Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- date/time : 2019-03-28, 21:21:27, 786ms
- computer name : JESSE
- user name : Jesse <admin>
- registered owner : redherochild@hotmail.com
- operating system : Windows 10 x64 build 18362
- system language : English
- system up time : 13 hours 25 minutes
- program up time : 50 seconds
- processors : 8x Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
- physical memory : 5709/16303 MB (free/total)
- free disk space : (C:) 13.94 GB (D:) 45.92 GB
- display mode : 1440x810, 32 bit
- process id : $2f5c
- allocated memory : 2.34 GB
- largest free block : 131025.51 GB
- executable : DynDOLODx64_SSE.exe
- exec. date/time : 2019-03-27 21:59
- version : 2.59.0.0
- compiled with : Delphi 10.2 Tokyo
- madExcept version : 5.0.0
- callstack crc : $b4d9a7a0, $1a922465, $62dbb214
- exception number : 1
- exception class : EAccessViolation
- exception message : Access violation at address 0000000001584BC3 in module 'DynDOLODx64_SSE.exe'. Read of address 0000000000000000.
- main thread ($2844):
- 01584bc3 +053 DynDOLODx64_SSE.exe wbScriptAdapterDynDOLOD 570 +5 FileByLoadOrder
- 0158e26d +06d DynDOLODx64_SSE.exe wbScriptAdapterDynDOLOD 2258 +4 FileNameToLoadOrder
- 01595e2b +5cb DynDOLODx64_SSE.exe wbScriptAdapterDynDOLOD 2953 +29 LoadOSLFromFile2
- 015ee8a5 +0b5 DynDOLODx64_SSE.exe wbScriptAdapterDynDOLOD 14760 +2 Dyn_LoadOSLFromFile2
- 013d5cdf +0bf DynDOLODx64_SSE.exe JvInterpreter 4316 +10 GetFun
- 013d66fb +31b DynDOLODx64_SSE.exe JvInterpreter 4514 +96 TJvInterpreterAdapter.GetValue
- 013dcd9c +09c DynDOLODx64_SSE.exe JvInterpreter 6277 +4 TJvInterpreterExpression.GetValue
- 013ddede +0ae DynDOLODx64_SSE.exe JvInterpreter 6568 +17 TJvInterpreterFunction.GetValue
- 013e3b95 +045 DynDOLODx64_SSE.exe JvInterpreter 8277 +1 TJvInterpreterUnit.GetValue
- 013dbec0 +260 DynDOLODx64_SSE.exe JvInterpreter 6062 +31 TJvInterpreterExpression.InternalGetValue
- 013df4ae +07e DynDOLODx64_SSE.exe JvInterpreter 6979 +8 TJvInterpreterFunction.InterpretIdentifier
- 013de0e0 +0e0 DynDOLODx64_SSE.exe JvInterpreter 6606 +6 TJvInterpreterFunction.InterpretStatement
- 013df671 +111 DynDOLODx64_SSE.exe JvInterpreter 7015 +19 TJvInterpreterFunction.InterpretBegin
- 013ddcb9 +059 DynDOLODx64_SSE.exe JvInterpreter 6517 +11 TJvInterpreterFunction.InFunction
- 013e4188 +0d8 DynDOLODx64_SSE.exe JvInterpreter 8368 +14 TJvInterpreterUnit.ExecFunction
- 013e3d94 +244 DynDOLODx64_SSE.exe JvInterpreter 8308 +32 TJvInterpreterUnit.GetValue
- 013dbec0 +260 DynDOLODx64_SSE.exe JvInterpreter 6062 +31 TJvInterpreterExpression.InternalGetValue
- 013d9f79 +4d9 DynDOLODx64_SSE.exe JvInterpreter 5620 +14 Expression
- 013da852 +db2 DynDOLODx64_SSE.exe JvInterpreter 5738 +132 Expression
- 013daf9f +05f DynDOLODx64_SSE.exe JvInterpreter 5830 +5 TJvInterpreterExpression.Expression1
- 013db0c9 +039 DynDOLODx64_SSE.exe JvInterpreter 5852 +4 TJvInterpreterExpression.Expression2
- 013df730 +030 DynDOLODx64_SSE.exe JvInterpreter 7031 +2 TJvInterpreterFunction.InterpretIf
- 013de139 +139 DynDOLODx64_SSE.exe JvInterpreter 6618 +18 TJvInterpreterFunction.InterpretStatement
- 013df671 +111 DynDOLODx64_SSE.exe JvInterpreter 7015 +19 TJvInterpreterFunction.InterpretBegin
- 013de12f +12f DynDOLODx64_SSE.exe JvInterpreter 6616 +16 TJvInterpreterFunction.InterpretStatement
- 013dfe86 +2a6 DynDOLODx64_SSE.exe JvInterpreter 7197 +34 TJvInterpreterFunction.InterpretFor
- 013de157 +157 DynDOLODx64_SSE.exe JvInterpreter 6626 +26 TJvInterpreterFunction.InterpretStatement
- 013df671 +111 DynDOLODx64_SSE.exe JvInterpreter 7015 +19 TJvInterpreterFunction.InterpretBegin
- 013de12f +12f DynDOLODx64_SSE.exe JvInterpreter 6616 +16 TJvInterpreterFunction.InterpretStatement
- 013df7af +0af DynDOLODx64_SSE.exe JvInterpreter 7052 +23 TJvInterpreterFunction.InterpretIf
- 013de139 +139 DynDOLODx64_SSE.exe JvInterpreter 6618 +18 TJvInterpreterFunction.InterpretStatement
- 013e1303 +103 DynDOLODx64_SSE.exe JvInterpreter 7580 +24 TJvInterpreterFunction.InterpretTry
- 013de173 +173 DynDOLODx64_SSE.exe JvInterpreter 6632 +32 TJvInterpreterFunction.InterpretStatement
- 013df671 +111 DynDOLODx64_SSE.exe JvInterpreter 7015 +19 TJvInterpreterFunction.InterpretBegin
- 013ddcb9 +059 DynDOLODx64_SSE.exe JvInterpreter 6517 +11 TJvInterpreterFunction.InFunction
- 013e4188 +0d8 DynDOLODx64_SSE.exe JvInterpreter 8368 +14 TJvInterpreterUnit.ExecFunction
- 013e4672 +222 DynDOLODx64_SSE.exe JvInterpreter 8427 +27 TJvInterpreterUnit.CallFunctionEx
- 013e43eb +0eb DynDOLODx64_SSE.exe JvInterpreter 8390 +1 TJvInterpreterUnit.CallFunction
- 0151f60e +19e DynDOLODx64_SSE.exe frmViewMain 7946 +10 TfrmMain.ApplyScript$ActRec.$0$Body
- 01550bb8 +268 DynDOLODx64_SSE.exe frmViewMain 13969 +30 TfrmMain.PerformLongAction
- 015214d4 +724 DynDOLODx64_SSE.exe frmViewMain 7935 +74 TfrmMain.ApplyScript
- 0150c896 +2c6 DynDOLODx64_SSE.exe frmViewMain 4742 +25 TfrmMain.DoRunScript
- 0156160b +04b DynDOLODx64_SSE.exe frmViewMain 16523 +8 TfrmMain.tmrGeneratorTimer
- 00788090 +020 DynDOLODx64_SSE.exe Vcl.ExtCtrls TTimer.Timer
- 00787eb8 +038 DynDOLODx64_SSE.exe Vcl.ExtCtrls TTimer.WndProc
- 005e3cb3 +023 DynDOLODx64_SSE.exe System.Classes StdWndProc
- 7ffee0be +1ed USER32.dll DispatchMessageW
- 00843e1e +12e DynDOLODx64_SSE.exe Vcl.Forms TApplication.ProcessMessage
- 00843e93 +013 DynDOLODx64_SSE.exe Vcl.Forms TApplication.HandleMessage
- 008442e1 +0e1 DynDOLODx64_SSE.exe Vcl.Forms TApplication.Run
- 0162395e +0ce DynDOLODx64_SSE.exe DynDOLOD 162 +18 initialization
- 7ffee05b +00e KERNEL32.DLL BaseThreadInitThunk
- 7ffee24a +01b ntdll.dll RtlUserThreadStart
- thread $c60:
- 7ffee05b +0e KERNEL32.DLL BaseThreadInitThunk
- 7ffee24a +1b ntdll.dll RtlUserThreadStart
- thread $3f70:
- 7ffee05b +0e KERNEL32.DLL BaseThreadInitThunk
- 7ffee24a +1b ntdll.dll RtlUserThreadStart
- thread $21cc:
- 7ffee05b +0e KERNEL32.DLL BaseThreadInitThunk
- 7ffee24a +1b ntdll.dll RtlUserThreadStart
- thread $33e0:
- 7ffee0bf +97 USER32.dll MsgWaitForMultipleObjectsEx
- 7ffee0bf +3e USER32.dll MsgWaitForMultipleObjects
- 7ffee05b +0e KERNEL32.DLL BaseThreadInitThunk
- 7ffee24a +1b ntdll.dll RtlUserThreadStart
- thread $3a70:
- 7ffedf40 +8c KERNELBASE.dll WaitForSingleObjectEx
- 0085aece +2e DynDOLODx64_SSE.exe VirtualTrees.WorkerThread 155 +4 TWorkerThread.Execute
- 00507e44 +24 DynDOLODx64_SSE.exe madExcept HookedTThreadExecute
- 005de530 +40 DynDOLODx64_SSE.exe System.Classes ThreadProc
- 0041155a +3a DynDOLODx64_SSE.exe System ThreadWrapper
- 00507d19 +49 DynDOLODx64_SSE.exe madExcept ThreadExceptFrame
- 7ffee05b +0e KERNEL32.DLL BaseThreadInitThunk
- 7ffee24a +1b ntdll.dll RtlUserThreadStart
- thread $3960:
- 7ffedf42 +100 KERNELBASE.dll WaitForMultipleObjectsEx
- 00507d19 +049 DynDOLODx64_SSE.exe madExcept ThreadExceptFrame
- 7ffee05b +00e KERNEL32.DLL BaseThreadInitThunk
- 7ffee24a +01b ntdll.dll RtlUserThreadStart
- thread $1984:
- 7ffee05b +0e KERNEL32.DLL BaseThreadInitThunk
- 7ffee24a +1b ntdll.dll RtlUserThreadStart
- thread $33fc:
- 7ffee05b +0e KERNEL32.DLL BaseThreadInitThunk
- 7ffee24a +1b ntdll.dll RtlUserThreadStart
- modules:
- 00400000 DynDOLODx64_SSE.exe 2.59.0.0 D:\downloads\DynDOLOD
- 7ffeb1c9 dataexchange.dll 10.0.18362.1 C:\WINDOWS\system32
- 7ffeb8c8 FaultRep.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffebe41 oledlg.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffec0ed oleacc.dll 7.2.18362.1 C:\WINDOWS\SYSTEM32
- 7ffec0ff winspool.drv 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffec3a4 MSFTEDIT.DLL 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffecbcc COMCTL32.dll 6.10.18362.1 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1_none_d1d7e625244f8f11
- 7ffecbf5 gdiplus.dll 10.0.18362.1 C:\WINDOWS\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.1_none_519f554337e7ab39
- 7ffecc34 wininet.dll 11.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffecd33 dbghelp.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffece98 dbgcore.DLL 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffeceed wsock32.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffecefb mpr.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffed0d0 DWrite.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffed41d iertutil.dll 11.0.18362.1 C:\WINDOWS\System32
- 7ffed595 TextInputFramework.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffed8ae version.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffed940 netapi32.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffed974 WindowsCodecs.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffed9d9 CoreUIComponents.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffeda35 wintypes.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffeda88 wtsapi32.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffedaaa WINMMBASE.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffedab4 winmm.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffedb0f PROPSYS.dll 7.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffedc36 d3d11.dll 10.0.18362.1 C:\WINDOWS\system32
- 7ffedcb6 dcomp.dll 10.0.18362.1 C:\WINDOWS\system32
- 7ffedd0c CoreMessaging.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffedd44 apphelp.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffedd58 uxtheme.dll 10.0.18362.1 C:\WINDOWS\system32
- 7ffedd6f twinapi.appcore.dll 10.0.18362.1 C:\WINDOWS\system32
- 7ffedda4 DWMAPI.DLL 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffeddb5 RMCLIENT.dll 10.0.18362.1 C:\WINDOWS\system32
- 7ffede04 dxcore.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffede06 dxgi.dll 10.0.18362.1 C:\WINDOWS\system32
- 7ffede42 WINSTA.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffede52 ntmarta.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffede8e IPHLPAPI.DLL 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffede9f NETUTILS.DLL 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffedf20 SspiCli.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- 7ffedf31 UMPDC.dll C:\WINDOWS\System32
- 7ffedf32 profapi.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffedf34 kernel.appcore.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffedf38 powrprof.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffedf3d KERNELBASE.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffedf68 cryptsp.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffedf6a win32u.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffedf6d gdi32full.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffedf87 windows.storage.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffedfff ucrtbase.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee00f bcryptPrimitives.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee02d bcrypt.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee041 msvcp_win.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee04b cfgmgr32.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee050 msvcrt.dll 7.0.18362.1 C:\WINDOWS\System32
- 7ffee05a KERNEL32.DLL 10.0.18362.1 C:\WINDOWS\System32
- 7ffee066 clbcatq.dll 2001.12.10941.16384 C:\WINDOWS\System32
- 7ffee071 shcore.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee07d GDI32.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee080 combase.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee0b4 IMM32.DLL 10.0.18362.1 C:\WINDOWS\System32
- 7ffee0bd USER32.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee0d7 oleaut32.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee0ff WS2_32.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee107 advapi32.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee112 ole32.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee130 MSCTF.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee144 SHLWAPI.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee199 sechost.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee1a9 PSAPI.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee1aa comdlg32.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee1be RPCRT4.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee1d2 SHELL32.dll 10.0.18362.1 C:\WINDOWS\System32
- 7ffee244 ntdll.dll 10.0.18362.1 C:\WINDOWS\SYSTEM32
- processes:
- 0000 Idle 0 0 0
- 0004 System 0 0 0
- 0078 Registry 0 0 0
- 0184 smss.exe 0 0 0
- 023c csrss.exe 0 0 0
- 02a8 wininit.exe 0 0 0
- 02b0 csrss.exe 1 0 0
- 02f0 services.exe 0 0 0
- 0304 lsass.exe 0 0 0
- 0380 svchost.exe 0 0 0
- 039c svchost.exe 0 0 0
- 03b0 fontdrvhost.exe 0 0 0
- 03bc WUDFHost.exe 0 0 0
- 01f0 svchost.exe 0 0 0
- 0224 svchost.exe 0 0 0
- 03b8 winlogon.exe 1 0 0
- 042c fontdrvhost.exe 1 0 0
- 0470 dwm.exe 1 0 0
- 0498 svchost.exe 0 0 0
- 04a0 svchost.exe 0 0 0
- 0538 svchost.exe 0 0 0
- 0540 svchost.exe 0 0 0
- 0588 svchost.exe 0 0 0
- 05b8 svchost.exe 0 0 0
- 05c4 svchost.exe 0 0 0
- 05d8 svchost.exe 0 0 0
- 0628 svchost.exe 0 0 0
- 0670 svchost.exe 0 0 0
- 06e0 svchost.exe 0 0 0
- 0738 svchost.exe 0 0 0
- 077c svchost.exe 0 0 0
- 07ac SynTPEnhService.exe 0 0 0
- 07bc svchost.exe 0 0 0
- 07e0 svchost.exe 0 0 0
- 0770 svchost.exe 0 0 0
- 0890 NVDisplay.Container.exe 0 0 0
- 08a8 svchost.exe 0 0 0
- 08dc svchost.exe 0 0 0
- 0924 svchost.exe 0 0 0
- 0950 svchost.exe 0 0 0
- 0958 svchost.exe 0 0 0
- 0960 svchost.exe 0 0 0
- 09a8 svchost.exe 0 0 0
- 09e8 Memory Compression 0 0 0
- 0a28 svchost.exe 0 0 0
- 0a50 svchost.exe 0 0 0
- 0a60 svchost.exe 0 0 0
- 0a8c igfxCUIService.exe 0 0 0
- 0aec svchost.exe 0 0 0
- 0afc svchost.exe 0 0 0
- 0b80 svchost.exe 0 0 0
- 0c08 svchost.exe 0 0 0
- 0c78 svchost.exe 0 0 0
- 0c80 svchost.exe 0 0 0
- 0c88 svchost.exe 0 0 0
- 0d2c svchost.exe 0 0 0
- 0da8 svchost.exe 0 0 0
- 0de8 svchost.exe 0 0 0
- 0e6c spoolsv.exe 0 0 0
- 0ea8 svchost.exe 0 0 0
- 0f20 AdminService.exe 0 0 0
- 0f30 AppleMobileDeviceService.exe 0 0 0
- 0f50 svchost.exe 0 0 0
- 0f64 svchost.exe 0 0 0
- 0f70 dnscrypt-proxy.exe 0 0 0
- 0f78 svchost.exe 0 0 0
- 0f80 OfficeClickToRun.exe 0 0 0
- 0fac svchost.exe 0 0 0
- 0e18 MBAMService.exe 0 0 0
- 0ec8 MSIService.exe 0 0 0
- 1010 ChargeService.exe 0 0 0
- 1060 NvTelemetryContainer.exe 0 0 0
- 1068 runSW.exe 0 0 0
- 1070 svchost.exe 0 0 0
- 107c RtlService.exe 0 0 0
- 1088 svchost.exe 0 0 0
- 10cc svchost.exe 0 0 0
- 10d4 SurSvc.exe 0 0 0
- 1110 VSSVC.exe 0 0 0
- 1134 svchost.exe 0 0 0
- 1148 svchost.exe 0 0 0
- 11ec svchost.exe 0 0 0
- 1234 svchost.exe 0 0 0
- 125c dasHost.exe 0 0 0
- 1278 wlanext.exe 0 0 0
- 12ac KillerNetworkService.exe 0 0 0
- 12c0 conhost.exe 0 0 0
- 12c8 svchost.exe 0 0 0
- 1464 SwUSB.exe 1 0 0
- 1498 xTendUtilityService.exe 0 0 0
- 16bc svchost.exe 0 0 0
- 17a0 xTendUtility.exe 0 0 0
- 17c0 conhost.exe 0 0 0
- 1968 svchost.exe 0 0 0
- 1a28 dasHost.exe 0 0 0
- 1a8c NVDisplay.Container.exe 1 0 0
- 18d4 SearchIndexer.exe 0 0 0
- 1150 GamingServicesNet.exe 0 0 0
- 1ec4 svchost.exe 0 0 0
- 1d38 svchost.exe 0 0 0
- 1128 dllhost.exe 0 0 0
- 11b4 svchost.exe 0 0 0
- 1224 svchost.exe 0 0 0
- 12bc svchost.exe 0 0 0
- 1938 jhi_service.exe 0 0 0
- 0368 LMS.exe 0 0 0
- 06f4 SgrmBroker.exe 0 0 0
- 051c svchost.exe 0 0 0
- 0230 svchost.exe 0 0 0
- 0c9c svchost.exe 0 0 0
- 07f8 GamingServices.exe 0 0 0
- 1194 svchost.exe 0 0 0
- 0c44 svchost.exe 0 0 0
- 02c8 svchost.exe 0 0 0
- 1ff4 svchost.exe 0 0 0
- 0b74 SecurityHealthService.exe 0 0 0
- 11a0 mbamtray.exe 1 33 38 normal C:\Program Files\Malwarebytes\Anti-Malware
- 0e1c sihost.exe 1 0 13 normal C:\Windows\System32
- 14a8 svchost.exe 1 0 1 normal C:\Windows\System32
- 05d0 PresentationFontCache.exe 0 0 0
- 0984 svchost.exe 1 0 4 normal C:\Windows\System32
- 1de8 taskhostw.exe 1 8 6 normal C:\Windows\System32
- 2004 svchost.exe 0 0 0
- 2038 ctfmon.exe 1 2 22 high C:\Windows\System32
- 2160 igfxEM.exe 1 10 14 normal C:\Windows\System32
- 217c igfxHK.exe 1 10 13 normal C:\Windows\System32
- 21fc explorer.exe 1 1259 528 normal C:\Windows
- 22dc StartMenu.exe 1 0 5 normal C:\Program Files\Classic Start
- 2300 svchost.exe 1 36 15 normal C:\Windows\System32
- 23d4 SynTPEnh.exe 1 88 46 above normal C:\Windows\System32
- 20d4 A7000.EXE 1 0 0
- 20f8 svchost.exe 0 0 0
- 233c SynTPHelper.exe 1 0 5 above normal C:\Windows\System32
- 241c StartMenuExperienceHost.exe 1 0 13 normal C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy
- 24bc RuntimeBroker.exe 1 40 2 normal C:\Windows\System32
- 2530 SearchUI.exe 1 12 43 normal C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy
- 25c0 RuntimeBroker.exe 1 36 2 normal C:\Windows\System32
- 27f4 RuntimeBroker.exe 1 0 1 normal C:\Windows\System32
- 07a8 dllhost.exe 1 2 4 normal C:\Windows\System32
- 279c SecurityHealthSystray.exe 1 7 5 normal C:\Windows\System32
- 2264 ApplicationFrameHost.exe 1 36 31 normal C:\Windows\System32
- 2370 Music.UI.exe 1 13 30 normal C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19011.11311.0_x64__8wekyb3d8bbwe
- 2ab8 Discord.exe 1 84 50 normal C:\Users\Jesse\AppData\Local\Discord\app-0.0.305
- 2bc0 Discord.exe 1 7 10 normal C:\Users\Jesse\AppData\Local\Discord\app-0.0.305
- 0ca8 Discord.exe 1 0 3 normal C:\Users\Jesse\AppData\Local\Discord\app-0.0.305
- 22f8 Discord.exe 1 5 11 normal C:\Users\Jesse\AppData\Local\Discord\app-0.0.305
- 2cf4 ShellExperienceHost.exe 1 13 62 normal C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy
- 2d94 RuntimeBroker.exe 1 40 12 normal C:\Windows\System32
- 27ec Discord.exe 1 2 12 normal C:\Users\Jesse\AppData\Local\Discord\app-0.0.305
- 2e3c Discord.exe 1 1 1 normal C:\Users\Jesse\AppData\Local\Discord\app-0.0.305
- 2fbc svchost.exe 1 0 1 normal C:\Windows\System32
- 1aa0 Steam.exe 1 606 156 normal C:\Program Files (x86)\Steam
- 2b00 steamwebhelper.exe 1 21 25 normal C:\Program Files (x86)\Steam\bin\cef\cef.win7x64
- 0b3c steamwebhelper.exe 1 0 4 normal C:\Program Files (x86)\Steam\bin\cef\cef.win7x64
- 2874 steamwebhelper.exe 1 1 1 normal C:\Program Files (x86)\Steam\bin\cef\cef.win7x64
- 2320 steamwebhelper.exe 1 0 0 above normal C:\Program Files (x86)\Steam\bin\cef\cef.win7x64
- 2ecc steamwebhelper.exe 1 0 0 normal C:\Program Files (x86)\Steam\bin\cef\cef.win7x64
- 28ec WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe 1 0 24 normal C:\Windows\SystemApps\InputApp_cw5n1h2txyewy
- 0cd4 palemoon.exe 1 126 123 normal C:\Program Files\Pale Moon
- 0cc8 svchost.exe 0 0 0
- 01d8 SystemSettingsBroker.exe 1 0 6 normal C:\Windows\System32
- 12b8 svchost.exe 0 0 0
- 2b10 iPodService.exe 0 0 0
- 2e74 SyncServer.exe 1 0 1 normal C:\Program Files (x86)\Common Files\Apple\Mobile Device Support
- 2df8 conhost.exe 1 0 1 normal C:\Windows\System32
- 255c Microsoft.Photos.exe 1 0 9 normal C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.14910.0_x64__8wekyb3d8bbwe
- 01a4 RuntimeBroker.exe 1 36 7 normal C:\Windows\System32
- 2918 svchost.exe 0 0 0
- 2650 svchost.exe 0 0 0
- 0080 svchost.exe 0 0 0
- 084c YourPhone.exe 1 0 9 normal C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19031.61.0_x64__8wekyb3d8bbwe
- 228c RuntimeBroker.exe 1 0 1 normal C:\Windows\System32
- 2e98 smartscreen.exe 1 0 5 normal C:\Windows\System32
- 2a1c dllhost.exe 1 0 3 normal C:\Windows\System32
- 3788 RuntimeBroker.exe 1 36 5 normal C:\Windows\System32
- 3020 SearchProtocolHost.exe 0 0 0
- 3150 svchost.exe 0 0 0
- 2c18 audiodg.exe 0 0 0
- 3888 RuntimeBroker.exe 1 41 16 normal C:\Windows\System32
- 34ac rundll32.exe 1 0 2 normal C:\Windows\System32
- 1d68 PaintDotNet.exe 1 250 205 normal D:\Program Files\paint.net
- 3ee8 MicrosoftEdge.exe 1 11 59 normal C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe
- 3f50 browser_broker.exe 1 0 3 normal C:\Windows\System32
- 3cec MicrosoftEdgeSH.exe 1 0 9 normal C:\Windows\System32
- 3f08 MicrosoftEdgeCP.exe 1 0 49 normal C:\Windows\System32
- 388c WmiPrvSE.exe 0 0 0
- 3adc WmiPrvSE.exe 0 0 0
- 3a64 svchost.exe 0 0 0
- 2f5c DynDOLODx64_SSE.exe 1 202 89 normal D:\Downloads\DynDOLOD
- hardware:
- + {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
- - Fax
- - HPE143C1 (HP ENVY 4520 series)
- - Microsoft Print to PDF
- - Microsoft XPS Document Writer
- - Root Print Queue
- - Send To OneNote 2016
- + {36fc9e60-c465-11cf-8056-444553540000}
- - Apple Mobile Device USB Driver (driver 6.0.9999.69)
- - Generic USB Hub
- - Generic USB Hub
- - Intel(R) 8 Series/C220 Series USB EHCI #1 - 8C26
- - Intel(R) 8 Series/C220 Series USB EHCI #2 - 8C2D
- - Intel(R) USB 3.0 eXtensible Host Controller - 1.0 (Microsoft)
- - USB Composite Device
- - USB Root Hub
- - USB Root Hub
- - USB Root Hub (USB 3.0)
- + {4d36e965-e325-11ce-bfc1-08002be10318}
- - TSSTcorp BDDVDW SN-506BB
- + {4d36e966-e325-11ce-bfc1-08002be10318}
- - ACPI x64-based PC
- + {4d36e967-e325-11ce-bfc1-08002be10318}
- - HGST HTS721010A9E630
- - TOSHIBA THNSNH128GMCT
- + {4d36e968-e325-11ce-bfc1-08002be10318}
- - Intel(R) HD Graphics 4600 (driver 20.19.15.5063)
- - NVIDIA GeForce GTX 880M (driver 25.21.14.2511)
- + {4d36e96a-e325-11ce-bfc1-08002be10318}
- - Intel(R) 8 Series Chipset Family SATA AHCI Controller (driver 14.8.18.1066)
- + {4d36e96b-e325-11ce-bfc1-08002be10318}
- - HID Keyboard Device
- - SteelSeries PS/2 Keyboard (driver 1.0.10.0)
- + {4d36e96c-e325-11ce-bfc1-08002be10318}
- - High Definition Audio Device
- + {4d36e96e-e325-11ce-bfc1-08002be10318}
- - Generic PnP Monitor
- + {4d36e96f-e325-11ce-bfc1-08002be10318}
- - HID-compliant mouse
- - Synaptics PS/2 Port Compatible TouchPad (driver 19.0.24.1)
- + {4d36e970-e325-11ce-bfc1-08002be10318}
- - Realtek PCIE CardReader (driver 10.0.17134.21306)
- + {4d36e972-e325-11ce-bfc1-08002be10318}
- - Killer E2200 Gigabit Ethernet Controller (driver 9.0.0.46)
- - Killer Wireless-N 1202 Network Adapter (driver 10.0.0.355)
- - Microsoft Kernel Debug Network Adapter
- - Microsoft Wi-Fi Direct Virtual Adapter #16
- - Microsoft Wi-Fi Direct Virtual Adapter #17
- - NETGEAR A7000 WiFi USB3.0 Adapter (driver 1030.25.701.2017)
- - VirtualBox Host-Only Ethernet Adapter (driver 6.0.4.0)
- - WAN Miniport (IKEv2)
- - WAN Miniport (IP)
- - WAN Miniport (IPv6)
- - WAN Miniport (L2TP)
- - WAN Miniport (Network Monitor)
- - WAN Miniport (PPPOE)
- - WAN Miniport (PPTP)
- - WAN Miniport (SSTP)
- + {4d36e979-e325-11ce-bfc1-08002be10318}
- - HP ENVY 4520 series (driver 20.79.1.6594)
- + {4d36e97b-e325-11ce-bfc1-08002be10318}
- - Microsoft Storage Spaces Controller
- - Xvdd SCSI Miniport (driver 10.0.18345.1)
- + {4d36e97d-e325-11ce-bfc1-08002be10318}
- - ACPI Fixed Feature Button
- - ACPI Lid
- - ACPI Power Button
- - ACPI Thermal Zone
- - Charge Arbitration Driver
- - Composite Bus Enumerator
- - Direct memory access controller
- - High Definition Audio Controller
- - High precision event timer
- - Intel(R) 8 Series/C220 Series PCI Express Root Port #1 - 8C10 (driver 10.1.1.38)
- - Intel(R) 8 Series/C220 Series PCI Express Root Port #3 - 8C14 (driver 10.1.1.38)
- - Intel(R) 8 Series/C220 Series PCI Express Root Port #4 - 8C16 (driver 10.1.1.38)
- - Intel(R) 8 Series/C220 Series PCI Express Root Port #5 - 8C18 (driver 10.1.1.38)
- - Intel(R) Extreme Tuning Utility Device Driver (driver 14.35.1.69)
- - Intel(R) HM87 LPC Controller - 8C4B (driver 10.1.1.38)
- - Intel(R) Management Engine Interface (driver 11.7.0.1057)
- - Intel(R) Watchdog Timer Driver (Intel(R) WDT) (driver 11.0.0.1007)
- - Intel(R) Xeon(R) processor E3 - 1200 v3/4th Gen Core processor DRAM Controller - 0C04 (driver 10.1.1.38)
- - Intel(R) Xeon(R) processor E3 - 1200 v3/4th Gen Core processor PCI Express x16 Controller - 0C01 (driver 10.1.1.38)
- - Legacy device
- - Microsoft ACPI-Compliant Embedded Controller
- - Microsoft ACPI-Compliant System
- - Microsoft Basic Display Driver
- - Microsoft Basic Render Driver
- - Microsoft Hyper-V Virtualization Infrastructure Driver
- - Microsoft System Management BIOS Driver
- - Microsoft UEFI-Compliant System
- - Microsoft Virtual Drive Enumerator
- - Microsoft Windows Management Interface for ACPI
- - Microsoft Windows Management Interface for ACPI
- - Motherboard resources
- - Motherboard resources
- - Motherboard resources
- - NDIS Virtual Network Adapter Enumerator
- - Numeric data processor
- - PCI Express Root Complex
- - Plug and Play Software Device Enumerator
- - Programmable interrupt controller
- - Remote Desktop Camera Bus
- - Remote Desktop Device Redirector Bus
- - Remote Desktop USB Hub
- - SteelSeries Universal Bus Enumerator (driver 2.4.3.2)
- - Synaptics SMBus Driver (driver 19.0.24.1)
- - System CMOS/real time clock
- - System timer
- - UMBus Enumerator
- - UMBus Enumerator
- - UMBus Enumerator
- - UMBus Root Bus Enumerator
- - Volume Manager
- + {50127dc3-0f36-415e-a6cc-4cb3be910b65}
- - Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
- - Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
- - Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
- - Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
- - Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
- - Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
- - Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
- - Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
- + {5c4c3332-344d-483c-8739-259e934c9cc8}
- - Killer Networking Software (driver 1.6.2142.0)
- + {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
- - Bluetooth
- - HP ENVY 4520 series [E143C1]
- - HPE143C1 (HP ENVY 4520 series)
- - HPE143C1 (HP ENVY 4520 series)
- - Microsoft Device Association Root Enumerator
- - Microsoft GS Wavetable Synth
- - Microsoft Radio Device Enumeration Bus
- - Microsoft RRAS Root Enumerator
- - Wi-Fi 2
- + {6bdd1fc6-810f-11d0-bec7-08002be2092f}
- - HPE143C1 (HP ENVY 4520 series)
- + {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
- - Microsoft AC Adapter
- - Microsoft ACPI-Compliant Control Method Battery
- + {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
- - HID-compliant consumer control device
- - HID-compliant vendor-defined device
- - HID-compliant wireless radio controls
- - Radio Switch Device (driver 1.1.8.0)
- - USB Input Device
- - USB Input Device
- - USB Input Device
- - USB Input Device
- + {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
- - Digital Audio (S/PDIF) (High Definition Audio Device)
- - Microphone (High Definition Audio Device)
- - Speakers (High Definition Audio Device)
- + {c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}
- - HPE143C1 (HP ENVY 4520 series)
- + {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
- - Qualcomm Atheros AR3012 Bluetooth 4.0 (driver 10.0.3.14)
- + {eec5ad98-8080-425f-922a-dabf3de3f69a}
- - Apple iPhone
- + {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
- - LENOVO H110 System Firmware 0.30 (driver 0.0.0.30)
- cpu registers:
- rax = 0000000000000000
- rbx = 0000000001d6cf88
- rcx = 0000000000000000
- rdx = 000000000000001c
- rsi = 000000000000001c
- rdi = 0000000000000041
- rip = 0000000001584bc3
- rsp = 0000000001d6cef0
- rbp = 0000000001d6cf40
- r8 = 0000000000000000
- r9 = 0000000000000014
- r10 = 00000000006e0055
- r11 = 00000000006b0053
- r12 = 0000000000000113
- r13 = 0000000000000041
- r14 = 0000000000000116
- r15 = 0000000000000000
- stack dump:
- 01d6cef0 cb 03 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01d6cf00 9e 09 09 00 00 00 00 00 - c4 00 00 00 00 00 00 00 ................
- 01d6cf10 10 d1 d6 01 00 00 00 00 - e0 6a be e0 fe 7f 00 00 .........j......
- 01d6cf20 02 00 6e 09 00 00 00 00 - 01 00 00 00 00 00 00 00 ..n.............
- 01d6cf30 00 00 00 00 00 00 00 00 - 12 00 00 80 00 00 00 00 ................
- 01d6cf40 00 00 00 00 00 00 00 00 - 40 d0 d6 01 00 00 00 00 ........@.......
- 01d6cf50 04 00 00 00 00 00 00 00 - 90 d7 d6 01 00 00 00 00 ................
- 01d6cf60 01 00 00 00 00 00 00 00 - 84 00 00 00 00 00 00 00 ................
- 01d6cf70 00 00 00 00 00 00 00 00 - 00 00 00 00 12 00 00 80 ................
- 01d6cf80 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01d6cf90 48 fc ef 08 00 00 00 00 - 04 00 00 00 00 00 00 00 H...............
- 01d6cfa0 48 00 00 00 00 00 00 00 - 01 00 00 00 fe 7f 00 00 H...............
- 01d6cfb0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
- 01d6cfc0 70 00 00 00 00 00 00 00 - ff ff ff ff ff ff ff ff p...............
- 01d6cfd0 ff ff ff ff ff ff ff ff - a4 66 be e0 fe 7f 00 00 .........f......
- 01d6cfe0 e0 6a be e0 fe 7f 00 00 - 2e a9 56 09 00 00 00 00 .j........V.....
- 01d6cff0 00 d1 d6 01 00 00 00 00 - e1 3a 6e df fe 7f 00 00 .........:n.....
- 01d6d000 2e a9 56 09 00 00 00 00 - 01 00 00 00 00 00 00 00 ..V.............
- 01d6d010 02 00 00 00 00 00 00 00 - 70 35 49 e2 fe 7f 00 00 ........p5I.....
- 01d6d020 00 00 d6 01 00 00 00 00 - 00 00 01 f5 ff ff ff ff ................
- disassembling:
- [...]
- 01584baf 570 movsxd r13, edi
- 01584bb2 mov rax, [$175ad30]
- 01584bb9 mov rax, [rax]
- 01584bbc mov rax, [rax+r13*8]
- 01584bc0 mov rcx, rax
- 01584bc3 > mov rax, [rax]
- 01584bc6 call qword ptr [rax+$4a8]
- 01584bcc shr eax, $10
- 01584bcf movsx rax, ax
- 01584bd3 cmp eax, esi
- 01584bd5 jnz loc_1584bef
- [...]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement