!This program cannot be run in DOS mode.
"'AefF/6fF/6fF/6
,7hF/6
+7qF/643+7wF/643,7pF/6
.7wF/6fF.6
F/643*74F/6
3*7eF/6
6gF/6fF
3-7gF/6RichfF/6
`.rdata
@.data
@.reloc
uhSPPj
QPhp4H
BSBSPjL
E(hP}F
90:0-u
@Php}F
PWhT~F
YYhXyF
tG9 uCj
tG9 uCj
tG9 uCj
tZ9 uVj
W9^Lt"
GL9_8u
tC97u?j4
t{9 uwj
t{9 uwj
tO9 uKjD
tO9 uKjD
tG9 uCj
tG9 uCj
tG9 uCj
tG9 uCj
tG9 uCj
tG9 uCj
tc9 u_jX
td9 u`jX
tc9 u_jX
td9 u`jX
tG9 uCj
tG9 uCj
tG9 uCj
tG9 uCj
tZ9 uVj
tZ9 uVj
tI97uEjD
tI97uEjD
tS9 uOj
tS9 uOj
M$+E4@Pj
M$+E4@Pj
<:t2<,t.</u2
<:t2<,t.</u2
<:t2<,t.</u2
<:t2<,t.</u2
t{9 uwj
tG9 uCj
tG9 uCj
tG9 uCj
tc9 u_jX
td9 u`jX
tI97uEjD
tS9 uOj
M$+E4@Pj
<xt><Xu=
<xt <Xt
<xt"<Xu!
QQQPSVW
QQSVWd
URPQQh
UQPXY]Y[
YYh|uF
u9jAXf;
u-jAXf;
F4_^[]
<ItC<Lt3<Tt#<h
A<lt'<tt
<ItC<Lt3<Tt#<h
A<lt'<tt
zSSSSj
SSSQSP
7ARPRQh
PPPPPPPP
SWt@jU
@s1PVj@W
>Cu2f9V
Wj0XPV
SPjdVQ
u kE$<
PPPPPWS
PP9E u<PPVWP
SSVWh
f9:t!V
QQSVj8j@
NX9^`t1
;V\uYW
u2Vj@h
9C`u99C\t4
u29K\t-
PPPPPPPP
Unknown exception
bad array new length
string too long
iostream
iostream stream error
bad cast
bad locale name
ios_base::badbit set
ios_base::failbit set
ios_base::eofbit set
invalid stoi argument
stoi argument out of range
SeLoadDriverPrivilege
C:\Driver2030.sys
EvilDriver
_V1_20230915
Z:\Config.ini
x86.exe
TWClient.bin
TW13032701.bin
PID:%d
partial
error
noconv
unknown
, please check out_cvt_state.
._cache_
Chinese_Taiwan.950
00:00-00:00
=%d:%d-%d:%d
q: %d
http://149.129.37.78:22556/ck?m=
InternetOpen fail
error open url
error query info
error to read file
x86_exe_ver
%s\AP.exe
0929_1
Setting
X_s:%s
j%0D%0A
j%0D%0A
j%0D%0A
j%0D%0A
j%0D%0A
%0D%0A
depositnpc
withdrawnpc
VerificationURL_
checkgm_
whitelist_
qdata_
qdata_unknow_
dbfilter_
x86_dll_ver
w3fPNpHT55WS5BTBIH0xEKiYOTRmbppM1MNKYmUxSoQ
xIfeKvNCFXumOSlBZeLtspTYYqq96Pr8PsJDhHekwsa
4QsgyqTlIuIqkLhjrjsBp8LgaLtFuGbSRqFAZ5PQmoK
4p3yYzO71xYC2NvOeMakoma9xeIBfo993lwIH0sRmUZ
a6NsOVmmIXRFqCedOMMW98MUgEjvaDXvpjftbzCqrOn
yuC6IY4JUrOByo1KpZsyxJcaQ8qmInB5E7YEjsXjnp0
f9Ba8sdHJQB7unxbVwPO9YvGHgfJj3EcNOibgMjMzDy
w6uRbnpSTvDbT9K4ZBsKrmxDs1iz5kZxyoPMYlV0Lhc
atoken:%s
teleport guide
32773,32941|32793,32760|33024,33343|33152,33275|33438,33059|33928,32852|32839,33454|33075,33174|33477,33153
|GM|Gm|gM|gm
2_2:%s
2_3:%s
[0]:%s
(%s,%s)
[1]:%s
(%s,%s)
[0]:%s
(%s,%s)
[1]:%s
(%s,%s)
[2]:%s
(%s,%s)
2_2_NPC
[0]:%s
2_2_NPC
[1]:%s
2_2_NPC
[2]:%s
2_3_NPC
[0]:%s
2_3_NPC
[1]:%s
2_3_NPC
[2]:%s
[0]:%s
%d,(%s,%s)
[0]:%s
%d,(%s,%s)
[0]:%s
[0]:%s
`_381:%d
zuzMUEDOhUsZrJdX7AaPdWjaC03PBYaWZUvzrQsyuXt
j%0D%0A
j%0D%0A
j%0D%0A
%0D%0A
j%0D%0A
/ck?m=
Name_s:%s
\LinHelperZ.ini
\LinHelperz.txt
\LinHelperX.txt
GM:%d,
(%d,%d)
%0D%0A
j%0D%0A
b=100|
b=2000|
R%s:%d
D_s2:%s
[i]: %s
_i[%d]: %d
_X:%d,
GM:%s,
(%d,%d)
(%d,%d)
invalid string position
vector too long
bad allocation
address family not supported
address in use
address not available
already connected
argument list too long
argument out of domain
bad address
bad file descriptor
bad message
broken pipe
connection aborted
connection already in progress
connection refused
connection reset
cross device link
destination address required
device or resource busy
directory not empty
executable format error
file exists
file too large
filename too long
function not supported
host unreachable
identifier removed
illegal byte sequence
inappropriate io control operation
interrupted
invalid argument
invalid seek
io error
is a directory
message size
network down
network reset
network unreachable
no buffer space
no child process
no link
no lock available
no message available
no message
no protocol option
no space on device
no stream resources
no such device or address
no such device
no such file or directory
no such process
not a directory
not a socket
not a stream
not connected
not enough memory
not supported
operation canceled
operation in progress
operation not permitted
operation not supported
operation would block
owner dead
permission denied
protocol error
protocol not supported
read only file system
resource deadlock would occur
resource unavailable try again
result out of range
state not recoverable
stream timeout
text file busy
timed out
too many files open in system
too many files open
too many links
too many symbolic link levels
value too large
wrong protocol type
unknown error
0123456789-+Ee
0123456789ABCDEFabcdef-+Xx
0123456789ABCDEFabcdef-+XxPp
:Sun:Sunday:Mon:Monday:Tue:Tuesday:Wed:Wednesday:Thu:Thursday:Fri:Friday:Sat:Saturday
:Jan:January:Feb:February:Mar:March:Apr:April:May:May:Jun:June:Jul:July:Aug:August:Sep:September:Oct:October:Nov:November:Dec:December
%b %d %H : %M : %S %Y
%m / %d / %y
:AM:am:PM:pm
%I : %M : %S %p
%H : %M
%H : %M : %S
%d / %m / %y
0123456789-
0123456789-
0123456789-
0123456789-+Ee
0123456789ABCDEFabcdef-+Xx
0123456789-
0123456789-+Ee
0123456789ABCDEFabcdef-+Xx
0123456789ABCDEFabcdef-+XxPp
0123456789ABCDEFabcdef-+XxPp
+v$x+v$xv$+xv+$xv$+x+$vx+$vx$v+x+$vx$+vx+v $+v $v $+v +$v $++$ v+$ v$ v++$ v$+ v+xv$+ v$v$ +v+ $v$ ++x$v+ $v$v ++ $v$ +v
raB3G@mG
0123456789-
0123456789-
0123456789abcdefghijklmnopqrstuvwxyz
0123456789abcdefghijklmnopqrstuvwxyz
SleepConditionVariableCS
WakeAllConditionVariable
bad exception
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__swift_1
__swift_2
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator ""
operator co_await
operator<=>
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
`anonymous namespace'
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
CorExitProcess
`h````
xpxxxx
`h`hhh
xwpwpp
(null)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
[aOni*{
~ $s%r
@b;zO]
v2!L.2
IND)ind)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
AreFileApisANSI
CompareStringEx
EnumSystemLocalesEx
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
GetDateFormatEx
GetLocaleInfoEx
GetSystemTimePreciseAsFileTime
GetTimeFormatEx
GetUserDefaultLocaleName
InitializeCriticalSectionEx
IsValidLocaleName
LCMapStringEx
LCIDToLocaleName
LocaleNameToLCID
AppPolicyGetProcessTerminationMethod
NAN(SNAN)
nan(snan)
NAN(IND)
nan(ind)
_hypot
_nextafter
1#QNAN
1#SNAN
]vQ<)8
|)P!?Ua0
Eb2]A=
u?^p?o4
y1~?|"
?x +s7
?5O d%
?|I7Z#
>,'1D=
?g)([|X>=
~U` ?K
:h"?bC
@H#?43
Ax#?uN}*
r7Yr7=
F0$?3=1
H`$?h|
&?~YK|
sU0&?W
<8bunz8
?#%X.y
F||<##
<@En[vP
b<log10
?5Wg4p
%S#[k =
"B <1=
C:\Users\Clive\source\repos\x86_driver\Release\x86.pdb
.text$di
.text$mn
.text$x
.text$yd
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCC
.CRT$XCL
.CRT$XCU
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIC
.CRT$XIZ
.CRT$XLA
.CRT$XLZ
.CRT$XPA
.CRT$XPX
.CRT$XPXA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$T
.rdata$r
.rdata$sxdata
.rdata$voltmd
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.tls$ZZZ
.xdata$x
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.data$rs
.rsrc$01
.rsrc$02
PathFileExistsA
PathIsDirectoryA
SHLWAPI.dll
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCreateKeyExW
RegFlushKey
RegSetValueExA
RegSetValueExW
ADVAPI32.dll
wsprintfA
SetWindowPos
IsWindowVisible
GetAsyncKeyState
MapVirtualKeyA
GetSystemMetrics
GetWindowRect
GetCursorPos
EnumWindows
GetTopWindow
GetWindowThreadProcessId
GetWindow
USER32.dll
NtQuerySystemInformation
RtlInitUnicodeString
RtlDosPathNameToNtPathName_U
NtLoadDriver
ntdll.dll
WinHttpOpen
WinHttpCloseHandle
WinHttpConnect
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpOpenRequest
WinHttpSendRequest
WinHttpReceiveResponse
WINHTTP.dll
CreateFileW
WriteFile
CloseHandle
GetCurrentDirectoryA
CreateDirectoryA
CreateFileA
GetFileSize
ReadFile
SetFilePointer
DecodePointer
RaiseException
GetLastError
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
OpenProcess
GetModuleHandleA
GetProcAddress
LoadResource
LockResource
SizeofResource
lstrcmpiA
lstrcpyA
lstrcatA
lstrlenA
GetLogicalDriveStringsA
FindResourceA
GetPrivateProfileStringA
WritePrivateProfileStringA
QueryDosDeviceA
CopyFileA
IsBadReadPtr
MultiByteToWideChar
WideCharToMultiByte
CreateToolhelp32Snapshot
Process32First
Process32Next
K32GetProcessImageFileNameA
EnterCriticalSection
LeaveCriticalSection
EncodePointer
LCMapStringEx
GetLocaleInfoEx
GetStringTypeW
CompareStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
KERNEL32.dll
ShellExecuteA
SHELL32.dll
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetReadFile
HttpQueryInfoA
WININET.dll
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetDriveTypeW
GetFullPathNameW
FindClose
FindFirstFileExW
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetModuleFileNameW
GetStdHandle
GetCommandLineA
GetCommandLineW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
DeleteFileW
GetCurrentDirectoryW
GetTimeZoneInformation
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
WriteConsoleW
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVbad_array_new_length@std@@
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVruntime_error@std@@
.?AVsystem_error@std@@
.?AV_System_error@std@@
.?AVbad_cast@std@@
.?AVfailure@ios_base@std@@
.?AVCAtlException@ATL@@
.?AVinvalid_argument@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
.?AVbad_exception@std@@
.?AVCWin32Heap@ATL@@
.?AUIAtlMemMgr@ATL@@
.?AUIAtlStringMgr@ATL@@
.?AVCAtlStringMgr@ATL@@
.?AVerror_category@std@@
.?AV_Iostream_error_category2@std@@
.?AV_Facet_base@std@@
.?AVfacet@locale@std@@
.?AU_Crt_new_delete@std@@
.?AVcodecvt_base@std@@
.?AV?$codecvt@GDU_Mbstatet@@@std@@
.?AUctype_base@std@@
.?AV?$ctype@D@std@@
.?AV_Locimp@locale@std@@
.?AV?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$numpunct@D@std@@
.?AV?$codecvt@DDU_Mbstatet@@@std@@
.?AVios_base@std@@
.?AV?$_Iosb@H@std@@
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_filebuf@DU?$char_traits@D@std@@@std@@
.?AV?$codecvt@_WDU_Mbstatet@@@std@@
.?AV?$ctype@_W@std@@
.?AV?$ctype@G@std@@
.?AUmessages_base@std@@
.?AUmoney_base@std@@
.?AUtime_base@std@@
.?AV?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$numpunct@_W@std@@
.?AV?$collate@_W@std@@
.?AV?$messages@_W@std@@
.?AV?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$moneypunct@_W$0A@@std@@
.?AV?$_Mpunct@_W@std@@
.?AV?$moneypunct@_W$00@std@@
.?AV?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
.?AV?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$numpunct@G@std@@
.?AV?$collate@G@std@@
.?AV?$messages@G@std@@
.?AV?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$moneypunct@G$0A@@std@@
.?AV?$_Mpunct@G@std@@
.?AV?$moneypunct@G$00@std@@
.?AV?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
.?AV?$collate@D@std@@
.?AV?$messages@D@std@@
.?AV?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$moneypunct@D$0A@@std@@
.?AV?$_Mpunct@D@std@@
.?AV?$moneypunct@D$00@std@@
.?AV?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AVtype_info@@
!This program cannot be run in DOS mode.
h.rdata
H.data
.pdata
b.reloc
H9D$8t2H
H9D$Ht/H
L$@H9HPu
D$@H9D$
D$ FileE3
H9D$@sM
D$HHc@<H
D$HHc@<H
9D$$s-
D$(H9D$@r%
H9D$@w
H9D$(tlH
@0H9D$Hr H
A0H9D$Hs
D$0H9D$ t^H
@0H9D$8uBH
L$ H9A
D$XBSBS
H9D$(s
D$@H9D$
H9D$@sM
9D$Tst
8PAGEttH
L$(H;A
ffffff
fffffff
ffffff
ffffff
fffffff
ffffff
fffffff
BBLookupProcessThread
BlackBone: %s: Failed to allocate memory for process list
BlackBone: %s: Failed to locate process
LeiLeiGetKernelBase
LoadDriver: %s: Invalid SystemModuleInformation size
LeiLeiInitLdrData
LoadDriver: %s: Failed to retrieve Kernel base address. Aborting
LoadDriver: %s: Failed to retrieve PsLoadedModuleList address. Aborting
LeiLeiResolveImageRefs
LoadDriver: %s: Failed to load import '%wZ'. Status code: 0x%X
LoadDriver: %s: Failed to resolve import '%wZ' : '%s'
LoadDriver: %s: Failed to resolve import '%wZ' : '%d'
LeiLeiMapWorker
LoadDriver: %s: Failed to open %wZ. Status: 0x%X
LoadDriver: %s: Failed to get '%wZ' size. Status: 0x%X
LoadDriver: %s: Failed to obtaint NT Header for '%wZ'
LoadDriver: %s: Failed to read '%wZ'. Status: 0x%X
DYN_PTE_BASE-2222--%X
Lonad--Drvier win10
Lonad--Drvier win7
Lonad--Drvier 11111111
LoadDriver: %s: Failed to relocate image '%wZ'. Status: 0x%X
LoadDriver: %s: Failed to allocate memory for image '%wZ'
LoadDriver: %s: Successfully mapped '%wZ' at 0x%p
111111
2222222
NtCreateThreadEx
333333
444444
ZwProtectVirtualMemory
ButtonData--%d--%d
C:\Users\Administrator\Desktop\111\
\x64\Release\Driver11111.pdb
.text$mn
.text$mn$00
.text$mn$21
.text$s
.text$x
.idata$5
.00cfg
.gfids
.rdata
.rdata$zzzdbg
.xdata
.pdata
.idata$2
.idata$3
.idata$4
.idata$6
d[[[[[
[[[[[[[[[[[[js
[RRRR[[[[w|w
vv[[[[[[[[[[[
@@@@AI@@@@LB@@@@@@@@ODS@@@DWC\@`@@@@@@@@@@@@@@dfnk@@jF@@DF@@[D@@
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.rsrc
@.reloc
L$ SVWH
|$ AVH
H3E H3E
WATAUAVAWH
A_A^A]A\_
t<ffff
WATAUAVAWH
A_A^A]A\_
fffffff
D8t$8t
D$@H;G
CA< t(<#t
<htl<jt\<lt4<tt$<wt
!,X< w
t$ WAVAWH
<Ct-<D
<StW@:
<g~{<itd<ntY<ot7<pt
<utT@:
D<P0@:
k4+kP+
0A_A^_
WAVAWH
A_A^_
x ATAVAWH
A_A^A\
L$ VWAVH
u3HcH<H
x ATAVAWH
A_A^A\
UVWAVAWH
0A_A^_^]
WAVAWH
0A_A^_
WAVAWH
A_A^_
` UAVAWH
@A_A^]
WATAUAVAWH
A_A^A]A\_
L$ VWAVH
fD9t$b
8\$8t(H
@8l$Ht
L$ UVWH
WATAUAVAWH
gfffffffH
D8l$ht
A_A^A]A\_
<at <rt
u"8Z(t
uF8Z(t
vC8_(t
u"8Z(t
uF8Z(t
vB8_(t
UVWATAUAVAWH
`A_A^A]A\_^]
WATAUAVAWH
0A_A^A]A\_
H97u+A
\$ UVWATAUAVAWH
@8|$Ht
@8|$Ht
@8|$Ht
D$XD9x
@8|$ht
@8|$ht
@8|$ht
A_A^A]A\_^]
u"8Z(t
UVWATAUAVAWH
L$&8\$&t,8Y
@A_A^A]A\_^]
fD94Fu
\$ VWATAUAVH
D!l$xA
@A^A]A\_^
x AVAWE3
|$0A_A^
UVWATAUAVAWH
D8T8>t
A_A^A]A\_^]
VWATAVAW
A_A^A\_^
WATAUAVAWH
A_A^A]A\_
\$ UVWATAUAVAWH
H!D$ H
`A_A^A]A\_^]
ATAVAWH
0A_A^A\
@UATAUAVAWH
H!T$0D
ue!T$(H!T$
A_A^A]A\]
WATAUAVAWH
A_A^A]A\_
SUVWATAVAWH
A_A^A\_^][
@USVWATAUAVAWH
D+d$8H
#D8d$`t
A_A^A]A\_^[]
D$0H9D$8
@UATAUAVAWH
e0A_A^A]A\]
s WAVAWH
0A_A^_
u~9t$Xt
UATAUAVAWH
A_A^A]A\]
ATAUAVH
L$ fff
L$ |+L;
A^A]A\
WATAUAVAWH
A_A^A]A\_
\$ UVWATAUAVAWH
0A_A^A]A\_^]
@SUVWATAUAVAWH
8A_A^A]A\_^][
x ATAVAWH
0A_A^A\
UVWATAUAVAWH
@8t$HtsL
`A_A^A]A\_^]
UVWAVAWH
@A_A^_^]
ffffff
fffffff
x ATAVAWH
A_A^A\
USVWAVH
A^_^[]
LcA<E3
u HcA<H
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__swift_1
__swift_2
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator ""
operator co_await
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
`h````
xpxxxx
(null)
CorExitProcess
AreFileApisANSI
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
LCMapStringEx
LocaleNameToLCID
AppPolicyGetProcessTerminationMethod
NAN(SNAN)
nan(snan)
NAN(IND)
nan(ind)
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
UTF-16LEUNICODE
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
[aOni*{
~ $s%r
@b;zO]
v2!L.2
1#QNAN
1#SNAN
UUUUUU
UUUUUU
=imb;D
/>58d%
VM >cQ6
>jtm}S
)>6{1n
+f)>0'
;H9>&X
*StO9>T
n03>Pu
K~Je#>!
bp(=>?g
BC?>6t9^
K&>.yC
.xJ>Hf
y\PD>!
|b=})>
c [1>H'
uzKs@>
3>N;kU
kE>fvw
V6E>`"(5
?UUUUUU
?7zQ6$
xxxxxxxxxxxxxxxx
C:\Users\Administrator\Desktop\TLS
11-19\x64\Release\Dll.pdb
.text$mn
.text$mn$00
.text$x
.idata$5
.00cfg
.CRT$XCA
.CRT$XCZ
.CRT$XIA
.CRT$XIC
.CRT$XIZ
.CRT$XPA
.CRT$XPX
.CRT$XPXA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata
.idata$2
.idata$3
.idata$4
.idata$6
.pdata
.rsrc$01
.rsrc$02
AllocConsole
SetConsoleTitleW
AttachConsole
GetCurrentProcessId
CreateThread
KERNEL32.dll
MessageBoxW
USER32.dll
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
LCMapStringW
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetStdHandle
GetFileSizeEx
SetFilePointerEx
GetStringTypeW
CloseHandle
CreateFileW
HeapSize
HeapReAlloc
ReadFile
ReadConsoleW
SetEndOfFile
WriteConsoleW
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
</assembly>
wcsstr
DbgPrintEx
RtlGetVersion
KeDelayExecutionThread
ExAllocatePoolWithTag
ExFreePoolWithTag
PsWrapApcWow64Thread
ObfDereferenceObject
PsGetCurrentThreadId
PsGetProcessId
KeStackAttachProcess
KeUnstackDetachProcess
PsIsThreadTerminating
PsLookupProcessByProcessId
PsLookupThreadByThreadId
ZwQueryVirtualMemory
PsGetThreadTeb
PsGetProcessPeb
PsGetProcessWow64Process
ZwQuerySystemInformation
KeInitializeApc
KeInsertQueueApc
KeTestAlertThread
PsGetCurrentProcessWow64Process
__C_specific_handler
strcmp
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlCompareUnicodeString
RtlFreeUnicodeString
ExAllocatePool
MmGetSystemRoutineAddress
MmMapLockedPagesSpecifyCache
MmAllocatePagesForMdl
MmFreePagesFromMdl
ObReferenceObjectByHandleWithTag
ObCloseHandle
ZwCreateFile
ZwQueryInformationFile
ZwReadFile
ZwClose
RtlCompareString
IoCreateFileEx
RtlRandomEx
MmFlushImageSection
ZwDeleteFile
RtlImageNtHeader
RtlImageDirectoryEntryToData
IoFileObjectType
RtlInitUnicodeString
MmAllocateContiguousMemory
IoGetCurrentProcess
MmGetPhysicalAddress
MmGetVirtualForPhysical
RtlCaptureContext
ObOpenObjectByPointer
ZwAllocateVirtualMemory
ObReferenceObjectByName
MmCopyVirtualMemory
KeCapturePersistentThreadState
ZwSetSystemInformation
MmMarkPhysicalMemoryAsBad
MmUserProbeAddress
IoDriverObjectType
IoCreateDevice
IoDeleteDevice
MmIsAddressValid
_stricmp
ZwOpenFile
ZwCreateSection
ZwMapViewOfSection
ZwUnmapViewOfSection
ntoskrnl.exe
Washington1
Redmond1
Microsoft Corporation1)0'
Microsoft Code Verification Root0
110222192517Z
210222193517Z0
VeriSign, Inc.1 0
VeriSign Trust Network1:08
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
<VeriSign Class 3 Public Primary Certification Authority - G50
Dhttp://crl.microsoft.com/pki/crl/products/MicrosoftCodeVerifRoot.crl0
,N<jPl
3BH8Q:|8
VeriSign, Inc.1 0
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA0
120820000000Z
130820235959Z0
Jiangsu1
Nanjing1705
.Nanjing xScaler Information Technology Co.,Ltd1>0<
5Digital ID Class 3 - Microsoft Software Validation v21705
.Nanjing xScaler Information Technology Co.,Ltd0
2:V@Zn
/http://csc3-2010-crl.verisign.com/CSC3-2010.crl0D
https://www.verisign.com/rpa0
http://ocsp.verisign.com0;
/http://csc3-2010-aia.verisign.com/CSC3-2010.cer0
VeriSign, Inc.1 0
VeriSign Trust Network1:08
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
<VeriSign Class 3 Public Primary Certification Authority - G50
100208000000Z
200207235959Z0
VeriSign, Inc.1 0
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA0
https://www.verisign.com/cps0*
https://www.verisign.com/rpa0
[0Y0W0U
image/gif0!0 0
#http://logo.verisign.com/vslogo.gif04
#http://crl.verisign.com/pca3-g5.crl04
http://ocsp.verisign.com0
VeriSignMPKI-2-80
VeriSign, Inc.1 0
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA
123 0#
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo><application xmlns="urn:schemas-microsoft-com:asm.v3"><windowsSettings><dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware></windowsSettings></application></assembly>
0!01060?0I0q0
1!111A1Q1a1q1
2!212A2Q2a2q2
3!313A3Q3a3q3
4!414A4Q4t4y4
5!515A5Q5a5q5
61666?6I6a6f6o6y6
717A7F7O7Y7q7v7
8!8&8/898Q8V8_8i8
9!9&9/999Q9a9q9v9
:!:1:A:Q:a:q:
; ;);A;Q;a;q;
<4<H<L<V<d<n<x<
?+?_?q?
4!5.5F5\5b5l5
8,8<8l9r9
869E9s9x9
:#;(;E;L;R;W;e;
3(3S3f3}3
4>5_5x5
5C6V6m6
<!<'<6<e<l<u<{<
3 3&373J3l3r3
5(5.53595=5B5H5S5b5p5{5
6-6R6X6c6
6f7p7z7
8 8(8a8h8o8v8
<,=2===B=H=U=Z=`=i=n=}=
>!>'>0>6>H>N>V>c>v>
? ?;?A?I?d?j?r?
0"0?0K0Q0W0b0
1(141:1G1V1\1a1g1|1
2+20252:2?2D2I2O2W2_2n2{2
3[3j3o3
3c4i4o4v4{4
5%515J5P5X5f5k5}5
7<8I8N8Y8
<%<=<B<[<h<
=%=,=8=>=S=~=
?$?4?9?D?N?U?h?
0!1)1;1J1
4%4?4Q475A5'767>7L7Y7c7
=%>{>W?a?
3/3Q3a3u3
7`8g8q8
="=F=X=
9=:C:I:P:V:c:x:
5*6E6L6S6Z6`6j6o6
8(8-8?8
:1:7:C:I:O:V:}:
;,;>;P;b;t;
<'=V=c=h=s= ?=?C?H?O?V?l?
1E1X1~1
1*3V3[3a3g3
4%4.444=4B4H4Q4\4q4w4}4
5(5I5O5X5]5c5r5
7 7?7K7Q7X7^7
7b9h9n9u9{9
:A=L=R=Y=_=
B2Q2w2
5:5X5n5t5{5
626@6F6U6\6
6b8k8|8
171A1I1
2&3F3V3m3z3
4$4*43484>4^4
4!565P5V5_5d5j5
6 6M6b6|6
7!7&7,7L7y7
7 858a8
9)9/989=9C9Z9t9
:4:N:U:\:
:X;^;m;r;};
=*>3>G>]>l>
3"3(303G3M3U3
364<4G4
5R5]5t5~5
6\6b6h6
:7;=;C;N;
;W<b<h<
= =*=0=
>B?K?T?Z?s?
"0-0a0f0r0w0
1/171B1j1
3'3,323;3B3a3f3
3J4P4`4h4p4
7'717;7E7O7^7l7q7x7}7
8'818;8E8O8Y8c8m8w8
9!9+959?9I9S9]9g9q9{9
:%:/:9:C:M:W:a:k:u:
; ;);3;=;F;L;V;`;j;t;~;
<-<7<A<K<U<m<w<
="=,=6=@=J=T=^=h=r=|=
>&>0>:>D>N>X>b>l>v>
? ?*?4?>?H?R?\?f?p?z?
0,020>0D0P0V0j0p0
1*1/1G1L1R1b1g1s1x1
2!262E2
7>8Q8V8
;";9;J;Z;`;i;n;t;
<$<*<V<f<
60H0`0e0o0
0P1U1[1e1k1
1!2'2,232:2M2a2y2
3)3T3l3r3w3~3
4 404I4_4
4G5M5R5Y5`5s5
6 696O6z6
7-73787?7F7V7o7
8$8N8k8q8v8}8
9 9_9{9
;!;';,;3;:;K;U;Z;h;
=R=c=Q>k>q>v>}>
0C1T1s1
4%4*4@4L4S4]4f4p4
5 505:5K5U5f5p5
8#868;8N8S8f8k8w8
8!9+9w9
:Q:Y:a:
; ;0;>;D;K;Q;x;
< <X<f<
=U=[=w=
=C>c>k>v>
?'?,?O?]?g?n?z?
1(10161
2)212N2]2n2
2$3/3:3p3
525B5W5a5
6#6@6U6[6d6i6o6
617<7}8
=$=6=G=T=e=
3#393?3D3S3i3p3u3
5"5(5-53595?5G5P5
7 74797D7J7P7W7]7b7h7n7t7z7
8%84898Q8]8b8z8
<)>4?=?
\0e0|0
4!4F4X4o4u4
6'6<6G6b6h6p6~6
7F7L7S7k7
8 8,818<8G8
959@9F9M9S9j9
:&:+:7:<:H:M:Y:^:j:o:{:
< <)<2<D<J<Q<j<p<y<
="=4=:=A=Z=`=i=r=
677B7N7V7^7
8%8*858F8K8P8V8u8
:!;i;o;y;
<!<B<N<S<_<d<p<u<
=T=Z=h=n=x=
>/>5>>>C>K>W>]>f>m>u>
0$050P0V0]0c0
2#2,21272M2\2u2{2
4*4;4H4Y4f4w4
5$5*525=5B5R5
646:6B6M6R6b6
6*7D7J7R7]7b7r7
768;8f8|8
;+;1;B;G;L;
<)<.<3<
0W1n1t1
2#2(2I2T2Z2a2g2{2
3)34393@3F3P3d3i3t3z3
4 444?4D4I4j4u4{4
5B5M5h5n5v5
7%7*7<7S7W8b8z8
9#9B9G9h9
:::I:S:X:]:b:p:
; ;%;*;/;4;9;G;V;_;g;m;s;z;
</<8<@<I<
<;=@=f=|=
>$>)>.>3>9>
1 1)1/141]1l1
5t6+747
?.?<?J?X?f?t?
2C3I3T3Z3c3h3n3
4+444<4B4H4O4[4a4j4o4u4
5#6)656;6G6M6Y6_6k6q6}6
7$7*7P7\7k7p7u7z7
365N5_5w5
8F8^8t8
8^9o9t9y9
?'?L?y?
30D0I0N0k061J1d1u1z1
3(3-333=3C3[3d3r3w3}3
4!494B4P4U4[4e4k4
5 5+51565=5C5L5R5`5e5k5u5{5
6#6)6.656;6D6J6X6]6c6m6s6
7!7&7-737<7B7P7U7[7e7k7
8 8.83898C8I8a8j8x8}8
9!9'9?9H9X9_9|9
:&:+:1:;:A:Y:b:p:u:{:
; ;7;@;
=E=P=V=i=
>(>?>L>Q>W>a>g>~>
2"2I2O2W2n2t2|2
3)373<3F3O3V3\3f3|3
4)4B4X4n4
4 565L5
657M7W7v7
8.8M8d8
9%9<9[9r9
1=1V1l1x1
2)202V2c2h2o2
323P3b3h3
797?7L7Y7c7i7
:K:R:b:
;(;W;a;k;v;
<#<+<u<
0!0/050B0H0O0
1Q1W1^1e1
11292K2Z2g2r2
3 3+3<3
5"505=5H5Y5
73797F7N7T7Z7a7
9,959`9h9s9
:0:6:?:D:J:~:
:<;D;O;
;)<2<@<g<
>#>/>6>A>G>L>R>W>a>j>p>
?1?8?C?I?N?T?Y?c?l?t?
0"0*090S0b0{0
1 1$13181V1l1~1
2&202:2N2b2
2Z3r3~3
4$4*43484>4W4]4
5 5$5*5I5Y5i5o5z5
62686A6F6L6g6w6
7E7L7R7Y7_7}7
= =(=-=3=
=+><>I>Z>u>{>
?>?J?Q?f?n?t?
0,0:0?0L0^0|0
1 1'1Y1g1l1y1
2)2.2;2C2I2P2j2x2}2
6 6:6Y6t6
747T7t7
8 8:8R8^8e8}8
9.9k9|9
;#;2;O;g;
2U6j6o6
8#9)9H9
:1:@:H;
2%2Z2G3
5-6X6u6
737G7g7{7
:F:-;?;i;
<[=&>!?
2"3m3 5=5
0*070O0
3232484
;A<\<q<
60<0@0H0N0S0\0l0
1 1&1-141Z1
2$292>2
2'313N3c3h3
3Q4[4x4
5"5'5{5
676L6Q6
6:7D7a7v7{7
9 959:9
9#:-:J:_:d:
:M;W;t;
=3=H=M=
=6>@>]>r>w>
1-292G2S2b2|2
8G8Q8+9
;M;W;1<
8M8R8]8B:
0~133N3z3
6G6U6o6
9$9C9W9
;1;E;x;
<0<O<z<
7G8b8l8w8
<#<-<8<
3e3-4|4
=b=g=o=E>v>
=M>]>t?
:,:A:F:
:/;9;V;k;p;
>%>f>u>
3M3[3u3
;q<C=?>
8L8Q8Y8-9^9o9
1"1)1V1|1
9M:j:p:u:{:
;+;3;?;P;W;
12171D1~1
4-4;4A4G4M4S4Y4`4g4n4u4|4
535A5G5M5S5Y5_5f5m5t5{5
798C8L8
9?9I9R9[9p9y9
:):8:A:N:d:
;#;6;J;O;b;|;
<I<O<U<[<
=+>C>H>
D1W1u1
113h3o3t3x3|3
4 4$4(4,4
>!>%>)>
>"?6?R?]?k?q?
20A0!1P3
>">0>7>=>_>s>
?6?;?@?[?h?q?v?{?
0%0*0/0P0`0x0
1%262A2
2.3a3t3
40474C4[4`4l4q4
4L5S5e5y5
6"6-?5?<?
K1e1t1
222?2M2[2f2
? ?$?(?,?0?
80<0@0D0H0L0P0T0
0L1P1T1X1\1`1d1h1
606:6p6
;(;/;5;P;W;A<H=
F0P0Z0F1
</=^>b>f>j>n>r>v>z>~>
0p5q7y7
T0X3`3
:#<'<+</<3<7<;<?<
61787X8
9$999>9H9M9X9c9p9~9
=A=X=c=k=v=|=
>">)>1>I>W>_>w>
>>?J?O?U?Z?b?h?p?
061j1u1
747I7[7h7
8:8A8b8
9&9k9q9
<!<'<.<3<g<o<
=+=0=5=E=J=O=_=d=i=y=~=
060@0P0U0Z0u0
2>2P2f2k2p2
4)4;4G4U4v4}4
42s2z2
7<7H7R7\7`7f7l7r7x7
;';1;;;E;R;[;d;t;
=.=3=9=E=O=e=l=y=
0/060b0
; </<;<J<]<|<
=&=Q=s=
=X>j>|>
#0+0\0e0p0
131<1E1
4/4_4g4
5!5,5o5
<G<d<x<
>F?f?v?
+0,1<1M1U1e1v1
4/5D5U5
9P9q9|9
:J:i:{:
;"<H<q<
+0e1o1
3;3]3!4b5
122I2r2
4I5S5}5
7Z8c8{8
=k>I?p?
2 2.282E2O2_2
6"6&6,60666:6D6W6`6{6
9&:4:@:Q:_:j:2;
=&?@?|?
0(0>0y0
0(1:1L1^1p1
8 8'8/878
6@6Q6b6
5N8T8m8
5!5X5_5
0&0-0J0}0
8=9W9d9
A0M0a0m0y0
1/1?1K1Z1C2
3;3O3U3B7
=!>Q>t>
=1=:=R=\=
>G>Q>[>r>|>
?"?,?W?a?k?
0!0+0B0L0w0
171A1K1b1l1
2"2,2W2a2k2
3!3+3B3L3w3
474A4K4b4l4
5!5+5B5L5w5
676A6K6b6l6
7"7,7W7a7k7
8!8+8B8L8w8
979A9K9b9l9
:":,:W:a:k:
;!;+;B;L;w;
<7<A<K<b<l<
="=,=W=a=k=
>!>+>B>L>w>
?7?A?K?b?l?
0"0,0W0a0k0
1!1+1B1L1w1
272A2K2b2l2
3"3,3_3i3s3
4!4+4B4r4|4
525<5g5q5{5
5'616;6R6\6
7G7Q7[7r7|7
828<8g8q8{8
8'919;9R9\9
:G:Q:[:r:|:
;2;<;g;q;{;
;'<1<;<R<\<
=1=:=Q=Z=r=|=
>2><>g>q>{>
?2?<?g?q?{?
0G0Q0[0r0|0
1G1Q1[1r1|1
2G2Q2[2r2|2
2'313;3R3\3
424<4g4q4{4
4'515;5R5\5
6G6Q6[6r6|6
727<7g7q7{7
7'818;8R8\8
9G9Q9[9r9|9
:2:<:g:q:{:
:';1;;;R;\;
<G<Q<[<q<z<
<'=1=;=R=\=
>G>Q>[>r>|>
?2?<?g?q?{?
'010;0G0Q0[0e0o0y0
3 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
5 5$5(5,505<5@5D5H5L5P5T5h5l5p5
9 9$94989<9@9\9`9d9h9l9p9t9x9|9
;$;,;4;<;D;L;T;\;d;l;t;|;
<$<,<4<<<D<L<T<\<d<l<t<|<
,3034383L3P3T3X3\3`3d3h3l3p3t3x3|3
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
: :$:(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
0 0$0(0,0004080<0@0D0H0L0P0 1$1
1\2`2d2h2
3 3(30383@3H3P3X3`3h3p3x3
4 4(40484@4H4P4X4`4h4p4x4
5 5(50585@5H5P5X5`5h5p5x5
0484@4D4H4L4P4T4X4\4d4h4l4p4t4x4|4
40585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
; ;$;(;,;0;4;8;<;
l2t2|2
3$3,343<3D3L3*5.52565
6 6,686D6P6\6h6t6
7(747@7L7X7d7p7|7
8$808<8H8T8`8l8x8
9$909<9H9T9`9l9x9
4$4,444<4D4L4T4\4d4l4t4|4
5$5,545<5D5L5T5\5d5l5t5|5
6$6,646<6D6L6T6\6d6l6t6|6
7$7,747<7D7L7T7\7d7l7t7|7
8$8,848<8D8L8T8\8d8l8t8|8
9$9,949<9D9L9T9\9d9l9t9|9
:$:,:4:<:D:L:T:\:d:l:t:|:
5 5(50585@5H5P5X5`5h5p5x5
6 6(60686@6H6P6X6`6h6p6x6
7 7(70787@7H7P7X7`7h7p7x7
8 8(80888@8H8P8X8`8h8p8x8
9 9(90989@9H9P9X9`9h9p9x9
: :(:0:8:@:H:P:X:`:h:p:x:
; ;(;0;8;@;H;P;X;`;h;p;x;
8@8D8H8L8d8h8x8|8
9 989H9L9\9`9d9l9
: :8:H:L:\:`:d:l:
;,;0;4;8;<;D;\;l;p;
<$<<<@<X<h<l<p<t<|<
=,=0=4=8=<=@=H=`=p=t=x=|=
> >$>(>,>0>8>P>`>d>t>x>|>
?$?<?L?P?`?d?h?l?t?
040D0H0X0\0`0d0h0p0
141D1H1X1\1`1h1
2 20242D2H2P2h2l2
3 3$34383<3D3\3l3p3
4 4044484<4@4D4L4d4t4x4|4
5$54585H5L5P5T5X5`5x5
6 60646D6H6L6P6T6\6t6
7 70747D7H7L7P7T7\7t7
8$8(888<8@8D8H8L8P8X8p8
9,909@9D9T9X9\9`9d9l9
:,:<:@:P:T:X:\:`:h:
;,;<;@;P;T;X;\;`;h;
<0<4<D<H<L<P<T<X<\<d<|<
=(=8=<=L=P=`=d=h=l=p=x=
>$><>L>P>`>d>h>l>p>x>
? ?$?(?,?@?D?T?X?\?`?d?h?l?t?
0 080H0L0\0`0p0t0|0
8,848H8P8d8l8t8
8$9D9L9T9\9d9l9t9|9
:(:0:8:@:L:l:t:|:
;<;D;L;T;\;d;l;t;|;
<4<<<D<L<T<\<d<l<t<|<
= =(=0=8=@=H=P=\=|=
>(>H>P>X>`>h>p>x>
? ?(?0?8?D?h?
0 0(00080@0H0P0X0`0h0p0|0
1 1(10181@1H1T1x1
202P2X2`2h2p2x2
3$3D3L3T3\3d3l3x3
4$4,444<4D4L4T4\4d4p4
5,545<5H5h5p5x5
6(6H6P6X6`6h6p6x6
7$7,747<7D7L7T7\7d7l7t7|7
8$8,848<8D8L8T8\8d8l8t8|8
9$9,949<9D9L9T9\9d9l9t9|9
:<:\:d:l:t:|:
;$;,;4;<;D;L;T;\;d;l;x;
< <,<L<X<x<
=4=X=d=l=
>8>L>X>`>x>
?D?h?t?|?
0$080@0H0P0T0\0p0x0
1 1$1,1@1H1\1d1l1t1x1|1
2$202P2d2
3$303T3t3|3
4(404<4`4
5(50585D5d5l5x5
6 6(60686D6d6p6
7,787\7
8,848T8l8x8
9(9H9P9X9`9h9p9x9
:$:,:4:<:D:L:T:`:
;4;<;D;P;p;x;
< <(<0<8<@<H<P<X<`<h<p<x<
=,=4=<=D=L=T=\=d=l=x=
>$>D>P>p>|>
? ?(?0?8?@?H?P?X?d?
0 0D0d0l0t0|0
1 1,1P1p1x1
1H2P2x2
3@3`3h3p3x3
4(4L4l4t4|4
4 5@5\5`5|5
6$6H6T6\6
7 7@7`7
8 8@8`8
9 9@9`9
: :@:`:
;(;H;h;
<(<H<h<
0 0$0(0,0004080<0@0D0H0T0`0l0x0
1$1,141<1D1L1T1\1d1l1t1|1
<<P=T=`=d=h=l=p=t=x=|=
>(>8>H>`>l>p>t>
606P6p6
747T7x7
:$:P:l:
= >@>h>
Fjjjjj
Mozilla/5.0 (Windows NT 6.1; WOW64) Chrome/45.0.2454.101
HTTP/1.1
System\CurrentControlSet\Services\EvilDriver
ImagePath
\Registry\Machine\System\CurrentControlSet\Services\EvilDriver
149.129.37.78
:Sun:Sunday:Mon:Monday:Tue:Tuesday:Wed:Wednesday:Thu:Thursday:Fri:Friday:Sat:Saturday
:Jan:January:Feb:February:Mar:March:Apr:April:May:May:Jun:June:Jul:July:Aug:August:Sep:September:Oct:October:Nov:November:Dec:December
:AM:am:PM:pm
Capi-ms-win-core-synch-l1-2-0.dll
kernel32.dll
ERROR : Unable to initialize critical section in CAtlBaseModule
Fapi-ms-win-core-fibers-l1-1-1
api-ms-win-core-synch-l1-2-0
kernel32
api-ms-
mscoree.dll
(null)
((((( H
((((( H
(
minkernel\crts\ucrt\inc\corecrt_internal_strtox.h
__crt_strtox::floating_point_value::as_double
_is_double
__crt_strtox::floating_point_value::as_float
!_is_double
ELC_ALL
LC_COLLATE
LC_CTYPE
LC_MONETARY
LC_NUMERIC
LC_TIME
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
Fapi-ms-win-core-datetime-l1-1-1
api-ms-win-core-fibers-l1-1-1
api-ms-win-core-file-l1-2-2
api-ms-win-core-localization-l1-2-1
api-ms-win-core-localization-obsolete-l1-2-0
api-ms-win-core-processthreads-l1-1-2
api-ms-win-core-string-l1-1-0
api-ms-win-core-synch-l1-2-0
api-ms-win-core-sysinfo-l1-2-1
api-ms-win-core-winrt-l1-1-0
api-ms-win-core-xstate-l2-1-0
api-ms-win-rtcore-ntuser-window-l1-1-0
api-ms-win-security-systemfunctions-l1-1-0
ext-ms-win-ntuser-dialogbox-l1-1-0
ext-ms-win-ntuser-windowstation-l1-1-0
advapi32
kernel32
api-ms-win-appmodel-runtime-l1-1-2
user32
api-ms-
ext-ms-
Fja-JP
american
american english
american-english
australian
belgian
canadian
chinese
chinese-hongkong
chinese-simplified
chinese-singapore
chinese-traditional
dutch-belgian
english-american
english-aus
english-belize
english-can
english-caribbean
english-ire
english-jamaica
english-nz
english-south africa
english-trinidad y tobago
english-uk