分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| 文件 (Windows) | win7-sp1-x64-1 | 2016-09-06 14:52:25 | 2016-09-06 14:52:48 | 23 秒 |
魔盾分数
1.0
正常的
文件详细信息
| 文件名 | dwtrig20.exe |
|---|---|
| 文件大小 | 519584 字节 |
| 文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | c87e561258f2f8650cef999bf643a731 |
| SHA1 | 2c64b901284908e8ed59cf9c912f17d45b05e0af |
| SHA256 | a1dfa6639bef3cb4e41175c43730d46a51393942ead826337ca9541ac210c67b |
| SHA512 | dea4833aa712c5823f800f5f5a2adcf241c1b2b6747872f540f5ff9da6795c4ddb73db0912593337083c7c67b91e9eaf1b3d39a34b99980fd5904ba3d7d62f6c |
| CRC32 | 1286A57B |
| Ssdeep | 12288:qMwXwNSO5X3IA1iBihI7XHgZQKhJgeCmvz0/:dew0O1IA1UiuLHgZpJEGg/ |
| Yara | 登录查看Yara规则 |
| 样本下载 提交漏报 |
登录查看威胁特征
运行截图
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
摘要
登录查看详细行为信息PE 信息
| 初始地址 | 0x2e000000 |
|---|---|
| 入口地址 | 0x2e035125 |
| 声明校验值 | 0x0008d6d7 |
| 实际校验值 | 0x0008d6d7 |
| 最低操作系统版本要求 | 5.1 |
| PDB路径 | t:\dw\x86\ship\0\dwtrig20.pdb\x00\ship\0\dwtrig20.exe\bbtopt\dwtrig20O.pdb |
| 编译时间 | 2010-02-28 17:09:06 |
| 导出DLL库名称 | dwtrig20.exe |
版本信息
| LegalCopyright | |
|---|---|
| InternalName | |
| FileVersion | |
| CompanyName | |
| LegalTrademarks1 | |
| LegalTrademarks2 | |
| ProductName | |
| ProductVersion | |
| FileDescription | |
| OriginalFilename | |
| Translation |
微软证书验证 (Sign Tool)
| SHA1 | 时间戳 | 有效性 | 错误 |
|---|---|---|---|
| 502e9f5097d00812abc0712fe03a139962e27e10 | Sun Feb 28 17:10:05 2010 | 无 |
| 证书链 | Certificate Chain 1 |
| 发行给 | Microsoft Root Authority |
| 发行人 | Microsoft Root Authority |
| 有效期 | Thu Dec 31 150000 2020 |
| SHA1 哈希 | a43489159a520f0d93d032ccaf37e7fe20a8b419 |
| 证书链 | Certificate Chain 2 |
| 发行给 | Microsoft Code Signing PCA |
| 发行人 | Microsoft Root Authority |
| 有效期 | Sat Aug 25 150000 2012 |
| SHA1 哈希 | 3036e3b25b88a55b86fc90e6e9eaad5081445166 |
| 证书链 | Certificate Chain 3 |
| 发行给 | Microsoft Corporation |
| 发行人 | Microsoft Code Signing PCA |
| 有效期 | Tue Mar 08 064029 2011 |
| SHA1 哈希 | 9617094a1cfb59ae7c1f7dfdb6739e4e7c40508f |
| 证书链 | Timestamp Chain 1 |
| 发行给 | Microsoft Root Authority |
| 发行人 | Microsoft Root Authority |
| 有效期 | Thu Dec 31 150000 2020 |
| SHA1 哈希 | a43489159a520f0d93d032ccaf37e7fe20a8b419 |
| 证书链 | Timestamp Chain 2 |
| 发行给 | Microsoft Timestamping PCA |
| 发行人 | Microsoft Root Authority |
| 有效期 | Sun Sep 15 150000 2019 |
| SHA1 哈希 | 3ea99a60058275e0ed83b892a909449f8c33b245 |
| 证书链 | Timestamp Chain 3 |
| 发行给 | Microsoft Time-Stamp Service |
| 发行人 | Microsoft Timestamping PCA |
| 有效期 | Fri Jul 26 031217 2013 |
| SHA1 哈希 | 05fecb745f7f3b1a0e262a73435ccb7eaaed8b37 |
PE 数据组成
| 名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00047fa0 | 0x00048000 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 6.54 |
| .data | 0x00049000 | 0x00039518 | 0x00032200 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 7.61 |
| .rsrc | 0x00083000 | 0x00000910 | 0x00000a00 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 4.18 |
| .reloc | 0x00084000 | 0x00002510 | 0x00002600 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ | 6.68 |
覆盖
| 偏移量 | 0x0007d600 |
| 大小 | 0x000017a0 |
资源
| 名称 | 偏移量 | 大小 | 语言 | 子语言 | 熵(Entropy) | 文件类型 |
|---|---|---|---|---|---|---|
| RT_VERSION | 0x000830a0 | 0x00000514 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.42 | data |
| RT_MANIFEST | 0x000835b8 | 0x00000351 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 5.19 | XML document text |
导入
库: VERSION.dll:
• 0x2e001000 VerQueryValueW
• 0x2e001004 GetFileVersionInfoSizeW
• 0x2e001008 GetFileVersionInfoW
库: Secur32.dll:
• 0x2e001010 GetUserNameExW
库: ADVAPI32.dll:
• 0x2e001018 GetTokenInformation
• 0x2e00101c OpenThreadToken
• 0x2e001020 UnregisterTraceGuids
• 0x2e001024 ConvertSidToStringSidA
• 0x2e001028 RegCloseKey
• 0x2e00102c RegSetValueExW
• 0x2e001030 RegCreateKeyExW
• 0x2e001034 RegDeleteKeyW
• 0x2e001038 RegEnumKeyExW
• 0x2e00103c RegOpenKeyExW
• 0x2e001040 RegQueryValueExA
• 0x2e001044 RegQueryValueExW
• 0x2e001048 GetTraceEnableFlags
• 0x2e00104c GetTraceEnableLevel
• 0x2e001050 GetTraceLoggerHandle
• 0x2e001054 RegisterTraceGuidsA
• 0x2e001058 TraceEvent
• 0x2e00105c RegQueryInfoKeyW
• 0x2e001060 RegEnumKeyW
• 0x2e001064 RegEnumValueW
• 0x2e001068 RegOpenKeyExA
• 0x2e00106c GetLengthSid
• 0x2e001070 AddAccessAllowedAce
• 0x2e001074 AddAccessDeniedAce
• 0x2e001078 InitializeAcl
• 0x2e00107c AllocateAndInitializeSid
• 0x2e001080 CopySid
• 0x2e001084 OpenProcessToken
• 0x2e001088 FreeSid
• 0x2e00108c SetSecurityDescriptorDacl
• 0x2e001090 InitializeSecurityDescriptor
• 0x2e001094 GetSecurityDescriptorDacl
• 0x2e001098 ConvertStringSecurityDescriptorToSecurityDescriptorW
• 0x2e00109c CheckTokenMembership
• 0x2e0010a0 IsValidSid
库: GDI32.dll:
• 0x2e0010a8 GetDeviceCaps
• 0x2e0010ac DeleteDC
• 0x2e0010b0 DeleteObject
• 0x2e0010b4 CreateDCA
• 0x2e0010b8 CreateSolidBrush
库: KERNEL32.dll:
• 0x2e0010c0 GetSystemWindowsDirectoryW
• 0x2e0010c4 lstrcmpiW
• 0x2e0010c8 WriteConsoleW
• 0x2e0010cc SetEvent
• 0x2e0010d0 lstrlenW
• 0x2e0010d4 CreateEventW
• 0x2e0010d8 GetModuleFileNameW
• 0x2e0010dc WaitForSingleObject
• 0x2e0010e0 RaiseException
• 0x2e0010e4 HeapFree
• 0x2e0010e8 HeapAlloc
• 0x2e0010ec GetProcessHeap
• 0x2e0010f0 GetModuleHandleA
• 0x2e0010f4 VirtualAlloc
• 0x2e0010f8 HeapSetInformation
• 0x2e0010fc HeapCreate
• 0x2e001100 HeapDestroy
• 0x2e001104 HeapReAlloc
• 0x2e001108 HeapSize
• 0x2e00110c HeapUnlock
• 0x2e001110 HeapLock
• 0x2e001114 TlsSetValue
• 0x2e001118 SetLastError
• 0x2e00111c GetLastError
• 0x2e001120 VirtualFree
• 0x2e001124 TlsGetValue
• 0x2e001128 InitializeCriticalSectionAndSpinCount
• 0x2e00112c TlsAlloc
• 0x2e001130 GetSystemDefaultLCID
• 0x2e001134 TlsFree
• 0x2e001138 DeleteCriticalSection
• 0x2e00113c EnterCriticalSection
• 0x2e001140 LeaveCriticalSection
• 0x2e001144 IsValidLocale
• 0x2e001148 GetModuleHandleW
• 0x2e00114c GetProcAddress
• 0x2e001150 GetFileAttributesW
• 0x2e001154 GetVersion
• 0x2e001158 GetVersionExA
• 0x2e00115c GetModuleHandleExW
• 0x2e001160 RtlCaptureStackBackTrace
• 0x2e001164 ReleaseMutex
• 0x2e001168 CloseHandle
• 0x2e00116c GetSystemTimeAsFileTime
• 0x2e001170 GetTickCount
• 0x2e001174 GetLocalTime
• 0x2e001178 WriteFile
• 0x2e00117c SetFileAttributesW
• 0x2e001180 DeleteFileW
• 0x2e001184 CreateFileW
• 0x2e001188 ExpandEnvironmentStringsW
• 0x2e00118c GetProcessTimes
• 0x2e001190 GetCurrentProcess
• 0x2e001194 GlobalFree
• 0x2e001198 LoadLibraryW
• 0x2e00119c OutputDebugStringA
• 0x2e0011a0 CreateMutexA
• 0x2e0011a4 OpenMutexA
• 0x2e0011a8 CreateSemaphoreA
• 0x2e0011ac GetShortPathNameA
• 0x2e0011b0 GetModuleFileNameA
• 0x2e0011b4 GlobalAlloc
• 0x2e0011b8 GetSystemDirectoryW
• 0x2e0011bc GetTimeZoneInformation
• 0x2e0011c0 GetDiskFreeSpaceExW
• 0x2e0011c4 IsWow64Process
• 0x2e0011c8 GetUserDefaultLCID
• 0x2e0011cc FreeLibrary
• 0x2e0011d0 GetSystemInfo
• 0x2e0011d4 GetVersionExW
• 0x2e0011d8 TerminateProcess
• 0x2e0011dc GetCurrentProcessId
• 0x2e0011e0 GetCurrentThreadId
• 0x2e0011e4 CreateProcessW
• 0x2e0011e8 LoadLibraryA
• 0x2e0011ec GetConsoleOutputCP
• 0x2e0011f0 LocalFree
• 0x2e0011f4 LocalAlloc
• 0x2e0011f8 Sleep
• 0x2e0011fc GetTempPathW
• 0x2e001200 GetShortPathNameW
• 0x2e001204 GetLongPathNameW
• 0x2e001208 CreateDirectoryW
• 0x2e00120c GetFileType
• 0x2e001210 CreateFileA
• 0x2e001214 InitializeCriticalSection
• 0x2e001218 LoadLibraryExW
• 0x2e00121c IsDBCSLeadByte
• 0x2e001220 GetStringTypeExW
• 0x2e001224 GetACP
• 0x2e001228 WideCharToMultiByte
• 0x2e00122c IsValidCodePage
• 0x2e001230 CompareStringW
• 0x2e001234 MultiByteToWideChar
• 0x2e001238 GetCurrentThread
• 0x2e00123c FlushFileBuffers
• 0x2e001240 GlobalMemoryStatus
• 0x2e001244 ReleaseSemaphore
• 0x2e001248 IsProcessorFeaturePresent
• 0x2e00124c RtlUnwind
• 0x2e001250 SetUnhandledExceptionFilter
• 0x2e001254 ExitProcess
• 0x2e001258 GetStdHandle
• 0x2e00125c FreeEnvironmentStringsW
• 0x2e001260 GetEnvironmentStringsW
• 0x2e001264 GetCommandLineW
• 0x2e001268 SetHandleCount
• 0x2e00126c GetStartupInfoA
• 0x2e001270 InterlockedIncrement
• 0x2e001274 InterlockedDecrement
• 0x2e001278 QueryPerformanceCounter
• 0x2e00127c UnhandledExceptionFilter
• 0x2e001280 IsDebuggerPresent
• 0x2e001284 GetCPInfo
• 0x2e001288 GetOEMCP
• 0x2e00128c LCMapStringA
• 0x2e001290 LCMapStringW
• 0x2e001294 InterlockedExchange
• 0x2e001298 SetFilePointer
• 0x2e00129c GetConsoleCP
• 0x2e0012a0 GetConsoleMode
• 0x2e0012a4 GetLocaleInfoA
• 0x2e0012a8 SetStdHandle
• 0x2e0012ac GetStringTypeA
• 0x2e0012b0 GetStringTypeW
• 0x2e0012b4 WriteConsoleA
库: ole32.dll:
• 0x2e0012bc CoCreateInstance
• 0x2e0012c0 StringFromCLSID
• 0x2e0012c4 CoTaskMemFree
• 0x2e0012c8 CoInitializeEx
• 0x2e0012cc CoRegisterClassObject
• 0x2e0012d0 CoRevokeClassObject
• 0x2e0012d4 CoUninitialize
• 0x2e0012d8 StringFromIID
库: RPCRT4.dll:
• 0x2e0012f4 UuidCreate
库: SHELL32.dll:
• 0x2e0012fc SHGetSpecialFolderPathW
库: USER32.dll:
• 0x2e001304 GetSysColor
• 0x2e001308 EnumDisplayMonitors
• 0x2e00130c GetMonitorInfoA
• 0x2e001310 GetKeyboardLayoutList
• 0x2e001314 GetKeyboardLayout
• 0x2e001318 GetMenuCheckMarkDimensions
• 0x2e00131c ReleaseDC
• 0x2e001320 GetDC
• 0x2e001324 SystemParametersInfoA
• 0x2e001328 GetSystemMetrics
导出
| 序列 | 地址 | 名称 |
|---|---|---|
| 1 | 0x2e034f62 | _GetAllocCounters@0 |
.text
`.data
.rsrc
@.reloc
^HKCU\Software
HKCU\Software\Policies
HKLM\Software
HKLM\Software\Policies
Microsoft\PCHealth\ErrorReporting\DW
.Software\Microsoft\PCHealth\ErrorReporting\DW\Debug
DWSensDebugBreak
verifier.dll
.Common
MsoHeapInit
Software\Microsoft\Office\14.0
Software\Policies\Microsoft\Office\14.0
msodata%03d.dat
ProductVersion
LastProduct
QMPersNum
QMStrMax
QMStudyTestID
QMStudyID
SQMClient
CorporateSQMURL
NextQmUpload
QMEnable
QMNFN
NET Framework Setup
UserName
Security
DisablePwdCaching
HKEY_CLASSES_ROOT
FirstRunTime
General
Policies
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
Software
Microsoft
Office
Microsoft\Office
sftldr_wow64.dll
sftldr.dll
Unicows.dll
Kernel32.dll
CreateActCtxW
QueryActCtxW
MsoSqmMutex
EventUnregister
EventRegister
EventWrite
BGetUserGeoID
KERNEL32
GetNativeSystemInfo
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
GetModuleHandleExW
htmlfile
DllGetVersion
PowerDeterminePlatformRole
CallNtPowerInformation
GetLogicalProcessorInformation
GetProductInfo
CSDBuildNumber
SYSTEM\CurrentControlSet\Control\Windows
NetApiBufferFree
NetGetJoinInformation
Software\Microsoft\PCHealth\ErrorReporting\DW\Installed
1404746
Global\
Local\
DATAID_OFFICE_PRODUCT_VER not available
DATAID_OFFICE_MAJOR_MINOR_CODE not complete. Minor number too large.
DATAID_OFFICE_MAJOR_MINOR_CODE not complete. Major number too large.
Found Office Product Version %S.
Could not get version registry key.
SspiFreeAuthIdentity
SspiZeroAuthIdentity
SspiLocalFree
SspiEncodeStringsAsAuthIdentity
SspiEncodeAuthIdentityAsStrings
NCryptFreeObject
NCryptVerifySignature
NCryptSignHash
BCryptResolveProviders
BCryptGenRandom
BCryptDestroyHash
BCryptFinishHash
BCryptHashData
BCryptCreateHash
BCryptVerifySignature
BCryptSignHash
BCryptDestroyKey
BCryptDecrypt
BCryptEncrypt
BCryptGenerateSymmetricKey
BCryptFreeBuffer
BCryptCloseAlgorithmProvider
BCryptSetProperty
BCryptGetProperty
BCryptOpenAlgorithmProvider
DwmInvalidateIconicBitmaps
DwmSetIconicLivePreviewBitmap
DwmSetIconicThumbnail
DwmGetWindowAttribute
DwmSetWindowAttribute
DwmDefWindowProc
DwmIsCompositionEnabled
DwmExtendFrameIntoClientArea
SetupDiCreateDeviceInfoList
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
EndPanningFeedback
UpdatePanningFeedback
BeginPanningFeedback
DrawThemeTextEx
DrawThemeParentBackground
EnableTheming
GetCurrentThemeName
EnableThemeDialogTexture
GetThemeDocumentationProperty
SetThemeAppProperties
GetThemeAppProperties
GetWindowTheme
IsAppThemed
GetThemeSysString
GetThemeSysInt
GetThemeSysFont
GetThemeSysBool
GetThemeSysSize
GetThemeSysColorBrush
GetThemeSysColor
GetThemeFilename
SetWindowTheme
GetThemePropertyOrigin
GetThemeIntList
GetThemeMargins
GetThemeRect
GetThemeFont
GetThemePosition
GetThemeEnumValue
GetThemeInt
GetThemeBool
GetThemeString
GetThemeMetric
GetThemeColor
IsThemeBackgroundPartiallyTransparent
IsThemePartDefined
DrawThemeIcon
HitTestThemeBackground
GetThemeBackgroundRegion
GetThemeTextMetrics
GetThemeTextExtent
GetThemePartSize
GetThemeBackgroundExtent
GetThemeBackgroundContentRect
DrawThemeText
DrawThemeEdge
DrawThemeBackground
CloseThemeData
OpenThemeData
IsThemeActive
QueryThreadCycleTime
SetThreadUILanguage
QueryMemoryResourceNotification
CreateMemoryResourceNotification
WerRegisterFile
SetThreadPreferredUILanguages
RegisterApplicationRestart
ApplicationRecoveryFinished
ApplicationRecoveryInProgress
RegisterApplicationRecoveryCallback
GetUserDefaultUILanguage
QueueUserWorkItem
GlobalMemoryStatusEx
ProcessIdToSessionId
GetLongPathNameW
GetLongPathNameA
InternetAttemptConnect
InternetReadFileExA
InternetQueryDataAvailable
HttpEndRequestW
HttpSendRequestExW
InternetSetStatusCallbackW
HttpAddRequestHeadersA
HttpAddRequestHeadersW
InternetGetConnectedStateExW
InternetGoOnline
InternetErrorDlg
InternetAutodialHangup
InternetAutodial
InternetGetConnectedState
InternetOpenUrlA
InternetOpenUrlW
InternetQueryOptionA
InternetQueryOptionW
SetUrlCacheEntryGroup
SetUrlCacheEntryGroupW
FindCloseUrlCache
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryExA
FindNextUrlCacheEntryExW
FindFirstUrlCacheEntryExA
FindFirstUrlCacheEntryExW
GetUrlCacheEntryInfoA
GetUrlCacheEntryInfoW
CommitUrlCacheEntryA
CommitUrlCacheEntryW
CreateUrlCacheEntryA
CreateUrlCacheEntryW
InternetSetOptionA
InternetSetOptionW
InternetGetCookieExW
InternetGetCookieW
HttpQueryInfoA
HttpQueryInfoW
HttpSendRequestA
HttpSendRequestW
HttpOpenRequestA
HttpOpenRequestW
InternetReadFile
InternetGetLastResponseInfoW
InternetCrackUrlW
InternetCrackUrlA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpDeleteFileA
FtpRenameFileA
InternetCanonicalizeUrlW
InternetCanonicalizeUrlA
InternetCombineUrlA
FtpFindFirstFileA
InternetFindNextFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpGetFileA
FtpOpenFileA
InternetConnectW
InternetConnectA
InternetOpenW
InternetOpenA
InternetWriteFile
InternetCloseHandle
MAPIAdminProfiles
MAPIOpenFormMgr
MAPILogonEx
MAPIUninitialize
MAPIInitialize
MAPISendMail
MAPIResolveName
MAPIAddress
MAPILogoff
MAPILogon
MAPIAllocateMore
MAPIFreeBuffer
MAPIAllocateBuffer
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
YZ[\]^
$*-3<EW6
$*-3<EW6
6666BBffll
!"#$%&'(
efghi
!"#$%&'(
"#$no
#'+/37;?CGKOS
$%&'()*
!"#$%&
"#$%&'(
+,-./
$%&'()*
LPThXd`\
!"#$%&
'()*+,-./0
12345
!"#$%
&'()*+,-./
01234
6789:
!"#$%
&'()*+,-./012345
!"#$
%&'()*+
./012
3456789
EFGHIJKLMNOPQRST
!"#$%&'(
"#$%&
*+,-.
!"#$
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|
/0123546789:;<=>?@AB
!"#$%&'()
!"#$%&'()*+,-./0123456789:;<=>?@A
EFG.02
####''++//337777;;;;????CCCCGGGGKKKKOOOOSSSSWWWW[[[[____ccccggggkkkkoooosswwwwww
.Delete fails in DeleteArea
(unknown exception type)
Cache size in constructor for ROCKALL_FRONT_END
Heap constructor failed in ROCKALL_FRONT_END
Setup of pages in constructor for NEW_PAGES
No memory in constructor for NEW_PAGES
Sizes in constructor for NEW_PAGES
Deleting data page in DeletePage
Alignment of allocation in VerifyNewArea
Reset data page in DeleteAll
A heap size in constructor for HEAP
The allocation sizes in constructor for HEAP
Mapping table in constructor for HEAP
Parent bucket is invalid
Cache size not zero for top cache
Page size not suitable for top cache
Chunk size not suitable for top cache
Top cache size not multiple of minimum
Parent size exceeds 'TopCache' size
Cache size larger than parent size
Chunk size not suitable for cache
Cache sizes not in ascending order
Cache size not multiple of stride
Deleting allocation in Resize
Hash table size in constructor for FIND
Create hash fails in constructor for FIND
Different 'TopCache' sizes with 'SingleImage'
Cache size in constructor for CACHE
Cache active in destructor for CACHE
No data page in DeleteDataPage
No claim before engage in EngageGlobalLock
No claim before release in ReleaseGlobalLock
Global lock busy in destructor for THREAD_SAFE
Max threads in constructor for SEMAPHORE
Wakeup failed in UpdateSemaphore()
Close semaphore in destructor for SEMAPHORE
Wakeup failed in Signal()
Wait status in Wait
Bit vector is corrupt in MultipleNew
Bit vector is corrupt in New
Sharing violation in UpdateConnections
Active page count in DeleteFromBucketList
Bucket can't get a size key in UpdateBucket
Configuration in constructor for BUCKET
Maximum share invalid in constructor for SHARELOCK
Maximum spins invalid in constructor for SHARELOCK
CorExitProcess
runtime error
Microsoft Visual C++ Runtime Library
<program name unknown>
Program:
EncodePointer
DecodePointer
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
(null)
`h````
e+000
GAIsProcessorFeaturePresent
.bad exception
GetProcessWindowStation
GetUserObjectInformationA
GetLastActivePopup
GetActiveWindow
MessageBoxA
USER32.DLL
.Unknown exception
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
April
March
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
1#QNAN
1#INF
1#IND
1#SNAN
CONOUT$
DWNoSignOffQueueReporting
DWAlwaysReport
.Software\Microsoft\PCHealth\ErrorReporting\DW
OkToReportFromTheseQueues
WatsonLaunchQueuedReportingInstanceVerification
HKEY_USERS\
HKEY_CURRENT_CONFIG\
HKEY_CLASSES_ROOT\
HKEY_LOCAL_MACHINE\
HKEY_CURRENT_USER\
HKCC\
HKCR\
HKLM\
HKCU\
%s\%s
u j@j
hktmyj
t6hmtmyj
t5hntmyj
u[h0
CSWPh
u]Wh0
QSURj
D$(Vj
USPVj
T$$VPVRj
VW@PRj
PSSh
PVVh
dwtrig20.exe
_GetAllocCounters@0
SHLWAPI.dll
wnsprintfA
USER32.dll
SHELL32.dll
RPCRT4.dll
OLEAUT32.dll
ole32.dll
KERNEL32.dll
GDI32.dll
ADVAPI32.dll
Secur32.dll
VERSION.dll
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetUserNameExW
GetTokenInformation
OpenThreadToken
UnregisterTraceGuids
ConvertSidToStringSidA
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsA
TraceEvent
RegQueryInfoKeyW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExA
GetLengthSid
AddAccessAllowedAce
AddAccessDeniedAce
InitializeAcl
AllocateAndInitializeSid
CopySid
OpenProcessToken
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
CheckTokenMembership
IsValidSid
GetDeviceCaps
DeleteDC
DeleteObject
CreateDCA
CreateSolidBrush
GetSystemWindowsDirectoryW
lstrcmpiW
WriteConsoleW
SetEvent
lstrlenW
CreateEventW
GetModuleFileNameW
WaitForSingleObject
RaiseException
HeapFree
HeapAlloc
GetProcessHeap
GetModuleHandleA
VirtualAlloc
HeapSetInformation
HeapCreate
HeapDestroy
HeapReAlloc
HeapSize
HeapUnlock
HeapLock
TlsSetValue
SetLastError
GetLastError
VirtualFree
TlsGetValue
InitializeCriticalSectionAndSpinCount
TlsAlloc
GetSystemDefaultLCID
TlsFree
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
IsValidLocale
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
GetVersionExA
GetModuleHandleExW
RtlCaptureStackBackTrace
ReleaseMutex
CloseHandle
GetSystemTimeAsFileTime
GetTickCount
GetLocalTime
WriteFile
SetFileAttributesW
DeleteFileW
CreateFileW
ExpandEnvironmentStringsW
GetProcessTimes
GetCurrentProcess
GlobalFree
LoadLibraryW
OutputDebugStringA
CreateMutexA
OpenMutexA
CreateSemaphoreA
GetShortPathNameA
GetModuleFileNameA
GlobalAlloc
GetSystemDirectoryW
GetTimeZoneInformation
GetDiskFreeSpaceExW
IsWow64Process
GetUserDefaultLCID
FreeLibrary
GetSystemInfo
GetVersionExW
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
CreateProcessW
LoadLibraryA
GetConsoleOutputCP
LocalFree
LocalAlloc
Sleep
GetTempPathW
GetShortPathNameW
GetLongPathNameW
CreateDirectoryW
GetFileType
CreateFileA
InitializeCriticalSection
LoadLibraryExW
IsDBCSLeadByte
GetStringTypeExW
GetACP
WideCharToMultiByte
IsValidCodePage
CompareStringW
MultiByteToWideChar
GetCurrentThread
FlushFileBuffers
GlobalMemoryStatus
ReleaseSemaphore
IsProcessorFeaturePresent
RtlUnwind
SetUnhandledExceptionFilter
ExitProcess
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
InterlockedIncrement
InterlockedDecrement
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetOEMCP
LCMapStringA
LCMapStringW
InterlockedExchange
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
SetStdHandle
GetStringTypeA
GetStringTypeW
WriteConsoleA
CoCreateInstance
StringFromCLSID
CoTaskMemFree
CoInitializeEx
CoRegisterClassObject
CoRevokeClassObject
CoUninitialize
StringFromIID
UuidCreate
SHGetSpecialFolderPathW
GetSysColor
EnumDisplayMonitors
GetMonitorInfoA
GetKeyboardLayoutList
GetKeyboardLayout
GetMenuCheckMarkDimensions
ReleaseDC
GetDC
SystemParametersInfoA
GetSystemMetrics
t:\dw\x86\ship\0\dwtrig20.pdb
\ship\0\dwtrig20.exe\bbtopt\dwtrig20O.pdb
.?AVCISensNetworkCF@@
.?AUIClassFactory@@
.?AUIUnknown@@
.?AVCImpISensNetwork@@
.?AUISensNetwork@@
.?AUIDispatch@@
.?AVMSO_FAST_HEAP@@
.?AVROCKALL_FRONT_END@@
.?AUMSOHEAPOBJ@@
.?AVMsoHeapWin32@@
.?AVMsoHeapRockall@@
pBrxrwrvr
gq\qlqfqLqeq^qFqhqVq:rRr7sEs?s>sotZtUt_t^tAt?tYt[t\tvuxu
rCsMsQsLsbtstqtutrtgtnt
`#`0`1`6`8`:`;`<`=`>`?`H`J`K`N`O`Q`
?g!k}O:R>R
P]iIqSt
!N$NiQ
lDuOmAmYu
"Q^z7~
whuXo
@b"U"}
2(N6N?N@NANYN
N)N7NBNCNDN\N]N
N?QeQkQ
S8SAS
NAQBQCQgQlQmQ
X(Y)Y
u(u)u0u1u2u
S S!S"SKSNSOSpS
V(W)W*W+W,W-W.W/W0W
t+u,u7u
S&S<SQSRSSSTS
S]T^T_T`TaTbTcTdTeTfTgThTiTjTkTlTmTnToTqTsTtTuTvTwTxTyTzT{T|T
f f!f"f#f$f%f&f'f(f)f*f+f,f-f
h h!h"h#h$h%h&h'h(h)h*h12
q1r9rBrvrwrxryr
w&xBxCxDxExFxGxHxIxJxKxLxMxNxOxPxQxRxSxTxUxVxWxXxYxZx[x_xmxfyhymy
[ [
沪公网安备 31011502009736号