Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
- Copyright (c) Microsoft Corporation. All rights reserved.
- CommandLine: "C:\totalcmd\tcmdx64.exe" 1108981
- Symbol search path is: symsrv*symsrv.dll*c:\symbols*http://msdl.microsoft.com/download/symbols
- Executable search path is:
- ModLoad: 00000001`40000000 00000001`40021000 image00000001`40000000
- ModLoad: 00000000`77000000 00000000`771a9000 ntdll.dll
- ModLoad: 00000000`76920000 00000000`76a3f000 C:\Windows\system32\kernel32.dll
- ModLoad: 000007fe`fd570000 000007fe`fd5dc000 C:\Windows\system32\KERNELBASE.dll
- ModLoad: 000007fe`f58e0000 000007fe`f5980000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\COMCTL32.dll
- ModLoad: 000007fe`fecf0000 000007fe`fedcb000 C:\Windows\system32\ADVAPI32.dll
- ModLoad: 000007fe`fee00000 000007fe`fee9f000 C:\Windows\system32\msvcrt.dll
- ModLoad: 000007fe`fec00000 000007fe`fec1f000 C:\Windows\SYSTEM32\sechost.dll
- ModLoad: 000007fe`fead0000 000007fe`febfd000 C:\Windows\system32\RPCRT4.dll
- ModLoad: 000007fe`fec70000 000007fe`fecd7000 C:\Windows\system32\GDI32.dll
- ModLoad: 00000000`76f00000 00000000`76ffa000 C:\Windows\system32\USER32.dll
- ModLoad: 000007fe`fece0000 000007fe`fecee000 C:\Windows\system32\LPK.dll
- ModLoad: 000007fe`fd950000 000007fe`fda19000 C:\Windows\system32\USP10.dll
- ModLoad: 000007fe`fdc80000 000007fe`fea08000 C:\Windows\system32\SHELL32.dll
- ModLoad: 000007fe`fd830000 000007fe`fd8a1000 C:\Windows\system32\SHLWAPI.dll
- ModLoad: 000007fe`ff020000 000007fe`ff223000 C:\Windows\system32\ole32.dll
- ModLoad: 000007fe`fedd0000 000007fe`fedfe000 C:\Windows\system32\IMM32.DLL
- ModLoad: 000007fe`feea0000 000007fe`fefa9000 C:\Windows\system32\MSCTF.dll
- ModLoad: 000007fe`fd350000 000007fe`fd35f000 C:\Windows\system32\CRYPTBASE.dll
- ModLoad: 000007fe`fbbb0000 000007fe`fbc06000 C:\Windows\system32\uxtheme.dll
- ModLoad: 000007fe`fbf30000 000007fe`fc124000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
- ModLoad: 000007fe`ff230000 000007fe`ff307000 C:\Windows\system32\OLEAUT32.dll
- ModLoad: 000007fe`fdaa0000 000007fe`fdc77000 C:\Windows\system32\SETUPAPI.dll
- ModLoad: 000007fe`fd5e0000 000007fe`fd616000 C:\Windows\system32\CFGMGR32.dll
- ModLoad: 000007fe`fd550000 000007fe`fd56a000 C:\Windows\system32\DEVOBJ.dll
- HEAP[tcmdx64.exe]: Heap block at 0000000000212290 modified at 0000000000212328 past requested size of 88
- (41c.498): Break instruction exception - code 80000003 (first chance)
- ntdll!RtlpBreakPointHeap+0x21:
- 00000000`770af0b1 cc int 3
- 0:000> !gflag
- Current NtGlobalFlag contents: 0x000000f0
- htc - Enable heap tail checking
- hfc - Enable heap free checking
- hpc - Enable heap parameter checking
- hvc - Enable heap validation on call
- 0:000> kv
- Child-SP RetAddr : Args to Child : Call Site
- 00000000`0012d908 00000000`770bf171 : 00000000`770bf190 00000000`00212290 00000000`00212328 00000000`00000088 : ntdll!RtlpBreakPointHeap+0x21
- 00000000`0012d910 00000000`770c826b : 00000000`00212290 00000000`0012dad0 00000000`00000000 00000000`00280000 : ntdll!RtlpCheckBusyBlockTail+0x211
- 00000000`0012d950 00000000`770c9258 : 00000000`00210000 00000000`00000000 00000000`00000000 00000000`0012dad0 : ntdll!RtlpValidateHeapSegment+0x13b
- 00000000`0012da40 00000000`770d70c0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000410 : ntdll!RtlpValidateHeap+0x3c8
- 00000000`0012dad0 00000000`7709c5ca : 00000000`00210000 00000000`70000163 00000000`00210000 00000000`2e070029 : ntdll!RtlDebugAllocateHeap+0xc0
- 00000000`0012db30 00000000`77053518 : 00000000`00210000 000007fe`60000062 00000000`00000008 00000000`00000000 : ntdll! ?? ::FNODOBFM::`string'+0x18b42
- *** ERROR: Module load completed but symbols could not be loaded for image00000001`40000000
- 00000000`0012e0d0 00000001`400055d7 : 00000000`00000004 00000000`00000008 00000000`00000001 00000000`00000000 : ntdll!RtlAllocateHeap+0x16c
- 00000000`0012e1e0 00000001`400017ca : 00000000`0000005c 00000000`002122a0 00000000`0000005c 00000000`002122a0 : image00000001_40000000+0x55d7
- 00000000`0012e210 00000001`400033be : 00000000`00000030 00000000`00000030 00000000`00000000 00000000`000003e8 : image00000001_40000000+0x17ca
- 00000000`0012ed90 00000001`40005be1 : 00000000`00000000 00000000`00000000 00000000`00000006 00000000`00000006 : image00000001_40000000+0x33be
- 00000000`0012fea0 00000000`7693652d : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : image00000001_40000000+0x5be1
- 00000000`0012ff60 00000000`7702c521 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0xd
- 00000000`0012ff90 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x1d
- 0:000> lm
- start end module name
- 00000000`76920000 00000000`76a3f000 kernel32 (pdb symbols) c:\symbols\kernel32.pdb\9B30FD7CD6B44975BF34B43B6EF668212\kernel32.pdb
- 00000000`76f00000 00000000`76ffa000 USER32 (deferred)
- 00000000`77000000 00000000`771a9000 ntdll (pdb symbols) c:\symbols\ntdll.pdb\15EB43E23B12409C84E3CC7635BAF5A32\ntdll.pdb
- 00000001`40000000 00000001`40021000 image00000001_40000000 (no symbols)
- 000007fe`f58e0000 000007fe`f5980000 COMCTL32 (deferred)
- 000007fe`fbbb0000 000007fe`fbc06000 uxtheme (deferred)
- 000007fe`fbf30000 000007fe`fc124000 comctl32_7fefbf30000 (deferred)
- 000007fe`fd350000 000007fe`fd35f000 CRYPTBASE (deferred)
- 000007fe`fd550000 000007fe`fd56a000 DEVOBJ (deferred)
- 000007fe`fd570000 000007fe`fd5dc000 KERNELBASE (deferred)
- 000007fe`fd5e0000 000007fe`fd616000 CFGMGR32 (deferred)
- 000007fe`fd830000 000007fe`fd8a1000 SHLWAPI (deferred)
- 000007fe`fd950000 000007fe`fda19000 USP10 (deferred)
- 000007fe`fdaa0000 000007fe`fdc77000 SETUPAPI (deferred)
- 000007fe`fdc80000 000007fe`fea08000 SHELL32 (deferred)
- 000007fe`fead0000 000007fe`febfd000 RPCRT4 (deferred)
- 000007fe`fec00000 000007fe`fec1f000 sechost (deferred)
- 000007fe`fec70000 000007fe`fecd7000 GDI32 (deferred)
- 000007fe`fece0000 000007fe`fecee000 LPK (deferred)
- 000007fe`fecf0000 000007fe`fedcb000 ADVAPI32 (deferred)
- 000007fe`fedd0000 000007fe`fedfe000 IMM32 (deferred)
- 000007fe`fee00000 000007fe`fee9f000 msvcrt (deferred)
- 000007fe`feea0000 000007fe`fefa9000 MSCTF (deferred)
- 000007fe`ff020000 000007fe`ff223000 ole32 (deferred)
- 000007fe`ff230000 000007fe`ff307000 OLEAUT32 (deferred)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement