!This program cannot be run in DOS mode.
"'AefF/6fF/6fF/6
,7hF/6
+7qF/643+7wF/643,7pF/6
.7wF/6fF.6
F/643*74F/6
3*7eF/6
6gF/6fF
3-7gF/6RichfF/6
`.rdata
@.data
@.reloc
uhSPPj
BSBSPjL
j%h`zF
E(h0mF
90:0-u
@PhPmF
u,j)h$
PWh4nF
YYh8iF
tG9 uCj
tG9 uCj
tG9 uCj
tZ9 uVj
W9^Lt"
GL9_8u
tC97u?j4
t{9 uwj
t{9 uwj
tO9 uKjD
tO9 uKjD
tG9 uCj
tG9 uCj
tG9 uCj
tG9 uCj
tG9 uCj
tG9 uCj
tc9 u_jX
td9 u`jX
tc9 u_jX
td9 u`jX
tG9 uCj
tG9 uCj
tG9 uCj
tG9 uCj
tZ9 uVj
tZ9 uVj
tI97uEjD
tI97uEjD
tS9 uOj
tS9 uOj
M$+E4@Pj
M$+E4@Pj
<:t2<,t.</u2
<:t2<,t.</u2
<:t2<,t.</u2
<:t2<,t.</u2
t{9 uwj
tG9 uCj
tG9 uCj
tG9 uCj
tc9 u_jX
td9 u`jX
tI97uEjD
tS9 uOj
M$+E4@Pj
<xt><Xu=
<xt <Xt
<xt"<Xu!
QQQPSVW
QQSVWd
URPQQh@
UQPXY]Y[
YYhXeF
u9jAXf;
u-jAXf;
F4_^[]
<ItC<Lt3<Tt#<h
A<lt'<tt
<ItC<Lt3<Tt#<h
A<lt'<tt
zSSSSj
SSSQSP
7ARPRQh
PPPPPPPP
pLh,}!
SWt@jU
@s1PVj@W
>Cu2f9V
Wj0XPV
SPjdVQ
u kE$<
PPPPPWS
PP9E u<PPVWP
SSVWh
f9:t!V
QQSVj8j@
NX9^`t1
;V\uYW
u2Vj@h
9C`u99C\t4
u29K\t-
F95Xy!
PPPPPPPP
Unknown exception
bad array new length
string too long
iostream
iostream stream error
bad cast
bad locale name
ios_base::badbit set
ios_base::failbit set
ios_base::eofbit set
invalid stoi argument
stoi argument out of range
SeLoadDriverPrivilege
C:\Driver2030.sys
EvilDriver
_V1_20230915
Z:\Config.ini
x86.exe
TWClient.bin
TW13032701.bin
PID:%d
partial
error
noconv
unknown
, please check out_cvt_state.
._cache_
Chinese_Taiwan.950
00:00-00:00
=%d:%d-%d:%d
q: %d
http://149.129.37.78:22556/ck?m=
InternetOpen fail
error open url
error query info
error to read file
x86_exe_ver
%s\AP.exe
0923_1
Setting
X_s:%s
j%0D%0A
j%0D%0A
j%0D%0A
j%0D%0A
j%0D%0A
%0D%0A
depositnpc
withdrawnpc
VerificationURL_
checkgm_
whitelist_
qdata_
qdata_unknow_
dbfilter_
x86_dll_ver
w3fPNpHT55WS5BTBIH0xEKiYOTRmbppM1MNKYmUxSoQ
xIfeKvNCFXumOSlBZeLtspTYYqq96Pr8PsJDhHekwsa
4QsgyqTlIuIqkLhjrjsBp8LgaLtFuGbSRqFAZ5PQmoK
4p3yYzO71xYC2NvOeMakoma9xeIBfo993lwIH0sRmUZ
a6NsOVmmIXRFqCedOMMW98MUgEjvaDXvpjftbzCqrOn
yuC6IY4JUrOByo1KpZsyxJcaQ8qmInB5E7YEjsXjnp0
f9Ba8sdHJQB7unxbVwPO9YvGHgfJj3EcNOibgMjMzDy
w6uRbnpSTvDbT9K4ZBsKrmxDs1iz5kZxyoPMYlV0Lhc
atoken:%s
teleport guide
32773,32941|32793,32760|33024,33343|33152,33275|33438,33059|33928,32852|32839,33454|33075,33174|33477,33153
|GM|Gm|gM|gm
2_2:%s
2_3:%s
[0]:%s
(%s,%s)
[1]:%s
(%s,%s)
[0]:%s
(%s,%s)
[1]:%s
(%s,%s)
[2]:%s
(%s,%s)
2_2_NPC
[0]:%s
2_2_NPC
[1]:%s
2_2_NPC
[2]:%s
2_3_NPC
[0]:%s
2_3_NPC
[1]:%s
2_3_NPC
[2]:%s
[0]:%s
[0]:%s
%d,(%s,%s)
[0]:%s
[0]:%s
`_381:%d
zuzMUEDOhUsZrJdX7AaPdWjaC03PBYaWZUvzrQsyuXt
j%0D%0A
j%0D%0A
j%0D%0A
%0D%0A
j%0D%0A
/ck?m=
Name_s:%s
\LinHelperZ.ini
\LinHelperz.txt
\LinHelperX.txt
GM:%d,
(%d,%d)
%0D%0A
j%0D%0A
b=100|
b=2000|
R%s:%d
D_s2:%s
[i]: %s
_i[%d]: %d
_X:%d,
GM:%s,
(%d,%d)
(%d,%d)
invalid string position
vector too long
bad allocation
address family not supported
address in use
address not available
already connected
argument list too long
argument out of domain
bad address
bad file descriptor
bad message
broken pipe
connection aborted
connection already in progress
connection refused
connection reset
cross device link
destination address required
device or resource busy
directory not empty
executable format error
file exists
file too large
filename too long
function not supported
host unreachable
identifier removed
illegal byte sequence
inappropriate io control operation
interrupted
invalid argument
invalid seek
io error
is a directory
message size
network down
network reset
network unreachable
no buffer space
no child process
no link
no lock available
no message available
no message
no protocol option
no space on device
no stream resources
no such device or address
no such device
no such file or directory
no such process
not a directory
not a socket
not a stream
not connected
not enough memory
not supported
operation canceled
operation in progress
operation not permitted
operation not supported
operation would block
owner dead
permission denied
protocol error
protocol not supported
read only file system
resource deadlock would occur
resource unavailable try again
result out of range
state not recoverable
stream timeout
text file busy
timed out
too many files open in system
too many files open
too many links
too many symbolic link levels
value too large
wrong protocol type
unknown error
0123456789-+Ee
0123456789ABCDEFabcdef-+Xx
0123456789ABCDEFabcdef-+XxPp
:Sun:Sunday:Mon:Monday:Tue:Tuesday:Wed:Wednesday:Thu:Thursday:Fri:Friday:Sat:Saturday
:Jan:January:Feb:February:Mar:March:Apr:April:May:May:Jun:June:Jul:July:Aug:August:Sep:September:Oct:October:Nov:November:Dec:December
%b %d %H : %M : %S %Y
%m / %d / %y
:AM:am:PM:pm
%I : %M : %S %p
%H : %M
%H : %M : %S
%d / %m / %y
0123456789-
0123456789-
0123456789-
0123456789-+Ee
0123456789ABCDEFabcdef-+Xx
0123456789-
0123456789-+Ee
0123456789ABCDEFabcdef-+Xx
0123456789ABCDEFabcdef-+XxPp
0123456789ABCDEFabcdef-+XxPp
+v$x+v$xv$+xv+$xv$+x+$vx+$vx$v+x+$vx$+vx+v $+v $v $+v +$v $++$ v+$ v$ v++$ v$+ v+xv$+ v$v$ +v+ $v$ ++x$v+ $v$v ++ $v$ +v
0123456789-
0123456789-
0123456789abcdefghijklmnopqrstuvwxyz
0123456789abcdefghijklmnopqrstuvwxyz
SleepConditionVariableCS
WakeAllConditionVariable
bad exception
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__swift_1
__swift_2
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator ""
operator co_await
operator<=>
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
`anonymous namespace'
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
CorExitProcess
`h````
xpxxxx
`h`hhh
xwpwpp
(null)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
[aOni*{
~ $s%r
@b;zO]
v2!L.2
IND)ind)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
AreFileApisANSI
CompareStringEx
EnumSystemLocalesEx
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
GetDateFormatEx
GetLocaleInfoEx
GetSystemTimePreciseAsFileTime
GetTimeFormatEx
GetUserDefaultLocaleName
InitializeCriticalSectionEx
IsValidLocaleName
LCMapStringEx
LCIDToLocaleName
LocaleNameToLCID
AppPolicyGetProcessTerminationMethod
NAN(SNAN)
nan(snan)
NAN(IND)
nan(ind)
_hypot
_nextafter
1#QNAN
1#SNAN
]vQ<)8
|)P!?Ua0
Eb2]A=
u?^p?o4
y1~?|"
?x +s7
?5O d%
?|I7Z#
>,'1D=
?g)([|X>=
~U` ?K
:h"?bC
@H#?43
Ax#?uN}*
r7Yr7=
F0$?3=1
H`$?h|
&?~YK|
sU0&?W
<8bunz8
?#%X.y
F||<##
<@En[vP
b<log10
?5Wg4p
%S#[k =
"B <1=
C:\Users\Clive\source\repos\x86_driver\Release\x86.pdb
.text$di
.text$mn
.text$x
.text$yd
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCC
.CRT$XCL
.CRT$XCU
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIC
.CRT$XIZ
.CRT$XLA
.CRT$XLZ
.CRT$XPA
.CRT$XPX
.CRT$XPXA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$T
.rdata$r
.rdata$sxdata
.rdata$voltmd
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.tls$ZZZ
.xdata$x
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.data$rs
.rsrc$01
.rsrc$02
PathFileExistsA
PathIsDirectoryA
SHLWAPI.dll
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCreateKeyExW
RegFlushKey
RegSetValueExA
RegSetValueExW
ADVAPI32.dll
wsprintfA
SetWindowPos
IsWindowVisible
GetAsyncKeyState
MapVirtualKeyA
GetSystemMetrics
GetWindowRect
GetCursorPos
EnumWindows
GetTopWindow
GetWindowThreadProcessId
GetWindow
USER32.dll
NtQuerySystemInformation
RtlInitUnicodeString
RtlDosPathNameToNtPathName_U
NtLoadDriver
ntdll.dll
WinHttpOpen
WinHttpCloseHandle
WinHttpConnect
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpOpenRequest
WinHttpSendRequest
WinHttpReceiveResponse
WINHTTP.dll
CreateFileW
WriteFile
CloseHandle
GetCurrentDirectoryA
CreateDirectoryA
CreateFileA
GetFileSize
ReadFile
SetFilePointer
DecodePointer
RaiseException
GetLastError
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
OpenProcess
GetModuleHandleA
GetProcAddress
LoadResource
LockResource
SizeofResource
lstrcmpiA
lstrcpyA
lstrcatA
lstrlenA
GetLogicalDriveStringsA
FindResourceA
GetPrivateProfileStringA
WritePrivateProfileStringA
QueryDosDeviceA
CopyFileA
IsBadReadPtr
MultiByteToWideChar
WideCharToMultiByte
CreateToolhelp32Snapshot
Process32First
Process32Next
K32GetProcessImageFileNameA
EnterCriticalSection
LeaveCriticalSection
EncodePointer
LCMapStringEx
GetLocaleInfoEx
GetStringTypeW
CompareStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
KERNEL32.dll
ShellExecuteA
SHELL32.dll
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetReadFile
HttpQueryInfoA
WININET.dll
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetDriveTypeW
GetFullPathNameW
FindClose
FindFirstFileExW
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetModuleFileNameW
GetStdHandle
GetCommandLineA
GetCommandLineW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
DeleteFileW
GetCurrentDirectoryW
GetTimeZoneInformation
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
WriteConsoleW
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVbad_array_new_length@std@@
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVruntime_error@std@@
.?AVsystem_error@std@@
.?AV_System_error@std@@
.?AVbad_cast@std@@
.?AVfailure@ios_base@std@@
.?AVCAtlException@ATL@@
.?AVinvalid_argument@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
.?AVbad_exception@std@@
.?AVCWin32Heap@ATL@@
.?AUIAtlMemMgr@ATL@@
.?AUIAtlStringMgr@ATL@@
.?AVCAtlStringMgr@ATL@@
.?AVerror_category@std@@
.?AV_Iostream_error_category2@std@@
.?AV_Facet_base@std@@
.?AVfacet@locale@std@@
.?AU_Crt_new_delete@std@@
.?AVcodecvt_base@std@@
.?AV?$codecvt@GDU_Mbstatet@@@std@@
.?AUctype_base@std@@
.?AV?$ctype@D@std@@
.?AV_Locimp@locale@std@@
.?AV?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$numpunct@D@std@@
.?AV?$codecvt@DDU_Mbstatet@@@std@@
.?AVios_base@std@@
.?AV?$_Iosb@H@std@@
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_filebuf@DU?$char_traits@D@std@@@std@@
.?AV?$codecvt@_WDU_Mbstatet@@@std@@
.?AV?$ctype@_W@std@@
.?AV?$ctype@G@std@@
.?AUmessages_base@std@@
.?AUmoney_base@std@@
.?AUtime_base@std@@
.?AV?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$numpunct@_W@std@@
.?AV?$collate@_W@std@@
.?AV?$messages@_W@std@@
.?AV?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$moneypunct@_W$0A@@std@@
.?AV?$_Mpunct@_W@std@@
.?AV?$moneypunct@_W$00@std@@
.?AV?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$numpunct@G@std@@
.?AV?$collate@G@std@@
.?AV?$messages@G@std@@
.?AV?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$moneypunct@G$0A@@std@@
.?AV?$_Mpunct@G@std@@
.?AV?$moneypunct@G$00@std@@
.?AV?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$collate@D@std@@
.?AV?$messages@D@std@@
.?AV?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$moneypunct@D$0A@@std@@
.?AV?$_Mpunct@D@std@@
.?AV?$moneypunct@D$00@std@@
.?AV?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AVtype_info@@
!This program cannot be run in DOS mode.
h.rdata
H.data
.pdata
b.reloc
H9D$8t2H
H9D$Ht/H
L$@H9HPu
D$@H9D$
D$ FileE3
H9D$@sM
D$HHc@<H
D$HHc@<H
9D$$s-
D$(H9D$@r%
H9D$@w
H9D$(tlH
@0H9D$Hr H
A0H9D$Hs
D$0H9D$ t^H
@0H9D$8uBH
L$ H9A
D$XBSBS
H9D$(s
D$@H9D$
H9D$@sM
9D$Tst
8PAGEttH
L$(H;A
ffffff
fffffff
ffffff
ffffff
fffffff
ffffff
fffffff
BBLookupProcessThread
BlackBone: %s: Failed to allocate memory for process list
BlackBone: %s: Failed to locate process
LeiLeiGetKernelBase
LoadDriver: %s: Invalid SystemModuleInformation size
LeiLeiInitLdrData
LoadDriver: %s: Failed to retrieve Kernel base address. Aborting
LoadDriver: %s: Failed to retrieve PsLoadedModuleList address. Aborting
LeiLeiResolveImageRefs
LoadDriver: %s: Failed to load import '%wZ'. Status code: 0x%X
LoadDriver: %s: Failed to resolve import '%wZ' : '%s'
LoadDriver: %s: Failed to resolve import '%wZ' : '%d'
LeiLeiMapWorker
LoadDriver: %s: Failed to open %wZ. Status: 0x%X
LoadDriver: %s: Failed to get '%wZ' size. Status: 0x%X
LoadDriver: %s: Failed to obtaint NT Header for '%wZ'
LoadDriver: %s: Failed to read '%wZ'. Status: 0x%X
DYN_PTE_BASE-2222--%X
Lonad--Drvier win10
Lonad--Drvier win7
Lonad--Drvier 11111111
LoadDriver: %s: Failed to relocate image '%wZ'. Status: 0x%X
LoadDriver: %s: Failed to allocate memory for image '%wZ'
LoadDriver: %s: Successfully mapped '%wZ' at 0x%p
111111
2222222
NtCreateThreadEx
333333
444444
ZwProtectVirtualMemory
ButtonData--%d--%d
C:\Users\Administrator\Desktop\111\
\x64\Release\Driver11111.pdb
.text$mn
.text$mn$00
.text$mn$21
.text$s
.text$x
.idata$5
.00cfg
.gfids
.rdata
.rdata$zzzdbg
.xdata
.pdata
.idata$2
.idata$3
.idata$4
.idata$6
d[[[[[
[[[[[[[[[[[[js
[RRRR[[[[w|w
vv[[[[[[[[[[[
@@@@AI@@@@LB@@@@@@@@ODS@@@DWC\@`@@@@@@@@@@@@@@dfnk@@jF@@DF@@[D@@
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.rsrc
@.reloc
L$ SVWH
|$ AVH
H3E H3E
WATAUAVAWH
A_A^A]A\_
t<ffff
WATAUAVAWH
A_A^A]A\_
fffffff
D8t$8t
D$@H;G
CA< t(<#t
<htl<jt\<lt4<tt$<wt
!,X< w
t$ WAVAWH
<Ct-<D
<StW@:
<g~{<itd<ntY<ot7<pt
<utT@:
D<P0@:
k4+kP+
0A_A^_
WAVAWH
A_A^_
x ATAVAWH
A_A^A\
L$ VWAVH
u3HcH<H
x ATAVAWH
A_A^A\
UVWAVAWH
0A_A^_^]
WAVAWH
0A_A^_
WAVAWH
A_A^_
` UAVAWH
@A_A^]
WATAUAVAWH
A_A^A]A\_
L$ VWAVH
fD9t$b
8\$8t(H
@8l$Ht
L$ UVWH
WATAUAVAWH
gfffffffH
D8l$ht
A_A^A]A\_
<at <rt
u"8Z(t
uF8Z(t
vC8_(t
u"8Z(t
uF8Z(t
vB8_(t
UVWATAUAVAWH
`A_A^A]A\_^]
WATAUAVAWH
0A_A^A]A\_
H97u+A
\$ UVWATAUAVAWH
@8|$Ht
@8|$Ht
@8|$Ht
D$XD9x
@8|$ht
@8|$ht
@8|$ht
A_A^A]A\_^]
u"8Z(t
UVWATAUAVAWH
L$&8\$&t,8Y
@A_A^A]A\_^]
fD94Fu
\$ VWATAUAVH
D!l$xA
@A^A]A\_^
x AVAWE3
|$0A_A^
UVWATAUAVAWH
D8T8>t
A_A^A]A\_^]
VWATAVAW
A_A^A\_^
WATAUAVAWH
A_A^A]A\_
\$ UVWATAUAVAWH
H!D$ H
`A_A^A]A\_^]
ATAVAWH
0A_A^A\
@UATAUAVAWH
H!T$0D
ue!T$(H!T$
A_A^A]A\]
WATAUAVAWH
A_A^A]A\_
SUVWATAVAWH
A_A^A\_^][
@USVWATAUAVAWH
D+d$8H
#D8d$`t
A_A^A]A\_^[]
D$0H9D$8
@UATAUAVAWH
e0A_A^A]A\]
s WAVAWH
0A_A^_
u~9t$Xt
UATAUAVAWH
A_A^A]A\]
ATAUAVH
L$ fff
L$ |+L;
A^A]A\
WATAUAVAWH
A_A^A]A\_
\$ UVWATAUAVAWH
0A_A^A]A\_^]
@SUVWATAUAVAWH
8A_A^A]A\_^][
x ATAVAWH
0A_A^A\
UVWATAUAVAWH
@8t$HtsL
`A_A^A]A\_^]
UVWAVAWH
@A_A^_^]
ffffff
fffffff
x ATAVAWH
A_A^A\
USVWAVH
A^_^[]
LcA<E3
u HcA<H
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__swift_1
__swift_2
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator ""
operator co_await
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
`h````
xpxxxx
(null)
CorExitProcess
AreFileApisANSI
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
LCMapStringEx
LocaleNameToLCID
AppPolicyGetProcessTerminationMethod
NAN(SNAN)
nan(snan)
NAN(IND)
nan(ind)
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
UTF-16LEUNICODE
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
[aOni*{
~ $s%r
@b;zO]
v2!L.2
1#QNAN
1#SNAN
UUUUUU
UUUUUU
=imb;D
/>58d%
VM >cQ6
>jtm}S
)>6{1n
+f)>0'
;H9>&X
*StO9>T
n03>Pu
K~Je#>!
bp(=>?g
BC?>6t9^
K&>.yC
.xJ>Hf
y\PD>!
|b=})>
c [1>H'
uzKs@>
3>N;kU
kE>fvw
V6E>`"(5
?UUUUUU
?7zQ6$
xxxxxxxxxxxxxxxx
C:\Users\Administrator\Desktop\TLS
11-19\x64\Release\Dll.pdb
.text$mn
.text$mn$00
.text$x
.idata$5
.00cfg
.CRT$XCA
.CRT$XCZ
.CRT$XIA
.CRT$XIC
.CRT$XIZ
.CRT$XPA
.CRT$XPX
.CRT$XPXA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata
.idata$2
.idata$3
.idata$4
.idata$6
.pdata
.rsrc$01
.rsrc$02
AllocConsole
SetConsoleTitleW
AttachConsole
GetCurrentProcessId
CreateThread
KERNEL32.dll
MessageBoxW
USER32.dll
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
LCMapStringW
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetStdHandle
GetFileSizeEx
SetFilePointerEx
GetStringTypeW
CloseHandle
CreateFileW
HeapSize
HeapReAlloc
ReadFile
ReadConsoleW
SetEndOfFile
WriteConsoleW
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
</assembly>
wcsstr
DbgPrintEx
RtlGetVersion
KeDelayExecutionThread
ExAllocatePoolWithTag
ExFreePoolWithTag
PsWrapApcWow64Thread
ObfDereferenceObject
PsGetCurrentThreadId
PsGetProcessId
KeStackAttachProcess
KeUnstackDetachProcess
PsIsThreadTerminating
PsLookupProcessByProcessId
PsLookupThreadByThreadId
ZwQueryVirtualMemory
PsGetThreadTeb
PsGetProcessPeb
PsGetProcessWow64Process
ZwQuerySystemInformation
KeInitializeApc
KeInsertQueueApc
KeTestAlertThread
PsGetCurrentProcessWow64Process
__C_specific_handler
strcmp
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlCompareUnicodeString
RtlFreeUnicodeString
ExAllocatePool
MmGetSystemRoutineAddress
MmMapLockedPagesSpecifyCache
MmAllocatePagesForMdl
MmFreePagesFromMdl
ObReferenceObjectByHandleWithTag
ObCloseHandle
ZwCreateFile
ZwQueryInformationFile
ZwReadFile
ZwClose
RtlCompareString
IoCreateFileEx
RtlRandomEx
MmFlushImageSection
ZwDeleteFile
RtlImageNtHeader
RtlImageDirectoryEntryToData
IoFileObjectType
RtlInitUnicodeString
MmAllocateContiguousMemory
IoGetCurrentProcess
MmGetPhysicalAddress
MmGetVirtualForPhysical
RtlCaptureContext
ObOpenObjectByPointer
ZwAllocateVirtualMemory
ObReferenceObjectByName
MmCopyVirtualMemory
KeCapturePersistentThreadState
ZwSetSystemInformation
MmMarkPhysicalMemoryAsBad
MmUserProbeAddress
IoDriverObjectType
IoCreateDevice
IoDeleteDevice
MmIsAddressValid
_stricmp
ZwOpenFile
ZwCreateSection
ZwMapViewOfSection
ZwUnmapViewOfSection
ntoskrnl.exe
Washington1
Redmond1
Microsoft Corporation1)0'
Microsoft Code Verification Root0
110222192517Z
210222193517Z0
VeriSign, Inc.1 0
VeriSign Trust Network1:08
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
<VeriSign Class 3 Public Primary Certification Authority - G50
Dhttp://crl.microsoft.com/pki/crl/products/MicrosoftCodeVerifRoot.crl0
,N<jPl
3BH8Q:|8
VeriSign, Inc.1 0
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA0
120820000000Z
130820235959Z0
Jiangsu1
Nanjing1705
.Nanjing xScaler Information Technology Co.,Ltd1>0<
5Digital ID Class 3 - Microsoft Software Validation v21705
.Nanjing xScaler Information Technology Co.,Ltd0
2:V@Zn
/http://csc3-2010-crl.verisign.com/CSC3-2010.crl0D
https://www.verisign.com/rpa0
http://ocsp.verisign.com0;
/http://csc3-2010-aia.verisign.com/CSC3-2010.cer0
VeriSign, Inc.1 0
VeriSign Trust Network1:08
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
<VeriSign Class 3 Public Primary Certification Authority - G50
100208000000Z
200207235959Z0
VeriSign, Inc.1 0
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA0
https://www.verisign.com/cps0*
https://www.verisign.com/rpa0
[0Y0W0U
image/gif0!0 0
#http://logo.verisign.com/vslogo.gif04
#http://crl.verisign.com/pca3-g5.crl04
http://ocsp.verisign.com0
VeriSignMPKI-2-80
VeriSign, Inc.1 0
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA
123 0#
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo><application xmlns="urn:schemas-microsoft-com:asm.v3"><windowsSettings><dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware></windowsSettings></application></assembly>
0!01060?0I0q0
1!111A1Q1a1q1
2!212A2Q2a2q2
3!313A3Q3a3q3
4!4D4I4a4q4
5!515A5Q5a5q5
61666?6I6a6q6
7 7)7A7F7O7Y7q7v7
8!818A8F8O8Y8q8v8
9 9)9A9Q9a9q9
:!:1:A:Q:a:q:
;!;-;7;C;O;_;d;n;
< <-<7<A<M<W<c<o<y<
< =8=]=c=
2)2/292N2W2a2
2n364E4q4~4
7A7]7|7
:6;?;D;d;
:6:E:s:x:
G0f0u0
2)2_2x2
8"9V9c9
:#;*;8;J;U;k;q;w;
1W2o2v2
3(414>4L4R4`4l4x4~4
565H5m5
6H7R7_7h7
7 8&8,8
: :+:1:7:B:
:K;Q;W;b;
<l<r<}<
=%=+=3=I=O=U=\=a=g=p=v=
> >*>0>R>X>`>{>
?!?:?C?I?O?V?[?b?
0)040;0A0J0O0U0h0t0z0
1"1'1.1H1N1V1k1p1u1z1
2"292>2D2U2]2
4+4A4J4R4X4^4e4q4
5(5-585
7G8T8Y8d8
:9:G:N:S:o:
:V;e;};
<8<C<M<e<l<x<~<
=U>[>d>t>y>
?5?G?O?W?
70a0i0{0
153D3L3W3e3
4g6v6~6
1#2@2J2O2o2
3&313&454
575A5I5
;4<=<B<b<v<
=2=>=D=K=Q=
?%?1?7?>?D?s?
8m9s9y9
`3y3'4
4Z5u5|5
576A6L6
7,727:7H7M7_7
9 90989Q9W9c9i9o9v9
:$:::L:^:p:
<@>]>c>h>o>v>
050e0x0
1J2v2{2
3"3(31363<3E3N3T3]3b3h3q3|3
464H4i4o4x4}4
5%6@6_6k6q6x6~6
9a<l<r<y<
4<4Z4x4
585R5`5f5u5|5
/0W0a0i0
1F2f2v2
3*3D3J3S3X3^3~3
4A4V4p4v4
5 5@5m5
62686A6F6L6l6
7&878I8O8X8]8c8z8
9'9T9n9u9|9
;#;+;5;:;A;
<J=S=g=}=
2+2B2H2P2g2m2u2
2V3\3g3
4'4r4}4
5"5,5|5
9,979=9C9N9
9W:]:c:n:
;:<?<J<P<
>b>k>t>z>
0"0-0O0W0b0
1!1(1.1>1H1
1:2G2L2R2[2b2
6%6/696C6M6W6a6k6u6
7!7(7C7M7W7a7k7u7
8 8)838=8G8Q8[8e8o8y8
9#9-979A9K9U9_9i9s9}9
:':1:;:E:O:Y:c:l:r:|:
;&;0;:;D;S;];g;q;{;
< <*<4<><H<R<\<f<p<z<
=$=.=8=B=L=V=`=j=t=~=
>(>2><>F>P>Z>d>n>x>
?"?,?6?@?R?X?d?j?v?|?
0,010P0U0m0r0x0
6>7Q7V7
:":9:J:Z:`:i:n:t:
;$;*;F;V;~;
>&?8?P?U?_?
@0E0K0U0[0z0
1#1*1=1Q1i1o1t1{1
2D2\2b2g2n2u2
3 393O3z3
374=4B4I4P4c4w4
5)5?5j5
6#6(6/666F6_6u6
7>7[7a7f7m7t7
8O8k8q8v8}8
:#:*:;:E:J:X:
;B<S<A=[=a=f=m=t=
30D0c0
303<3C3M3V3`3v3
4 4*4;4E4V4`4q4{4
7&7+7>7C7V7[7g7
8A9I9Q9
: :.:4:;:A:h:
<E<K<g<s<{<
<3=S=[=f=
>?>M>W>^>j>
>E?S?Z?n?u?{?
0b0j0p0x0
1-1>1O1
4'414U4]4h4
5%5+54595?5m5x5
6M7Y7d7t7
=1>A>k>}>
0*01060=0C0
1!1&1+111R1]1b1h1r1x1
3:3E3V3[3`3f3
414@4E4]4l4q4
535?5D5\5a5l5r5x5
8"898H8Z8g8m8
=T=]=c=i=o=t=
?7?B?H?Q?V?\?z?
010S0f0n0
1&1+101R1w1
4Q4W4e4k4v4
7 7*707
7$848K8P8V8`8f8
9"949:9A9Z9`9i9r9
: :&:0:J:P:Y:b:p:v:
:';>;Z;`;h;v;{;
3"393F3a3i3t3
3N4S4^4h4p4
5!5'50555;5
8 8$8M8\8v8
9!9&92979A9G9O9U9[9b9n9t9{9
;-;2;G;v;
=;>T>j>p>w>}>
?#?1?6?L?
122L2R2Z2e2j2z2
3B3\3b3j3u3z3
4R4k4q4y4
54595E5J5T5a5s5z5
6T7Z7b7o7v7|7
9-:j:s:
;Q;Z;u;
;:<C<^<i<n<s<
<!=*=E=P=U=Z=k=p=u=z=
>(>3>8>=>b>m>s>z>
?&?+?0?R?]?c?j?p?
0 0'0-02080>0F0M0S0f0w0|0
1"1(1<1G1L1Q1r1}1
2$2)2;2R2
2"3*30363=3B3N3_3d3i3
5)525:5@5F5M5X5]5b5i5w5
6+6?6D6y6
7 7(70767<7C7P7U7Z7_7d7k7y7
8'8,81888F8Y8
8=9T9w9
:5:::E:V:[:`:f:
>&>8>N>T>
L0\0f0p0
<"<0<><L<
=P=W=c=
=g>r>x>
0"050?0
1'1X1]1h1s1
3#3/353A3G3S3Y3e3k3w3}3
9/9f:~:
:_=p=u=z=
%060;0@0]0
3$3)3.3K3T4l4
8=8N8S8X8u8M9e9
?$?)?/?9???W?`?n?s?y?
050>0L0Q0W0a0g0
1*1/151?1E1]1f1t1y1
2#2,272=2B2I2O2X2^2l2q2w2
3$3/353:3A3G3P3V3d3i3o3y3
4*4/454?4E4]4f4t4y4
5#5;5D5R5W5]5g5m5
6"62696Y6n6v6{6
7 7%7=7F7T7Y7_7i7o7
9$:/:v:
;#;*;0;8;Z;r;><N<b<g<|<
?!?=?G?W?b?h?|?
0#0.0G0]0s0
505O5f5
6'6>6]6t6
=!>'>.>q>~>
2L3T3_3
7D8J8S8X8^8
869[9x9
:":':9:L:
;+;1;:;C;Q;e;
<"<(</<6<B<K<T<Y<k<p<
<4===B=H=W=]=d=q=
0!0O0U0]0j0o0
0S1Y1g1z1
1M2i2p2w2
6$6/6c6k6v6
8<8L8X8b8m8
969H9_9l9y9
: :-:3:9:@:N:T:]:e:p:z:
;5;L;R;Y;_;l;q;
< <'<-<<<J<P<Y<^<f<l<|<
=9=R=i=o=v=|=
>&>,>4><>`>z>
N0T0k0w0}0
111@1F1R1X1`1f1l1
212A2Q2W2b2h2t2z2
3 3%3-3@3O3T3Z3c3j3
4"4)40474J4S4X4`4g4n4{4
6,63696@6F6g6m6x6
869H9e9
;O;Z;g;r;
<7<`<~<
</===B=O=Z=`=g=
>)>4>:>A>[>i>n>{>
1*151@1N1
1 2?2Z2y2
343T3t3
4'4/4?4Z4r4~4
5 5/5N5
657=7C7R7o7
3 3$3x3
444I4N4
5C5I5h5
526Q6`6h7
<'=,=7=
3x5v758|9
9+:2:=:
>2>E>z>g?
2,3S3g3
4 4B4e4
5:6f6M7_7
8{9F:A;i<%=
<(<.<J<W<o<
=>>K>d>
<V<\<`<h<n<s<|<
=0=@=F=M=T=z=
>'>D>Y>^>
>G?Q?n?
1-1B1G1
102:2W2l2q2
5#5@5U5Z5
5C6M6j6
8)8>8C8
8,969S9h9m9
:V:`:}:
< <<<v<
>L>X>f>r>
2'3$4f4p4J5*7l7v7P80:
3"4l4q4|4a6 9
=(>{>%?
030G0z0
2!252h2v2
3 3?3j3
515E5d5x5
6 737R7f7
828Q8p8
9;9`9':.:C:Q::;
<e=?>m?
-1)2q2
7)8D8N8Y8
;$<|<Z=
3#4~4Q5
;*</<7<
=>=O=|=
4#585=5
5&606M6b6g6
6P7Z7w7
8!8&8z8
969K9P9
:):7:F:
?%?9?n?|?
0$0A0i0
2Y3!4m4r4z4N5
<><q<&=C=J=w=
7%7,727<7K7S7_7p7w7
8!8,82898C8a8
;$;6;@;
='=,=1=R=W=d=
0(030:0M0[0a0g0m0s0y0
1&1/1S1a1g1m1s1y1
4Y4c4l4
5$5_5i5r5{5
6-6I6X6a6n6
7'70767>7C7V7j7o7
838i8o8u8{839c9
:K:c:h:
;0@0D0H0L0
7"747A7c7
:!:%:):-:1:5:9:=:A:E:I:
;B;V;r;};
<R<a<A=p?
:":B:P:W:]:
;;;V;[;`;{;
</<9<E<J<O<p<
>E>V>a>
030=0P0W0c0{0
1(2.2B2M;U;\;k=
>'><>R>_>m>{>
9 989L9a9
:4;8;<;@;D;H;L;P;
;X<\<`<d<h<l<p<t<
<l=p=t=x=|=
1'2P2Z2
6(7/7:7H7O7U7p7w7a8h9f<p<z<f=
2'7/7_7g7
<&<+<0<
<C<d<)=
.0v1<2
1)2S2-383
6@8D8H8L8P8T8X8\8
>$>P>m>
'050>0
3N3U3u4
5&5A5V5[5e5j5u5
9%9^9u9
:#:1:?:F:N:f:t:|:
;[;g;l;r;w;
<$<)<2<
3+3T3i3{3
4$414Z4a4
8:8A8G8N8S8
9!91969;9K9P9U9e9j9o9
:$:8:N:t:
; ;$;);F;j;
;1<6<;<V<`<p<u<z<
=%=S=w=
=%>:>^>p>
0"0I0[0g0u0
1"2Y2k2
10161~2
2"3\3h3r3|3
7=7G7Q7[7e7r7{7
9'9N9S9Y9e9o9
<#<.<4<><O<V<
=)=2=G=
8@8O8[8j8}8
8+949=9F9q9
<C<K<|<
=1===S=\=e=
181A1L1
;K<L=\=m=u=
1O1d1u1
1<2b2z2
>(?[?}?
6-7A7d7
:&:d:w:
?)?3?q?
1>2\2g2
21363;3@3R3
>%>?>N>X>e>o>
192B2F2L2P2V2Z2d2w2
6F6T6`6q6
8#9*949X9
<*<1<H<^<
=H=Z=l=~=
202B2~284?4G4O4W4
R1&2`2q2
7*8t8:95:
91A1x1
8?<F<M<j<
45576w6
8f9+:X:
8!8'838R8X8
=*=2=O=_=k=z=c>&?+?=?[?o?u?
2"313G3
9,9I9}9
</=8>A?k?
8'919;9Q9Z9r9|9
:2:<:g:q:{:
;";&;,;B;L;w;
<7<A<K<b<l<
="=,=W=a=k=
>!>+>B>L>w>
?7?A?K?b?l?
0"0,0W0a0k0
171A1K1b1l1
2"2,2W2a2k2
3!3+3B3L3w3
474A4K4b4l4
5"5,5W5a5k5
6!6+6B6L6w6
777A7K7b7l7
8"8,8W8a8k8
9!9+9B9L9w9
:7:A:K:b:l:
;";,;W;a;k;
<!<+<B<L<w<
=7=A=K=b=l=
>">,>W>a>k>
?!?+?B?r?|?
020<0g0q0{0
0'111;1R1\1
2G2Q2[2r2|2
323<3g3q3{3
3'414;4R4\4
5G5Q5[5r5|5
626<6g6q6{6
6'717;7R7\7
818:8Q8Z8r8|8
929<9g9q9{9
:2:<:g:q:{:
;G;Q;[;r;|;
;'<1<;<R<\<
<'=1=;=R=\=
>2><>g>q>{>
?G?Q?[?r?|?
020<0g0q0{0
0'111;1R1\1
2G2Q2[2r2|2
323<3g3q3{3
3'414;4R4\4
5G5Q5[5r5|5
626<6g6q6{6
6'717;7Q7Z7r7|7
828<8g8q8{8
8'919;9G9Q9[9e9o9y9
3 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
5 5$5(5,505D5H5L5d5h5l5
5X8\8`8d8h8l8p8t8x8|8
9 9<9@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
p7t7x7|7
:$:,:4:<:D:L:T:\:d:l:t:|:
;$;,;4;<;D;L;T;\;d;l;t;|;
<$<,<4<<<D<L<T<\<d<l<t<|<
3 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
4P8T8X8\8`8d8h8l8p8t8x8|8
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
: :$:(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
2 2(20282@2H2P2X2`2h2p2x2
3 3(30383@3H3P3X3`3h3p3x3
4 4(40484@4H4P4X4`4h4p4x4
5 5(50585@5H5P5X5`5h5p5x5
4$4,4044484<4
6 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6t6x6|6
2$2,242<2D2L2T2\2d2l2t2|2
4T5X5\5`5
6(646@6L6X6d6p6|6
7$707<7H7T7`7l7x7
8 8,888D8P8\8h8t8
9 9,989D9P9\9h9t9
T3\3d3l3t3|3
4$4,444<4D4L4T4\4d4l4t4|4
5$5,545<5D5L5T5\5d5l5t5|5
6$6,646<6D6L6T6\6d6l6t6|6
7$7,747<7D7L7T7\7d7l7t7|7
8$8,848<8D8L8T8\8d8l8t8|8
9$9,949<9D9L9T9\9d9l9t9|9
:$:,:4:<:D:L:T:\:d:l:
5 5(50585@5H5P5X5`5h5p5x5
6 6(60686@6H6P6X6`6h6p6x6
7 7(70787@7H7P7X7`7h7p7x7
8 8(80888@8H8P8X8`8h8p8x8
9 9(90989@9H9P9X9`9h9p9x9
: :(:0:8:@:H:P:X:`:h:p:x:
; ;(;0;8;@;H;P;X;`;h;p;x;
8,808@8D8H8P8h8x8|8
9 90949<9T9d9h9|9
: :8:H:L:\:`:d:h:p:
;(;8;<;L;P;T;\;t;
<$<(<0<H<X<\<`<d<h<p<
= =0=4=D=H=L=P=T=X=`=x=
>,>0>@>D>H>L>T>l>|>
? ?0?4?8?<?@?H?`?p?t?
0,0004080<0D0\0l0p0
1,10181P1`1d1t1x1|1
2 2$2<2L2P2`2d2h2l2p2x2
343D3H3X3\3`3d3h3l3t3
4$44484<4@4D4L4d4t4x4|4
5 5$5(5,545L5\5`5p5t5x5|5
6 6$6(6,646L6\6`6p6t6x6|6
7 7$7(7,70787P7T7l7|7
8 8$8(808H8X8\8l8p8t8x8|8
9(9,9094989@9X9h9l9|9
:$:(:,:0:4:8:@:X:h:l:|:
;$;(;,;0;4;8;<;D;\;`;x;
< <$<(<,<0<4<<<T<d<h<x<|<
= =$=4=8=<=@=D=H=P=h=x=|=
> >$>4>8><>@>D>H>L>T>l>p>
? ?0?4?8?<?@?D?L?d?t?x?
0$0(080<0@0H0`0<7D7L7X7x7
8$8D8L8T8\8d8l8t8
9 9@9H9P9\9|9
:(:0:8:D:d:l:x:
;0;8;@;H;P;X;`;h;p;x;
<(<H<P<X<`<h<p<x<
=$=,=4=<=D=P=p=x=
> >(>0>8>@>H>P>X>`>h>p>x>
? ?(?0?8?D?h?
0$0,040<0D0L0X0x0
1 1(10181@1H1P1X1`1h1p1x1
2 2(20282@2H2P2X2`2h2p2x2
3 3(30383@3H3T3t3|3
4$4D4P4p4x4
5,545<5D5P5p5x5
6<6D6L6T6\6d6l6t6|6
7$7,747<7D7L7T7\7d7l7t7|7
8<8\8d8l8t8|8
9$909P9\9|9
:$:,:4:<:D:L:T:\:d:l:t:|:
; ;(;0;8;@;H;P;X;`;h;p;x;
<,<8<p<x<
=(=4=<=T=l=t=|=
> >(>4>T>\>d>p>
?(?H?T?t?
0 0(0<0L0T0\0x0
1 1(10181<1@1H1\1d1l1t1x1
3$3,383X3d3
4 4(444T4\4d4l4t4|4
5 5(50585D5d5l5t5|5
6 6(646T6\6h6
8 8,8L8X8x8
989X9`9h9p9x9
: :,:L:T:\:d:p:
;,;8;X;d;
< <(<0<<<\<d<p<
= =(=0=8=D=d=p=
>$>0>P>\>
?$?0?P?X?`?h?t?
0$0,040<0D0L0T0\0d0l0t0
1 1(10181@1H1T1x1
2(282@2L2l2x2
3 3(30383@3H3P3X3`3h3p3|3
4$4,444@4`4h4t4
5$5(5D5H5h5p5t5
6,60686@6H6L6T6h6
7(7H7h7
8(8H8h8
9(9H9h9
:(:H:P:\:
;0;P;p;
<0<L<P<
0 0$0(0,0004080<0@0D0H0T0`0l0x0
1$1,141<1D1L1T1\1d1l1t1|1
=H=X=h=x=
545P5p5
646T6t6
888X8t8
;<;\;x;
;(<H<h<
?$?D?h?
0,1L1p1
Fjjjjj
Mozilla/5.0 (Windows NT 6.1; WOW64) Chrome/45.0.2454.101
HTTP/1.1
System\CurrentControlSet\Services\EvilDriver
ImagePath
\Registry\Machine\System\CurrentControlSet\Services\EvilDriver
149.129.37.78
:Sun:Sunday:Mon:Monday:Tue:Tuesday:Wed:Wednesday:Thu:Thursday:Fri:Friday:Sat:Saturday
:Jan:January:Feb:February:Mar:March:Apr:April:May:May:Jun:June:Jul:July:Aug:August:Sep:September:Oct:October:Nov:November:Dec:December
:AM:am:PM:pm
Capi-ms-win-core-synch-l1-2-0.dll
kernel32.dll
ERROR : Unable to initialize critical section in CAtlBaseModule
Fapi-ms-win-core-fibers-l1-1-1
api-ms-win-core-synch-l1-2-0
kernel32
api-ms-
mscoree.dll
(null)
((((( H
((((( H
(
minkernel\crts\ucrt\inc\corecrt_internal_strtox.h
__crt_strtox::floating_point_value::as_double
_is_double
__crt_strtox::floating_point_value::as_float
!_is_double
ELC_ALL
LC_COLLATE
LC_CTYPE
LC_MONETARY
LC_NUMERIC
LC_TIME
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
Fapi-ms-win-core-datetime-l1-1-1
api-ms-win-core-fibers-l1-1-1
api-ms-win-core-file-l1-2-2
api-ms-win-core-localization-l1-2-1
api-ms-win-core-localization-obsolete-l1-2-0
api-ms-win-core-processthreads-l1-1-2
api-ms-win-core-string-l1-1-0
api-ms-win-core-synch-l1-2-0
api-ms-win-core-sysinfo-l1-2-1
api-ms-win-core-winrt-l1-1-0
api-ms-win-core-xstate-l2-1-0
api-ms-win-rtcore-ntuser-window-l1-1-0
api-ms-win-security-systemfunctions-l1-1-0
ext-ms-win-ntuser-dialogbox-l1-1-0
ext-ms-win-ntuser-windowstation-l1-1-0
advapi32
kernel32
api-ms-win-appmodel-runtime-l1-1-2
user32
api-ms-
ext-ms-
Fja-JP
american
american english
american-english
australian
belgian
canadian
chinese
chinese-hongkong
chinese-simplified
chinese-singapore
chinese-traditional