SmartHawk

9.2

极危

24 个模型检测该样本为恶意！

重新分析

下载样本

e7a02ed56e509bce287a6af67d610153a693f8b06dc3d9c4153bee01a9121da7

d6cd0fc60ee1b03a53cb02781369e47f.exe

分析耗时

130s

最近分析

文件大小

4.8MB

静态报毒动态报毒 AI SCORE=95 DECEPTPCCLEAN FLYZPK GENERIC PUA EN HFSADWARE HIGH CONFIDENCE OPTIMIZERPRO PCSPEEDUP R01FH0CDQ19 RISKTOOL SPEEDCHECKER SUSGEN UNSAFE 更多

未检测暂无鹰眼引擎检测结果

查杀引擎	查杀结果	查杀时间	查杀版本
McAfee	PCSpeedUp	20190606	6.0.6.653
Alibaba		20190527	0.3.0.5
Baidu		20190318	1.0.0.2
Avast		20190606	18.4.3895.0
Kingsoft		20190607	2013.8.14.323
Tencent		20190607	1.0.0.1
CrowdStrike		20190212	1.0

Queries for the computername (3 个事件)

Time & API	Arguments	Status	Return
1619927377.021373 GetComputerNameW	computer_name: OSKAR-PC	success	1
1619927377.193373 GetComputerNameW	computer_name: OSKAR-PC	success	1
1619927377.303373 GetComputerNameW	computer_name: OSKAR-PC	success	1

Checks if process is being debugged by a debugger (21 个事件)

Time & API	Arguments	Status	Return	Repeated
1619927371.80375 IsDebuggerPresent		failed	0	0
1619927434.600125 IsDebuggerPresent		failed	0	0
1619927434.64625 IsDebuggerPresent		failed	0	0
1619927435.69375 IsDebuggerPresent		failed	0	0
1619927437.881498 IsDebuggerPresent		failed	0	0
1619927439.553125 IsDebuggerPresent		failed	0	0
1619927440.568125 IsDebuggerPresent		failed	0	0
1619927440.5685 IsDebuggerPresent		failed	0	0
1619927441.756498 IsDebuggerPresent		failed	0	0
1619927441.67825 IsDebuggerPresent		failed	0	0
1619927443.975625 IsDebuggerPresent		failed	0	0
1619927444.865373 IsDebuggerPresent		failed	0	0
1619927447.006373 IsDebuggerPresent		failed	0	0
1619927449.646 IsDebuggerPresent		failed	0	0
1619927450.8185 IsDebuggerPresent		failed	0	0
1619927453.865625 IsDebuggerPresent		failed	0	0
1619927454.88125 IsDebuggerPresent		failed	0	0
1619927455.912625 IsDebuggerPresent		failed	0	0
1619927458.006125 IsDebuggerPresent		failed	0	0
1619927466.678125 IsDebuggerPresent		failed	0	0
1619927476.240875 IsDebuggerPresent		failed	0	0

This executable is signed

Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1619927374.475373 GlobalMemoryStatusEx		success	1	0

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 个事件)

section

.itext

One or more processes crashed (35 个事件)

Time & API	Arguments	Status
1619927379.896373 __exception__	stacktrace: itd_downloadfile-0x1da itdownload+0x2b072 @ 0x357b072 itd_downloadfile-0xbc5 itdownload+0x2a687 @ 0x357a687 itd_downloadfile+0x4e itd_downloadfiles-0x62 itdownload+0x2b29a @ 0x357b29a d6cd0fc60ee1b03a53cb02781369e47f+0x99dce @ 0x499dce d6cd0fc60ee1b03a53cb02781369e47f+0x9beb8 @ 0x49beb8 d6cd0fc60ee1b03a53cb02781369e47f+0xa1d12 @ 0x4a1d12 d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf928a @ 0x4f928a d6cd0fc60ee1b03a53cb02781369e47f+0xe46a7 @ 0x4e46a7 d6cd0fc60ee1b03a53cb02781369e47f+0x10011e @ 0x50011e BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5 registers.esp: 1637052 registers.edi: 59395728 registers.eax: 1637052 registers.ebp: 1637132 registers.edx: 0 registers.ebx: 0 registers.esi: 1 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927382.662373 __exception__	stacktrace: itd_downloadfile-0x1da itdownload+0x2b072 @ 0x357b072 itd_downloadfile-0xbc5 itdownload+0x2a687 @ 0x357a687 itd_downloadfile+0x4e itd_downloadfiles-0x62 itdownload+0x2b29a @ 0x357b29a d6cd0fc60ee1b03a53cb02781369e47f+0x99dce @ 0x499dce d6cd0fc60ee1b03a53cb02781369e47f+0x9beb8 @ 0x49beb8 d6cd0fc60ee1b03a53cb02781369e47f+0xa1d12 @ 0x4a1d12 d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf928a @ 0x4f928a d6cd0fc60ee1b03a53cb02781369e47f+0xe46a7 @ 0x4e46a7 d6cd0fc60ee1b03a53cb02781369e47f+0x10011e @ 0x50011e BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5 registers.esp: 1637052 registers.edi: 59395728 registers.eax: 1637052 registers.ebp: 1637132 registers.edx: 0 registers.ebx: 0 registers.esi: 1 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927385.412373 __exception__	stacktrace: itd_downloadfile-0x1da itdownload+0x2b072 @ 0x357b072 itd_downloadfile-0xbc5 itdownload+0x2a687 @ 0x357a687 itd_downloadfile+0x4e itd_downloadfiles-0x62 itdownload+0x2b29a @ 0x357b29a d6cd0fc60ee1b03a53cb02781369e47f+0x99dce @ 0x499dce d6cd0fc60ee1b03a53cb02781369e47f+0x9beb8 @ 0x49beb8 d6cd0fc60ee1b03a53cb02781369e47f+0xa1d12 @ 0x4a1d12 d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf928a @ 0x4f928a d6cd0fc60ee1b03a53cb02781369e47f+0xe46a7 @ 0x4e46a7 d6cd0fc60ee1b03a53cb02781369e47f+0x10011e @ 0x50011e BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5 registers.esp: 1637052 registers.edi: 59395728 registers.eax: 1637052 registers.ebp: 1637132 registers.edx: 0 registers.ebx: 0 registers.esi: 1 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927386.428373 __exception__	stacktrace: itd_downloadfile-0x1da itdownload+0x2b072 @ 0x357b072 itd_downloadfile-0xbc5 itdownload+0x2a687 @ 0x357a687 itd_downloadfile+0x4e itd_downloadfiles-0x62 itdownload+0x2b29a @ 0x357b29a d6cd0fc60ee1b03a53cb02781369e47f+0x99dce @ 0x499dce d6cd0fc60ee1b03a53cb02781369e47f+0x9beb8 @ 0x49beb8 d6cd0fc60ee1b03a53cb02781369e47f+0xa1d12 @ 0x4a1d12 d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf928a @ 0x4f928a d6cd0fc60ee1b03a53cb02781369e47f+0xe46a7 @ 0x4e46a7 d6cd0fc60ee1b03a53cb02781369e47f+0x10011e @ 0x50011e BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5 registers.esp: 1637052 registers.edi: 59395728 registers.eax: 1637052 registers.ebp: 1637132 registers.edx: 0 registers.ebx: 0 registers.esi: 1 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927386.943373 __exception__	stacktrace: itd_downloadfile-0x1da itdownload+0x2b072 @ 0x357b072 itd_downloadfile-0xbc5 itdownload+0x2a687 @ 0x357a687 itd_downloadfile+0x4e itd_downloadfiles-0x62 itdownload+0x2b29a @ 0x357b29a d6cd0fc60ee1b03a53cb02781369e47f+0x99dce @ 0x499dce d6cd0fc60ee1b03a53cb02781369e47f+0x9beb8 @ 0x49beb8 d6cd0fc60ee1b03a53cb02781369e47f+0xa1d12 @ 0x4a1d12 d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf928a @ 0x4f928a d6cd0fc60ee1b03a53cb02781369e47f+0xe46a7 @ 0x4e46a7 d6cd0fc60ee1b03a53cb02781369e47f+0x10011e @ 0x50011e BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5 registers.esp: 1637052 registers.edi: 59395728 registers.eax: 1637052 registers.ebp: 1637132 registers.edx: 0 registers.ebx: 0 registers.esi: 1 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927387.459373 __exception__	stacktrace: itd_downloadfile-0x1da itdownload+0x2b072 @ 0x357b072 itd_downloadfile-0xbc5 itdownload+0x2a687 @ 0x357a687 itd_downloadfile+0x4e itd_downloadfiles-0x62 itdownload+0x2b29a @ 0x357b29a d6cd0fc60ee1b03a53cb02781369e47f+0x99dce @ 0x499dce d6cd0fc60ee1b03a53cb02781369e47f+0x9beb8 @ 0x49beb8 d6cd0fc60ee1b03a53cb02781369e47f+0xa1d12 @ 0x4a1d12 d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf928a @ 0x4f928a d6cd0fc60ee1b03a53cb02781369e47f+0xe46a7 @ 0x4e46a7 d6cd0fc60ee1b03a53cb02781369e47f+0x10011e @ 0x50011e BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5 registers.esp: 1637052 registers.edi: 59395728 registers.eax: 1637052 registers.ebp: 1637132 registers.edx: 0 registers.ebx: 0 registers.esi: 1 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927433.818373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927433.834373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927435.240373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927435.240373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927436.490373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927436.506373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927438.646373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927438.646373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927440.240373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927440.240373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927442.037373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927442.053373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927444.178373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927444.178373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927446.834373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927446.834373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927450.037373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927450.037373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927453.381373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927453.396373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927456.881373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927456.881373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927458.006373 __exception__	stacktrace: itd_downloadfile-0x17e72 itdownload+0x133da @ 0x35633da itd_downloadfile-0x17f4f itdownload+0x132fd @ 0x35632fd itd_downloadfile-0x2ac itdownload+0x2afa0 @ 0x357afa0 itd_downloadfile-0xbc5 itdownload+0x2a687 @ 0x357a687 itd_downloadfile+0x4e itd_downloadfiles-0x62 itdownload+0x2b29a @ 0x357b29a d6cd0fc60ee1b03a53cb02781369e47f+0x99dce @ 0x499dce d6cd0fc60ee1b03a53cb02781369e47f+0x9beb8 @ 0x49beb8 d6cd0fc60ee1b03a53cb02781369e47f+0xa1d12 @ 0x4a1d12 d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d registers.esp: 1631924 registers.edi: 65535 registers.eax: 1631924 registers.ebp: 1632004 registers.edx: 0 registers.ebx: 69686080 registers.esi: 69448832 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927464.865373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927464.865373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927474.600373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927474.600373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success
1619927479.537373 __exception__	stacktrace: RpcRaiseException+0x42 I_RpcExceptionFilter-0x12 rpcrt4+0x2374b @ 0x75c9374b DllDebugObjectRPCHook+0x108 HACCEL_UserFree-0x5 ole32+0x13f777 @ 0x7682f777 NdrPointerFree+0x1b9 IUnknown_Release_Proxy-0xb rpcrt4+0x3419a @ 0x75ca419a NdrClientCall2+0x118 RpcAsyncInitializeHandle-0xf1 rpcrt4+0xb011d @ 0x75d2011d WdtpInterfacePointer_UserUnmarshal+0x166b DllDebugObjectRPCHook-0x2d8d ole32+0x13c8e2 @ 0x7682c8e2 CoRegisterMessageFilter+0x32b4 ObjectStublessClient5-0x1db5 ole32+0x398ad @ 0x767298ad ObjectStublessClient4+0x4ff CoQueryProxyBlanket-0x4f8 ole32+0x35d2c @ 0x76725d2c ObjectStublessClient6+0xfb ObjectStublessClient20-0x20f ole32+0x3637b @ 0x7672637b CoSetState+0xa6b IsValidInterface-0xbb3 ole32+0x43170 @ 0x76733170 CoSetState+0x993 IsValidInterface-0xc8b ole32+0x43098 @ 0x76733098 CoCreateInstanceEx+0xd7 CoFreeUnusedLibrariesEx-0x183c ole32+0x49e25 @ 0x76739e25 CoCreateInstanceEx+0x38 CoFreeUnusedLibrariesEx-0x18db ole32+0x49d86 @ 0x76739d86 New_ole32_CoCreateInstanceEx@24+0x194 New_ole32_CoGetClassObject@20-0x8d @ 0x751a4d78 DllCanUnloadNow+0xd15 DllGetClassObject-0x7a9 wbemprox+0x1f27 @ 0x74531f27 DllCanUnloadNow+0xccc DllGetClassObject-0x7f2 wbemprox+0x1ede @ 0x74531ede DllCanUnloadNow+0x94e DllGetClassObject-0xb70 wbemprox+0x1b60 @ 0x74531b60 DllCanUnloadNow+0x77b DllGetClassObject-0xd43 wbemprox+0x198d @ 0x7453198d DllGetClassObject+0x15c DllRegisterServer-0x25d1 wbemprox+0x282c @ 0x7453282c DllGetClassObject-0x1ab7 wbemdisp+0x39bb @ 0x745a39bb DispCallFunc+0xa6 LHashValOfNameSysA-0x1b30 oleaut32+0x13e75 @ 0x760a3e75 LoadRegTypeLib+0xac1 DispCallFunc-0xe0 oleaut32+0x13cef @ 0x760a3cef DllGetClassObject-0x1d2a wbemdisp+0x3748 @ 0x745a3748 DllCanUnloadNow+0x131d5 DllUnregisterServer-0x5f4c wbemdisp+0x1a165 @ 0x745ba165 d6cd0fc60ee1b03a53cb02781369e47f+0xa0832 @ 0x4a0832 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a registers.esp: 1626756 registers.edi: 1987312144 registers.eax: 1626756 registers.ebp: 1626836 registers.edx: 1 registers.ebx: 7634188 registers.esi: 2147549453 registers.ecx: 0 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0x8001010d exception.offset: 46887 exception.address: 0x778eb727	success
1619927479.537373 __exception__	stacktrace: d6cd0fc60ee1b03a53cb02781369e47f+0xa087b @ 0x4a087b d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9af62 @ 0x49af62 d6cd0fc60ee1b03a53cb02781369e47f+0x9f709 @ 0x49f709 d6cd0fc60ee1b03a53cb02781369e47f+0x9f77f @ 0x49f77f d6cd0fc60ee1b03a53cb02781369e47f+0x94b3e @ 0x494b3e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0xf94f1 @ 0x4f94f1 d6cd0fc60ee1b03a53cb02781369e47f+0xc70b3 @ 0x4c70b3 d6cd0fc60ee1b03a53cb02781369e47f+0xc90c2 @ 0x4c90c2 d6cd0fc60ee1b03a53cb02781369e47f+0x99d7b @ 0x499d7b d6cd0fc60ee1b03a53cb02781369e47f+0x9afb7 @ 0x49afb7 d6cd0fc60ee1b03a53cb02781369e47f+0x9e656 @ 0x49e656 d6cd0fc60ee1b03a53cb02781369e47f+0x95f4e @ 0x495f4e d6cd0fc60ee1b03a53cb02781369e47f+0x93957 @ 0x493957 d6cd0fc60ee1b03a53cb02781369e47f+0x9f381 @ 0x49f381 d6cd0fc60ee1b03a53cb02781369e47f+0x9ee2b @ 0x49ee2b d6cd0fc60ee1b03a53cb02781369e47f+0xc926f @ 0x4c926f d6cd0fc60ee1b03a53cb02781369e47f+0x5cc79 @ 0x45cc79 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x60d64 @ 0x460d64 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x73b45 @ 0x473b45 d6cd0fc60ee1b03a53cb02781369e47f+0xfa38c @ 0x4fa38c d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 GetEffectiveClientRect+0x3409 DPA_Merge-0xa5a comctl32+0xa4601 @ 0x75434601 GetEffectiveClientRect+0x346b DPA_Merge-0x9f8 comctl32+0xa4663 @ 0x75434663 GetEffectiveClientRect+0x32f5 DPA_Merge-0xb6e comctl32+0xa44ed @ 0x754344ed gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetWindow+0x3f0 SendMessageW-0x1b user32+0x1965e @ 0x775a965e SendMessageW+0x4c GetAncestor-0xc0 user32+0x196c5 @ 0x775a96c5 DestroyPropertySheetPage+0x69a DllGetVersion-0x1939 comctl32+0x44136 @ 0x753d4136 gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetClientRect+0xc5 CallWindowProcW-0xb user32+0x20d27 @ 0x775b0d27 CallWindowProcW+0x1b SetRectEmpty-0x38 user32+0x20d4d @ 0x775b0d4d d6cd0fc60ee1b03a53cb02781369e47f+0x60d10 @ 0x460d10 d6cd0fc60ee1b03a53cb02781369e47f+0x60c14 @ 0x460c14 d6cd0fc60ee1b03a53cb02781369e47f+0x45bb1 @ 0x445bb1 d6cd0fc60ee1b03a53cb02781369e47f+0x2bc1a @ 0x42bc1a gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x775a62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x775a6d3a GetThreadDesktop+0x185 GetWindowLongW-0x216 user32+0x16de8 @ 0x775a6de8 GetThreadDesktop+0x1e1 GetWindowLongW-0x1ba user32+0x16e44 @ 0x775a6e44 KiUserCallbackDispatcher+0x2e KiUserExceptionDispatcher-0x1a ntdll+0x1011a @ 0x77d4011a PeekMessageW+0x197 MsgWaitForMultipleObjectsEx-0x143 user32+0x20751 @ 0x775b0751 d6cd0fc60ee1b03a53cb02781369e47f+0x7c13d @ 0x47c13d d6cd0fc60ee1b03a53cb02781369e47f+0x1001a1 @ 0x5001a1 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2 registers.esp: 1632032 registers.edi: 0 registers.eax: 1632032 registers.ebp: 1632112 registers.edx: 0 registers.ebx: 2147614729 registers.esi: 0 registers.ecx: 7 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x778eb727	success

One or more potentially interesting buffers were extracted, these generally contain injected code, configuration data, etc.

HTTP traffic contains suspicious features which may be indicative of malware related traffic (4 个事件)

suspicious_features	POST method with no referer header	suspicious_request	POST http://www.pcspeeduplog.com/log?index=cc9534a2adc111e286841231390e9c34&sourcetype=installer
suspicious_features	HTTP version 1.0 used	suspicious_request	GET http://www.pcsuservice.com/getdomain.aspx?productID=1&version=3.9.14.0&language=uk&uniqueID=60671CC3-4B0F-4A8E-8828-1E31527F7BBA&affID=&requestID=d6cd0fc60ee1b03a53cb02781369e47f&productList=&os=6.1.7601-SP1
suspicious_features	HTTP version 1.0 used	suspicious_request	GET http://www.sdltdapi.net/getinstalleroption.aspx?productID=1&version=3.9.14.0&language=uk&uniqueID=60671CC3-4B0F-4A8E-8828-1E31527F7BBA&affID=&requestID=d6cd0fc60ee1b03a53cb02781369e47f&av=302&productList=&os=6.1.7601-SP1
suspicious_features	POST method with no referer header	suspicious_request	POST https://update.googleapis.com/service/update2?cup2key=10:3804319379&cup2hreq=a720afc59ff27909c313a2fcd516493427e0648b700ccf436544ccd0fe57235a

Performs some HTTP requests (10 个事件)

request	POST http://www.pcspeeduplog.com/log?index=cc9534a2adc111e286841231390e9c34&sourcetype=installer
request	GET http://www.pcsuservice.com/getdomain.aspx?productID=1&version=3.9.14.0&language=uk&uniqueID=60671CC3-4B0F-4A8E-8828-1E31527F7BBA&affID=&requestID=d6cd0fc60ee1b03a53cb02781369e47f&productList=&os=6.1.7601-SP1
request	GET http://www.sdltdapi.net/getinstalleroption.aspx?productID=1&version=3.9.14.0&language=uk&uniqueID=60671CC3-4B0F-4A8E-8828-1E31527F7BBA&affID=&requestID=d6cd0fc60ee1b03a53cb02781369e47f&av=302&productList=&os=6.1.7601-SP1
request	HEAD http://download.microsoft.com/download/F/8/C/F8C0EACB-92D0-4722-9B18-965DD2A681E9/30514.00/Silverlight.exe
request	GET http://download.microsoft.com/download/F/8/C/F8C0EACB-92D0-4722-9B18-965DD2A681E9/30514.00/Silverlight.exe
request	GET http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl
request	GET http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl
request	HEAD http://redirector.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe
request	HEAD http://r1---sn-j5o76n7e.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=202.100.214.105&mm=28&mn=sn-j5o76n7e&ms=nvh&mt=1619898496&mv=m&mvi=1&pl=23&shardbypass=yes
request	POST https://update.googleapis.com/service/update2?cup2key=10:3804319379&cup2hreq=a720afc59ff27909c313a2fcd516493427e0648b700ccf436544ccd0fe57235a

Sends data using the HTTP POST Method (2 个事件)

request	POST http://www.pcspeeduplog.com/log?index=cc9534a2adc111e286841231390e9c34&sourcetype=installer
request	POST https://update.googleapis.com/service/update2?cup2key=10:3804319379&cup2hreq=a720afc59ff27909c313a2fcd516493427e0648b700ccf436544ccd0fe57235a

Allocates read-write-execute memory (usually to unpack itself) (50 out of 118 个事件)

Time & API	Arguments	Status
1619927371.39675 NtProtectVirtualMemory	process_identifier: 1068 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x00400000	success
1619927371.39675 NtProtectVirtualMemory	process_identifier: 1068 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 69632 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x00401000	success
1619927371.39675 NtProtectVirtualMemory	process_identifier: 1068 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 53248 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x0041b000	success
1619927372.209373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x00680000	success
1619927374.678373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x036a0000	success
1619927376.615373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04de0000	success
1619927376.615373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04df0000	success
1619927376.615373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04e00000	success
1619927376.615373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04e10000	success
1619927376.615373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04e20000	success
1619927376.615373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04e30000	success
1619927376.615373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04e40000	success
1619927376.615373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04e50000	success
1619927376.631373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04e60000	success
1619927376.631373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04e70000	success
1619927376.631373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04e80000	success
1619927376.631373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04e90000	success
1619927376.631373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04ea0000	success
1619927376.631373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04eb0000	success
1619927376.631373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04ec0000	success
1619927376.631373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04ed0000	success
1619927376.631373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04ee0000	success
1619927376.646373 NtAllocateVirtualMemory	process_identifier: 2740 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x04ef0000	success
1619927444.365875 NtAllocateVirtualMemory	process_identifier: 1424 region_size: 65536 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffffffffffff allocation_type: 4096 (MEM_COMMIT) base_address: 0x0000000004160000	success
1619927435.740125 NtProtectVirtualMemory	process_identifier: 2940 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x723d1000	success
1619927435.740125 NtProtectVirtualMemory	process_identifier: 2940 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x723b1000	success
1619927435.771125 NtProtectVirtualMemory	process_identifier: 2940 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x739e1000	success
1619927435.818125 NtProtectVirtualMemory	process_identifier: 2940 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72401000	success
1619927435.74025 NtProtectVirtualMemory	process_identifier: 1940 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x723d1000	success
1619927435.74025 NtProtectVirtualMemory	process_identifier: 1940 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x723b1000	success
1619927435.77125 NtProtectVirtualMemory	process_identifier: 1940 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x739e1000	success
1619927435.81825 NtProtectVirtualMemory	process_identifier: 1940 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72401000	success
1619927436.75675 NtProtectVirtualMemory	process_identifier: 3036 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72341000	success
1619927436.75675 NtProtectVirtualMemory	process_identifier: 3036 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72321000	success
1619927436.83475 NtProtectVirtualMemory	process_identifier: 3036 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x739e1000	success
1619927436.85075 NtProtectVirtualMemory	process_identifier: 3036 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72401000	success
1619927438.928498 NtProtectVirtualMemory	process_identifier: 968 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72301000	success
1619927438.928498 NtProtectVirtualMemory	process_identifier: 968 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72361000	success
1619927438.975498 NtProtectVirtualMemory	process_identifier: 968 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x739e1000	success
1619927438.990498 NtProtectVirtualMemory	process_identifier: 968 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72401000	success
1619927440.678125 NtProtectVirtualMemory	process_identifier: 2764 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72131000	success
1619927440.678125 NtProtectVirtualMemory	process_identifier: 2764 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72111000	success
1619927440.740125 NtProtectVirtualMemory	process_identifier: 2764 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x739e1000	success
1619927440.771125 NtProtectVirtualMemory	process_identifier: 2764 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72401000	success
1619927440.428125 NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72301000	success
1619927440.537125 NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x72171000	success
1619927440.818125 NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x71e51000	success
1619927441.240125 NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x71e21000	success
1619927441.240125 NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x71e11000	success
1619927441.240125 NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) process_handle: 0xffffffff base_address: 0x71df1000	success

Checks whether any human activity is being performed by constantly checking whether the foreground window changed

Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation (13 个事件)

Time & API	Arguments	Status	Return
1619927435.771125 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4748498 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927435.77125 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4748498 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927436.81875 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4738050 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927438.959498 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4733199 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927440.740125 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4726659 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927442.81825 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4718401 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927445.178625 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4716759 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927448.506373 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4709096 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927450.818 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4693858 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927455.490625 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4665004 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927457.615625 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4649252 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927468.318125 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4645764 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1
1619927477.537875 GetDiskFreeSpaceW	root_path: c:\ sectors_per_cluster: 8 number_of_free_clusters: 4649693 total_number_of_clusters: 8362495 bytes_per_sector: 512	success	1

Creates executable files on the filesystem (34 个事件)

file	C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\is-7HCKM.tmp\Silverlight.exe
file	c:\0e533279ca5d38eaf5e507770ab657\install.exe
file	c:\2371803e1cee71b21446e4ec\silverlight.msi
file	c:\89184fa1968487a9eadb\silverlight.msi
file	c:\2371803e1cee71b21446e4ec\install.res.dll
file	c:\6c2e18e8c5174f5c6826569e44\install.exe
file	c:\d70aaaa2658506e0fcb1bab0ca38469e\install.exe
file	c:\6c2e18e8c5174f5c6826569e44\install.res.dll
file	c:\3be4e9b18a84c9a9b3252336\silverlight.msi
file	c:\d70aaaa2658506e0fcb1bab0ca38469e\install.res.dll
file	c:\50a4081dfe1d5e5736\install.exe
file	c:\3be4e9b18a84c9a9b3252336\install.exe
file	c:\f8112eb168ad2a0fcd\install.exe
file	c:\a4344beed33db5edd7b2a9552d\install.exe
file	c:\f8112eb168ad2a0fcd\install.res.dll
file	c:\a4344beed33db5edd7b2a9552d\silverlight.msi
file	c:\50a4081dfe1d5e5736\install.res.dll
file	c:\a4344beed33db5edd7b2a9552d\install.res.dll
file	c:\f8112eb168ad2a0fcd\silverlight.msi
file	c:\d70aaaa2658506e0fcb1bab0ca38469e\silverlight.msi
file	c:\8996d0ca1f0f8b274d35\install.res.dll
file	c:\89184fa1968487a9eadb\install.exe
file	c:\bd30506b845379aad7b444826c80\silverlight.msi
file	c:\6c2e18e8c5174f5c6826569e44\silverlight.msi
file	c:\bd30506b845379aad7b444826c80\install.exe
file	C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\is-7HCKM.tmp\itdownload.dll
file	c:\50a4081dfe1d5e5736\silverlight.msi
file	C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\is-7HCKM.tmp\WebBrowser.dll
file	c:\89184fa1968487a9eadb\install.res.dll
file	c:\2371803e1cee71b21446e4ec\install.exe
file	c:\3be4e9b18a84c9a9b3252336\install.res.dll
file	c:\0e533279ca5d38eaf5e507770ab657\install.res.dll
file	c:\bd30506b845379aad7b444826c80\install.res.dll
file	C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\is-7HCKM.tmp\_isetup\_shfoldr.dll

Creates hidden or system file (9 个事件)

Time & API	Arguments	Status
1619927439.240125 NtCreateFile	create_disposition: 2 (FILE_CREATE) file_handle: 0x000001ac filepath: c:\2371803e1cee71b21446e4ec\$shtdwn$.req desired_access: 0xc0110080 (FILE_READ_ATTRIBUTES\|DELETE\|SYNCHRONIZE\|GENERIC_WRITE) file_attributes: 2 (FILE_ATTRIBUTE_HIDDEN) filepath_r: \??\c:\2371803e1cee71b21446e4ec\$shtdwn$.req create_options: 4192 (FILE_NON_DIRECTORY_FILE\|FILE_SYNCHRONOUS_IO_NONALERT\|FILE_DELETE_ON_CLOSE) status_info: 2 (FILE_CREATED) share_access: 3 (FILE_SHARE_READ\|FILE_SHARE_WRITE)	success
1619927439.05325 NtCreateFile	create_disposition: 2 (FILE_CREATE) file_handle: 0x000001ac filepath: c:\a4344beed33db5edd7b2a9552d\$shtdwn$.req desired_access: 0xc0110080 (FILE_READ_ATTRIBUTES\|DELETE\|SYNCHRONIZE\|GENERIC_WRITE) file_attributes: 2 (FILE_ATTRIBUTE_HIDDEN) filepath_r: \??\c:\a4344beed33db5edd7b2a9552d\$shtdwn$.req create_options: 4192 (FILE_NON_DIRECTORY_FILE\|FILE_SYNCHRONOUS_IO_NONALERT\|FILE_DELETE_ON_CLOSE) status_info: 2 (FILE_CREATED) share_access: 3 (FILE_SHARE_READ\|FILE_SHARE_WRITE)	success
1619927439.95975 NtCreateFile	create_disposition: 2 (FILE_CREATE) file_handle: 0x000001ac filepath: c:\89184fa1968487a9eadb\$shtdwn$.req desired_access: 0xc0110080 (FILE_READ_ATTRIBUTES\|DELETE\|SYNCHRONIZE\|GENERIC_WRITE) file_attributes: 2 (FILE_ATTRIBUTE_HIDDEN) filepath_r: \??\c:\89184fa1968487a9eadb\$shtdwn$.req create_options: 4192 (FILE_NON_DIRECTORY_FILE\|FILE_SYNCHRONOUS_IO_NONALERT\|FILE_DELETE_ON_CLOSE) status_info: 2 (FILE_CREATED) share_access: 3 (FILE_SHARE_READ\|FILE_SHARE_WRITE)	success
1619927442.193498 NtCreateFile	create_disposition: 2 (FILE_CREATE) file_handle: 0x000001ac filepath: c:\f8112eb168ad2a0fcd\$shtdwn$.req desired_access: 0xc0110080 (FILE_READ_ATTRIBUTES\|DELETE\|SYNCHRONIZE\|GENERIC_WRITE) file_attributes: 2 (FILE_ATTRIBUTE_HIDDEN) filepath_r: \??\c:\f8112eb168ad2a0fcd\$shtdwn$.req create_options: 4192 (FILE_NON_DIRECTORY_FILE\|FILE_SYNCHRONOUS_IO_NONALERT\|FILE_DELETE_ON_CLOSE) status_info: 2 (FILE_CREATED) share_access: 3 (FILE_SHARE_READ\|FILE_SHARE_WRITE)	success
1619927447.459125 NtCreateFile	create_disposition: 2 (FILE_CREATE) file_handle: 0x000001ac filepath: c:\6c2e18e8c5174f5c6826569e44\$shtdwn$.req desired_access: 0xc0110080 (FILE_READ_ATTRIBUTES\|DELETE\|SYNCHRONIZE\|GENERIC_WRITE) file_attributes: 2 (FILE_ATTRIBUTE_HIDDEN) filepath_r: \??\c:\6c2e18e8c5174f5c6826569e44\$shtdwn$.req create_options: 4192 (FILE_NON_DIRECTORY_FILE\|FILE_SYNCHRONOUS_IO_NONALERT\|FILE_DELETE_ON_CLOSE) status_info: 2 (FILE_CREATED) share_access: 3 (FILE_SHARE_READ\|FILE_SHARE_WRITE)	success
1619927450.69325 NtCreateFile	create_disposition: 2 (FILE_CREATE) file_handle: 0x000001ac filepath: c:\d70aaaa2658506e0fcb1bab0ca38469e\$shtdwn$.req desired_access: 0xc0110080 (FILE_READ_ATTRIBUTES\|DELETE\|SYNCHRONIZE\|GENERIC_WRITE) file_attributes: 2 (FILE_ATTRIBUTE_HIDDEN) filepath_r: \??\c:\d70aaaa2658506e0fcb1bab0ca38469e\$shtdwn$.req create_options: 4192 (FILE_NON_DIRECTORY_FILE\|FILE_SYNCHRONOUS_IO_NONALERT\|FILE_DELETE_ON_CLOSE) status_info: 2 (FILE_CREATED) share_access: 3 (FILE_SHARE_READ\|FILE_SHARE_WRITE)	success
1619927454.350625 NtCreateFile	create_disposition: 2 (FILE_CREATE) file_handle: 0x000001ac filepath: c:\50a4081dfe1d5e5736\$shtdwn$.req desired_access: 0xc0110080 (FILE_READ_ATTRIBUTES\|DELETE\|SYNCHRONIZE\|GENERIC_WRITE) file_attributes: 2 (FILE_ATTRIBUTE_HIDDEN) filepath_r: \??\c:\50a4081dfe1d5e5736\$shtdwn$.req create_options: 4192 (FILE_NON_DIRECTORY_FILE\|FILE_SYNCHRONOUS_IO_NONALERT\|FILE_DELETE_ON_CLOSE) status_info: 2 (FILE_CREATED) share_access: 3 (FILE_SHARE_READ\|FILE_SHARE_WRITE)	success
1619927475.709373 NtCreateFile	create_disposition: 2 (FILE_CREATE) file_handle: 0x000001ac filepath: c:\3be4e9b18a84c9a9b3252336\$shtdwn$.req desired_access: 0xc0110080 (FILE_READ_ATTRIBUTES\|DELETE\|SYNCHRONIZE\|GENERIC_WRITE) file_attributes: 2 (FILE_ATTRIBUTE_HIDDEN) filepath_r: \??\c:\3be4e9b18a84c9a9b3252336\$shtdwn$.req create_options: 4192 (FILE_NON_DIRECTORY_FILE\|FILE_SYNCHRONOUS_IO_NONALERT\|FILE_DELETE_ON_CLOSE) status_info: 2 (FILE_CREATED) share_access: 3 (FILE_SHARE_READ\|FILE_SHARE_WRITE)	success
1619927477.537 NtCreateFile	create_disposition: 2 (FILE_CREATE) file_handle: 0x000001ac filepath: c:\bd30506b845379aad7b444826c80\$shtdwn$.req desired_access: 0xc0110080 (FILE_READ_ATTRIBUTES\|DELETE\|SYNCHRONIZE\|GENERIC_WRITE) file_attributes: 2 (FILE_ATTRIBUTE_HIDDEN) filepath_r: \??\c:\bd30506b845379aad7b444826c80\$shtdwn$.req create_options: 4192 (FILE_NON_DIRECTORY_FILE\|FILE_SYNCHRONOUS_IO_NONALERT\|FILE_DELETE_ON_CLOSE) status_info: 2 (FILE_CREATED) share_access: 3 (FILE_SHARE_READ\|FILE_SHARE_WRITE)	success

An executable file was downloaded by the process d6cd0fc60ee1b03a53cb02781369e47f.tmp (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1619927398.459373 recv	buffer: HTTP/1.1 200 OK Date: Sat, 01 May 2021 19:51:05 GMT Content-Type: application/octet-stream Content-Length: 6958304 Connection: close Content-MD5: cpzatxiPGDWPZhC+xRfvBA== Last-Modified: Thu, 12 Sep 2019 19:02:48 GMT Accept-Ranges: bytes ETag: "0x8D737B3CDE81481" Vary: Origin Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-copy-id: 57942e54-ff77-4177-98e1-1a0a38d95aca x-ms-copy-source: https://dmsstager3tx7y9x22.blob.core.windows.net/f8c0eacb-92d0-4722-9b18-965dd2a681e9/30514.00%5Csilverlight.exe?sv=2018-11-09&sr=b&se=2019-09-19T19%3A02%3A48Z&sp=r&api-version=2018-11-09 x-ms-copy-status: success x-ms-copy-progress: 6958304/6958304 x-ms-copy-completion-time: Thu, 12 Sep 2019 19:02:48 GMT x-cc-via: 7_dx-guangdong-zhuhai-10-cache-5[H,1] Cache-Control: public,max-age=14400 X-CID: 6 X-CCC: CN MZÿÿ¸@Ðº´ Í!¸LÍ!This program cannot be run in DOS mode. $½ÉKÜàKÜàKÜàÈÔ½DÜàKÜá!ÜàÅÔ¿_ÜàÈÔ¾JÜàÈÔºJÜàRichKÜàPELHnÛ@à xX àÆk À° ðià<Ð! Ä.text`w x `.dataÔ \|@À.rsrc° Àri~@@ received: 1412 socket: 1160	success	1412	0

Checks for the Locally Unique Identifier on the system for a suspicious privilege (50 out of 113 个事件)

Time & API	Arguments	Status	Return
1619927441.287125 LookupPrivilegeValueW	system_name: privilege_name: SeShutdownPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeCreateTokenPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeAssignPrimaryTokenPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeMachineAccountPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeTcbPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeSecurityPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeTakeOwnershipPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeLoadDriverPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeBackupPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeRestorePrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeShutdownPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeDebugPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeRemoteShutdownPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeEnableDelegationPrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeManageVolumePrivilege	success	1
1619927444.600125 LookupPrivilegeValueW	system_name: privilege_name: SeCreateGlobalPrivilege	success	1
1619927441.1625 LookupPrivilegeValueW	system_name: privilege_name: SeShutdownPrivilege	success	1
1619927442.0535 LookupPrivilegeValueW	system_name: privilege_name: SeCreateTokenPrivilege	success	1
1619927442.0535 LookupPrivilegeValueW	system_name: privilege_name: SeAssignPrimaryTokenPrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeMachineAccountPrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeTcbPrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeSecurityPrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeTakeOwnershipPrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeLoadDriverPrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeBackupPrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeRestorePrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeShutdownPrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeDebugPrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeRemoteShutdownPrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeEnableDelegationPrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeManageVolumePrivilege	success	1
1619927442.0685 LookupPrivilegeValueW	system_name: privilege_name: SeCreateGlobalPrivilege	success	1
1619927478.3965 LookupPrivilegeValueW	system_name: privilege_name: SeShutdownPrivilege	success	1
1619927441.928498 LookupPrivilegeValueW	system_name: privilege_name: SeShutdownPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeCreateTokenPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeAssignPrimaryTokenPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeMachineAccountPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeTcbPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeSecurityPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeTakeOwnershipPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeLoadDriverPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeBackupPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeRestorePrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeShutdownPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeDebugPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeRemoteShutdownPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeEnableDelegationPrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeManageVolumePrivilege	success	1
1619927445.068498 LookupPrivilegeValueW	system_name: privilege_name: SeCreateGlobalPrivilege	success	1
1619927445.334373 LookupPrivilegeValueW	system_name: privilege_name: SeShutdownPrivilege	success	1

Queries for potentially installed applications (10 个事件)

Time & API	Arguments	Status	Return
1619927372.553373 RegOpenKeyExW	access: 0x00000101 base_handle: 0x80000001 key_handle: 0x00000000 regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 options: 0	failed	2
1619927372.553373 RegOpenKeyExW	access: 0x00000101 base_handle: 0x80000002 key_handle: 0x00000000 regkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 options: 0	failed	2
1619927374.850373 RegOpenKeyExW	access: 0x00000101 base_handle: 0x80000002 key_handle: 0x00000000 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PK-PCSU_is1 regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PK-PCSU_is1 options: 0	failed	2
1619927374.850373 RegOpenKeyExW	access: 0x00000101 base_handle: 0x80000001 key_handle: 0x00000000 regkey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PK-PCSU_is1 regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PK-PCSU_is1 options: 0	failed	2
1619927374.850373 RegOpenKeyExW	access: 0x00000101 base_handle: 0x80000002 key_handle: 0x00000000 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PK-PCSU_is1 regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PK-PCSU_is1 options: 0	failed	2
1619927374.865373 RegOpenKeyExW	access: 0x00000101 base_handle: 0x80000001 key_handle: 0x00000000 regkey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PK-PCSU_is1 regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PK-PCSU_is1 options: 0	failed	2
1619927375.193373 RegOpenKeyExW	access: 0x00000101 base_handle: 0x80000001 key_handle: 0x00000000 regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 options: 0	failed	2
1619927375.193373 RegOpenKeyExW	access: 0x00000101 base_handle: 0x80000002 key_handle: 0x00000000 regkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 options: 0	failed	2
1619927377.396373 RegOpenKeyExW	access: 0x00000101 base_handle: 0x80000001 key_handle: 0x00000000 regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall options: 0	failed	2
1619927377.396373 RegOpenKeyExW	access: 0x00000101 base_handle: 0x80000001 key_handle: 0x00000000 regkey: HKEY_CURRENT_USER\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall regkey_r: Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall options: 0	failed	2

Communicates with host for which no DNS query was performed (1 个事件)

host

172.217.24.14

Generates some ICMP traffic

File has been identified by 24 AntiVirus engines on VirusTotal as malicious (24 个事件)

Bkav	W32.HfsAdware.3005
McAfee	PCSpeedUp
Cylance	Unsafe
K7GW	Riskware ( dec000091 )
K7AntiVirus	Riskware ( dec000091 )
Kaspersky	not-a-virus:RiskTool.Win32.OptimizerPro.ac
NANO-Antivirus	Riskware.Win32.DeceptPCClean.flyzpk
Paloalto	generic.ml
Endgame	malicious (high confidence)
DrWeb	Program.Unwanted.792
McAfee-GW-Edition	PCSpeedUp
Sophos	Generic PUA EN (PUA)
Antiy-AVL	RiskWare[RiskTool]/Win32.OptimizerPro
Microsoft	PUA:Win32/SpeedChecker
ViRobot	Adware.Speedchecker.5074144
MAX	malware (ai score=95)
Malwarebytes	PUP.Optional.PCSpeedUp
ESET-NOD32	a variant of Win32/Speedchecker.C potentially unwanted
TrendMicro-HouseCall	TROJ_GEN.R01FH0CDQ19
Ikarus	PUA.Speedchecker
MaxSecure	Trojan.Malware.12319045.susgen
Fortinet	Riskware/Speedchecker
Webroot	W32.Adware.Gen
Qihoo-360	Win32/Virus.IM.1f5

Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) (1 个事件)

dead_host

172.217.160.110:443

暂无二进制图像该样本未生成二进制可视化图像

暂无运行截图该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手，可以帮您分析和解读恶意软件报告。请随时向我提问！

🔍 主要威胁分析

⚡ 行为特征

🛡️ 防护建议

🔧 技术手段

🎯 检测方法

🤖

Static Analysis
Strings

PE Compile Time

2015-07-16 21:24:20

Imports

Library oleaut32.dll:

• 0x4192fc SysFreeString

• 0x419300 SysReAllocStringLen

• 0x419304 SysAllocStringLen

Library advapi32.dll:

• 0x41930c RegQueryValueExW

• 0x419310 RegOpenKeyExW

• 0x419314 RegCloseKey

Library user32.dll:

• 0x41931c GetKeyboardType

• 0x419320 LoadStringW

• 0x419324 MessageBoxA

• 0x419328 CharNextW

Library kernel32.dll:

• 0x419330 GetACP

• 0x419334 Sleep

• 0x419338 VirtualFree

• 0x41933c VirtualAlloc

• 0x419340 GetSystemInfo

• 0x419344 GetTickCount

• 0x419348 QueryPerformanceCounter

• 0x41934c GetVersion

• 0x419350 GetCurrentThreadId

• 0x419354 VirtualQuery

• 0x419358 WideCharToMultiByte

• 0x41935c MultiByteToWideChar

• 0x419360 lstrlenW

• 0x419364 lstrcpynW

• 0x419368 LoadLibraryExW

• 0x41936c GetThreadLocale

• 0x419370 GetStartupInfoA

• 0x419374 GetProcAddress

• 0x419378 GetModuleHandleW

• 0x41937c GetModuleFileNameW

• 0x419380 GetLocaleInfoW

• 0x419384 GetCommandLineW

• 0x419388 FreeLibrary

• 0x41938c FindFirstFileW

• 0x419390 FindClose

• 0x419394 ExitProcess

• 0x419398 WriteFile

• 0x41939c UnhandledExceptionFilter

• 0x4193a0 RtlUnwind

• 0x4193a4 RaiseException

• 0x4193a8 GetStdHandle

• 0x4193ac CloseHandle

Library kernel32.dll:

• 0x4193b4 TlsSetValue

• 0x4193b8 TlsGetValue

• 0x4193bc LocalAlloc

• 0x4193c0 GetModuleHandleW

Library user32.dll:

• 0x4193c8 CreateWindowExW

• 0x4193cc TranslateMessage

• 0x4193d0 SetWindowLongW

• 0x4193d4 PeekMessageW

• 0x4193d8 MsgWaitForMultipleObjects

• 0x4193dc MessageBoxW

• 0x4193e0 LoadStringW

• 0x4193e4 GetSystemMetrics

• 0x4193e8 ExitWindowsEx

• 0x4193ec DispatchMessageW

• 0x4193f0 DestroyWindow

• 0x4193f4 CharUpperBuffW

• 0x4193f8 CallWindowProcW

Library kernel32.dll:

• 0x419400 WriteFile

• 0x419404 WideCharToMultiByte

• 0x419408 WaitForSingleObject

• 0x41940c VirtualQuery

• 0x419410 VirtualProtect

• 0x419414 VirtualFree

• 0x419418 VirtualAlloc

• 0x41941c SizeofResource

• 0x419420 SignalObjectAndWait

• 0x419424 SetLastError

• 0x419428 SetFilePointer

• 0x41942c SetEvent

• 0x419430 SetErrorMode

• 0x419434 SetEndOfFile

• 0x419438 ResetEvent

• 0x41943c RemoveDirectoryW

• 0x419440 ReadFile

• 0x419444 MultiByteToWideChar

• 0x419448 LockResource

• 0x41944c LoadResource

• 0x419450 LoadLibraryW

• 0x419454 GetWindowsDirectoryW

• 0x419458 GetVersionExW

• 0x41945c GetUserDefaultLangID

• 0x419460 GetThreadLocale

• 0x419464 GetSystemInfo

• 0x419468 GetStdHandle

• 0x41946c GetProcAddress

• 0x419470 GetModuleHandleW

• 0x419474 GetModuleFileNameW

• 0x419478 GetLocaleInfoW

• 0x41947c GetLastError

• 0x419480 GetFullPathNameW

• 0x419484 GetFileSize

• 0x419488 GetFileAttributesW

• 0x41948c GetExitCodeProcess

• 0x419490 GetEnvironmentVariableW

• 0x419494 GetDiskFreeSpaceW

• 0x419498 GetCurrentProcess

• 0x41949c GetCommandLineW

• 0x4194a0 GetCPInfo

• 0x4194a4 InterlockedExchange

• 0x4194a8 InterlockedCompareExchange

• 0x4194ac FreeLibrary

• 0x4194b0 FormatMessageW

• 0x4194b4 FindResourceW

• 0x4194b8 EnumCalendarInfoW

• 0x4194bc DeleteFileW

• 0x4194c0 CreateProcessW

• 0x4194c4 CreateFileW

• 0x4194c8 CreateEventW

• 0x4194cc CreateDirectoryW

• 0x4194d0 CloseHandle

Library advapi32.dll:

• 0x4194d8 RegQueryValueExW

• 0x4194dc RegOpenKeyExW

• 0x4194e0 RegCloseKey

• 0x4194e4 OpenProcessToken

• 0x4194e8 LookupPrivilegeValueW

Library comctl32.dll:

• 0x4194f0 InitCommonControls

Library kernel32.dll:

• 0x4194f8 Sleep

Library advapi32.dll:

• 0x419500 AdjustTokenPrivileges

Hosts

No hosts contacted.

DNS

Name	Response	Post-Analysis Lookup
time.windows.com	A 20.189.79.72 CNAME time.microsoft.akadns.net
redirector.gvt1.com	A 203.208.41.65	203.208.41.65
dns.msftncsi.com	A 131.107.255.255	131.107.255.255
www.pcsuapi.net
download.microsoft.com	A 218.13.190.4 A 218.13.190.5 CNAME download.microsoft.com.ccgslb.com.cn A 218.13.190.6 CNAME download.microsoft.com.lxcvc.com A 218.13.190.7 CNAME dlc-shim.trafficmanager.net CNAME zlxxipv6.v.lxcvc.com A 218.13.190.8	218.13.190.7
www.pcspeeduplog.com	A 212.71.248.160 CNAME pcspeeduplog.com	212.71.248.160
www.pcsuapi.info
r1---sn-j5o76n7e.gvt1.com	CNAME r1.sn-j5o76n7e.gvt1.com A 113.108.239.130	113.108.239.130
www.pcsuservice.com	A 173.231.184.124	173.231.184.124
clients2.google.com	A 172.217.160.110 CNAME clients.l.google.com	172.217.160.110
dns.msftncsi.com	AAAA fd3e:4f5a:5b81::1	131.107.255.255
update.googleapis.com	A 203.208.40.98	203.208.40.98
crl.microsoft.com	CNAME a1363.dscg.akamai.net A 23.32.248.16 CNAME crl.www.ms.akadns.net A 23.32.248.66	104.116.243.114
www.sdltdapi.net	A 40.118.97.103 CNAME safedownloadservice.cloudapp.net	40.118.97.103
teredo.ipv6.microsoft.com		127.0.0.1

TCP

Source	Source Port	Destination	Destination Port
192.168.56.101	49242	113.108.239.130 r1---sn-j5o76n7e.gvt1.com	80
192.168.56.101	49182	173.231.184.124 www.pcsuservice.com	80
192.168.56.101	49238	203.208.40.98 update.googleapis.com	443
192.168.56.101	49240	203.208.41.65 redirector.gvt1.com	80
192.168.56.101	49180	212.71.248.160 www.pcspeeduplog.com	80
192.168.56.101	49181	212.71.248.160 www.pcspeeduplog.com	80
192.168.56.101	49232	218.13.190.6 download.microsoft.com	80
192.168.56.101	49189	218.13.190.7 download.microsoft.com	80
192.168.56.101	49191	218.13.190.7 download.microsoft.com	80
192.168.56.101	49224	23.32.248.66 crl.microsoft.com	80
192.168.56.101	49183	40.118.97.103 www.sdltdapi.net	80

UDP

Source	Source Port	Destination	Destination Port
192.168.56.101	49713	114.114.114.114	53
192.168.56.101	50002	114.114.114.114	53
192.168.56.101	50433	114.114.114.114	53
192.168.56.101	50568	114.114.114.114	53
192.168.56.101	51378	114.114.114.114	53
192.168.56.101	51808	114.114.114.114	53
192.168.56.101	53237	114.114.114.114	53
192.168.56.101	53657	114.114.114.114	53
192.168.56.101	55169	114.114.114.114	53
192.168.56.101	55368	114.114.114.114	53
192.168.56.101	56743	114.114.114.114	53
192.168.56.101	57236	114.114.114.114	53
192.168.56.101	57756	114.114.114.114	53
192.168.56.101	57874	114.114.114.114	53
192.168.56.101	58070	114.114.114.114	53
192.168.56.101	60384	114.114.114.114	53
192.168.56.101	62144	114.114.114.114	53
192.168.56.101	62318	114.114.114.114	53
192.168.56.101	137	192.168.56.255	137
192.168.56.101	138	192.168.56.255	138

HTTP & HTTPS Requests

URI	Data
http://download.microsoft.com/download/F/8/C/F8C0EACB-92D0-4722-9B18-965DD2A681E9/30514.00/Silverlight.exe	GET /download/F/8/C/F8C0EACB-92D0-4722-9B18-965DD2A681E9/30514.00/Silverlight.exe HTTP/1.0 Host: download.microsoft.com User-Agent: InnoTools_Downloader
http://download.microsoft.com/download/F/8/C/F8C0EACB-92D0-4722-9B18-965DD2A681E9/30514.00/Silverlight.exe	HEAD /download/F/8/C/F8C0EACB-92D0-4722-9B18-965DD2A681E9/30514.00/Silverlight.exe HTTP/1.0 Host: download.microsoft.com User-Agent: InnoTools_Downloader
http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl	GET /pki/crl/products/microsoftrootcert.crl HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Microsoft-CryptoAPI/6.1 Host: crl.microsoft.com
http://r1---sn-j5o76n7e.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=202.100.214.105&mm=28&mn=sn-j5o76n7e&ms=nvh&mt=1619898496&mv=m&mvi=1&pl=23&shardbypass=yes	HEAD /edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=202.100.214.105&mm=28&mn=sn-j5o76n7e&ms=nvh&mt=1619898496&mv=m&mvi=1&pl=23&shardbypass=yes HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.5 X-Old-UID: cnt=0 X-Last-HR: 0x0 X-Last-HTTP-Status-Code: 0 X-Retry-Count: 0 X-HTTP-Attempts: 1 Host: r1---sn-j5o76n7e.gvt1.com
http://www.pcspeeduplog.com/log?index=cc9534a2adc111e286841231390e9c34&sourcetype=installer	POST /log?index=cc9534a2adc111e286841231390e9c34&sourcetype=installer HTTP/1.1 Connection: close Content-Type: text/plain; Charset=UTF-8 Accept: / User-Agent: PCSUInstaller Content-Length: 188 Host: www.pcspeeduplog.com
http://redirector.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe	HEAD /edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.5 X-Old-UID: cnt=0 X-Last-HR: 0x0 X-Last-HTTP-Status-Code: 0 X-Retry-Count: 0 X-HTTP-Attempts: 1 Host: redirector.gvt1.com
http://www.pcsuservice.com/getdomain.aspx?productID=1&version=3.9.14.0&language=uk&uniqueID=60671CC3-4B0F-4A8E-8828-1E31527F7BBA&affID=&requestID=d6cd0fc60ee1b03a53cb02781369e47f&productList=&os=6.1.7601-SP1	GET /getdomain.aspx?productID=1&version=3.9.14.0&language=uk&uniqueID=60671CC3-4B0F-4A8E-8828-1E31527F7BBA&affID=&requestID=d6cd0fc60ee1b03a53cb02781369e47f&productList=&os=6.1.7601-SP1 HTTP/1.0 Host: www.pcsuservice.com User-Agent: InnoTools_Downloader
http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl	GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Microsoft-CryptoAPI/6.1 Host: crl.microsoft.com
http://www.pcspeeduplog.com/log?index=cc9534a2adc111e286841231390e9c34&sourcetype=installer	POST /log?index=cc9534a2adc111e286841231390e9c34&sourcetype=installer HTTP/1.1 Connection: close Content-Type: text/plain; Charset=UTF-8 Accept: / User-Agent: PCSUInstaller Content-Length: 114 Host: www.pcspeeduplog.com
http://www.sdltdapi.net/getinstalleroption.aspx?productID=1&version=3.9.14.0&language=uk&uniqueID=60671CC3-4B0F-4A8E-8828-1E31527F7BBA&affID=&requestID=d6cd0fc60ee1b03a53cb02781369e47f&av=302&productList=&os=6.1.7601-SP1	GET /getinstalleroption.aspx?productID=1&version=3.9.14.0&language=uk&uniqueID=60671CC3-4B0F-4A8E-8828-1E31527F7BBA&affID=&requestID=d6cd0fc60ee1b03a53cb02781369e47f&av=302&productList=&os=6.1.7601-SP1 HTTP/1.0 Host: www.sdltdapi.net User-Agent: InnoTools_Downloader

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.

Sorry! No dropped buffers.