899

按鍵精靈 9.51.11790版

Environment = 1600x900|32|Windows 7 Ultimate

Type = 0xC0000005

Address = 0x76F8E4C3

LineNum = 214(200)

 

Registers:

EAX=98000000 EBX=4A943215 ECX=FCFFFF07 EDX=0000FCFF

ESI=00302165 EDI=4A940000 ESP=04CAFCD4 EBP=04CAFD08

 

Current Modules:

Name = QM9.exe, Base = 0x400000, Top = 0xD82000, Size = 9969664

==>

Name = ntdll.dll, Base = 0x76F60000, Top = 0x770E0000, Size = 1572864

Name = kernel32.dll, Base = 0x74B50000, Top = 0x74C60000, Size = 1114112

Name = KERNELBASE.dll, Base = 0x74970000, Top = 0x749B7000, Size = 290816

Name = MFC42.DLL, Base = 0x68D00000, Top = 0x68E1C000, Size = 1163264

Name = msvcrt.dll, Base = 0x74C80000, Top = 0x74D2C000, Size = 704512

Name = USER32.dll, Base = 0x75230000, Top = 0x75330000, Size = 1048576

Name = GDI32.dll, Base = 0x75830000, Top = 0x758C0000, Size = 589824

Name = LPK.dll, Base = 0x74C70000, Top = 0x74C7A000, Size = 40960

Name = USP10.dll, Base = 0x75A60000, Top = 0x75AFD000, Size = 643072

Name = ADVAPI32.dll, Base = 0x756F0000, Top = 0x75791000, Size = 659456

Name = sechost.dll, Base = 0x75210000, Top = 0x75229000, Size = 102400

Name = RPCRT4.dll, Base = 0x76A80000, Top = 0x76B70000, Size = 983040

Name = SspiCli.dll, Base = 0x748E0000, Top = 0x74940000, Size = 393216

Name = CRYPTBASE.dll, Base = 0x748D0000, Top = 0x748DC000, Size = 49152

Name = ole32.dll, Base = 0x758C0000, Top = 0x75A1C000, Size = 1425408

Name = OLEAUT32.dll, Base = 0x74D40000, Top = 0x74DCF000, Size = 585728

Name = ODBC32.dll, Base = 0x68C70000, Top = 0x68CFC000, Size = 573440

Name = SHELL32.dll, Base = 0x75E30000, Top = 0x76A7A000, Size = 12886016

Name = SHLWAPI.dll, Base = 0x754E0000, Top = 0x75537000, Size = 356352

Name = COMCTL32.dll, Base = 0x72FD0000, Top = 0x7316E000, Size = 1695744

Name = urlmon.dll, Base = 0x75330000, Top = 0x7547A000, Size = 1351680

Name = api-ms-win-downlevel-ole32-l1-1-0.dll, Base = 0x75E20000, Top = 0x75E24000, Size = 16384

Name = api-ms-win-downlevel-shlwapi-l1-1-0.dll, Base = 0x74DF0000, Top = 0x74DF4000, Size = 16384

Name = api-ms-win-downlevel-advapi32-l1-1-0.dll, Base = 0x75A20000, Top = 0x75A25000, Size = 20480

Name = api-ms-win-downlevel-user32-l1-1-0.dll, Base = 0x756E0000, Top = 0x756E4000, Size = 16384

Name = api-ms-win-downlevel-version-l1-1-0.dll, Base = 0x74C60000, Top = 0x74C64000, Size = 16384

Name = version.DLL, Base = 0x72AD0000, Top = 0x72AD9000, Size = 36864

Name = api-ms-win-downlevel-normaliz-l1-1-0.dll, Base = 0x75170000, Top = 0x75173000, Size = 12288

Name = normaliz.DLL, Base = 0x749C0000, Top = 0x749C3000, Size = 12288

Name = iertutil.dll, Base = 0x74F30000, Top = 0x75162000, Size = 2301952

Name = WININET.dll, Base = 0x75C30000, Top = 0x75E14000, Size = 1982464

Name = USERENV.dll, Base = 0x74DD0000, Top = 0x74DE7000, Size = 94208

Name = profapi.dll, Base = 0x75A50000, Top = 0x75A5B000, Size = 45056

Name = MSVCP60.dll, Base = 0x68C00000, Top = 0x68C66000, Size = 417792

Name = WINMM.dll, Base = 0x732D0000, Top = 0x73302000, Size = 204800

Name = WS2_32.dll, Base = 0x74AB0000, Top = 0x74AE5000, Size = 217088

Name = NSI.dll, Base = 0x75200000, Top = 0x75206000, Size = 24576

Name = Syntconv.dll, Base = 0x10000000, Top = 0x10053000, Size = 339968

Name = UxTheme.dll, Base = 0x72D90000, Top = 0x72E10000, Size = 524288

Name = refs.dll, Base = 0x68BC0000, Top = 0x68BF8000, Size = 229376

Name = WINSPOOL.DRV, Base = 0x73190000, Top = 0x731E1000, Size = 331776

Name = IMAGEHLP.dll, Base = 0x74940000, Top = 0x7496A000, Size = 172032

Name = DINPUT8.dll, Base = 0x66B60000, Top = 0x66B90000, Size = 196608

Name = comdlg32.dll, Base = 0x75180000, Top = 0x751FB000, Size = 503808

Name = OLEPRO32.DLL, Base = 0x68BA0000, Top = 0x68BB9000, Size = 102400

Name = IMM32.DLL, Base = 0x75480000, Top = 0x754E0000, Size = 393216

Name = MSCTF.dll, Base = 0x75B60000, Top = 0x75C2C000, Size = 835584

Name = odbcint.dll, Base = 0x66B20000, Top = 0x66B58000, Size = 229376

Name = msimg32.dll, Base = 0x72CB0000, Top = 0x72CB5000, Size = 20480

Name = dwmapi.dll, Base = 0x72AE0000, Top = 0x72AF3000, Size = 77824

Name = CRYPTSP.dll, Base = 0x729F0000, Top = 0x72A07000, Size = 94208

Name = rsaenh.dll, Base = 0x72900000, Top = 0x7293B000, Size = 241664

Name = asycfilt.dll, Base = 0x66B00000, Top = 0x66B14000, Size = 81920

Name = Secur32.dll, Base = 0x72CC0000, Top = 0x72CC8000, Size = 32768

Name = api-ms-win-downlevel-advapi32-l2-1-0.dll, Base = 0x679B0000, Top = 0x679B4000, Size = 16384

Name = api-ms-win-downlevel-shlwapi-l2-1-0.dll, Base = 0x68950000, Top = 0x68954000, Size = 16384

Name = mswsock.dll, Base = 0x729A0000, Top = 0x729DC000, Size = 245760

Name = wship6.dll, Base = 0x72950000, Top = 0x72956000, Size = 24576

Name = IPHLPAPI.DLL, Base = 0x72E20000, Top = 0x72E3C000, Size = 114688

Name = WINNSI.DLL, Base = 0x72E10000, Top = 0x72E17000, Size = 28672

Name = DNSAPI.dll, Base = 0x72040000, Top = 0x72084000, Size = 278528

Name = wshtcpip.dll, Base = 0x72960000, Top = 0x72965000, Size = 20480

Name = rasadhlp.dll, Base = 0x71E60000, Top = 0x71E66000, Size = 24576

Name = fwpuclnt.dll, Base = 0x71F60000, Top = 0x71F98000, Size = 229376

Name = CLBCatQ.DLL, Base = 0x757A0000, Top = 0x75823000, Size = 536576

Name = ieframe.dll, Base = 0x65EB0000, Top = 0x66AF2000, Size = 12853248

Name = api-ms-win-downlevel-shell32-l1-1-0.dll, Base = 0x65EA0000, Top = 0x65EA4000, Size = 16384

Name = SXS.DLL, Base = 0x733F0000, Top = 0x7344F000, Size = 389120

Name = msscript.ocx, Base = 0x65E80000, Top = 0x65E9A000, Size = 106496

Name = dbghelp.dll, Base = 0x71730000, Top = 0x7181B000, Size = 962560

Name = RpcRtRemote.dll, Base = 0x728F0000, Top = 0x728FE000, Size = 57344

Name = qdisp.dll, Base = 0x3210000, Top = 0x321A000, Size = 40960

Name = vbscript.dll, Base = 0x65E00000, Top = 0x65E7F000, Size = 520192

Name = apphelp.dll, Base = 0x73280000, Top = 0x732CC000, Size = 311296

Name = NLAapi.dll, Base = 0x72A60000, Top = 0x72A70000, Size = 65536

Name = napinsp.dll, Base = 0x72940000, Top = 0x72950000, Size = 65536

Name = pnrpnsp.dll, Base = 0x728A0000, Top = 0x728B2000, Size = 73728

Name = winrnr.dll, Base = 0x72020000, Top = 0x72028000, Size = 32768

Name = mshtml.dll, Base = 0x64B40000, Top = 0x65DFC000, Size = 19644416

Name = MLANG.dll, Base = 0x64B10000, Top = 0x64B3E000, Size = 188416

Name = PROPSYS.dll, Base = 0x71160000, Top = 0x71255000, Size = 1003520

Name = CRYPT32.dll, Base = 0x74E00000, Top = 0x74F22000, Size = 1187840

Name = MSASN1.dll, Base = 0x74D30000, Top = 0x74D3C000, Size = 49152

Name = credssp.dll, Base = 0x66D10000, Top = 0x66D18000, Size = 32768

Name = schannel.dll, Base = 0x64AC0000, Top = 0x64B01000, Size = 266240

Name = cfgdll.dll, Base = 0x31E0000, Top = 0x31EF000, Size = 61440

Name = ncrypt.dll, Base = 0x72BA0000, Top = 0x72BD9000, Size = 233472

Name = bcrypt.dll, Base = 0x72C20000, Top = 0x72C37000, Size = 94208

Name = bcryptprimitives.dll, Base = 0x72BE0000, Top = 0x72C1D000, Size = 249856

Name = WINTRUST.dll, Base = 0x74AF0000, Top = 0x74B1F000, Size = 192512

Name = GPAPI.dll, Base = 0x71DB0000, Top = 0x71DC6000, Size = 90112

Name = cryptnet.dll, Base = 0x71E40000, Top = 0x71E5D000, Size = 118784

Name = WLDAP32.dll, Base = 0x74A60000, Top = 0x74AA5000, Size = 282624

Name = SensApi.dll, Base = 0x64AB0000, Top = 0x64AB6000, Size = 24576

Name = msimtf.dll, Base = 0x64AA0000, Top = 0x64AAB000, Size = 45056

Name = msls31.dll, Base = 0x64A60000, Top = 0x64A91000, Size = 200704

Name = jscript9.dll, Base = 0x64630000, Top = 0x64A54000, Size = 4341760

Name = d2d1.dll, Base = 0x642E0000, Top = 0x64627000, Size = 3436544

Name = DWrite.dll, Base = 0x641A0000, Top = 0x642D5000, Size = 1265664

Name = dxgi.dll, Base = 0x64150000, Top = 0x6419C000, Size = 311296

Name = d3d11.dll, Base = 0x63FD0000, Top = 0x64145000, Size = 1527808

Name = D3D10Warp.dll, Base = 0x63DE0000, Top = 0x63FC9000, Size = 2002944

Name = windowscodecs.dll, Base = 0x692D0000, Top = 0x69400000, Size = 1245184

Name = ImgUtil.dll, Base = 0x63DD0000, Top = 0x63DDC000, Size = 49152

Name = XmlLite.dll, Base = 0x63DA0000, Top = 0x63DCF000, Size = 192512

Name = DSOUND.dll, Base = 0x63D20000, Top = 0x63D92000, Size = 466944

Name = POWRPROF.dll, Base = 0x72970000, Top = 0x72995000, Size = 151552

Name = SETUPAPI.dll, Base = 0x75540000, Top = 0x756DD000, Size = 1691648

Name = CFGMGR32.dll, Base = 0x74B20000, Top = 0x74B47000, Size = 159744

Name = DEVOBJ.dll, Base = 0x75A30000, Top = 0x75A42000, Size = 73728

Name = PSAPI.DLL, Base = 0x76B70000, Top = 0x76B75000, Size = 20480

Name = windowscodecsext.dll, Base = 0x624D0000, Top = 0x62507000, Size = 225280

Name = msxml6.dll, Base = 0x62370000, Top = 0x624C8000, Size = 1409024

Name = ntmarta.dll, Base = 0x72C80000, Top = 0x72CA1000, Size = 135168

Name = uiautomationcore.dll, Base = 0x622E0000, Top = 0x6236C000, Size = 573440

Name = OLEACC.dll, Base = 0x622A0000, Top = 0x622DC000, Size = 245760

Name = FILE.dll, Base = 0x2EB0000, Top = 0x2EBB000, Size = 45056

Name = kEYHOOK.dll, Base = 0x2F60000, Top = 0x2F76000, Size = 90112

Name = SYS.dll, Base = 0x2EC0000, Top = 0x2EC9000, Size = 36864

Name = scrrun.dll, Base = 0x63CF0000, Top = 0x63D1A000, Size = 172032

Name = ieproxy.dll, Base = 0x63C50000, Top = 0x63C99000, Size = 299008

Name = dispex.dll, Base = 0x63BC0000, Top = 0x63BC8000, Size = 32768

 

Code Before:

10 C1 E7 10 C1 EA 10 0B DF 0B C8 8B 06 C7 45 F8 01 00 00 00

Current Code:

89 30 8B 45 E0 8B 55 E4 8D 7E 08 F0 0F C7 0F 3B 45 E0 0F 85

 

Call Stack:

76F8E0C3 ===> ntdll.dll

 

Current Stack:

[04CAFCD4] = 00000000

[04CAFCD8] = 00240000

[04CAFCDC] = 00327930

[04CAFCE0] = 003271D8

[04CAFCE4] = 76F8E0C3

[04CAFCE8] = 00003214

[04CAFCEC] = FCFFFF00

[04CAFCF0] = 000000B2

[04CAFCF4] = 003279A0

[04CAFCF8] = 04CAFD0C

[04CAFCFC] = E8002484

[04CAFD00] = 00000001

[04CAFD04] = 00327928

[04CAFD08] = 04CAFD20

[04CAFD0C] = 76F8E0C3

[04CAFD10] = 002E0B00

[04CAFD14] = 064195D8

[04CAFD18] = 002E0AC8

[04CAFD1C] = 00327928

[04CAFD20] = 04CAFD34

[04CAFD24] = 76A905FA

[04CAFD28] = 00240000

[04CAFD2C] = 00000000

[04CAFD30] = 00327930

[04CAFD34] = 04CAFD40

[04CAFD38] = 76A905B9

[04CAFD3C] = 00327930

[04CAFD40] = 04CAFD78

[04CAFD44] = 76A9A97E

[04CAFD48] = 00327930

[04CAFD4C] = 003271D8

[04CAFD50] = 064195D8

[04CAFD54] = 002E0AC8

[04CAFD58] = 76A9AA44

[04CAFD5C] = 002E0BF4

[04CAFD60] = 76AA2FD8

[04CAFD64] = 064195D8

[04CAFD68] = 002E0AC8

[04CAFD6C] = 00000001

[04CAFD70] = 002E0AC8

[04CAFD74] = 002E0AC8

[04CAFD78] = 04CAFD84

[04CAFD7C] = 76AA2F62

[04CAFD80] = 002E0AC8

[04CAFD84] = 04CAFDA0

[04CAFD88] = 76A9AABC

[04CAFD8C] = 00000001

[04CAFD90] = 002E0AC8

[04CAFD94] = 76A9A9EF

[04CAFD98] = 00000000

[04CAFD9C] = 064195D8

[04CAFDA0] = 04CAFDB8

[04CAFDA4] = 759FD5BE

[04CAFDA8] = 064195D8

[04CAFDAC] = 064195D8

[04CAFDB0] = 758FD725

[04CAFDB4] = 064195D8

[04CAFDB8] = 04CAFDD8

[04CAFDBC] = 759FD5DC

[04CAFDC0] = 00000001

[04CAFDC4] = 002F7BD8

[04CAFDC8] = 758FDC44

[04CAFDCC] = 75A06580

[04CAFDD0] = 00000003

[04CAFDD4] = 0A1A0768

[04CAFDD8] = 04CAFE5C

[04CAFDDC] = 758FDBF8

[04CAFDE0] = 002F7C58

[04CAFDE4] = 002F7BD8

[04CAFDE8] = 002F7AD8

[04CAFDEC] = 75907B00

[04CAFDF0] = 758F8EC8

[04CAFDF4] = 04CAFE04

[04CAFDF8] = 00000000

[04CAFDFC] = 76F822F0

[04CAFE00] = 75A07298

[04CAFE04] = 002DF128

[04CAFE08] = 002F23A8

[04CAFE0C] = 00000000

[04CAFE10] = 04CAFE24

[04CAFE14] = 7590EB7F

[04CAFE18] = CD8EF261

[04CAFE1C] = 04CAFA28

[04CAFE20] = 75A07298

[04CAFE24] = 04CAFFC4

[04CAFE28] = 76F822F0

[04CAFE2C] = 75A07758

[04CAFE30] = FFFFFFFE

[04CAFE34] = 76B30175

[04CAFE38] = 758DF02F

[04CAFE3C] = 04CAFE50

[04CAFE40] = 75A08AED

[04CAFE44] = 758FAF69

[04CAFE48] = 04CAFE98

[04CAFE4C] = 75A06A50

[04CAFE50] = 04CAFE98

[04CAFE54] = 04CAFDE0

[04CAFE58] = CD8EF22C

[04CAFE5C] = 04CAFE70

[04CAFE60] = 758DF19B

[04CAFE64] = 75A07398

[04CAFE68] = 75A08AED

[04CAFE6C] = 00000000

[04CAFE70] = 04CAFF4C

[04CAFE74] = 758F960C

[04CAFE78] = 04CAFE98

[04CAFE7C] = 04CAFF54

[04CAFE80] = AF56400A

[04CAFE84] = C4A35180

[04CAFE88] = 39141B11

[04CAFE8C] = 881D8A5B

[04CAFE90] = E17C8748

[04CAFE94] = CA12DF09

[04CAFE98] = 758F9645

[04CAFE9C] = 00000000

[04CAFEA0] = 04CAFEC0

[04CAFEA4] = 75A08AEC

[04CAFEA8] = 00000000

[04CAFEAC] = 04CAFF4C

[04CAFEB0] = 758F9662

[04CAFEB4] = 00240000

[04CAFEB8] = 00000000

[04CAFEBC] = 00000000

[04CAFEC0] = 76F8E192

[04CAFEC4] = 0000000F

[04CAFEC8] = 00000010

[04CAFECC] = 04CAFF74

[04CAFED0] = 04CAFFC4

[04CAFED4] = 76FD4DCD

[04CAFED8] = 76F7FDC1

[04CAFEDC] = 74983D97

[04CAFEE0] = 00000000

[04CAFEE4] = 74983DC3

[04CAFEE8] = CD8D3A59

[04CAFEEC] = 74B61151

[04CAFEF0] = 758F94B0

[04CAFEF4] = 04CAFF4C

[04CAFEF8] = 758F94CE

[04CAFEFC] = 00000004

[04CAFF00] = 04CAFF44

[04CAFF04] = 758F94EC

[04CAFF08] = 74B61151

[04CAFF0C] = 75A07430

[04CAFF10] = 00007530

[04CAFF14] = 04CAFE80

[04CAFF18] = 04CAFE98

[04CAFF1C] = 04CAFEF8

[04CAFF20] = 00000001

[04CAFF24] = 04CAFE98

[04CAFF28] = 04CAFEA8

[04CAFF2C] = 04CAFE98

[04CAFF30] = 04CAFEA0

[04CAFF34] = 00000001

[04CAFF38] = 00000000

[04CAFF3C] = 00000000

[04CAFF40] = 00000000

[04CAFF44] = 00000001

[04CAFF48] = CD8EF33C

[04CAFF4C] = 04CAFF78

[04CAFF50] = 758ED9CF

[04CAFF54] = 00000004

[04CAFF58] = 00000000

[04CAFF5C] = 06ACF7E0

[04CAFF60] = 758ECD48

[04CAFF64] = 00000000

[04CAFF68] = 00000000

[04CAFF6C] = 06ACF7E0

[04CAFF70] = 06ACF7E0

[04CAFF74] = 06ACF7E0

[04CAFF78] = 04CAFF88

[04CAFF7C] = 758ED87A

[04CAFF80] = 00000000

[04CAFF84] = 00000000

[04CAFF88] = 04CAFF94

[04CAFF8C] = 74B6344D

[04CAFF90] = 06ACF7E0

[04CAFF94] = 04CAFFD4

[04CAFF98] = 76F99802

[04CAFF9C] = 06ACF7E0

[04CAFFA0] = 72B0D855

[04CAFFA4] = 00000000

[04CAFFA8] = 00000000

[04CAFFAC] = 06ACF7E0

[04CAFFB0] = C0000005

[04CAFFB4] = 74B8788F

[04CAFFB8] = 74B8788F

[04CAFFBC] = 04CAFFA0

[04CAFFC0] = 04CAF720

[04CAFFC4] = FFFFFFFF

[04CAFFC8] = 76FD4DCD

[04CAFFCC] = 0082E1C1

[04CAFFD0] = 00000000

[04CAFFD4] = 04CAFFEC

[04CAFFD8] = 76F997D5

[04CAFFDC] = 758ED864

[04CAFFE0] = 06ACF7E0

[04CAFFE4] = 00000000

[04CAFFE8] = 00000000

[04CAFFEC] = 00000000

[04CAFFF0] = 00000000

 

Done