ECX: 00000007 EBP: 0018F684 EDX: 00000000 ESP: 0018F634 EIP: 76EEC5AF FLG: 00000212 EXP: 00FC7724 STK: 0018F634 Stack: Memory Dump: ------------------ --------------------------------------------------------------------------- 0018F670: CCCCCCCC 00FC7724: E8 E3 42 44 FF E9 89 00 00 00 B3 03 E9 82 00 00 ..BD............ 0018F66C: CCCCCCCC 00FC7734: 00 B3 04 EB 7E 81 FB F1 2E 00 00 75 29 0F B7 05 ....~......u)... 0018F668: CCCCCCCC 00FC7744: E8 77 FC 00 66 3B 86 A8 00 00 00 75 19 8B 0D 38 .w..f;.....u...8 0018F664: CCCCCCCC 00FC7754: AD 55 01 B2 01 A1 EC B5 FC 00 E8 B1 0C 4C FF E8 .U...........L.. 0018F660: 0018F6B8 00FC7764: A4 42 44 FF EB 4D 81 FB F1 2E 00 00 74 06 80 7F .BD..M......t... 0018F65C: 0018F6EC 00FC7774: 60 00 74 04 33 DB EB 3B 89 5D EC C6 45 F0 00 8D `.t.3..;.]..E... 0018F658: 0CE7C860 00FC7784: 4D E4 8B 15 38 F1 74 01 8B C3 E8 01 F6 4B FF 8B M...8.t......K.. 0018F654: 0702F6B0 00FC7794: 45 E4 89 45 F4 C6 45 F8 11 8D 45 EC 50 6A 01 8B E..E..E...E.Pj.. 0018F650: 00002F8F 00FC77A4: 4D FC B2 01 A1 94 B3 FC 00 E8 32 0D 4C FF E8 55 M.........2.L..U 0018F64C: 0ADE9DD0 00FC77B4: 42 44 FF 33 C0 5A 59 59 64 89 10 68 D9 77 FC 00 BD.3.ZYYd..h.w.. 0018F648: 00FC7729 00FC77C4: 8D 45 E4 BA 02 00 00 00 E8 1B 4C 44 FF C3 E9 91 .E........LD.... 0018F644: 00000007 00FC77D4: 40 44 FF EB EB 8B C3 5F 5E 5B 8B E5 5D C3 00 00 @D....._^[..]... 0018F640: 76EEC5AF 00FC77E4: 80 00 00 00 00 01 00 00 55 8B EC 83 C4 B8 53 56 ........U.....SV 0018F63C: 00000000 00FC77F4: 33 DB 89 5D B8 89 5D BC 89 5D FC 89 5D F8 89 4D 3..]..]..]..]..M 0018F638: 00000001 00FC7804: E4 89 55 E8 89 45 EC 8D 45 F0 8B 15 60 32 FA 00 ..U..E..E...`2.. 0018F634: 0EEDFADE 00FC7814: E8 BF 68 44 FF 33 C0 55 68 E4 7B FC 00 64 FF 30 ..hD.3.Uh.{..d.0