0% found this document useful (0 votes)

15 views

Except Armada 2

Uploaded by

Imogen Claydon

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

15 views

Except Armada 2

Uploaded by

Imogen Claydon

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 40

date/time : 2024-02-05, 23:03:16, 77ms

operating system : Windows 8 Tablet PC x64 build 9200

system language : English
system up time : 1 day 6 hours
program up time : 1 minute 47 seconds
processors : 4x Apple Silicon
physical memory : 4837/8187 MB (free/total)
free disk space : (C:) 74.39 GB
display mode : 3456x2160, 32 bit
process id : $1d54
allocated memory : 801.72 MB
executable : Armada2.exe
current module : FleetOpsHook.dll
module date/time : 2024-01-31 04:25
version : 4.0.0.Jan
callstack crc : $e0efb2e8, $f5dcb580, $bbdb46a4
count : 4
exception number : 1
exception class : EAccessViolation
exception message : Access violation at address 5A9D18D6 in module
'FleetOpsHook.dll'. Read of address 20D38690.

main thread ($784):

5a9d18d6 +192 FleetOpsHook.dll FleetOpsFunctionsHook 3257 +33
GetClosestSafeResource_Freighter_New
5a9d1f8d +029 FleetOpsHook.dll FleetOpsFunctionsHook 3639 +3
DebugException_Execute_New
5a9d23ed +26d FleetOpsHook.dll FleetOpsFunctionsHook 3760 +76 A2_WinMain
75077ba7 +017 KERNEL32.DLL BaseThreadInitThunk

thread $b8c:
775a852a +0a ntdll.dll NtWaitForWorkViaWorkerFactory
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $22b8:
775a6a3a +0a ntdll.dll NtDelayExecution
775c06c4 +e4 ntdll.dll RtlDelayExecution
74c2d189 +49 KERNELBASE.dll SleepEx
74c2d12a +0a KERNELBASE.dll Sleep
5a9f0978 +e8 FleetOpsHook.dll ST3D_TextureEnhancement 533 +29
TST3D_TextureLoadingThread.Execute
5a887a2c +34 FleetOpsHook.dll Classes ThreadProc
5a80562c +28 FleetOpsHook.dll System 494 +0 ThreadWrapper
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $1b28:
775a852a +0a ntdll.dll NtWaitForWorkViaWorkerFactory
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $be0:
73c410da +0a win32u.dll NtUserGetMessage
7416fffa +2a USER32.dll GetMessageW
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $19ec: <priority:13>

775a671a +0a ntdll.dll NtWaitForSingleObject
74c51c12 +82 KERNELBASE.dll WaitForSingleObjectEx
74c51b7d +0d KERNELBASE.dll WaitForSingleObject
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk
thread $1968: <priority:2>
775a671a +0a ntdll.dll NtWaitForSingleObject
74c51c12 +82 KERNELBASE.dll WaitForSingleObjectEx
74c51b7d +0d KERNELBASE.dll WaitForSingleObject
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $19f0: <priority:2>

775a6a3a +0a ntdll.dll NtDelayExecution
775c06c4 +e4 ntdll.dll RtlDelayExecution
74c2d189 +49 KERNELBASE.dll SleepEx
74c2d12a +0a KERNELBASE.dll Sleep
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $bf4: <priority:1>

775a6a3a +0a ntdll.dll NtDelayExecution
775c06c4 +e4 ntdll.dll RtlDelayExecution
74c2d189 +49 KERNELBASE.dll SleepEx
74c2d12a +0a KERNELBASE.dll Sleep
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $15a8:
775a852a +0a ntdll.dll NtWaitForWorkViaWorkerFactory
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $484:
775a852a +0a ntdll.dll NtWaitForWorkViaWorkerFactory
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $f08: <priority:15>

775a6caa +00a ntdll.dll NtWaitForMultipleObjects
74c53a29 +189 KERNELBASE.dll WaitForMultipleObjectsEx
74c53883 +013 KERNELBASE.dll WaitForMultipleObjects
75077ba7 +017 KERNEL32.DLL BaseThreadInitThunk

thread $1884: <priority:15>

775a6a3a +0a ntdll.dll NtDelayExecution
775c06c4 +e4 ntdll.dll RtlDelayExecution
74c2d189 +49 KERNELBASE.dll SleepEx
74c2d12a +0a KERNELBASE.dll Sleep
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

modules:
00400000 Armada2.exe 43.0.0.0
C:\Program Files (x86)\Fleet Ops Roots\data
0b050000 D3DX81ab.dll 8.1.0.0
C:\Program Files (x86)\Fleet Ops Roots\data
0dc10000 Tunngle.dll 1.0.6.0
C:\Program Files (x86)\Fleet Ops Roots\data
10000000 NetworkManager.dll
C:\Program Files (x86)\Fleet Ops Roots\data
18000000 binkw32.dll 1.9.18.0
C:\Program Files (x86)\Fleet Ops Roots\data
4a800000 Win2kDisableTaskSwitch.dll 4.0.0.0
C:\Program Files (x86)\Fleet Ops Roots\data
5a800000 FleetOpsHook.dll 4.0.0.0
C:\Program Files (x86)\Fleet Ops Roots
701b0000 mmm_loader.dll 1.0.5.0
C:\Program Files (x86)\Fleet Ops Roots\data\missions
70390000 Windows.Internal.Graphics.Display.DisplayColorManagement.dll
6.2.22621.2792 C:\Windows\System32
703d0000 mscms.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70470000 rasadhlp.dll 6.2.22621.1
C:\Windows\System32
70480000 DNSAPI.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70540000 srvcli.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70560000 netutils.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70570000 urlmon.dll
11.0.22621.2792 C:\Windows\SYSTEM32
70720000 WINHTTP.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70800000 dhcpcsvc.DLL
6.2.22621.2506 C:\Windows\SYSTEM32
70820000 dhcpcsvc6.DLL
6.2.22621.2506 C:\Windows\SYSTEM32
70840000 WINNSI.DLL 6.2.22621.1
C:\Windows\SYSTEM32
70850000 IPHLPAPI.DLL 6.2.22621.1
C:\Windows\SYSTEM32
70880000 mswsock.dll
6.2.22621.2506 C:\Windows\system32
708e0000 ondemandconnroutehelper.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70900000 iertutil.dll
11.0.22621.3007 C:\Windows\SYSTEM32
70b40000 TextShaping.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70be0000 resourcepolicyclient.dll 6.2.22621.1
C:\Windows\SYSTEM32
70bf0000 midimap.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70c00000 msacm32.drv
6.2.22621.2506 C:\Windows\SYSTEM32
70c10000 AUDIOSES.DLL
6.2.22621.2506 C:\Windows\SYSTEM32
70da0000 ksuser.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70db0000 AVRT.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70dc0000 wdmaud.drv
6.2.22621.2506 C:\Windows\SYSTEM32
70e00000 DEVOBJ.dll
6.2.22621.2506 C:\Windows\System32
70e30000 MMDevApi.dll
6.2.22621.2506 C:\Windows\System32
70eb0000 CRYPTBASE.DLL 6.2.22621.1
C:\Windows\SYSTEM32
70ec0000 CoreUIComponents.dll
6.2.22621.2506 C:\Windows\SYSTEM32
71160000 CoreMessaging.dll
6.2.22621.3007 C:\Windows\SYSTEM32
71230000 textinputframework.dll
6.2.22621.2792 C:\Windows\SYSTEM32
71330000 prl_umdd.dll
20.18.1832.53621 C:\Windows\SYSTEM32
71380000 comctl32.DLL
6.10.22621.2506 C:\Windows\WinSxS\x86_microsoft.windows.common-
controls_6595b64144ccf1df_6.0.22621.2506_none_6eb991c088050a06
715b0000 ntmarta.dll
6.2.22621.2506 C:\Windows\SYSTEM32
715e0000 SspiCli.dll
6.2.22621.3007 C:\Windows\SYSTEM32
71610000 CFGMGR32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
71650000 profapi.dll
6.2.22621.2506 C:\Windows\SYSTEM32
71670000 propsys.dll
7.0.22621.2506 C:\Windows\system32
71740000 kernel.appcore.dll
6.2.22621.2715 C:\Windows\SYSTEM32
71760000 wintypes.dll
6.2.22621.2792 C:\Windows\SYSTEM32
71830000 windows.storage.dll
6.2.22621.2792 C:\Windows\SYSTEM32
71f20000 uxtheme.dll
6.2.22621.3007 C:\Windows\system32
71fa0000 FaultRep.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72010000 d3dx9_43.dll 9.29.952.3111
C:\Program Files (x86)\Fleet Ops Roots\data
72210000 d3d9.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72390000 fmodex.dll 0.4.38.6
C:\Program Files (x86)\Fleet Ops Roots\data
724e0000 wininet.dll
11.0.22621.2506 C:\Windows\SYSTEM32
72970000 wsock32.dll 6.2.22621.1
C:\Windows\SYSTEM32
72980000 version.dll 6.2.22621.1
C:\Windows\SYSTEM32
72990000 UMPDC.dll
6.2.22621.2506 C:\Windows\SYSTEM32
729a0000 dxcore.dll
6.2.22621.2506 C:\Windows\SYSTEM32
729d0000 msdmo.dll 6.2.22621.1
C:\Windows\SYSTEM32
729e0000 dwmapi.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72a10000 d3d8thk.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72a20000 winmmbase.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72a40000 ResampleDmo.DLL
6.2.22621.2506 C:\Windows\SYSTEM32
72ae0000 powrprof.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72b30000 MSVFW32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72b60000 MSACM32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72b80000 d3d8.dll 6.2.22621.1
C:\Windows\SYSTEM32
72c40000 MSVCP60.dll 7.0.22621.1
C:\Windows\SYSTEM32
72cc0000 AVIFIL32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72ce0000 DSOUND.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72d60000 WINMM.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72da0000 COMCTL32.dll
5.82.22621.2506 C:\Windows\WinSxS\x86_microsoft.windows.common-
controls_6595b64144ccf1df_5.82.22621.2506_none_fbe8e1f07808be9b
72e40000 apphelp.dll
6.2.22621.2506 C:\Windows\SYSTEM32
73060000 combase.dll
6.2.22621.2792 C:\Windows\System32
733b0000 msvcrt.dll
7.0.22621.2506 C:\Windows\System32
73480000 IMM32.dll
6.2.22621.2792 C:\Windows\System32
734b0000 sechost.dll
6.2.22621.3007 C:\Windows\System32
73540000 MSCTF.dll
6.2.22621.2792 C:\Windows\System32
73a80000 ADVAPI32.dll
6.2.22621.3007 C:\Windows\System32
73b00000 comdlg32.dll
6.2.22621.2506 C:\Windows\System32
73bc0000 msvcp_win.dll
6.2.22621.2506 C:\Windows\System32
73c40000 win32u.dll
6.2.22621.2506 C:\Windows\System32
73c60000 ucrtbase.dll
6.2.22621.2506 C:\Windows\System32
73d80000 OLEAUT32.dll
6.2.22621.2506 C:\Windows\System32
73e20000 gdi32full.dll
6.2.22621.2861 C:\Windows\System32
73f10000 RPCRT4.dll
6.2.22621.2792 C:\Windows\System32
73fd0000 shcore.dll
6.2.22621.2715 C:\Windows\System32
740a0000 GDI32.dll
6.2.22621.2792 C:\Windows\System32
74140000 USER32.dll
6.2.22621.2792 C:\Windows\System32
742f0000 SHELL32.dll
6.2.22621.3007 C:\Windows\System32
74b10000 KERNELBASE.dll
6.2.22621.2861 C:\Windows\System32
74d90000 ole32.dll
6.2.22621.2506 C:\Windows\System32
74ee0000 IMAGEHLP.dll
6.2.22621.2506 C:\Windows\System32
74fa0000 SHLWAPI.dll
6.2.22621.2506 C:\Windows\System32
74ff0000 WS2_32.dll 6.2.22621.1
C:\Windows\System32
75050000 NSI.dll 6.2.22621.1
C:\Windows\System32
75060000 KERNEL32.DLL
6.2.22621.2506 C:\Windows\System32
75150000 bcryptPrimitives.dll
6.2.22621.2506 C:\Windows\System32
751c0000 bcrypt.dll
6.2.22621.2506 C:\Windows\System32
751e0000 clbcatq.dll
2001.12.10941.16384 C:\Windows\System32
77530000 ntdll.dll
6.2.22621.2506 C:\Windows\SYSTEM32

processes:
0000 Idle 0 0 0
0004 System 0 0 0
0074 Registry 0 0 0
01c0 smss.exe 0 0 0
024c csrss.exe 0 0 0
02a0 wininit.exe 0 0 0
0334 services.exe 0 0 0
034c lsass.exe 0 0 0
03d4 svchost.exe 0 0 0
03e8 WUDFHost.exe 0 0 0
017c fontdrvhost.exe 0 0 0
0364 svchost.exe 0 0 0
0440 svchost.exe 0 0 0
0490 svchost.exe 0 0 0
04b8 svchost.exe 0 0 0
0524 svchost.exe 0 0 0
052c svchost.exe 0 0 0
0584 svchost.exe 0 0 0
05a0 svchost.exe 0 0 0
05d0 svchost.exe 0 0 0
05ec svchost.exe 0 0 0
0640 svchost.exe 0 0 0
066c svchost.exe 0 0 0
06b4 svchost.exe 0 0 0
06bc svchost.exe 0 0 0
075c efwd.exe 0 0 0
07d4 ekrn.exe 0 0 0
035c svchost.exe 0 0 0
0514 svchost.exe 0 0 0
0894 svchost.exe 0 0 0
08c4 svchost.exe 0 0 0
08dc XtaCache.exe 0 0 0
0918 svchost.exe 0 0 0
0920 svchost.exe 0 0 0
0928 svchost.exe 0 0 0
095c svchost.exe 0 0 0
09c8 Memory Compression 0 0 0
09d8 svchost.exe 0 0 0
0a40 svchost.exe 0 0 0
0a4c svchost.exe 0 0 0
0a94 svchost.exe 0 0 0
0ac4 svchost.exe 0 0 0
0ae4 svchost.exe 0 0 0
0b1c svchost.exe 0 0 0
0b4c spoolsv.exe 0 0 0
0b6c svchost.exe 0 0 0
0b94 svchost.exe 0 0 0
0bb0 svchost.exe 0 0 0
0c8c svchost.exe 0 0 0
0c9c svchost.exe 0 0 0
0ce4 svchost.exe 0 0 0
0cf0 prl_tools_service.exe 0 0 0
0d00 svchost.exe 0 0 0
0d0c coherence.exe 0 0 0
0d1c svchost.exe 0 0 0
0d28 MsMpEng.exe 0 0 0
0ef4 svchost.exe 0 0 0
0910 svchost.exe 0 0 0
1038 svchost.exe 0 0 0
122c svchost.exe 0 0 0
0e34 svchost.exe 0 0 0
1418 svchost.exe 0 0 0
15a0 svchost.exe 0 0 0
1710 svchost.exe 0 0 0
0e7c svchost.exe 0 0 0
17fc svchost.exe 0 0 0
1bc8 SearchIndexer.exe 0 0 0
05d8 SecurityHealthService.exe 0 0 0
0968 svchost.exe 0 0 0
0c58 svchost.exe 0 0 0
158c svchost.exe 0 0 0
08d0 svchost.exe 0 0 0
11d4 svchost.exe 0 0 0
0478 svchost.exe 0 0 0
0acc svchost.exe 0 0 0
0b0c svchost.exe 0 0 0
03cc svchost.exe 0 0 0
03a0 audiodg.exe 0 0 0
1494 svchost.exe 0 0 0
0fec csrss.exe 4 0 0
0794 winlogon.exe 4 0 0
1454 fontdrvhost.exe 4 0 0
0688 dwm.exe 4 0 0
0b18 prl_tools.exe 4 0 0
1d14 coherence.exe 4 0 0
03fc sihost.exe 4 0 9 normal C:\Windows\System32
0dec svchost.exe 4 0 1 normal C:\Windows\System32
1724 svchost.exe 4 0 1 normal C:\Windows\System32
210c svchost.exe 4 0 1 normal C:\Windows\System32
06a4 svchost.exe 4 0 4 normal C:\Windows\System32
136c taskhostw.exe 4 10 6 normal C:\Windows\System32
2124 explorer.exe 4 740 528 normal C:\Windows
0a60 SearchHost.exe 4 12 61 normal C:\Windows\SystemApps\
MicrosoftWindows.Client.CBS_cw5n1h2txyewy
1940 StartMenuExperienceHost.exe 4 0 17 normal C:\Windows\SystemApps\
Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy
02c4 RuntimeBroker.exe 4 0 4 normal C:\Windows\System32
0438 RuntimeBroker.exe 4 2 4 normal C:\Windows\System32
10bc svchost.exe 4 0 1 normal C:\Windows\System32
05c8 dllhost.exe 4 0 3 normal C:\Windows\System32
2064 ctfmon.exe 4 0 0
20c4 prl_cc.exe 4 15 52 normal C:\Program Files\Parallels\
Parallels Tools
0240 svchost.exe 4 0 1 normal C:\Windows\System32
1bfc SecurityHealthSystray.exe 4 7 5 normal C:\Windows\System32
1898 eguiProxy.exe 4 308 111 normal C:\Program Files\ESET\ESET
Security
2214 svchost.exe 4 0 13 normal C:\Windows\System32
12d8 ApplicationFrameHost.exe 4 36 17 normal C:\Windows\System32
1984 SystemSettings.exe 4 11 43 normal C:\Windows\ImmersiveControlPanel
1970 ShellExperienceHost.exe 4 0 25 normal C:\Windows\SystemApps\
ShellExperienceHost_cw5n1h2txyewy
1c68 svchost.exe 4 0 3 normal C:\Windows\System32
00e0 WidgetService.exe 4 0 4 normal C:\Program Files\WindowsApps\
MicrosoftWindows.Client.WebExperience_424.400.20.0_arm64__cw5n1h2txyewy\Dashboard
1ff8 eOppFrame.exe 4 8 10 normal C:\Program Files\ESET\ESET
Security
2230 smartscreen.exe 4 0 1 normal C:\Windows\System32
1c8c svchost.exe 0 0 0
1d54 Armada2.exe 4 62 42 normal C:\Program Files (x86)\Fleet Ops
Roots\Data

hardware:
+ {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
- Microsoft Print to PDF
- Root Print Queue
+ {36fc9e60-c465-11cf-8056-444553540000}
- Intel(R) 82801FB/FBM USB2 Enhanced Host Controller - 265C
- Renesas USB 3.10 eXtensible Host Controller - 1.10 (Microsoft)
- USB Composite Device
- USB Composite Device
- USB Root Hub
- USB Root Hub (USB 3.0)
+ {4d36e965-e325-11ce-bfc1-08002be10318}
- Virtual DVD-ROM
+ {4d36e966-e325-11ce-bfc1-08002be10318}
- ACPI ARM64-based PC
- Parallels International GmbH. Parallels ARM Virtual Machine
+ {4d36e967-e325-11ce-bfc1-08002be10318}
- harddisk SSD
+ {4d36e968-e325-11ce-bfc1-08002be10318}
- Parallels Display Adapter (WDDM) (driver 18.3.2.53621)
+ {4d36e96a-e325-11ce-bfc1-08002be10318}
- Standard SATA AHCI Controller
+ {4d36e96b-e325-11ce-bfc1-08002be10318}
- HID Keyboard Device
- HID Keyboard Device
+ {4d36e96c-e325-11ce-bfc1-08002be10318}
- High Definition Audio Device
+ {4d36e96e-e325-11ce-bfc1-08002be10318}
- Generic Monitor (Parallels Vu)
+ {4d36e96f-e325-11ce-bfc1-08002be10318}
- HID-compliant mouse
- Parallels USB Mouse Synchronization Device (driver 18.3.2.53621)
+ {4d36e972-e325-11ce-bfc1-08002be10318}
- Microsoft Kernel Debug Network Adapter
- Parallels VirtIO Ethernet Adapter (driver 18.3.2.53621)
- WAN Miniport (IKEv2)
- WAN Miniport (IP)
- WAN Miniport (IPv6)
- WAN Miniport (L2TP)
- WAN Miniport (Network Monitor)
- WAN Miniport (PPPOE)
- WAN Miniport (PPTP)
- WAN Miniport (SSTP)
+ {4d36e97b-e325-11ce-bfc1-08002be10318}
- Microsoft Storage Spaces Controller
+ {4d36e97d-e325-11ce-bfc1-08002be10318}
- ACPI Devices driver
- ACPI Power Button
- ACPI Wake Alarm
- Charge Arbitration Driver
- Composite Bus Enumerator
- High Definition Audio Controller
- Microsoft ACPI-Compliant System
- Microsoft Basic Display Driver
- Microsoft Basic Render Driver
- Microsoft Hyper-V Virtualization Infrastructure Driver
- Microsoft System Management BIOS Driver
- Microsoft Virtual Drive Enumerator
- NDIS Virtual Network Adapter Enumerator
- Parallels Memory Controller (driver 18.3.2.53621)
- Parallels Tool Device (driver 18.3.2.53621)
- PCI Express Root Complex
- Plug and Play Software Device Enumerator
- Remote Desktop Device Redirector Bus
- UMBus Root Bus Enumerator
- Volume Manager
+ {50127dc3-0f36-415e-a6cc-4cb3be910b65}
- Apple Silicon
- Apple Silicon
- Apple Silicon
- Apple Silicon
+ {5175d334-c371-4806-b3ba-71fd53c9258d}
- Parallels Location Provider (driver 18.3.2.53621)
+ {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
- Microsoft GS Wavetable Synth
- Microsoft Radio Device Enumeration Bus
- Microsoft RRAS Root Enumerator
+ {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
- Microsoft AC Adapter
- Microsoft ACPI-Compliant Control Method Battery
+ {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
- HID-compliant consumer control device
- HID-compliant digitizer
- USB Input Device
- USB Input Device
- USB Input Device
- USB Input Device
- USB Input Device
+ {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
- Speakers (High Definition Audio Device)
+ {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
- Trusted Platform Module 2.0

cpu registers:
eax = 20d38690
ebx = 2875a500
ecx = 420f22d1
edx = 00139450
esi = 0004e514
edi = 200b13ec
eip = 5a9d18d6
esp = 0019fa20
ebp = 0019fa98
stack dump:
0019fa20 c0 93 d6 28 00 00 00 00 - ea a2 73 28 90 7e e8 1f ...(......s(.~..
0019fa30 36 f0 57 77 00 00 00 00 - 00 00 00 00 00 00 00 00 6.Ww............
0019fa40 42 a3 73 28 e4 45 00 00 - 42 a3 73 28 98 fa 19 00 B.s(.E..B.s(....
0019fa50 14 e5 04 00 8c f0 74 28 - 00 00 00 00 a0 a5 75 28 ......t(......u(
0019fa60 00 00 00 00 00 00 00 00 - 00 00 00 00 02 00 00 00 ................
0019fa70 c0 93 d6 28 00 00 00 00 - 00 00 00 00 00 00 00 00 ...(............
0019fa80 a6 6f a5 6a a6 6f a5 6a - 02 00 00 00 00 00 00 00 .o.j.o.j........
0019fa90 f0 72 45 29 70 6f 26 24 - b4 fa 19 00 36 5b 43 00 .rE)po&$....6[C.
0019faa0 ea a2 73 28 44 0a 00 00 - c0 93 d6 28 90 7e e8 1f ..s(D......(.~..
0019fab0 ea a2 73 28 cc fa 19 00 - 37 23 43 00 30 28 a8 29 ..s(....7#C.0(.)
0019fac0 c0 93 d6 28 f8 de ff 0d - ec 13 0b 20 dc fa 19 00 ...(....... ....
0019fad0 10 eb 42 00 0b d7 a3 3b - 0b d7 a3 3b 10 fb 19 00 ..B....;...;....
0019fae0 61 19 40 00 0b d7 a3 3b - 03 00 00 00 0b d7 a3 3b a.@....;.......;
0019faf0 00 00 00 00 3b 58 2f 70 - 00 00 00 00 00 00 00 00 ....;X/p........
0019fb00 c0 93 d6 28 58 fb 19 00 - b8 94 69 00 ff ff ff ff ...(X.....i.....
0019fb10 1c fb 19 00 ec 0d 45 00 - 0b d7 a3 3b 28 fb 19 00 ......E....;(...
0019fb20 51 e8 44 00 0b d7 a3 3b - 64 fb 19 00 79 35 48 00 Q.D....;d...y5H.
0019fb30 0b d7 a3 3b 30 ee ba 0d - d2 6c 74 62 e9 03 00 00 ...;0....ltb....
0019fb40 00 00 00 00 01 00 00 00 - ba c0 69 00 ff ff ff ff ..........i.....
0019fb50 60 fb 19 00 0b d7 a3 3b - 88 fd 19 00 88 c0 69 00 `......;......i.

disassembling:
[...]
5a9d189a add esp, -4
5a9d189d fstp dword ptr [esp]
5a9d18a0 wait
5a9d18a1 mov eax, [$5aa125e4]
5a9d18a6 mov eax, [eax]
5a9d18a8 call eax
5a9d18a8
5a9d18aa pop ecx
5a9d18ab mov edx, [edi+$e0]
5a9d18b1 mov edx, [edx+$d4]
5a9d18b7 imul dword ptr [edx+8]
5a9d18ba add esi, eax
5a9d18bc mov [ebp-$48], esi
5a9d18bf 3257 mov eax, [edi+$e0]
5a9d18c5 mov eax, [eax+$d4]
5a9d18cb mov eax, [eax]
5a9d18cd mov edx, [ebp-$48]
5a9d18d0 add edx, edx
5a9d18d2 add edx, edx
5a9d18d4 add eax, edx
5a9d18d6 > mov eax, [eax]
5a9d18d8 mov [ebp-$1c], eax
5a9d18db 3258 fld dword ptr [ebp-$1c]
5a9d18de fcomp dword ptr [$5a9d1c3c]
5a9d18e4 wait
5a9d18e5 fnstsw ax
5a9d18e7 sahf
5a9d18e8 jbe loc_5a9d18fc
5a9d18e8
5a9d18ea 3260 fld dword ptr [ebp-$1c]
5a9d18ed mov eax, [$5aa1198c]
5a9d18f2 mov eax, [eax]
5a9d18f4 fmul dword ptr [eax]
5a9d18f6 fmul st, st
5a9d18f8 fstp dword ptr [ebp-$1c]
5a9d18fb wait
5a9d18f8
5a9d18fc loc_5a9d18fc:
5a9d18fc 3263 xor eax, eax
5a9d18fe mov [ebp-$4c], eax
5a9d1901 3265 mov eax, [$5aa13054]
[...]

date/time : 2024-02-10, 22:29:08, 768ms

operating system : Windows 8 Tablet PC x64 build 9200
system language : English
system up time : 6 days 2 hours
program up time : 2 minutes 35 seconds
processors : 4x Apple Silicon
physical memory : 5283/8187 MB (free/total)
free disk space : (C:) 82.67 GB
display mode : 3456x2160, 32 bit
process id : $40c
allocated memory : 314.93 MB
executable : Armada2.exe
current module : FleetOpsHook.dll
module date/time : 2024-02-09 12:15
version : 4.0.0.Jan
callstack crc : $00000000, $1fdc455e, $884bf0b8
exception number : 1
exception class : EAccessViolation
exception message : Access violation at address 00000000. Read of address 00000000.

main thread ($2664):

00000000 +000 ???
5a9cf07d +155 FleetOpsHook.dll FleetOpsFunctionsHook 1529 +56
DisplayInterface_SimulateAll_Callback
5a9d623f +00b FleetOpsHook.dll ProgramEnhancement 81 +2
Program__DisplayInputProcess_Callback
5a9d1f8d +029 FleetOpsHook.dll FleetOpsFunctionsHook 3639 +3
DebugException_Execute_New
5a9d23ed +26d FleetOpsHook.dll FleetOpsFunctionsHook 3760 +76 A2_WinMain
75077ba7 +017 KERNEL32.DLL BaseThreadInitThunk

thread $272c:
775a852a +0a ntdll.dll NtWaitForWorkViaWorkerFactory
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $308:
775a6a3a +0a ntdll.dll NtDelayExecution
775c06c4 +e4 ntdll.dll RtlDelayExecution
74c2d189 +49 KERNELBASE.dll SleepEx
74c2d12a +0a KERNELBASE.dll Sleep
5a9f0978 +e8 FleetOpsHook.dll ST3D_TextureEnhancement 533 +29
TST3D_TextureLoadingThread.Execute
5a887a2c +34 FleetOpsHook.dll Classes ThreadProc
5a80562c +28 FleetOpsHook.dll System 494 +0 ThreadWrapper
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $624:
775a852a +0a ntdll.dll NtWaitForWorkViaWorkerFactory
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk
thread $160c:
73c410da +0a win32u.dll NtUserGetMessage
7416fffa +2a USER32.dll GetMessageW
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $23d4: <priority:13>

775a671a +0a ntdll.dll NtWaitForSingleObject
74c51c12 +82 KERNELBASE.dll WaitForSingleObjectEx
74c51b7d +0d KERNELBASE.dll WaitForSingleObject
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $64c: <priority:2>

775a671a +0a ntdll.dll NtWaitForSingleObject
74c51c12 +82 KERNELBASE.dll WaitForSingleObjectEx
74c51b7d +0d KERNELBASE.dll WaitForSingleObject
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $1abc: <priority:2>

775a6a3a +0a ntdll.dll NtDelayExecution
775c06c4 +e4 ntdll.dll RtlDelayExecution
74c2d189 +49 KERNELBASE.dll SleepEx
74c2d12a +0a KERNELBASE.dll Sleep
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $5dc: <priority:1>

775a6a3a +0a ntdll.dll NtDelayExecution
775c06c4 +e4 ntdll.dll RtlDelayExecution
74c2d189 +49 KERNELBASE.dll SleepEx
74c2d12a +0a KERNELBASE.dll Sleep
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $165c: <priority:15>

thread $a24: <priority:15>

775a6a3a +0a ntdll.dll NtDelayExecution
775c06c4 +e4 ntdll.dll RtlDelayExecution
74c2d189 +49 KERNELBASE.dll SleepEx
74c2d12a +0a KERNELBASE.dll Sleep
75077ba7 +17 KERNEL32.DLL BaseThreadInitThunk

modules:
00400000 Armada2.exe 43.0.0.0
C:\Program Files (x86)\Fleet Ops Roots\data
08fb0000 D3DX81ab.dll 8.1.0.0
C:\Program Files (x86)\Fleet Ops Roots\data
0bbf0000 Tunngle.dll 1.0.6.0
C:\Program Files (x86)\Fleet Ops Roots\data
10000000 NetworkManager.dll
C:\Program Files (x86)\Fleet Ops Roots\data
18000000 binkw32.dll 1.9.18.0
C:\Program Files (x86)\Fleet Ops Roots\data
4a800000 Win2kDisableTaskSwitch.dll 4.0.0.0
C:\Program Files (x86)\Fleet Ops Roots\data
5a800000 FleetOpsHook.dll 4.0.0.0
C:\Program Files (x86)\Fleet Ops Roots
70390000 Windows.Internal.Graphics.Display.DisplayColorManagement.dll
6.2.22621.2792 C:\Windows\System32
703d0000 mscms.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70470000 rasadhlp.dll 6.2.22621.1
C:\Windows\System32
70480000 DNSAPI.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70540000 netutils.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70550000 srvcli.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70570000 urlmon.dll
11.0.22621.2792 C:\Windows\SYSTEM32
70720000 WINHTTP.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70800000 dhcpcsvc.DLL
6.2.22621.2506 C:\Windows\SYSTEM32
70820000 WINNSI.DLL 6.2.22621.1
C:\Windows\SYSTEM32
70830000 dhcpcsvc6.DLL
6.2.22621.2506 C:\Windows\SYSTEM32
70850000 IPHLPAPI.DLL 6.2.22621.1
C:\Windows\SYSTEM32
70880000 mswsock.dll
6.2.22621.2506 C:\Windows\system32
708e0000 ondemandconnroutehelper.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70900000 iertutil.dll
11.0.22621.3007 C:\Windows\SYSTEM32
70b40000 TextShaping.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70be0000 resourcepolicyclient.dll 6.2.22621.1
C:\Windows\SYSTEM32
70bf0000 midimap.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70c00000 msacm32.drv
6.2.22621.2506 C:\Windows\SYSTEM32
70c10000 AUDIOSES.DLL
6.2.22621.2506 C:\Windows\SYSTEM32
70da0000 AVRT.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70db0000 ksuser.dll
6.2.22621.2506 C:\Windows\SYSTEM32
70dc0000 wdmaud.drv
6.2.22621.2506 C:\Windows\SYSTEM32
70e00000 DEVOBJ.dll
6.2.22621.2506 C:\Windows\System32
70e30000 MMDevApi.dll
6.2.22621.2506 C:\Windows\System32
70eb0000 CRYPTBASE.DLL 6.2.22621.1
C:\Windows\SYSTEM32
70ec0000 CoreUIComponents.dll
6.2.22621.2506 C:\Windows\SYSTEM32
71160000 CoreMessaging.dll
6.2.22621.3007 C:\Windows\SYSTEM32
71230000 textinputframework.dll
6.2.22621.2792 C:\Windows\SYSTEM32
71330000 prl_umdd.dll
20.18.1832.53621 C:\Windows\SYSTEM32
71380000 comctl32.DLL
6.10.22621.2506 C:\Windows\WinSxS\x86_microsoft.windows.common-
controls_6595b64144ccf1df_6.0.22621.2506_none_6eb991c088050a06
715b0000 ntmarta.dll
6.2.22621.2506 C:\Windows\SYSTEM32
715e0000 SspiCli.dll
6.2.22621.3007 C:\Windows\SYSTEM32
71610000 CFGMGR32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
71650000 profapi.dll
6.2.22621.2506 C:\Windows\SYSTEM32
71670000 propsys.dll
7.0.22621.2506 C:\Windows\system32
71740000 kernel.appcore.dll
6.2.22621.2715 C:\Windows\SYSTEM32
71760000 wintypes.dll
6.2.22621.2792 C:\Windows\SYSTEM32
71830000 windows.storage.dll
6.2.22621.2792 C:\Windows\SYSTEM32
71f20000 uxtheme.dll
6.2.22621.3007 C:\Windows\system32
71fa0000 FaultRep.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72010000 d3dx9_43.dll 9.29.952.3111
C:\Program Files (x86)\Fleet Ops Roots\data
72210000 fmodex.dll 0.4.38.6
C:\Program Files (x86)\Fleet Ops Roots\data
72360000 d3d9.dll
6.2.22621.2506 C:\Windows\SYSTEM32
724e0000 version.dll 6.2.22621.1
C:\Windows\SYSTEM32
724f0000 wininet.dll
11.0.22621.2506 C:\Windows\SYSTEM32
72980000 wsock32.dll 6.2.22621.1
C:\Windows\SYSTEM32
72990000 UMPDC.dll
6.2.22621.2506 C:\Windows\SYSTEM32
729a0000 dxcore.dll
6.2.22621.2506 C:\Windows\SYSTEM32
729d0000 msdmo.dll 6.2.22621.1
C:\Windows\SYSTEM32
729e0000 dwmapi.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72a10000 d3d8thk.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72a20000 winmmbase.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72a40000 ResampleDmo.DLL
6.2.22621.2506 C:\Windows\SYSTEM32
72ae0000 powrprof.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72b30000 MSACM32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72b50000 MSVFW32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72b80000 d3d8.dll 6.2.22621.1
C:\Windows\SYSTEM32
72c40000 MSVCP60.dll 7.0.22621.1
C:\Windows\SYSTEM32
72cc0000 AVIFIL32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72ce0000 WINMM.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72d20000 DSOUND.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72da0000 COMCTL32.dll
5.82.22621.2506 C:\Windows\WinSxS\x86_microsoft.windows.common-
controls_6595b64144ccf1df_5.82.22621.2506_none_fbe8e1f07808be9b
72e40000 apphelp.dll
6.2.22621.2506 C:\Windows\SYSTEM32
73060000 combase.dll
6.2.22621.2792 C:\Windows\System32
733b0000 msvcrt.dll
7.0.22621.2506 C:\Windows\System32
73480000 IMM32.dll
6.2.22621.2792 C:\Windows\System32
734b0000 sechost.dll
6.2.22621.3007 C:\Windows\System32
73540000 MSCTF.dll
6.2.22621.2792 C:\Windows\System32
73a80000 ADVAPI32.dll
6.2.22621.3007 C:\Windows\System32
73b00000 comdlg32.dll
6.2.22621.2506 C:\Windows\System32
73bc0000 msvcp_win.dll
6.2.22621.2506 C:\Windows\System32
73c40000 win32u.dll
6.2.22621.2506 C:\Windows\System32
73c60000 ucrtbase.dll
6.2.22621.2506 C:\Windows\System32
73d80000 OLEAUT32.dll
6.2.22621.2506 C:\Windows\System32
73e20000 gdi32full.dll
6.2.22621.2861 C:\Windows\System32
73f10000 RPCRT4.dll
6.2.22621.2792 C:\Windows\System32
73fd0000 shcore.dll
6.2.22621.2715 C:\Windows\System32
740a0000 GDI32.dll
6.2.22621.2792 C:\Windows\System32
74140000 USER32.dll
6.2.22621.2792 C:\Windows\System32
742f0000 SHELL32.dll
6.2.22621.3007 C:\Windows\System32
74b10000 KERNELBASE.dll
6.2.22621.2861 C:\Windows\System32
74d90000 ole32.dll
6.2.22621.2506 C:\Windows\System32
74ee0000 IMAGEHLP.dll
6.2.22621.2506 C:\Windows\System32
74fa0000 SHLWAPI.dll
6.2.22621.2506 C:\Windows\System32
74ff0000 WS2_32.dll 6.2.22621.1
C:\Windows\System32
75050000 NSI.dll 6.2.22621.1
C:\Windows\System32
75060000 KERNEL32.DLL
6.2.22621.2506 C:\Windows\System32
75150000 bcryptPrimitives.dll
6.2.22621.2506 C:\Windows\System32
751c0000 bcrypt.dll
6.2.22621.2506 C:\Windows\System32
751e0000 clbcatq.dll
2001.12.10941.16384 C:\Windows\System32
77530000 ntdll.dll
6.2.22621.2506 C:\Windows\SYSTEM32

processes:
0000 Idle 0 0 0
0004 System 0 0 0
0074 Registry 0 0 0
01c0 smss.exe 0 0 0
024c csrss.exe 0 0 0
02a0 wininit.exe 0 0 0
0334 services.exe 0 0 0
034c lsass.exe 0 0 0
03d4 svchost.exe 0 0 0
03e8 WUDFHost.exe 0 0 0
017c fontdrvhost.exe 0 0 0
0364 svchost.exe 0 0 0
0440 svchost.exe 0 0 0
0490 svchost.exe 0 0 0
04b8 svchost.exe 0 0 0
0524 svchost.exe 0 0 0
052c svchost.exe 0 0 0
0584 svchost.exe 0 0 0
05a0 svchost.exe 0 0 0
05d0 svchost.exe 0 0 0
05ec svchost.exe 0 0 0
0640 svchost.exe 0 0 0
066c svchost.exe 0 0 0
06b4 svchost.exe 0 0 0
06bc svchost.exe 0 0 0
075c efwd.exe 0 0 0
07d4 ekrn.exe 0 0 0
035c svchost.exe 0 0 0
0514 svchost.exe 0 0 0
0894 svchost.exe 0 0 0
08c4 svchost.exe 0 0 0
08dc XtaCache.exe 0 0 0
0918 svchost.exe 0 0 0
0920 svchost.exe 0 0 0
0928 svchost.exe 0 0 0
095c svchost.exe 0 0 0
09c8 Memory Compression 0 0 0
09d8 svchost.exe 0 0 0
0a40 svchost.exe 0 0 0
0a4c svchost.exe 0 0 0
0a94 svchost.exe 0 0 0
0ac4 svchost.exe 0 0 0
0ae4 svchost.exe 0 0 0
0b1c svchost.exe 0 0 0
0b4c spoolsv.exe 0 0 0
0b6c svchost.exe 0 0 0
0b94 svchost.exe 0 0 0
0bb0 svchost.exe 0 0 0
0c8c svchost.exe 0 0 0
0c9c svchost.exe 0 0 0
0ce4 svchost.exe 0 0 0
0cf0 prl_tools_service.exe 0 0 0
0d00 svchost.exe 0 0 0
0d0c coherence.exe 0 0 0
0d1c svchost.exe 0 0 0
0d28 MsMpEng.exe 0 0 0
0ef4 svchost.exe 0 0 0
0910 svchost.exe 0 0 0
1038 svchost.exe 0 0 0
122c svchost.exe 0 0 0
0e34 svchost.exe 0 0 0
1418 svchost.exe 0 0 0
15a0 svchost.exe 0 0 0
1710 svchost.exe 0 0 0
0e7c svchost.exe 0 0 0
17fc svchost.exe 0 0 0
1bc8 SearchIndexer.exe 0 0 0
05d8 SecurityHealthService.exe 0 0 0
0968 svchost.exe 0 0 0
158c svchost.exe 0 0 0
08d0 svchost.exe 0 0 0
11d4 svchost.exe 0 0 0
0478 svchost.exe 0 0 0
0acc svchost.exe 0 0 0
0b0c svchost.exe 0 0 0
03cc svchost.exe 0 0 0
03a0 audiodg.exe 0 0 0
1494 svchost.exe 0 0 0
0390 svchost.exe 0 0 0
046c svchost.exe 0 0 0
04ac csrss.exe 7 0 0
1844 winlogon.exe 7 0 0
1d10 fontdrvhost.exe 7 0 0
1368 dwm.exe 7 0 0
061c prl_tools.exe 7 0 0
11ec coherence.exe 7 0 0
1b98 sihost.exe 7 0 9 normal C:\Windows\System32
2224 svchost.exe 7 0 1 normal C:\Windows\System32
2320 svchost.exe 7 0 1 normal C:\Windows\System32
129c svchost.exe 7 0 1 normal C:\Windows\System32
06f0 svchost.exe 7 0 6 normal C:\Windows\System32
21fc taskhostw.exe 7 10 6 normal C:\Windows\System32
0108 explorer.exe 7 580 518 normal C:\Windows
155c SearchHost.exe 7 16 79 normal C:\Windows\SystemApps\
MicrosoftWindows.Client.CBS_cw5n1h2txyewy
0aa4 StartMenuExperienceHost.exe 7 1 15 normal C:\Windows\SystemApps\
Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy
18c4 RuntimeBroker.exe 7 2 8 normal C:\Windows\System32
16e8 RuntimeBroker.exe 7 4 4 normal C:\Windows\System32
2290 svchost.exe 7 0 1 normal C:\Windows\System32
0750 dllhost.exe 7 0 3 normal C:\Windows\System32
07a0 ctfmon.exe 7 0 0
1de0 prl_cc.exe 7 15 51 normal C:\Program Files\Parallels\
Parallels Tools
15bc svchost.exe 7 0 1 normal C:\Windows\System32
0bc0 SecurityHealthSystray.exe 7 7 5 normal C:\Windows\System32
04a8 eguiProxy.exe 7 308 111 normal C:\Program Files\ESET\ESET
Security
21e8 svchost.exe 7 0 12 normal C:\Windows\System32
0690 ApplicationFrameHost.exe 7 20 17 normal C:\Windows\System32
0438 eOppFrame.exe 7 8 10 normal C:\Program Files\ESET\ESET
Security
170c svchost.exe 7 0 3 normal C:\Windows\System32
1a8c ShellExperienceHost.exe 7 6 38 normal C:\Windows\SystemApps\
ShellExperienceHost_cw5n1h2txyewy
0558 RuntimeBroker.exe 7 0 5 normal C:\Windows\System32
16dc SystemSettingsBroker.exe 7 0 2 normal C:\Windows\System32
208c dllhost.exe 7 0 3 normal C:\Windows\System32
18f0 WidgetService.exe 7 0 4 normal C:\Program Files\WindowsApps\
MicrosoftWindows.Client.WebExperience_424.400.20.0_arm64__cw5n1h2txyewy\Dashboard
26ec dllhost.exe 7 0 0
2390 dllhost.exe 7 0 4 normal C:\Windows\System32
0398 Taskmgr.exe 7 0 0
1484 SystemSettings.exe 7 11 42 normal C:\Windows\ImmersiveControlPanel
05e8 svchost.exe 0 0 0
0518 svchost.exe 0 0 0
2370 smartscreen.exe 7 0 1 normal C:\Windows\System32
040c Armada2.exe 7 67 46 normal C:\Program Files (x86)\Fleet Ops
Roots\Data

cpu registers:
eax = 006af2fc
ebx = 3dcccccd
ecx = 00735c48
edx = 1f0ae3d8
esi = 00735c48
edi = 08fa2630
eip = 00000000
esp = 0019fa8c
ebp = 0019fab0

stack dump:
0019fa8c c6 1d 45 00 48 5c 73 00 - 54 9e 51 00 cd cc cc 3d ..E.H\s.T.Q....=
0019fa9c 30 26 fa 08 e0 ef 25 21 - cd cc cc 3d 00 00 00 00 0&....%!...=....
0019faac a8 ca 0a 46 e8 fa 19 00 - 40 ab 51 00 cd cc cc 3d [email protected]....=
0019fabc 03 00 00 00 01 00 00 00 - 00 00 48 c5 49 b1 3e c5 ..........H.I.>.
0019facc 01 99 8d 44 b0 fa 19 00 - 1c f9 7e bf 44 fb 19 00 ...D......~.D...
0019fadc 44 fb 19 00 96 10 6a 00 - ff ff ff ff fc fa 19 00 D.....j.........
0019faec 83 f0 9c 5a 00 00 00 00 - cd cc cc 3d cd cc cc 3d ...Z.......=...=
0019fafc 50 fb 19 00 0f 38 48 00 - 00 00 00 00 cd cc cc 3d P....8H........=
0019fb0c 64 00 00 00 e8 7e b4 0b - 00 00 00 00 d4 04 11 00 d....~..........
0019fb1c 13 01 00 00 01 00 00 00 - 00 00 00 00 ec 1f 7b 1f ..............{.
0019fb2c fc 05 00 00 75 04 00 00 - ae f6 70 8b a1 08 00 00 ....u.....p.....
0019fb3c 00 00 00 00 01 00 00 00 - 88 fd 19 00 ba c0 69 00 ..............i.
0019fb4c ff ff ff ff 60 fb 19 00 - 45 62 9d 5a cd cc cc 3d ....`...Eb.Z...=
0019fb5c 01 00 00 00 94 fd 19 00 - 5d 9b 55 00 64 00 00 00 ........].U.d...
0019fb6c 7c fb 19 00 03 00 00 00 - 30 7b 73 00 00 00 00 00 |.......0{s.....
0019fb7c 00 00 00 00 00 00 00 00 - 00 00 19 00 09 81 3f 73 ..............?s
0019fb8c 00 00 fa 08 00 00 00 00 - a0 16 31 21 39 c7 3f 2c ..........1!9.?,
0019fb9c a0 16 31 21 00 00 00 00 - 48 fd 19 00 fe ff ff ff ..1!....H.......
0019fbac b8 fb 19 00 b8 3c 9e 5a - 30 07 c6 20 98 fb 19 00 .....<.Z0.. ....
0019fbbc e2 a5 54 00 20 fd 19 00 - 70 e1 40 73 29 e4 63 5f ..T. ...p.@s).c_

disassembling:
[...]
5a9cf047 mov eax, [eax]
5a9cf049 call eax
5a9cf049
5a9cf04b loc_5a9cf04b:
5a9cf04b 1518 cmp byte ptr [$5aa0fff0], 0
5a9cf052 jz loc_5a9cf076
5a9cf052
5a9cf054 1522 mov ecx, [$5aa10f54]
5a9cf05a 1523 push 1
5a9cf05c mov eax, [$5aa11cf4]
5a9cf061 mov eax, [eax]
5a9cf063 call eax
5a9cf063
5a9cf065 1525 mov dword ptr [$5aa0fff4], $f
5a9cf06f 1526 mov byte ptr [$5aa0fff0], 0
5a9cf065 1525
5a9cf076 loc_5a9cf076:
5a9cf076 1529 push dword ptr [ebp+$c]
5a9cf079 mov eax, [ebp+8]
5a9cf07c push eax
5a9cf07d > call dword ptr [$5aa469cc]
5a9cf07d
5a9cf083 add esp, 8
5a9cf086 1531 cmp dword ptr [$5aa0fff4], 0
5a9cf08d jz loc_5a9cf095
5a9cf08d
5a9cf08f 1533 dec dword ptr [$5aa0fff4]
5a9cf08d 1531
5a9cf095 loc_5a9cf095:
5a9cf095 1553 pop ebx
5a9cf096 pop ebp
5a9cf097 ret

date/time : 2024-05-21, 23:28:57, 547ms

operating system : Windows 8 Tablet PC x64 build 9200
system language : English
system up time : 20 days 16 hours
program up time : 1 minute 32 seconds
processors : 4x Apple Silicon
physical memory : 4979/8187 MB (free/total)
free disk space : (C:) 106.58 GB
display mode : 3456x2160, 32 bit
process id : $7a0
allocated memory : 632.99 MB
executable : ArmadaL.exe
current module : FleetOpsHook.dll
module date/time : 2024-05-19 15:16
version : 4.0.0.Jan
callstack crc : $e20ebdf8, $fc5d6a4a, $7fba2b65
count : 2
exception number : 1
exception class : EFCreateError
exception message : Cannot create file "C:\Users\ghostofnight\Pictures\Fleet Ops:
Roots Screenshots\FOScreenShot_240521_232857.png". The filename, directory name, or
volume label syntax is incorrect.

main thread ($3c4):

5a883d89 +0b9 FleetOpsHook.dll Classes TFileStream.Create
5a883cac +020 FleetOpsHook.dll Classes TFileStream.Create
5a890dc5 +015 FleetOpsHook.dll Graphics TGraphic.SaveToFile
5a9cfd38 +33c FleetOpsHook.dll FleetOpsFunctionsHook 2100 +102 shotfclose
5a9cfe67 +023 FleetOpsHook.dll FleetOpsFunctionsHook 2119 +6
DisplayInterface_SimulateAll_ST3D_Texture_WriteBMP_Callback
5a9cf07d +155 FleetOpsHook.dll FleetOpsFunctionsHook 1529 +56
DisplayInterface_SimulateAll_Callback
5a9d623f +00b FleetOpsHook.dll ProgramEnhancement 81 +2
Program__DisplayInputProcess_Callback
5a9d1f8d +029 FleetOpsHook.dll FleetOpsFunctionsHook 3639 +3
DebugException_Execute_New
5a9d23ed +26d FleetOpsHook.dll FleetOpsFunctionsHook 3760 +76 A2_WinMain
73c77ba7 +017 KERNEL32.DLL BaseThreadInitThunk

thread $864:
776e864a +0a ntdll.dll NtWaitForWorkViaWorkerFactory
73c77ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $27e4:
776e6b5a +0a ntdll.dll NtDelayExecution
777007d4 +e4 ntdll.dll RtlDelayExecution
733dd5b9 +49 KERNELBASE.dll SleepEx
733dd55a +0a KERNELBASE.dll Sleep
5a9f0978 +e8 FleetOpsHook.dll ST3D_TextureEnhancement 533 +29
TST3D_TextureLoadingThread.Execute
5a887a2c +34 FleetOpsHook.dll Classes ThreadProc
5a80562c +28 FleetOpsHook.dll System 494 +0 ThreadWrapper
73c77ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $f18:
776e864a +0a ntdll.dll NtWaitForWorkViaWorkerFactory
73c77ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $89c: <priority:13>

776e683a +0a ntdll.dll NtWaitForSingleObject
73402072 +82 KERNELBASE.dll WaitForSingleObjectEx
73401fdd +0d KERNELBASE.dll WaitForSingleObject
73c77ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $16cc: <priority:2>

776e683a +0a ntdll.dll NtWaitForSingleObject
73402072 +82 KERNELBASE.dll WaitForSingleObjectEx
73401fdd +0d KERNELBASE.dll WaitForSingleObject
73c77ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $2234: <priority:2>

776e6b5a +0a ntdll.dll NtDelayExecution
777007d4 +e4 ntdll.dll RtlDelayExecution
733dd5b9 +49 KERNELBASE.dll SleepEx
733dd55a +0a KERNELBASE.dll Sleep
73c77ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $d30: <priority:1>

776e6b5a +0a ntdll.dll NtDelayExecution
777007d4 +e4 ntdll.dll RtlDelayExecution
733dd5b9 +49 KERNELBASE.dll SleepEx
733dd55a +0a KERNELBASE.dll Sleep
73c77ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $2858:
776e864a +0a ntdll.dll NtWaitForWorkViaWorkerFactory
73c77ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $2418:
776e864a +0a ntdll.dll NtWaitForWorkViaWorkerFactory
73c77ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $1104: <priority:15>

776e6dca +00a ntdll.dll NtWaitForMultipleObjects
73404009 +189 KERNELBASE.dll WaitForMultipleObjectsEx
73403e63 +013 KERNELBASE.dll WaitForMultipleObjects
73c77ba7 +017 KERNEL32.DLL BaseThreadInitThunk

thread $2868: <priority:15>

776e6b5a +0a ntdll.dll NtDelayExecution
777007d4 +e4 ntdll.dll RtlDelayExecution
733dd5b9 +49 KERNELBASE.dll SleepEx
733dd55a +0a KERNELBASE.dll Sleep
73c77ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $2498:
750f5cba +0a win32u.dll NtUserMsgWaitForMultipleObjectsEx
75132e3c +4c USER32.dll MsgWaitForMultipleObjectsEx
73c77ba7 +17 KERNEL32.DLL BaseThreadInitThunk

modules:
00400000 ArmadaL.exe 43.0.0.0
C:\Program Files (x86)\Fleet Ops Roots\data
08f40000 D3DX81ab.dll 8.1.0.0
C:\Program Files (x86)\Fleet Ops Roots\data
0bd00000 Tunngle.dll 1.0.6.0
C:\Program Files (x86)\Fleet Ops Roots\data
10000000 NetworkManager.dll
C:\Program Files (x86)\Fleet Ops Roots\data
18000000 binkw32.dll 1.9.18.0
C:\Program Files (x86)\Fleet Ops Roots\data
4a800000 Win2kDisableTaskSwitch.dll 4.0.0.0
C:\Program Files (x86)\Fleet Ops Roots\data
5a800000 FleetOpsHook.dll 4.0.0.0
C:\Program Files (x86)\Fleet Ops Roots
6f2a0000 mmm_loader.dll 1.0.5.0
C:\Program Files (x86)\Fleet Ops Roots\data\missions
6f480000 Windows.Internal.Graphics.Display.DisplayColorManagement.dll
6.2.22621.3527 C:\Windows\System32
6f4c0000 mscms.dll
6.2.22621.3527 C:\Windows\SYSTEM32
6f560000 rasadhlp.dll 6.2.22621.1
C:\Windows\System32
6f570000 DNSAPI.dll
6.2.22621.3527 C:\Windows\SYSTEM32
6f630000 srvcli.dll
6.2.22621.3374 C:\Windows\SYSTEM32
6f650000 urlmon.dll
11.0.22621.3527 C:\Windows\SYSTEM32
6f800000 WINHTTP.dll
6.2.22621.3527 C:\Windows\SYSTEM32
6f8e0000 dhcpcsvc.DLL
6.2.22621.2506 C:\Windows\SYSTEM32
6f900000 dhcpcsvc6.DLL
6.2.22621.2506 C:\Windows\SYSTEM32
6f920000 WINNSI.DLL 6.2.22621.1
C:\Windows\SYSTEM32
6f930000 IPHLPAPI.DLL 6.2.22621.1
C:\Windows\SYSTEM32
6f960000 mswsock.dll
6.2.22621.2506 C:\Windows\system32
6f9c0000 ondemandconnroutehelper.dll
6.2.22621.3527 C:\Windows\SYSTEM32
6f9e0000 iertutil.dll
11.0.22621.3527 C:\Windows\SYSTEM32
6fc20000 TextShaping.dll
6.2.22621.3527 C:\Windows\SYSTEM32
6fcc0000 resourcepolicyclient.dll
6.2.22621.3527 C:\Windows\SYSTEM32
6fcd0000 midimap.dll
6.2.22621.2506 C:\Windows\SYSTEM32
6fce0000 msacm32.drv
6.2.22621.2506 C:\Windows\SYSTEM32
6fcf0000 AUDIOSES.DLL
6.2.22621.3527 C:\Windows\SYSTEM32
6fe80000 ksuser.dll
6.2.22621.2506 C:\Windows\SYSTEM32
6fe90000 AVRT.dll
6.2.22621.2506 C:\Windows\SYSTEM32
6fea0000 wdmaud.drv
6.2.22621.3527 C:\Windows\SYSTEM32
6fee0000 DEVOBJ.dll
6.2.22621.2506 C:\Windows\System32
6ff10000 MMDevApi.dll
6.2.22621.3527 C:\Windows\System32
6ff90000 CoreUIComponents.dll
6.2.22621.3527 C:\Windows\SYSTEM32
70230000 CoreMessaging.dll
6.2.22621.3527 C:\Windows\SYSTEM32
70300000 textinputframework.dll
6.2.22621.3527 C:\Windows\SYSTEM32
70400000 prl_umdd.dll
20.18.1832.53621 C:\Windows\SYSTEM32
70450000 comctl32.DLL
6.10.22621.3527 C:\Windows\WinSxS\x86_microsoft.windows.common-
controls_6595b64144ccf1df_6.0.22621.3527_none_6ebb7d728803537c
70680000 ntmarta.dll
6.2.22621.2506 C:\Windows\SYSTEM32
706b0000 CFGMGR32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
706f0000 propsys.dll
7.0.22621.3527 C:\Windows\system32
707c0000 windows.storage.dll
6.2.22621.3527 C:\Windows\SYSTEM32
70eb0000 uxtheme.dll
6.2.22621.3527 C:\Windows\system32
70f30000 FaultRep.dll
6.2.22621.3527 C:\Windows\SYSTEM32
70fa0000 d3d9.dll
6.2.22621.3527 C:\Windows\SYSTEM32
71120000 d3dx9_43.dll 9.29.952.3111
C:\Program Files (x86)\Fleet Ops Roots\data
71320000 fmodex.dll 0.4.38.6
C:\Program Files (x86)\Fleet Ops Roots\data
71470000 wsock32.dll 6.2.22621.1
C:\Windows\SYSTEM32
71480000 wininet.dll
11.0.22621.2506 C:\Windows\SYSTEM32
71910000 UMPDC.dll
6.2.22621.2506 C:\Windows\SYSTEM32
71920000 dxcore.dll
6.2.22621.3527 C:\Windows\SYSTEM32
71950000 dwmapi.dll
6.2.22621.3527 C:\Windows\SYSTEM32
71980000 d3d8thk.dll
6.2.22621.2506 C:\Windows\SYSTEM32
71990000 msdmo.dll 6.2.22621.1
C:\Windows\SYSTEM32
719a0000 MSACM32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
719c0000 d3d8.dll 6.2.22621.1
C:\Windows\SYSTEM32
71a80000 MSVFW32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
71ab0000 winmmbase.dll
6.2.22621.2506 C:\Windows\SYSTEM32
71ad0000 ResampleDmo.DLL
6.2.22621.2506 C:\Windows\SYSTEM32
71b70000 powrprof.dll
6.2.22621.3374 C:\Windows\SYSTEM32
71bc0000 MSVCP60.dll 7.0.22621.1
C:\Windows\SYSTEM32
71c40000 DSOUND.dll
6.2.22621.3527 C:\Windows\SYSTEM32
71cc0000 WINMM.dll
6.2.22621.3527 C:\Windows\SYSTEM32
71d00000 AVIFIL32.dll
6.2.22621.2506 C:\Windows\SYSTEM32
71d20000 COMCTL32.dll
5.82.22621.3527 C:\Windows\WinSxS\x86_microsoft.windows.common-
controls_6595b64144ccf1df_5.82.22621.3527_none_fbe8b6227808ef55
71dd0000 CRYPTBASE.DLL 6.2.22621.1
C:\Windows\SYSTEM32
71de0000 apphelp.dll
6.2.22621.3527 C:\Windows\SYSTEM32
71e90000 SspiCli.dll
6.2.22621.3527 C:\Windows\SYSTEM32
71fa0000 kernel.appcore.dll
6.2.22621.2715 C:\Windows\SYSTEM32
71fc0000 profapi.dll
6.2.22621.3527 C:\Windows\SYSTEM32
72120000 netutils.dll
6.2.22621.2506 C:\Windows\SYSTEM32
72140000 version.dll 6.2.22621.1
C:\Windows\SYSTEM32
72390000 wintypes.dll
6.2.22621.3527 C:\Windows\SYSTEM32
73190000 IMM32.dll
6.2.22621.3374 C:\Windows\System32
731c0000 GDI32.dll
6.2.22621.3085 C:\Windows\System32
731f0000 shcore.dll
6.2.22621.3527 C:\Windows\System32
732c0000 KERNELBASE.dll
6.2.22621.3527 C:\Windows\System32
73540000 msvcp_win.dll
6.2.22621.3374 C:\Windows\System32
735c0000 bcrypt.dll
6.2.22621.2506 C:\Windows\System32
736c0000 gdi32full.dll
6.2.22621.3527 C:\Windows\System32
737b0000 RPCRT4.dll
6.2.22621.3447 C:\Windows\System32
73870000 ADVAPI32.dll
6.2.22621.3296 C:\Windows\System32
738f0000 OLEAUT32.dll
6.2.22621.3527 C:\Windows\System32
73990000 WS2_32.dll 6.2.22621.1
C:\Windows\System32
739f0000 MSCTF.dll
6.2.22621.3527 C:\Windows\System32
73af0000 ole32.dll
6.2.22621.3527 C:\Windows\System32
73c60000 KERNEL32.DLL
6.2.22621.3527 C:\Windows\System32
73d50000 combase.dll
6.2.22621.3527 C:\Windows\System32
73fd0000 IMAGEHLP.dll
6.2.22621.2506 C:\Windows\System32
73ff0000 ucrtbase.dll
6.2.22621.3374 C:\Windows\System32
74110000 msvcrt.dll
7.0.22621.2506 C:\Windows\System32
741e0000 SHLWAPI.dll
6.2.22621.3527 C:\Windows\System32
743a0000 NSI.dll 6.2.22621.1
C:\Windows\System32
743b0000 sechost.dll
6.2.22621.3527 C:\Windows\System32
74920000 bcryptPrimitives.dll
6.2.22621.3374 C:\Windows\System32
74990000 comdlg32.dll
6.2.22621.3527 C:\Windows\System32
74a50000 SHELL32.dll
6.2.22621.3527 C:\Windows\System32
750f0000 win32u.dll
6.2.22621.3527 C:\Windows\System32
75110000 USER32.dll
6.2.22621.3527 C:\Windows\System32
75320000 clbcatq.dll
2001.12.10941.16384 C:\Windows\System32
77670000 ntdll.dll
6.2.22621.3527 C:\Windows\SYSTEM32

processes:
0000 Idle 0 0 0
0004 System 0 0 0
0074 Registry 0 0 0
01c0 smss.exe 0 0 0
024c csrss.exe 0 0 0
02a0 wininit.exe 0 0 0
0334 services.exe 0 0 0
034c lsass.exe 0 0 0
03cc svchost.exe 0 0 0
03e8 fontdrvhost.exe 0 0 0
03f0 WUDFHost.exe 0 0 0
0390 svchost.exe 0 0 0
0418 svchost.exe 0 0 0
0480 svchost.exe 0 0 0
04b8 svchost.exe 0 0 0
04c0 svchost.exe 0 0 0
04dc svchost.exe 0 0 0
04e8 svchost.exe 0 0 0
0580 svchost.exe 0 0 0
05b8 svchost.exe 0 0 0
05d8 svchost.exe 0 0 0
0604 svchost.exe 0 0 0
0654 svchost.exe 0 0 0
0720 efwd.exe 0 0 0
0764 ekrn.exe 0 0 0
07ec svchost.exe 0 0 0
03dc svchost.exe 0 0 0
0504 XtaCache.exe 0 0 0
0674 svchost.exe 0 0 0
07c4 svchost.exe 0 0 0
080c svchost.exe 0 0 0
081c svchost.exe 0 0 0
0824 svchost.exe 0 0 0
08a0 Memory Compression 0 0 0
08dc svchost.exe 0 0 0
0920 svchost.exe 0 0 0
0948 svchost.exe 0 0 0
09c0 svchost.exe 0 0 0
0a04 svchost.exe 0 0 0
0a34 svchost.exe 0 0 0
0a5c svchost.exe 0 0 0
0a70 svchost.exe 0 0 0
0aa0 spoolsv.exe 0 0 0
0ad8 svchost.exe 0 0 0
0af8 svchost.exe 0 0 0
0b94 svchost.exe 0 0 0
0b9c svchost.exe 0 0 0
0bd0 svchost.exe 0 0 0
0bdc svchost.exe 0 0 0
0be8 svchost.exe 0 0 0
0c18 svchost.exe 0 0 0
0c30 coherence.exe 0 0 0
0c38 prl_tools_service.exe 0 0 0
0c54 svchost.exe 0 0 0
0c64 MsMpEng.exe 0 0 0
0c6c svchost.exe 0 0 0
0cb0 svchost.exe 0 0 0
1254 svchost.exe 0 0 0
12e0 svchost.exe 0 0 0
0e08 MpDefenderCoreService.exe 0 0 0
12ac svchost.exe 0 0 0
153c svchost.exe 0 0 0
16b8 svchost.exe 0 0 0
162c svchost.exe 0 0 0
1204 svchost.exe 0 0 0
0998 svchost.exe 0 0 0
18d8 svchost.exe 0 0 0
18f8 SearchIndexer.exe 0 0 0
21b4 svchost.exe 0 0 0
2264 SecurityHealthService.exe 0 0 0
1774 svchost.exe 0 0 0
2340 svchost.exe 0 0 0
20e0 svchost.exe 0 0 0
22e4 svchost.exe 0 0 0
21c4 svchost.exe 0 0 0
0798 svchost.exe 0 0 0
20c4 svchost.exe 0 0 0
1368 svchost.exe 0 0 0
07b0 svchost.exe 0 0 0
0e44 svchost.exe 0 0 0
0754 svchost.exe 0 0 0
11cc svchost.exe 0 0 0
05d0 audiodg.exe 0 0 0
18bc csrss.exe 17 0 0
145c winlogon.exe 17 0 0
1dd4 fontdrvhost.exe 17 0 0
075c dwm.exe 17 0 0
1024 svchost.exe 0 0 0
2408 svchost.exe 0 0 0
20ac SearchProtocolHost.exe 0 0 0
13a0 svchost.exe 0 0 0
22bc prl_tools.exe 17 0 0
2a8c coherence.exe 17 0 0
0e1c ctfmon.exe 17 0 0
2628 sihost.exe 17 0 9 normal C:\Windows\System32
13b4 svchost.exe 17 0 1 normal C:\Windows\System32
264c svchost.exe 17 0 1 normal C:\Windows\System32
25ac svchost.exe 17 0 1 normal C:\Windows\System32
0ac0 svchost.exe 17 0 7 normal C:\Windows\System32
1ec4 taskhostw.exe 17 10 6 normal C:\Windows\System32
0568 MicrosoftEdgeUpdate.exe 0 0 0
1778 explorer.exe 17 236 321 normal C:\Windows
2584 StartMenuExperienceHost.exe 17 0 17 normal C:\Windows\SystemApps\
Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy
2750 SearchHost.exe 17 12 63 normal C:\Windows\SystemApps\
MicrosoftWindows.Client.CBS_cw5n1h2txyewy
2258 Widgets.exe 17 0 2 normal C:\Program Files\WindowsApps\
MicrosoftWindows.Client.WebExperience_424.1301.450.0_arm64__cw5n1h2txyewy\Dashboard
0878 RuntimeBroker.exe 17 0 5 normal C:\Windows\System32
2b8c RuntimeBroker.exe 17 2 5 normal C:\Windows\System32
063c svchost.exe 17 0 1 normal C:\Windows\System32
18cc svchost.exe 0 0 0
2a98 dllhost.exe 17 0 3 normal C:\Windows\System32
2a3c svchost.exe 17 0 11 normal C:\Windows\System32
2420 prl_cc.exe 17 15 51 normal C:\Program Files\Parallels\
Parallels Tools
1600 ctfmon.exe 17 2 26 high C:\Windows\System32
1498 svchost.exe 17 0 1 normal C:\Windows\System32
07c0 PhoneExperienceHost.exe 17 0 13 normal C:\Program Files\WindowsApps\
Microsoft.YourPhone_1.24042.107.0_arm64__8wekyb3d8bbwe
1eb0 WidgetService.exe 17 0 2 normal C:\Program Files\WindowsApps\
MicrosoftWindows.Client.WebExperience_424.1301.450.0_arm64__cw5n1h2txyewy\Dashboard
0850 RuntimeBroker.exe 17 0 1 normal C:\Windows\System32
04f4 smartscreen.exe 17 0 1 normal C:\Windows\System32
1cfc SecurityHealthSystray.exe 17 7 6 normal C:\Windows\System32
0e68 eguiProxy.exe 17 308 111 normal C:\Program Files\ESET\ESET
Security
0f68 SystemSettings.exe 17 11 41 normal C:\Windows\ImmersiveControlPanel
111c ApplicationFrameHost.exe 17 28 23 normal C:\Windows\System32
07a0 ArmadaL.exe 17 70 51 normal C:\Program Files (x86)\Fleet Ops
Roots\Data

cpu registers:
eax = 16ea6ca0
ebx = 16ea6cc8
ecx = 00000000
edx = 5a883d8e
esi = 0b2665e0
edi = 0000ffff
eip = 5a883d8e
esp = 0019f918
ebp = 0019f984

stack dump:
0019f918 8e 3d 88 5a de fa ed 0e - 01 00 00 00 07 00 00 00 .=.Z............
0019f928 2c f9 19 00 8e 3d 88 5a - a0 6c ea 16 c8 6c ea 16 ,....=.Z.l...l..
0019f938 e0 65 26 0b ff ff 00 00 - 84 f9 19 00 48 f9 19 00 .e&.........H...
0019f948 94 f9 19 00 64 4e 80 5a - 84 f9 19 00 80 89 ea 16 ....dN.Z........
0019f958 c8 6c ea 16 01 65 26 0b - 00 00 00 00 00 00 00 00 .l...e&.........
0019f968 00 00 00 00 00 00 00 00 - 88 6f ea 16 0b ea 87 5a .........o.....Z
0019f978 80 f8 e9 16 0b 83 68 17 - 7e 49 80 00 ac f9 19 00 ......h.~I......
0019f988 b1 3c 88 5a 00 00 00 00 - ff ff 00 00 c8 f9 19 00 .<.Z............
0019f998 fb 4f 80 5a ac f9 19 00 - c8 6c ea 16 98 0c 25 0b .O.Z.....l....%.
0019f9a8 20 83 68 17 c0 f9 19 00 - ca 0d 89 5a ff ff 00 00 .h........Z....
0019f9b8 40 ba 63 2d f4 ba 92 5a - 24 fa 19 00 3b fd 9c 5a @.c-...Z$...;..Z
0019f9c8 d4 f9 19 00 64 4e 80 5a - 24 fa 19 00 dc fa 19 00 ....dN.Z$.......
0019f9d8 64 4e 80 5a 24 fa 19 00 - 80 89 ea 16 40 ba 63 2d [email protected]
0019f9e8 f0 fc 6f 26 00 00 00 00 - 00 00 00 00 00 00 00 00 ..o&............
0019f9f8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0019fa08 00 00 00 00 00 00 00 00 - 00 00 00 00 98 0c 25 0b ..............%.
0019fa18 b0 06 69 13 00 00 00 00 - 00 00 00 00 a0 fa 19 00 ..i.............
0019fa28 a8 2e 64 00 80 89 ea 16 - 80 0d 00 00 f0 fc 6f 26 ..d...........o&
0019fa38 6f 12 83 3a 28 00 00 00 - 80 0d 00 00 70 08 00 00 o..:(.......p...
0019fa48 01 00 20 00 00 00 00 00 - 00 00 00 00 20 eb f3 0a .. ......... ...

disassembling:
[...]
5a9cfd00 call -$9da65 ($5a9322a0) ; pngimage.TPNGObject.AddtEXt
5a9cfd00
5a9cfd05 loc_5a9cfd05:
5a9cfd05 2097 lea eax, [ebp-$38]
5a9cfd08 call -$abd95 ($5a923f78) ;
VersionEnhancement.getFleetopsVersion
5a9cfd08
5a9cfd0d mov ecx, [ebp-$38]
5a9cfd10 lea eax, [ebp-$34]
5a9cfd13 mov edx, $5a9cfe08 ; 'Star Trek Armada II: Fleet
Operations '
5a9cfd18 call -$1ca34d ($5a8059d0) ; System.@LStrCat3
5a9cfd18
5a9cfd1d mov ecx, [ebp-$34]
5a9cfd20 mov edx, $5a9cfe38 ; 'Software'
5a9cfd25 mov eax, [ebp-$10]
5a9cfd28 call -$9da8d ($5a9322a0) ; pngimage.TPNGObject.AddtEXt
5a9cfd28
5a9cfd2d loc_5a9cfd2d:
5a9cfd2d 2100 mov edx, [$5aa469f0]
5a9cfd33 mov eax, [ebp-$10]
5a9cfd36 mov ecx, [eax]
5a9cfd38 > call dword ptr [ecx+$50]
5a9cfd38
5a9cfd3b loc_5a9cfd3b:
5a9cfd3b xor eax, eax
5a9cfd3d pop edx
5a9cfd3e pop ecx
5a9cfd3f pop ecx
5a9cfd40 mov fs:[eax], edx
5a9cfd43 push $5a9cfd68
5a9cfd40
5a9cfd48 loc_5a9cfd48:
5a9cfd48 2104 mov eax, [ebp-$10]
5a9cfd4b call -$1cb728 ($5a804628) ; System.TObject.Free
5a9cfd4b
5a9cfd50 2105 mov eax, [ebp-$c]
5a9cfd53 call -$1cb730 ($5a804628) ; System.TObject.Free
5a9cfd53
5a9cfd58 2106 mov eax, [ebp+8]
5a9cfd5b call -$1cb738 ($5a804628) ; System.TObject.Free
5a9cfd5b
5a9cfd60 ret
5a9cfd60
5a9cfd60 ; ---------------------------------------------------------
5a9cfd60
[...]

date/time : 2024-10-17, 13:02:13, 871ms

operating system : Windows 8 Tablet PC x64 build 9200
system language : English
system up time : 1 hour 30 minutes
program up time : 7 minutes 44 seconds
processors : 4x Apple Silicon
physical memory : 5053/8186 MB (free/total)
free disk space : (C:) 105.33 GB
display mode : 3456x2160, 32 bit
process id : $be4
allocated memory : 908.69 MB
executable : ArmadaL.exe
current module : FleetOpsHook.dll
module date/time : 2024-10-02 23:16
version : 4.0.0.Jan
callstack crc : $00427d73, $bc504bae, $dc5aee00
exception number : 1
exception class : EAccessViolation
exception message : Access violation at address 00427D73 in module 'ArmadaL.exe'.
Read of address 42BB7C98.

main thread ($1c64):

00427d73 +000 ArmadaL.exe
5a9d1f8d +029 FleetOpsHook.dll FleetOpsFunctionsHook 3639 +3
DebugException_Execute_New
5a9d23ed +26d FleetOpsHook.dll FleetOpsFunctionsHook 3760 +76 A2_WinMain
730f7ba7 +017 KERNEL32.DLL BaseThreadInitThunk

thread $1a4c:
77406eba +0a ntdll.dll NtDelayExecution
77420c44 +e4 ntdll.dll RtlDelayExecution
73b96729 +49 KERNELBASE.dll SleepEx
73b966ca +0a KERNELBASE.dll Sleep
5a9f0978 +e8 FleetOpsHook.dll ST3D_TextureEnhancement 533 +29
TST3D_TextureLoadingThread.Execute
5a887a2c +34 FleetOpsHook.dll Classes ThreadProc
5a80562c +28 FleetOpsHook.dll System 494 +0 ThreadWrapper
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $21c4:
774089aa +0a ntdll.dll NtWaitForWorkViaWorkerFactory
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $160c: <priority:13>

77406b9a +0a ntdll.dll NtWaitForSingleObject
73bb3f62 +82 KERNELBASE.dll WaitForSingleObjectEx
73bb3ecd +0d KERNELBASE.dll WaitForSingleObject
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $21a8: <priority:2>

77406b9a +0a ntdll.dll NtWaitForSingleObject
73bb3f62 +82 KERNELBASE.dll WaitForSingleObjectEx
73bb3ecd +0d KERNELBASE.dll WaitForSingleObject
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $880: <priority:2>

77406eba +0a ntdll.dll NtDelayExecution
77420c44 +e4 ntdll.dll RtlDelayExecution
73b96729 +49 KERNELBASE.dll SleepEx
73b966ca +0a KERNELBASE.dll Sleep
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $f78: <priority:1>

77406eba +0a ntdll.dll NtDelayExecution
77420c44 +e4 ntdll.dll RtlDelayExecution
73b96729 +49 KERNELBASE.dll SleepEx
73b966ca +0a KERNELBASE.dll Sleep
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $16c8:
73545cca +0a win32u.dll NtUserMsgWaitForMultipleObjectsEx
73832aec +4c USER32.dll MsgWaitForMultipleObjectsEx
7384218a +1a USER32.dll MsgWaitForMultipleObjects
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $f90:
73545cca +0a win32u.dll NtUserMsgWaitForMultipleObjectsEx
73832aec +4c USER32.dll MsgWaitForMultipleObjectsEx
7384218a +1a USER32.dll MsgWaitForMultipleObjects
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $148c:
77406b9a +0a ntdll.dll NtWaitForSingleObject
73bb3f62 +82 KERNELBASE.dll WaitForSingleObjectEx
73bb3ecd +0d KERNELBASE.dll WaitForSingleObject
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $668:
774089aa +0a ntdll.dll NtWaitForWorkViaWorkerFactory
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $1554:
73545cca +0a win32u.dll NtUserMsgWaitForMultipleObjectsEx
73832aec +4c USER32.dll MsgWaitForMultipleObjectsEx
7384218a +1a USER32.dll MsgWaitForMultipleObjects
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $e14:
735410da +0a win32u.dll NtUserGetMessage
7384038a +2a USER32.dll GetMessageW
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $544: <priority:15>

7740712a +00a ntdll.dll NtWaitForMultipleObjects
73bb4d89 +189 KERNELBASE.dll WaitForMultipleObjectsEx
73bb4be3 +013 KERNELBASE.dll WaitForMultipleObjects
730f7ba7 +017 KERNEL32.DLL BaseThreadInitThunk

thread $23f8: <priority:15>

77406eba +0a ntdll.dll NtDelayExecution
77420c44 +e4 ntdll.dll RtlDelayExecution
73b96729 +49 KERNELBASE.dll SleepEx
73b966ca +0a KERNELBASE.dll Sleep
730f7ba7 +17 KERNEL32.DLL BaseThreadInitThunk

modules:
00400000 ArmadaL.exe 43.0.0.0 C:\Program Files (x86)\
Fleet Ops Roots\data
0af90000 D3DX81ab.dll 8.1.0.0 C:\Program Files (x86)\
Fleet Ops Roots\data
0e770000 Tunngle.dll 1.0.6.0 C:\Program Files (x86)\
Fleet Ops Roots\data
10000000 NetworkManager.dll C:\Program Files (x86)\
Fleet Ops Roots\data
18000000 binkw32.dll 1.9.18.0 C:\Program Files (x86)\
Fleet Ops Roots\data
4a800000 Win2kDisableTaskSwitch.dll 4.0.0.0 C:\Program Files (x86)\
Fleet Ops Roots\data
5a800000 FleetOpsHook.dll 4.0.0.0 C:\Program Files (x86)\
Fleet Ops Roots
6fb70000 mmm_loader.dll 1.0.5.0 C:\Program Files (x86)\
Fleet Ops Roots\data\missions
6fd50000 rasadhlp.dll 6.2.22621.1 C:\Windows\System32
6fd60000 DNSAPI.dll 6.2.22621.4249 C:\Windows\SYSTEM32
6fe30000 urlmon.dll 11.0.22621.4169 C:\Windows\SYSTEM32
6ffe0000 WINHTTP.dll 6.2.22621.4249 C:\Windows\SYSTEM32
700c0000 dhcpcsvc.DLL 6.2.22621.2506 C:\Windows\SYSTEM32
700e0000 dhcpcsvc6.DLL 6.2.22621.2506 C:\Windows\SYSTEM32
70100000 WINNSI.DLL 6.2.22621.1 C:\Windows\SYSTEM32
70110000 IPHLPAPI.DLL 6.2.22621.1 C:\Windows\SYSTEM32
70140000 mswsock.dll 6.2.22621.2506 C:\Windows\system32
701a0000 ondemandconnroutehelper.dll 6.2.22621.3527 C:\Windows\SYSTEM32
701c0000 srvcli.dll 6.2.22621.4249 C:\Windows\SYSTEM32
701e0000 netutils.dll 6.2.22621.2506 C:\Windows\SYSTEM32
701f0000 iertutil.dll 11.0.22621.4317 C:\Windows\SYSTEM32
70430000 TextShaping.dll 6.2.22621.4317 C:\Windows\SYSTEM32
704d0000 resourcepolicyclient.dll 6.2.22621.3527 C:\Windows\SYSTEM32
704e0000 midimap.dll 6.2.22621.2506 C:\Windows\SYSTEM32
704f0000 msacm32.drv 6.2.22621.2506 C:\Windows\SYSTEM32
70500000 AUDIOSES.DLL 6.2.22621.4111 C:\Windows\SYSTEM32
70690000 ksuser.dll 6.2.22621.2506 C:\Windows\SYSTEM32
706a0000 AVRT.dll 6.2.22621.2506 C:\Windows\SYSTEM32
706b0000 wdmaud.drv 6.2.22621.3527 C:\Windows\SYSTEM32
706f0000 DEVOBJ.dll 6.2.22621.2506 C:\Windows\System32
70720000 MMDevApi.dll 6.2.22621.4111 C:\Windows\System32
707a0000 dwmapi.dll 6.2.22621.3672 C:\Windows\SYSTEM32
707d0000 CRYPTBASE.DLL 6.2.22621.1 C:\Windows\SYSTEM32
707e0000 CoreUIComponents.dll 6.2.22621.3672 C:\Windows\SYSTEM32
70a80000 CoreMessaging.dll 6.2.22621.3672 C:\Windows\SYSTEM32
70b50000 textinputframework.dll 6.2.22621.4249 C:\Windows\SYSTEM32
70c50000 comctl32.DLL 6.10.22621.3672 C:\Windows\WinSxS\
x86_microsoft.windows.common-
controls_6595b64144ccf1df_6.0.22621.3672_none_6ec0f0a887fe525b
70e80000 prl_umdd10.dll 20.18.2010.55732 C:\Windows\SYSTEM32
70ed0000 DDRAW.DLL 4.7.1.3000 C:\Program Files (x86)\
Fleet Ops Roots\data
70fc0000 directxdatabasehelper.dll 6.2.22621.3672 C:\Windows\SYSTEM32
71000000 dxcore.dll 6.2.22621.3958 C:\Windows\SYSTEM32
71030000 D3D11.DLL 6.2.22621.3672 C:\Windows\SYSTEM32
71270000 DXGI.DLL 6.2.22621.4036 C:\Windows\SYSTEM32
71340000 SspiCli.dll 6.2.22621.3810 C:\Windows\SYSTEM32
71370000 CFGMGR32.dll 6.2.22621.2506 C:\Windows\SYSTEM32
713b0000 profapi.dll 6.2.22621.4111 C:\Windows\SYSTEM32
713d0000 propsys.dll 7.0.22621.4249 C:\Windows\system32
714a0000 kernel.appcore.dll 6.2.22621.3958 C:\Windows\SYSTEM32
714c0000 wintypes.dll 6.2.22621.3810 C:\Windows\SYSTEM32
71590000 windows.storage.dll 6.2.22621.4249 C:\Windows\SYSTEM32
71c90000 uxtheme.dll 6.2.22621.4249 C:\Windows\system32
71d20000 FaultRep.dll 6.2.22621.3672 C:\Windows\SYSTEM32
71d90000 d3dx9_43.dll 9.29.952.3111 C:\Program Files (x86)\
Fleet Ops Roots\data
71f90000 fmodex.dll 0.4.38.6 C:\Program Files (x86)\
Fleet Ops Roots\data
720e0000 wininet.dll 11.0.22621.4249 C:\Windows\SYSTEM32
72570000 d3d9.dll 4.9.0.904 C:\Program Files (x86)\
Fleet Ops Roots\data
72710000 wsock32.dll 6.2.22621.1 C:\Windows\SYSTEM32
72720000 version.dll 6.2.22621.1 C:\Windows\SYSTEM32
72730000 UMPDC.dll 6.2.22621.2506 C:\Windows\SYSTEM32
72740000 msdmo.dll 6.2.22621.1 C:\Windows\SYSTEM32
72750000 winmmbase.dll 6.2.22621.2506 C:\Windows\SYSTEM32
72770000 powrprof.dll 6.2.22621.3958 C:\Windows\SYSTEM32
727c0000 ResampleDmo.DLL 6.2.22621.2506 C:\Windows\SYSTEM32
72860000 MSACM32.dll 6.2.22621.2506 C:\Windows\SYSTEM32
72880000 MSVFW32.dll 6.2.22621.2506 C:\Windows\SYSTEM32
728b0000 d3d8.dll 4.8.2.134 C:\Program Files (x86)\
Fleet Ops Roots\data
72a30000 MSVCP60.dll 7.0.22621.1 C:\Windows\SYSTEM32
72ab0000 DSOUND.dll 6.2.22621.3527 C:\Windows\SYSTEM32
72b30000 WINMM.dll 6.2.22621.3672 C:\Windows\SYSTEM32
72b70000 AVIFIL32.dll 6.2.22621.2506 C:\Windows\SYSTEM32
72b90000 COMCTL32.dll 5.82.22621.3527 C:\Windows\WinSxS\
x86_microsoft.windows.common-
controls_6595b64144ccf1df_5.82.22621.3527_none_fbe8b6227808ef55
72c30000 apphelp.dll 6.2.22621.3810 C:\Windows\SYSTEM32
72e50000 combase.dll 6.2.22621.4249 C:\Windows\System32
730d0000 NSI.dll 6.2.22621.1 C:\Windows\System32
730e0000 KERNEL32.DLL 6.2.22621.3958 C:\Windows\System32
73230000 IMM32.dll 6.2.22621.3374 C:\Windows\System32
73260000 SHLWAPI.dll 6.2.22621.3672 C:\Windows\System32
732b0000 WS2_32.dll 6.2.22621.1 C:\Windows\System32
73310000 ole32.dll 6.2.22621.3958 C:\Windows\System32
734d0000 bcryptPrimitives.dll 6.2.22621.4317 C:\Windows\System32
73540000 win32u.dll 6.2.22621.4249 C:\Windows\System32
73560000 msvcrt.dll 7.0.22621.2506 C:\Windows\System32
73630000 ADVAPI32.dll 6.2.22621.4317 C:\Windows\System32
736b0000 OLEAUT32.dll 6.2.22621.3672 C:\Windows\System32
737f0000 IMAGEHLP.dll 6.2.22621.2506 C:\Windows\System32
73810000 USER32.dll 6.2.22621.4317 C:\Windows\System32
739c0000 clbcatq.dll 2001.12.10941.16384 C:\Windows\System32
73a50000 bcrypt.dll 6.2.22621.2506 C:\Windows\System32
73a70000 KERNELBASE.dll 6.2.22621.4317 C:\Windows\System32
73d80000 gdi32full.dll 6.2.22621.4317 C:\Windows\System32
73e70000 ucrtbase.dll 6.2.22621.3593 C:\Windows\System32
743d0000 shcore.dll 6.2.22621.4249 C:\Windows\System32
74610000 comdlg32.dll 6.2.22621.4249 C:\Windows\System32
746d0000 RPCRT4.dll 6.2.22621.4249 C:\Windows\System32
74790000 MSCTF.dll 6.2.22621.4317 C:\Windows\System32
748a0000 GDI32.dll 6.2.22621.4036 C:\Windows\System32
748e0000 msvcp_win.dll 6.2.22621.3374 C:\Windows\System32
74960000 SHELL32.dll 6.2.22621.4249 C:\Windows\System32
75010000 sechost.dll 6.2.22621.4249 C:\Windows\System32
77390000 ntdll.dll 6.2.22621.4317 C:\Windows\SYSTEM32

processes:
0000 Idle 0 0 0
0004 System 0 0 0
0074 Registry 0 0 0
01c4 smss.exe 0 0 0
0250 csrss.exe 0 0 0
02a4 wininit.exe 0 0 0
0338 services.exe 0 0 0
0350 lsass.exe 0 0 0
03d8 svchost.exe 0 0 0
03e4 WUDFHost.exe 0 0 0
020c fontdrvhost.exe 0 0 0
038c svchost.exe 0 0 0
0444 svchost.exe 0 0 0
0508 svchost.exe 0 0 0
0510 svchost.exe 0 0 0
056c svchost.exe 0 0 0
0598 svchost.exe 0 0 0
05b4 svchost.exe 0 0 0
05bc svchost.exe 0 0 0
05d4 svchost.exe 0 0 0
0660 svchost.exe 0 0 0
0684 svchost.exe 0 0 0
0694 svchost.exe 0 0 0
06a4 svchost.exe 0 0 0
06fc svchost.exe 0 0 0
07c8 svchost.exe 0 0 0
07d8 svchost.exe 0 0 0
0474 efwd.exe 0 0 0
0858 ekrn.exe 0 0 0
0874 svchost.exe 0 0 0
0890 svchost.exe 0 0 0
0984 svchost.exe 0 0 0
098c XtaCache.exe 0 0 0
09a0 svchost.exe 0 0 0
09ec svchost.exe 0 0 0
09f4 svchost.exe 0 0 0
0a00 svchost.exe 0 0 0
0a44 Memory Compression 0 0 0
0a8c svchost.exe 0 0 0
0ab0 svchost.exe 0 0 0
0ab8 svchost.exe 0 0 0
0b00 svchost.exe 0 0 0
0b10 svchost.exe 0 0 0
0b38 svchost.exe 0 0 0
0b58 svchost.exe 0 0 0
0ba8 spoolsv.exe 0 0 0
0bcc svchost.exe 0 0 0
06f8 svchost.exe 0 0 0
09c0 svchost.exe 0 0 0
0cd0 svchost.exe 0 0 0
0cdc svchost.exe 0 0 0
0d04 MpDefenderCoreService.exe 0 0 0
0d30 coherence.exe 0 0 0
0d3c prl_tools_service.exe 0 0 0
0d58 svchost.exe 0 0 0
0d70 dllhost.exe 0 0 0
0d98 svchost.exe 0 0 0
0db0 svchost.exe 0 0 0
0db8 MsMpEng.exe 0 0 0
0dcc svchost.exe 0 0 0
0de8 SearchIndexer.exe 0 0 0
0fd0 dllhost.exe 0 0 0
0dc4 svchost.exe 0 0 0
10ac svchost.exe 0 0 0
129c svchost.exe 0 0 0
0e94 msdtc.exe 0 0 0
15cc svchost.exe 0 0 0
1690 svchost.exe 0 0 0
174c svchost.exe 0 0 0
1864 svchost.exe 0 0 0
1abc svchost.exe 0 0 0
1b54 svchost.exe 0 0 0
1dc4 audiodg.exe 0 0 0
1f9c svchost.exe 0 0 0
20c4 SecurityHealthService.exe 0 0 0
228c svchost.exe 0 0 0
2134 svchost.exe 0 0 0
1e14 MoUsoCoreWorker.exe 0 0 0
1678 svchost.exe 0 0 0
080c svchost.exe 0 0 0
1ab8 svchost.exe 0 0 0
2174 svchost.exe 0 0 0
0928 csrss.exe 2 0 0
0478 winlogon.exe 2 0 0
0a14 fontdrvhost.exe 2 0 0
176c dwm.exe 2 0 0
13b0 svchost.exe 0 0 0
2314 svchost.exe 0 0 0
166c prl_tools.exe 2 0 0
06c8 coherence.exe 2 0 0
13d4 sihost.exe 2 0 9 normal C:\Windows\System32
1024 svchost.exe 2 0 1 normal C:\Windows\System32
0b6c svchost.exe 2 0 1 normal C:\Windows\System32
119c svchost.exe 2 0 1 normal C:\Windows\System32
13d8 svchost.exe 2 0 4 normal C:\Windows\System32
15c0 taskhostw.exe 2 10 6 normal C:\Windows\System32
1dfc explorer.exe 2 180 234 normal C:\Windows
1a54 eOppFrame.exe 2 8 10 normal C:\Program Files\ESET\ESET
Security
1d68 StartMenuExperienceHost.exe 2 0 16 normal C:\Windows\SystemApps\
Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy
10c4 SearchHost.exe 2 12 64 normal C:\Windows\SystemApps\
MicrosoftWindows.Client.CBS_cw5n1h2txyewy
1034 RuntimeBroker.exe 2 0 4 normal C:\Windows\System32
1bdc RuntimeBroker.exe 2 2 4 normal C:\Windows\System32
1dc0 svchost.exe 2 0 1 normal C:\Windows\System32
1ca4 dllhost.exe 2 0 3 normal C:\Windows\System32
1e10 ctfmon.exe 2 2 26 high C:\Windows\System32
0aa8 prl_cc.exe 2 15 52 normal C:\Program Files\Parallels\
Parallels Tools
0c94 svchost.exe 2 0 1 normal C:\Windows\System32
08a0 svchost.exe 0 0 0
22a4 PhoneExperienceHost.exe 2 0 13 normal C:\Program Files\WindowsApps\
Microsoft.YourPhone_1.24091.88.0_arm64__8wekyb3d8bbwe
0248 svchost.exe 2 0 11 normal C:\Windows\System32
01d8 SecurityHealthSystray.exe 2 7 5 normal C:\Windows\System32
2360 eguiProxy.exe 2 308 111 normal C:\Program Files\ESET\ESET
Security
0be4 ArmadaL.exe 2 87 76 normal C:\Program Files (x86)\Fleet Ops
Roots\Data
0850 ApplicationFrameHost.exe 2 28 18 normal C:\Windows\System32
0530 SystemSettings.exe 2 11 42 normal C:\Windows\ImmersiveControlPanel
03ec ShellExperienceHost.exe 2 0 29 normal C:\Windows\SystemApps\
ShellExperienceHost_cw5n1h2txyewy
099c svchost.exe 2 0 3 normal C:\Windows\System32
1b0c RuntimeBroker.exe 2 0 6 normal C:\Windows\System32
1f4c SystemSettingsBroker.exe 2 0 0 normal C:\Windows\System32
047c smartscreen.exe 2 0 1 normal C:\Windows\System32
134c WmiPrvSE.exe 0 0 0

hardware:
+ {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
- Microsoft Print to PDF
- Root Print Queue
+ {36fc9e60-c465-11cf-8056-444553540000}
- Intel(R) 82801FB/FBM USB2 Enhanced Host Controller - 265C
- Renesas USB 3.10 eXtensible Host Controller - 1.10 (Microsoft)
- USB Composite Device
- USB Composite Device
- USB Root Hub
- USB Root Hub (USB 3.0)
+ {4d36e965-e325-11ce-bfc1-08002be10318}
- Virtual DVD-ROM
+ {4d36e966-e325-11ce-bfc1-08002be10318}
- ACPI ARM64-based PC
- Parallels International GmbH. Parallels ARM Virtual Machine
+ {4d36e967-e325-11ce-bfc1-08002be10318}
- harddisk SSD
+ {4d36e968-e325-11ce-bfc1-08002be10318}
- Parallels Display Adapter (WDDM) (driver 20.18.2010.55732)
+ {4d36e96a-e325-11ce-bfc1-08002be10318}
- Standard SATA AHCI Controller
+ {4d36e96b-e325-11ce-bfc1-08002be10318}
- HID Keyboard Device
- HID Keyboard Device
+ {4d36e96c-e325-11ce-bfc1-08002be10318}
- High Definition Audio Device
+ {4d36e96e-e325-11ce-bfc1-08002be10318}
- Generic Monitor (Parallels Vu)
+ {4d36e96f-e325-11ce-bfc1-08002be10318}
- HID-compliant mouse
- Parallels USB Mouse Synchronization Device (driver 20.1.0.55732)
+ {4d36e972-e325-11ce-bfc1-08002be10318}
- Microsoft Kernel Debug Network Adapter
- Parallels VirtIO Ethernet Adapter (driver 100.0.2.0)
- WAN Miniport (IKEv2)
- WAN Miniport (IP)
- WAN Miniport (IPv6)
- WAN Miniport (L2TP)
- WAN Miniport (Network Monitor)
- WAN Miniport (PPPOE)
- WAN Miniport (PPTP)
- WAN Miniport (SSTP)
+ {4d36e97b-e325-11ce-bfc1-08002be10318}
- Microsoft Storage Spaces Controller
+ {4d36e97d-e325-11ce-bfc1-08002be10318}
- ACPI Devices driver
- ACPI Power Button
- ACPI Wake Alarm
- Charge Arbitration Driver
- Composite Bus Enumerator
- High Definition Audio Controller
- Microsoft ACPI-Compliant System
- Microsoft Basic Display Driver
- Microsoft Basic Render Driver
- Microsoft Hyper-V Virtualization Infrastructure Driver
- Microsoft System Management BIOS Driver
- Microsoft Virtual Drive Enumerator
- NDIS Virtual Network Adapter Enumerator
- Parallels Memory Controller (driver 20.1.0.55732)
- Parallels Tool Device (driver 20.1.0.55732)
- PCI Express Root Complex
- Plug and Play Software Device Enumerator
- Remote Desktop Device Redirector Bus
- UMBus Root Bus Enumerator
- Volume Manager
+ {50127dc3-0f36-415e-a6cc-4cb3be910b65}
- Apple Silicon
- Apple Silicon
- Apple Silicon
- Apple Silicon
+ {5175d334-c371-4806-b3ba-71fd53c9258d}
- Parallels Location Provider (driver 20.1.0.55732)
+ {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
- Microsoft GS Wavetable Synth
- Microsoft Radio Device Enumeration Bus
- Microsoft RRAS Root Enumerator
+ {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
- Microsoft AC Adapter
- Microsoft ACPI-Compliant Control Method Battery
+ {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
- HID-compliant consumer control device
- HID-compliant digitizer
- HID-compliant system controller
- USB Input Device
- USB Input Device
- USB Input Device
- USB Input Device
- USB Input Device
+ {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
- Speakers (High Definition Audio Device)
+ {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
- Trusted Platform Module 2.0

cpu registers:
eax = 00000010
ebx = 2f058ea4
ecx = ffffff91
edx = 42bb8010
esi = 28843940
edi = 2f058ea4
eip = 00427d73
esp = 0019f9d0
ebp = 0019f9dc

stack dump:
0019f9d0 40 39 84 28 58 42 50 28 - 81 ff ff ff 04 fa 19 00 @9.(XBP(........
0019f9e0 9a 31 41 00 92 09 00 00 - cc 41 75 2e c0 41 75 2e .1A......Au..Au.
0019f9f0 c4 d5 71 28 40 8e 05 2f - 00 00 00 00 00 40 9f c0 ..q(@../.....@..
0019fa00 58 42 50 28 a8 fa 19 00 - 73 8e 41 00 69 ef 6e 00 XBP(....s.A.i.n.
0019fa10 c4 d5 71 28 80 d5 71 28 - 69 ef 6e 00 a1 44 50 28 ..q(..q(i.n..DP(
0019fa20 80 d5 71 28 00 00 00 00 - 00 00 00 00 19 fc ff ff ..q(............
0019fa30 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0019fa40 19 fc ff ff 00 00 00 00 - 74 fa 19 00 3c 57 41 00 ........t...<WA.
0019fa50 9e 81 00 80 40 10 73 2f - d3 5d 41 00 c4 d5 71 28 [email protected]/.]A...q(
0019fa60 69 ef 6e 00 44 59 c4 3d - 19 fc ff ff 69 5f 41 00 i.n.DY.=....i_A.
0019fa70 69 ef 6e 00 c4 d5 71 28 - ae 80 41 00 69 ef 6e 00 i.n...q(..A.i.n.
0019fa80 00 00 00 80 20 2f d0 2e - c4 d5 71 28 98 51 69 16 .... /....q(.Qi.
0019fa90 02 00 00 00 b0 93 81 2f - 00 00 00 c4 c1 82 41 00 ......./......A.
0019faa0 c8 fa 19 00 b4 93 81 2f - c8 fa 19 00 e4 82 41 00 ......./......A.
0019fab0 a1 44 50 28 31 f2 41 00 - 24 01 00 00 18 6e 3d 2f .DP(1.A.$....n=/
0019fac0 01 00 00 00 80 d5 71 28 - dc fa 19 00 1e b8 44 00 ......q(......D.
0019fad0 0a 00 00 00 0b d7 a3 3c - e0 ec 61 2f 10 fb 19 00 .......<..a/....
0019fae0 10 19 40 00 0b d7 a3 3c - 0a 00 00 00 0b d7 a3 3c ..@....<.......<
0019faf0 00 00 00 00 ad 6d cb 6f - ff ff ff ff 18 fb 19 00 .....m.o........
0019fb00 b9 5f 40 00 58 fb 19 00 - b8 94 69 00 ff ff ff ff [email protected].....
disassembling:
5a9d1f64 public FleetOpsFunctionsHook.DebugException_Execute_New: ; function
entry point
5a9d1f64 3636 push ebp
5a9d1f65 mov ebp, esp
5a9d1f67 push 0
5a9d1f69 push 0
5a9d1f6b push ebx
5a9d1f6c push esi
5a9d1f6d push edi
5a9d1f6e xor eax, eax
5a9d1f70 push ebp
5a9d1f71 push $5a9d200f ; System.@HandleFinally
5a9d1f76 push dword ptr fs:[eax]
5a9d1f79 mov fs:[eax], esp
5a9d1f7c 3637 mov eax, [ebp+8]
5a9d1f7f 3638 xor edx, edx
5a9d1f81 push ebp
5a9d1f82 push $5a9d1f99 ; System.@HandleAnyException
5a9d1f87 push dword ptr fs:[edx]
5a9d1f8a mov fs:[edx], esp
5a9d1f8d 3639 > call eax
5a9d1f8d
5a9d1f8f xor eax, eax
5a9d1f91 pop edx
5a9d1f92 pop ecx
5a9d1f93 pop ecx
5a9d1f94 mov fs:[eax], edx
5a9d1f97 jmp loc_5a9d1ff1
5a9d1f97
5a9d1f97 ; ---------------------------------------------------------
5a9d1f97
5a9d1f99 jmp -$1cd46e ($5a804b30) ; System.@HandleAnyException
5a9d1f99
5a9d1f9e 3641 push 1
5a9d1fa0 push 0
5a9d1fa2 push 0
5a9d1fa4 push 0
5a9d1fa6 push 0
5a9d1fa8 push 0
5a9d1faa push 0
5a9d1fac push 0
[...]

AW-FP300 Addressable Fire Alarm Control Panel Installation and Commissioning Manual
70% (10)
AW-FP300 Addressable Fire Alarm Control Panel Installation and Commissioning Manual
25 pages
Sualaptop365.edu - VN - Lenovo ThinkPad S5-S540 VIUS6 LA-A171P r10
100% (1)
Sualaptop365.edu - VN - Lenovo ThinkPad S5-S540 VIUS6 LA-A171P r10
46 pages
Bugreport 20210429181048 8936
No ratings yet
Bugreport 20210429181048 8936
12 pages
Bug Report
No ratings yet
Bug Report
7 pages
Bugreport 20210429181039 9588
No ratings yet
Bugreport 20210429181039 9588
12 pages
Bugreport
No ratings yet
Bugreport
13 pages
Bugreport 20211005161816 11008
No ratings yet
Bugreport 20211005161816 11008
12 pages
Bugreport 20211005161816 6340
No ratings yet
Bugreport 20211005161816 6340
12 pages
Bugreport
No ratings yet
Bugreport
27 pages
madVR - Crash Report
No ratings yet
madVR - Crash Report
12 pages
Bugreport
No ratings yet
Bugreport
10 pages
Bug Report
No ratings yet
Bug Report
29 pages
Incardex Bugreport
No ratings yet
Incardex Bugreport
32 pages
NeatoToolio Bugreport
No ratings yet
NeatoToolio Bugreport
15 pages
Bugreport
No ratings yet
Bugreport
13 pages
Bug Report
No ratings yet
Bug Report
31 pages
bugreport
No ratings yet
bugreport
10 pages
Bug Report
No ratings yet
Bug Report
7 pages
Sims2Exception 2020.10.31 22.00.16
No ratings yet
Sims2Exception 2020.10.31 22.00.16
5 pages
TS2BodyShop 2017.12.12 20.10.04
No ratings yet
TS2BodyShop 2017.12.12 20.10.04
4 pages
TS2BodyShop 2023.03.25 10.46.57
No ratings yet
TS2BodyShop 2023.03.25 10.46.57
4 pages
SimCity Exception Report 2011.03.27 16.59.58
No ratings yet
SimCity Exception Report 2011.03.27 16.59.58
4 pages
TS2BodyShop 2023.03.25 10.49.08
No ratings yet
TS2BodyShop 2023.03.25 10.49.08
4 pages
SimCity Exception Report 2018.06.03 19.29.25
No ratings yet
SimCity Exception Report 2018.06.03 19.29.25
4 pages
SimCity Exception Report 2018.06.05 00.03.13
No ratings yet
SimCity Exception Report 2018.06.05 00.03.13
4 pages
Sims2Exception 2019.05.26 15.34.19
No ratings yet
Sims2Exception 2019.05.26 15.34.19
4 pages
TS2BodyShop 2023.03.25 10.46.02
No ratings yet
TS2BodyShop 2023.03.25 10.46.02
4 pages
Sims2Exception 2023.05.24 01.00.53
No ratings yet
Sims2Exception 2023.05.24 01.00.53
6 pages
Sims2Exception 2023.05.24 01.14.06
No ratings yet
Sims2Exception 2023.05.24 01.14.06
6 pages
Sims2Exception 2008.05.15 10.40.34
No ratings yet
Sims2Exception 2008.05.15 10.40.34
4 pages
Bug Report
No ratings yet
Bug Report
11 pages
Sims2Exception 2023.05.24 00.53.07
No ratings yet
Sims2Exception 2023.05.24 00.53.07
6 pages
MadVR - Crash Report
No ratings yet
MadVR - Crash Report
34 pages
2023-01-03 20.59.35 Crash
No ratings yet
2023-01-03 20.59.35 Crash
4 pages
Bug Report
No ratings yet
Bug Report
7 pages
MadVR - Crash Report
No ratings yet
MadVR - Crash Report
10 pages
Bugreport 10
No ratings yet
Bugreport 10
29 pages
Bug Report
No ratings yet
Bug Report
5 pages
2020-09-12 14.28.57 Crash
No ratings yet
2020-09-12 14.28.57 Crash
22 pages
Sims_stkdmp
No ratings yet
Sims_stkdmp
5 pages
2012-06-14 11.19.51 Error
No ratings yet
2012-06-14 11.19.51 Error
6 pages
cFosSpeed Setup OldLog
No ratings yet
cFosSpeed Setup OldLog
149 pages
2020-08-28 21.37.00 Crash
No ratings yet
2020-08-28 21.37.00 Crash
21 pages
2020-07-11 14.51.18 Crash
No ratings yet
2020-07-11 14.51.18 Crash
22 pages
2023-12-24 22.54.55 Crash
No ratings yet
2023-12-24 22.54.55 Crash
14 pages
2023-02-15 12.18.19 Crash
No ratings yet
2023-02-15 12.18.19 Crash
7 pages
Bugreport
No ratings yet
Bugreport
34 pages
SimCity Exception Report 2020.08.03 16.09.53
No ratings yet
SimCity Exception Report 2020.08.03 16.09.53
4 pages
Bug Report
No ratings yet
Bug Report
6 pages
Bug Report
No ratings yet
Bug Report
30 pages
2020-05-14 22.01.42 Crash
No ratings yet
2020-05-14 22.01.42 Crash
18 pages
MadVR - Crash Report
No ratings yet
MadVR - Crash Report
11 pages
Bugreport
No ratings yet
Bugreport
11 pages
Bugreport
No ratings yet
Bugreport
37 pages
Bug Report
No ratings yet
Bug Report
31 pages
XCPT ATOCHA 13-03-05 13.06.29
No ratings yet
XCPT ATOCHA 13-03-05 13.06.29
5 pages
Exception Report TORRES-PC 10-23-11 17.57.30 Exception
No ratings yet
Exception Report TORRES-PC 10-23-11 17.57.30 Exception
5 pages
Bug Report
No ratings yet
Bug Report
11 pages
SimCity Exception Report 2018.06.03 16.59.57
No ratings yet
SimCity Exception Report 2018.06.03 16.59.57
4 pages
Bugreport
No ratings yet
Bugreport
13 pages
XCPT JACKSON-PC 11-01-17 17.58.47
No ratings yet
XCPT JACKSON-PC 11-01-17 17.58.47
5 pages
Evaluation of Some Android Emulators and Installation of Android OS on Virtualbox and VMware
From Everand
Evaluation of Some Android Emulators and Installation of Android OS on Virtualbox and VMware
Dr. Hidaia Mahmood Alassouli
No ratings yet
SL150
No ratings yet
SL150
14 pages
Computer Hierarchy
No ratings yet
Computer Hierarchy
5 pages
T315C-07 Libraries - RevE
No ratings yet
T315C-07 Libraries - RevE
24 pages
RS 701 QuickStartGuide 399G034
No ratings yet
RS 701 QuickStartGuide 399G034
2 pages
Dell Inspiron 13 7348
No ratings yet
Dell Inspiron 13 7348
2 pages
Com.apple.mobileGestalt
No ratings yet
Com.apple.mobileGestalt
6 pages
Tutorial MIPS Using MARS
No ratings yet
Tutorial MIPS Using MARS
6 pages
Practical 1 4
No ratings yet
Practical 1 4
34 pages
HPE VMware Utilities User Guide For ESXi 7.0 April 2020-A00098103en - Us.0 April 2020-A00098103en - Us.0 April 2020-A00098103en - Us
No ratings yet
HPE VMware Utilities User Guide For ESXi 7.0 April 2020-A00098103en - Us.0 April 2020-A00098103en - Us.0 April 2020-A00098103en - Us
26 pages
Module 1
No ratings yet
Module 1
55 pages
Functional Requirements:: Control of The Processors
No ratings yet
Functional Requirements:: Control of The Processors
6 pages
Installation - Magisk
No ratings yet
Installation - Magisk
5 pages
Document Version: 1.7 Image Version: v1.7: LHT65 Temperature & Humidity Sensor User Manual
No ratings yet
Document Version: 1.7 Image Version: v1.7: LHT65 Temperature & Humidity Sensor User Manual
47 pages
2024 AwardofExcellenceWinners List
No ratings yet
2024 AwardofExcellenceWinners List
30 pages
V5 Classic Series 65'' Interactive Flat Panel Specification
No ratings yet
V5 Classic Series 65'' Interactive Flat Panel Specification
6 pages
ZPL40 ZPL50 ZPL70 LA-B181P r0.5 0218 r0.5 0325
No ratings yet
ZPL40 ZPL50 ZPL70 LA-B181P r0.5 0218 r0.5 0325
61 pages
Secondary Storage Devices (1) :: Magnetic Disks
No ratings yet
Secondary Storage Devices (1) :: Magnetic Disks
56 pages
Exploded Views DrafStation
No ratings yet
Exploded Views DrafStation
12 pages
Comparison of Parallel Quick and Merge Sort Algorithms On Architecture With Shared Memory
No ratings yet
Comparison of Parallel Quick and Merge Sort Algorithms On Architecture With Shared Memory
6 pages
2021 P5 English Practice Paper 2 Nanyang
No ratings yet
2021 P5 English Practice Paper 2 Nanyang
24 pages
8051 Timer-Counter
No ratings yet
8051 Timer-Counter
22 pages
Phonic IS16 (English)
No ratings yet
Phonic IS16 (English)
2 pages
Grade 7 2nd Semester( Software & Windows Setting)
No ratings yet
Grade 7 2nd Semester( Software & Windows Setting)
74 pages
System Compatibility Report
No ratings yet
System Compatibility Report
2 pages
CVS Series 3400 PDF
No ratings yet
CVS Series 3400 PDF
36 pages
CF Unit 4
No ratings yet
CF Unit 4
23 pages
Synapsis Operator Panel - New (CPR10B2129-W-MC1)
No ratings yet
Synapsis Operator Panel - New (CPR10B2129-W-MC1)
1 page
Sag582137000 - Netsure 512
No ratings yet
Sag582137000 - Netsure 512
62 pages