Scribd
Upload
49 views15 pages

Bugreport

Uploaded by

Andri Arief
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
49 views15 pages

Bugreport

Uploaded by

Andri Arief
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 15

date/time

: 2015-05-28, 10:48:13, 196ms


computer name
: HP
user name
: BKPP 26 <admin>
registered owner : BKPP 26 / Hewlett-Packard Company
operating system : Windows NT New x64 build 9200
system language : Indonesian
system up time
: 7 days 3 hours
program up time : 43 seconds
processors
: 4x Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
physical memory : 571/1964 MB (free/total)
free disk space : (C:) 403,31 GB
display mode
: 1600x900, 32 bit
process id
: $17bc
allocated memory : 30,09 MB
executable
: Unofficial Ragnarok Online.exe
exec. date/time : 2014-06-27 02:40
version
: 2.6.1.66
compiled with
: Delphi 2010
madExcept version : 3.0l
callstack crc
: $ee9367bc, $8e5143e4, $8e5143e4
exception number : 1
exception class : EAccessViolation
exception message : Access violation at address 005140E7 in module 'Unofficial R
agnarok Online.exe'. Read of address 00000010.
main thread ($1650):
005140e7 +00f Unofficial
SizeStored
005140cd +005 Unofficial
ntSizeStored
005167e3 +58b Unofficial
Params
004f3002 +02e Unofficial
Wnd
00512aed +005 Unofficial
ol.CreateWnd
0051685e +00a Unofficial
Wnd
004f3552 +016 Unofficial
Handle
004f722c +01c Unofficial
Needed
004f7239 +005 Unofficial
dle
0051c511 +02d Unofficial
74dba201 +015 user32.dll
0049f5b8 +014 Unofficial
7735c68f +02b ntdll.dll
atcher
00580ceb +01f Unofficial
y
004f18a6 +0ae Unofficial
y
00512ac4 +038 Unofficial
ol.Destroy
005138bd +0f9 Unofficial
y
0049e2c3 +057 Unofficial
Components
005118b9 +035 Unofficial

Ragnarok Online.exe Forms

TCustomForm.IsForm

Ragnarok Online.exe Forms

TCustomForm.IsClie

Ragnarok Online.exe Forms

TCustomForm.Create

Ragnarok Online.exe Controls

TWinControl.Create

Ragnarok Online.exe Forms

TScrollingWinContr

Ragnarok Online.exe Forms

TCustomForm.Create

Ragnarok Online.exe Controls

TWinControl.Create

Ragnarok Online.exe Controls

TWinControl.Handle

Ragnarok Online.exe Controls

TWinControl.GetHan

Ragnarok Online.exe Forms


Ragnarok Online.exe Classes

GetTopMostWindows
EnumWindows
StdWndProc
KiUserCallbackDisp

Ragnarok Online.exe OleCtrls

TOleControl.Destro

Ragnarok Online.exe Controls

TWinControl.Destro

Ragnarok Online.exe Forms

TScrollingWinContr

Ragnarok Online.exe Forms

TCustomForm.Destro

Ragnarok Online.exe Classes

TComponent.Destroy

Ragnarok Online.exe Forms

DoneApplication

0046ed76
00406669
00618d33
75c2919d
k

+026
+065
+3af
+00c

Unofficial Ragnarok Online.exe SysUtils


DoExitProc
Unofficial Ragnarok Online.exe System 985 +0 @Halt0
Unofficial Ragnarok Online.exe Thor
236 +72 initialization
KERNEL32.DLL
BaseThreadInitThun

thread $1b90:
75c2919d +c KERNEL32.DLL BaseThreadInitThunk
thread $12f4:
75c2919d +c KERNEL32.DLL BaseThreadInitThunk
thread $1474:
00464631 +0d Unofficial Ragnarok Online.exe madExcept CallThreadProcSafe
0046469b +37 Unofficial Ragnarok Online.exe madExcept ThreadExceptFrame
75c2919d +0c KERNEL32.DLL
BaseThreadInitThunk
>> created by main thread ($1650) at:
7518eabc +00 combase.dll
thread $a98:
75c2919d +c KERNEL32.DLL BaseThreadInitThunk
thread $11fc:
75c2919d +c KERNEL32.DLL BaseThreadInitThunk
thread $fd0:
74fe0921 +000
74dac29a +153
75129355 +058
75c2919d +00c

KERNELBASE.dll
user32.dll
combase.dll
KERNEL32.DLL

WaitForMultipleObjectsEx
MsgWaitForMultipleObjectsEx
CoWaitForMultipleHandles
BaseThreadInitThunk

modules:
00400000 Unofficial Ragnarok Online.exe 2.6.1.66
C:\Users\BKPP 26\Doc
uments\Andri Game File\uRagnarok
66190000 MSHTML.dll
11.0.9600.17278
C:\windows\SYSTEM32
6f400000 ieframe.dll
11.0.9600.17278
C:\Windows\SYSTEM32
70e80000 urlmon.dll
11.0.9600.17278
C:\windows\SYSTEM32
70fb0000 PROPSYS.dll
7.0.9600.17278
C:\windows\SYSTEM32
71320000 winhttp.dll
6.3.9600.16384
C:\windows\SYSTEM32
713c0000 apphelp.dll
6.3.9600.17031
C:\windows\system32
71510000 uxtheme.dll
6.3.9600.17031
C:\windows\system32
71800000 uiautomationcore.dll
7.2.9600.16421
C:\Windows\SYSTEM32
718f0000 comctl32.dll
6.10.9600.17031
C:\windows\WinSxS\x8
6_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8
b01377ea7
71af0000 MLANG.dll
6.3.9600.16384
C:\windows\SYSTEM32
71b20000 olepro32.dll
6.3.9600.16384
C:\windows\SYSTEM32
71d60000 dwmapi.dll
6.3.9600.17238
C:\windows\system32
71e20000 Fwpuclnt.dll
6.3.9600.17042
C:\windows\SYSTEM32
71ff0000 winspool.drv
6.3.9600.17238
C:\windows\SYSTEM32
72140000 msimg32.dll
6.3.9600.16384
C:\windows\SYSTEM32
72180000 rasadhlp.dll
6.3.9600.16384
C:\Windows\System32
72190000 bcrypt.dll
6.3.9600.17031
C:\windows\SYSTEM32
721b0000 rsaenh.dll
6.3.9600.17200
C:\windows\system32
721e0000 CRYPTSP.dll
6.3.9600.16384
C:\windows\SYSTEM32
72200000 wsock32.dll
6.3.9600.16384
C:\windows\SYSTEM32
72290000 mdnsNSP.dll
3.0.0.10
C:\Program Files (x8
6)\Bonjour
722d0000 DNSAPI.dll
6.3.9600.17039
C:\windows\SYSTEM32
72590000 USERENV.dll
6.3.9600.17041
C:\windows\SYSTEM32

725b0000
72d10000
72d40000
72f10000
72f50000
743e0000
74b40000
74b50000
74c10000
74c90000
74ca0000
74cb0000
74d10000
74d20000
74da0000
74ef0000
74f80000
74fd0000
750a0000
750e0000
75110000
753b0000
754c0000
75570000
75680000
75920000
759a0000
75aa0000
75b30000
75b40000
75c10000
75f90000
771b0000
77320000

iertutil.dll
WINNSI.DLL
WININET.dll
IPHLPAPI.DLL
mswsock.dll
profapi.dll
Secur32.dll
kernel.appcore.dll
SHCORE.DLL
ondemandconnroutehelper.dll
version.dll
bcryptPrimitives.dll
CRYPTBASE.dll
SspiCli.dll
user32.dll
clbcatq.dll
WS2_32.dll
KERNELBASE.dll
sechost.dll
IMM32.DLL
combase.dll
gdi32.dll
RPCRT4.dll
ole32.dll
MSCTF.dll
advapi32.dll
oleaut32.dll
comdlg32.dll
NSI.dll
msvcrt.dll
KERNEL32.DLL
shell32.dll
SHLWAPI.dll
ntdll.dll

processes:
0000 Idle
0004 System
0160 smss.exe
0234 csrss.exe
0274 wininit.exe
02d0 services.exe
02d8 lsass.exe
0324 svchost.exe
0344 svchost.exe
03b8 OmniServ.exe
0050 svchost.exe
018c svchost.exe
0210 svchost.exe
02c8 igfxCUIService.exe
0384 svchost.exe
0444 RtkAudioService64.exe
0470 svchost.exe
050c spoolsv.exe
0528 svchost.exe
05cc svchost.exe
05dc mDNSResponder.exe
061c HPLaserJetService.exe
0654 HPSIsvc.exe
066c cmw_srv.exe

11.0.9600.17278
6.3.9600.16384
11.0.9600.17278
6.3.9600.16384
6.3.9600.16384
6.3.9600.16384
6.3.9600.16384
6.3.9600.16384
6.3.9600.17238
6.3.9600.16384
6.3.9600.16384
6.3.9600.17120
6.3.9600.16384
6.3.9600.16408
6.3.9600.17238
2001.12.10530.16384
6.3.9600.16384
6.3.9600.17278
6.3.9600.16384
6.3.9600.17031
6.3.9600.17031
6.3.9600.17246
6.3.9600.17216
6.3.9600.17042
6.3.9600.17664
6.3.9600.17031
6.3.9600.16506
6.3.9600.17238
6.3.9600.16384
7.0.9600.16384
6.3.9600.17056
6.3.9600.17278
6.3.9600.16384
6.3.9600.17278
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0

C:\Windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\system32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\system32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32

0684 hsswd.exe
06a0 HeciServer.exe
071c RichVideo64.exe
0738 svchost.exe
0a34 svchost.exe
0a68 svchost.exe
0dfc PresentationFontCache.exe
0fc0 svchost.exe
0acc GamesAppIntegrationService.exe
0938 HPSA_Service.exe
0b54 IntelMeFWService.exe
0ff4 jhi_service.exe
09fc LMS.exe
124c OSPPSVC.EXE
0c24 dasHost.exe
0c48 armsvc.exe
0d9c SearchIndexer.exe
0f0c McCSPServiceHost.exe
18bc mfevtps.exe
1344 McAPExe.exe
1034 mfefire.exe
1844 mcshield.exe
0b38 McSvHost.exe
0d14 csrss.exe
1258 winlogon.exe
0bc4 dwm.exe
0884 RAVBg64.exe
0c2c explorer.exe
16a4 taskhostex.exe
1b6c igfxEM.exe
198c igfxHK.exe
1924 opvapp.exe
0e74 RtkNGUI64.exe
1b74 ClientCore.exe
09ec OPBHOBroker.exe
1af8 OPBHOBrokerDsktop.exe
0f04 YouCamService.exe
)\CyberLink\YouCam
0e88 chrome.exe
ata\Local\Google\Chrome\Application
0cd4 chrome.exe
ata\Local\Google\Chrome\Application
0750 chrome.exe
ata\Local\Google\Chrome\Application
1714 chrome.exe
ata\Local\Google\Chrome\Application
142c McUICnt.exe
1294 chrome.exe
ata\Local\Google\Chrome\Application
1008 chrome.exe
ata\Local\Google\Chrome\Application
0c44 WUDFHost.exe
140c WmiPrvSE.exe
16d4 SearchProtocolHost.exe
0ac0 chrome.exe
ata\Local\Google\Chrome\Application
0ce0 chrome.exe
ata\Local\Google\Chrome\Application
14e4 chrome.exe
ata\Local\Google\Chrome\Application

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
1
1
1
1
1
1
1
1
1
1

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
859
13
13
13
0
20
35
55
55
26

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
693
17
18
13
0
28
10
17
17
46

normal
normal
normal
normal
normal
normal
normal
normal
below normal c:\Program Files (x86

1 117 66 normal

C:\Users\BKPP 26\AppD

1 4

11 normal

C:\Users\BKPP 26\AppD

1 0

normal

C:\Users\BKPP 26\AppD

1 0

idle

C:\Users\BKPP 26\AppD

1 19 36 normal
1 0 0 idle

C:\Users\BKPP 26\AppD

1 52 1

normal

C:\Users\BKPP 26\AppD

0
0
0
1

0
0
0
0

0
0
0
0

idle

C:\Users\BKPP 26\AppD

1 0

normal

C:\Users\BKPP 26\AppD

1 0

idle

C:\Users\BKPP 26\AppD

0220 SearchProtocolHost.exe
0 0 0
03fc SearchFilterHost.exe
0 0 0 idle
17bc Unofficial Ragnarok Online.exe 1 109 49 normal
ments\Andri Game File\uRagnarok

C:\Users\BKPP 26\Docu

hardware:
+ {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
- Fax
- Foxit PhantomPDF Printer
- HP ePrint
- Microsoft XPS Document Writer
- Root Print Queue
- Send To OneNote 2010
+ {36fc9e60-c465-11cf-8056-444553540000}
- Generic USB Hub
- Generic USB Hub
- Intel(R) 8 Series/C220 Series USB EHCI #1 - 8C26
- Intel(R) 8 Series/C220 Series USB EHCI #2 - 8C2D
- Intel(R) USB 3.0 eXtensible Host Controller - 0100 (Microsoft)
- USB Composite Device
- USB Mass Storage Device
- USB Mass Storage Device
- USB Root Hub
- USB Root Hub
- USB Root Hub (xHCI)
+ {4d36e965-e325-11ce-bfc1-08002be10318}
- hp CDDVDW SH-216DB
+ {4d36e966-e325-11ce-bfc1-08002be10318}
- ACPI x64-based PC
+ {4d36e967-e325-11ce-bfc1-08002be10318}
- Generic- Multiple Reader USB Device
- SanDisk Cruzer Blade USB Device
- ST500DM002-1BD142
+ {4d36e968-e325-11ce-bfc1-08002be10318}
- Intel(R) HD Graphics 4400 (driver 10.18.10.3621)
+ {4d36e96a-e325-11ce-bfc1-08002be10318}
- Standard SATA AHCI Controller
+ {4d36e96b-e325-11ce-bfc1-08002be10318}
- HID Keyboard Device
+ {4d36e96c-e325-11ce-bfc1-08002be10318}
- CyberLink WebCam Virtual Driver (driver 1.0.27893.6128)
- Realtek High Definition Audio (driver 6.0.1.7283)
+ {4d36e96e-e325-11ce-bfc1-08002be10318}
- HP 20wd LED Backlit Monitor (driver 1.0.0.1)
+ {4d36e96f-e325-11ce-bfc1-08002be10318}
- HID-compliant mouse
+ {4d36e972-e325-11ce-bfc1-08002be10318}
- 802.11n USB Wireless LAN Card
- Anchorfree HSS VPN Adapter (driver 32.0.0.2)
- Realtek PCIe GBE Family Controller (driver 8.34.617.2014)
+ {4d36e97b-e325-11ce-bfc1-08002be10318}
- Microsoft Storage Spaces Controller
+ {4d36e97d-e325-11ce-bfc1-08002be10318}
- ACPI Fan
- ACPI Fan
- ACPI Fan
- ACPI Fan
- ACPI Fan
- ACPI Fixed Feature Button
- ACPI Power Button

- ACPI Processor Aggregator


- ACPI Sleep Button
- ACPI Thermal Zone
- ACPI Thermal Zone
- Composite Bus Enumerator
- Direct memory access controller
- High Definition Audio Controller
- High precision event timer
- Intel(R) 4th Gen Core processor DRAM Controller - 0C00 (driver 9.4.0.1023)
- Intel(R) 8 Series/C220 Series PCI Express Root Port #1 - 8C10 (driver 9.4.0.
1023)
- Intel(R) 8 Series/C220 Series PCI Express Root Port #4 - 8C16 (driver 9.4.0.
1023)
- Intel(R) 8 Series/C220 Series SMBus Controller - 8C22 (driver 9.4.0.1023)
- Intel(R) 82802 Firmware Hub Device
- Intel(R) H81 LPC Controller - 8C5C (driver 9.4.0.1023)
- Intel(R) Management Engine Interface (driver 9.5.24.1790)
- Intel(R) Xeon(R) processor E3-1200 v3/4th Gen Core processor PCI Express x16
Controller - 0C01 (driver 9.4.0.1023)
- IWD Bus Enumerator (driver 4.5.52.0)
- Microsoft ACPI-Compliant System
- Microsoft Basic Display Driver
- Microsoft Basic Render Driver
- Microsoft System Management BIOS Driver
- Microsoft UEFI-Compliant System
- Microsoft Virtual Drive Enumerator
- Microsoft Windows Management Interface for ACPI
- Motherboard resources
- Motherboard resources
- Motherboard resources
- Motherboard resources
- Motherboard resources
- Motherboard resources
- NDIS Virtual Network Adapter Enumerator
- Numeric data processor
- PCI Express Root Complex
- Plug and Play Software Device Enumerator
- Programmable interrupt controller
- Remote Desktop Device Redirector Bus
- System CMOS/real time clock
- System timer
- UMBus Root Bus Enumerator
- Volume Manager
+ {50127dc3-0f36-415e-a6cc-4cb3be910b65}
- Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
- Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
- Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
- Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
+ {533c5b84-ec70-11d2-9505-00c04f79deaf}
- Generic volume shadow copy
- Generic volume shadow copy
- Generic volume shadow copy
- Generic volume shadow copy
+ {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
- ARIE-PC: ARIE:
- Microsoft Device Association Root Enumerator
- Microsoft IPv4 IPv6 Transition Adapter Bus
+ {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
- HID-compliant consumer control device
- HID-compliant system controller

- USB Input Device


- USB Input Device
- USB Input Device
+ {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
- Trusted Platform Module 1.2
+ {eec5ad98-8080-425f-922a-dabf3de3f69a}
- G:\
+ {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
- System Firmware
cpu
eax
ebx
ecx
edx
esi
edi
eip
esp
ebp

registers:
= 01f10180
= 01f10180
= 0018f834
= 00000000
= 0051504c
= 0018f82c
= 005140e7
= 0018f7b0
= 00000000

stack dump:
0018f7b0 d2
0018f7c0 b0
0018f7d0 80
0018f7e0 b4
0018f7f0 80
0018f800 00
0018f810 5e
0018f820 86
0018f830 00
0018f840 6a
0018f850 08
0018f860 00
0018f870 00
0018f880 6e
0018f890 00
0018f8a0 00
0018f8b0 00
0018f8c0 00
0018f8d0 00
0018f8e0 00

40
20
01
f9
01
00
00
00
00
01
00
00
00
00
00
00
00
00
00
00

disassembling:
[...]
0040664c
00406651
00406656
0040665a
0040665c
0040665f
00406661
00406663
00406665
00406667
00406669
>
0040666b
0040666e
00406670
00406674

51
00
f1
18
f1
00
00
00
00
00
00
40
00
46
00
00
00
00
00
00

mov
call
cmp
jnz
cmp
jz
mov
mov
xor
mov
call
cmp
jnz
cmp
jnz

00
90
01
00
01
00
00
01
86
00
00
00
00
00
00
00
00
00
00
00

80
ff
80
b0
80
4c
f0
1a
00
ff
60
00
00
72
00
00
00
00
00
00

01
ff
01
5e
01
f8
02
5d
00
01
d4
00
00
00
00
00
00
00
00
00

f1
ff
f1
40
f1
18
00
53
0d
00
40
00
00
6d
00
00
00
00
00
00

01
ff
01
00
01
00
00
f3
00
00
00
00
00
00
00
00
00
00
00
00

e8
1e
80
f8
00
00
01
50
f6
00
00
03
54
00
00
00
00
00
00
00

67
a5
01
f8
00
00
00
53
01
00
00
00
00
00
00
00
00
00
00
00

51
da
f1
18
00
00
00
84
00
00
00
01
4d
00
00
00
00
00
00
00

00
74
01
00
00
00
00
00
00
00
00
00
00
00
00
00
00
00
00
00

00
f8
08
ff
20
20
00
d4
2d
00
00
00
61
00
00
00
00
00
00
00

00
f8
30
ff
b1
b1
00
85
01
00
00
00
00
00
00
00
00
00
00
00

00
18
4f
ff
af
af
00
f7
00
00
00
00
69
00
00
00
00
00
00
00

00
00
00
ff
00
00
00
01
00
00
00
00
00
00
00
00
00
00
00
00

[email protected].....
...........t....
.............0O.
.....^@.........
................
....L...........
^...............
.....]S.PS......
............-...
j...............
....`.@.........
..@.............
........T.M.a.i.
n.F.r.m.........
................
................
................
................
................
................

eax, $62eb1c
-$10e ($406548)
; System.ExitDll
byte ptr [ebx+$28], 0
loc_406670
dword ptr [edi], 0
loc_406670
eax, [edi]
esi, eax
eax, eax
[edi], eax
esi
dword ptr [edi], 0
loc_406661
byte ptr [ebx+$28], 2
loc_406684

00406676
0040667d
0040667f
00406681
00406684
00406689
[...]

cmp
jnz
xor
mov
call
cmp

dword ptr [$619000], 0


loc_406684
eax, eax
[ebx+$c], eax
+$5d3e7 ($463a70)
; madExcept.InterceptFinalizeUnits
byte ptr [ebx+$28], 1

date/time
: 2015-05-28, 17:29:56, 92ms
computer name
: HP
user name
: BKPP 26 <admin>
registered owner : BKPP 26 / Hewlett-Packard Company
operating system : Windows NT New x64 build 9200
system language : Indonesian
system up time
: 7 days 9 hours
program up time : 55 seconds
processors
: 4x Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
physical memory : 749/1964 MB (free/total)
free disk space : (C:) 403,30 GB
display mode
: 1600x900, 32 bit
process id
: $1af4
allocated memory : 30,25 MB
executable
: Unofficial Ragnarok Online.exe
exec. date/time : 2014-06-27 02:40
version
: 2.6.1.66
compiled with
: Delphi 2010
madExcept version : 3.0l
callstack crc
: $ee9367bc, $72747e59, $72747e59
exception number : 1
exception class : EAccessViolation
exception message : Access violation at address 005140E7 in module 'Unofficial R
agnarok Online.exe'. Read of address 00000010.
main thread ($1284):
005140e7 +00f Unofficial
SizeStored
005140cd +005 Unofficial
ntSizeStored
005167e3 +58b Unofficial
Params
004f3002 +02e Unofficial
Wnd
00512aed +005 Unofficial
ol.CreateWnd
0051685e +00a Unofficial
Wnd
004f3552 +016 Unofficial
Handle
004f722c +01c Unofficial
Needed
004f7239 +005 Unofficial
dle
0051c511 +02d Unofficial
74dba201 +015 user32.dll
0051c5c5 +02d Unofficial
malizeTopMosts
0051c69a +002 Unofficial
lizeTopMosts
0051ced0 +31c Unofficial
oc

Ragnarok Online.exe Forms

TCustomForm.IsForm

Ragnarok Online.exe Forms

TCustomForm.IsClie

Ragnarok Online.exe Forms

TCustomForm.Create

Ragnarok Online.exe Controls

TWinControl.Create

Ragnarok Online.exe Forms

TScrollingWinContr

Ragnarok Online.exe Forms

TCustomForm.Create

Ragnarok Online.exe Controls

TWinControl.Create

Ragnarok Online.exe Controls

TWinControl.Handle

Ragnarok Online.exe Controls

TWinControl.GetHan

Ragnarok Online.exe Forms


Ragnarok Online.exe Forms

GetTopMostWindows
EnumWindows
TApplication.DoNor

Ragnarok Online.exe Forms

TApplication.Norma

Ragnarok Online.exe Forms

TApplication.WndPr

0049f5b8 +014
7735c68f +02b
atcher
00580ceb +01f
y
004f18a6 +0ae
y
00512ac4 +038
ol.Destroy
005138bd +0f9
y
0049e2c3 +057
Components
005118b9 +035
0046ed76 +026
00406669 +065
00618d33 +3af
75c2919d +00c
k

Unofficial Ragnarok Online.exe Classes


ntdll.dll

StdWndProc
KiUserCallbackDisp

Unofficial Ragnarok Online.exe OleCtrls

TOleControl.Destro

Unofficial Ragnarok Online.exe Controls

TWinControl.Destro

Unofficial Ragnarok Online.exe Forms

TScrollingWinContr

Unofficial Ragnarok Online.exe Forms

TCustomForm.Destro

Unofficial Ragnarok Online.exe Classes

TComponent.Destroy

Unofficial Ragnarok
Unofficial Ragnarok
Unofficial Ragnarok
Unofficial Ragnarok
KERNEL32.DLL

DoneApplication
DoExitProc
@Halt0
initialization
BaseThreadInitThun

Online.exe
Online.exe
Online.exe
Online.exe

Forms
SysUtils
System 985 +0
Thor
236 +72

thread $1650:
75c2919d +c KERNEL32.DLL BaseThreadInitThunk
thread $bc0:
75c2919d +c KERNEL32.DLL BaseThreadInitThunk
thread $15dc:
00464631 +0d Unofficial Ragnarok Online.exe madExcept CallThreadProcSafe
0046469b +37 Unofficial Ragnarok Online.exe madExcept ThreadExceptFrame
75c2919d +0c KERNEL32.DLL
BaseThreadInitThunk
>> created by main thread ($1284) at:
7518eabc +00 combase.dll
thread $15cc:
75c2919d +c KERNEL32.DLL BaseThreadInitThunk
thread $1990:
75c2919d +c KERNEL32.DLL BaseThreadInitThunk
thread $7ec:
75c2919d +c KERNEL32.DLL BaseThreadInitThunk
thread $14e0:
74fe0921 +000
74dac29a +153
75129355 +058
75c2919d +00c

KERNELBASE.dll
user32.dll
combase.dll
KERNEL32.DLL

WaitForMultipleObjectsEx
MsgWaitForMultipleObjectsEx
CoWaitForMultipleHandles
BaseThreadInitThunk

modules:
00400000 Unofficial Ragnarok Online.exe
uments\Andri Game File\uRagnarok
5c1d0000 MSHTML.dll
5d280000 ieframe.dll
5e720000 uiautomationcore.dll
5eba0000 MLANG.dll
6bbf0000 olepro32.dll
70e80000 urlmon.dll
70fb0000 PROPSYS.dll
71320000 winhttp.dll
713c0000 apphelp.dll

2.6.1.66

C:\Users\BKPP 26\Doc

11.0.9600.17278
11.0.9600.17278
7.2.9600.16421
6.3.9600.16384
6.3.9600.16384
11.0.9600.17278
7.0.9600.17278
6.3.9600.16384
6.3.9600.17031

C:\windows\SYSTEM32
C:\Windows\SYSTEM32
C:\Windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\SYSTEM32
C:\windows\system32

71510000 uxtheme.dll
6.3.9600.17031
C:\windows\system32
718f0000 comctl32.dll
6.10.9600.17031
C:\windows\WinSxS\x8
6_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8
b01377ea7
71d60000 dwmapi.dll
6.3.9600.17238
C:\windows\system32
71e20000 Fwpuclnt.dll
6.3.9600.17042
C:\windows\SYSTEM32
71ff0000 winspool.drv
6.3.9600.17238
C:\windows\SYSTEM32
72140000 msimg32.dll
6.3.9600.16384
C:\windows\SYSTEM32
72180000 rasadhlp.dll
6.3.9600.16384
C:\Windows\System32
72190000 bcrypt.dll
6.3.9600.17031
C:\windows\SYSTEM32
721b0000 rsaenh.dll
6.3.9600.17200
C:\windows\system32
721e0000 CRYPTSP.dll
6.3.9600.16384
C:\windows\SYSTEM32
72200000 wsock32.dll
6.3.9600.16384
C:\windows\SYSTEM32
72290000 mdnsNSP.dll
3.0.0.10
C:\Program Files (x8
6)\Bonjour
722d0000 DNSAPI.dll
6.3.9600.17039
C:\windows\SYSTEM32
72590000 USERENV.dll
6.3.9600.17041
C:\windows\SYSTEM32
725b0000 iertutil.dll
11.0.9600.17278
C:\Windows\SYSTEM32
72d10000 WINNSI.DLL
6.3.9600.16384
C:\windows\SYSTEM32
72d40000 WININET.dll
11.0.9600.17278
C:\windows\SYSTEM32
72f10000 IPHLPAPI.DLL
6.3.9600.16384
C:\windows\SYSTEM32
72f50000 mswsock.dll
6.3.9600.16384
C:\windows\system32
743e0000 profapi.dll
6.3.9600.16384
C:\windows\SYSTEM32
74b40000 Secur32.dll
6.3.9600.16384
C:\windows\SYSTEM32
74b50000 kernel.appcore.dll
6.3.9600.16384
C:\windows\SYSTEM32
74c10000 SHCORE.DLL
6.3.9600.17238
C:\windows\SYSTEM32
74c90000 ondemandconnroutehelper.dll
6.3.9600.16384
C:\windows\SYSTEM32
74ca0000 version.dll
6.3.9600.16384
C:\windows\SYSTEM32
74cb0000 bcryptPrimitives.dll
6.3.9600.17120
C:\windows\SYSTEM32
74d10000 CRYPTBASE.dll
6.3.9600.16384
C:\windows\SYSTEM32
74d20000 SspiCli.dll
6.3.9600.16408
C:\windows\SYSTEM32
74da0000 user32.dll
6.3.9600.17238
C:\windows\SYSTEM32
74ef0000 clbcatq.dll
2001.12.10530.16384 C:\windows\SYSTEM32
74f80000 WS2_32.dll
6.3.9600.16384
C:\windows\SYSTEM32
74fd0000 KERNELBASE.dll
6.3.9600.17278
C:\windows\SYSTEM32
750a0000 sechost.dll
6.3.9600.16384
C:\windows\SYSTEM32
750e0000 IMM32.DLL
6.3.9600.17031
C:\windows\system32
75110000 combase.dll
6.3.9600.17031
C:\windows\SYSTEM32
753b0000 gdi32.dll
6.3.9600.17246
C:\windows\SYSTEM32
754c0000 RPCRT4.dll
6.3.9600.17216
C:\windows\SYSTEM32
75570000 ole32.dll
6.3.9600.17042
C:\windows\SYSTEM32
75680000 MSCTF.dll
6.3.9600.17664
C:\windows\SYSTEM32
75920000 advapi32.dll
6.3.9600.17031
C:\windows\SYSTEM32
759a0000 oleaut32.dll
6.3.9600.16506
C:\windows\SYSTEM32
75aa0000 comdlg32.dll
6.3.9600.17238
C:\windows\SYSTEM32
75b30000 NSI.dll
6.3.9600.16384
C:\windows\SYSTEM32
75b40000 msvcrt.dll
7.0.9600.16384
C:\windows\SYSTEM32
75c10000 KERNEL32.DLL
6.3.9600.17056
C:\windows\SYSTEM32
75f90000 shell32.dll
6.3.9600.17278
C:\windows\SYSTEM32
771b0000 SHLWAPI.dll
6.3.9600.16384
C:\windows\SYSTEM32
77320000 ntdll.dll
6.3.9600.17278
C:\windows\SYSTEM32
processes:
0000 Idle
0004 System
0160 smss.exe
0234 csrss.exe
0274 wininit.exe
02d0 services.exe
02d8 lsass.exe

0
0
0
0
0
0
0

0
0
0
0
0
0
0

0
0
0
0
0
0
0

0324 svchost.exe
0344 svchost.exe
03b8 OmniServ.exe
0050 svchost.exe
018c svchost.exe
0210 svchost.exe
02c8 igfxCUIService.exe
0384 svchost.exe
0444 RtkAudioService64.exe
0470 svchost.exe
050c spoolsv.exe
0528 svchost.exe
05cc svchost.exe
05dc mDNSResponder.exe
061c HPLaserJetService.exe
0654 HPSIsvc.exe
066c cmw_srv.exe
0684 hsswd.exe
06a0 HeciServer.exe
071c RichVideo64.exe
0738 svchost.exe
0a34 svchost.exe
0a68 svchost.exe
0dfc PresentationFontCache.exe
0fc0 svchost.exe
0acc GamesAppIntegrationService.exe
0938 HPSA_Service.exe
0b54 IntelMeFWService.exe
0ff4 jhi_service.exe
09fc LMS.exe
124c OSPPSVC.EXE
0c24 dasHost.exe
0c48 armsvc.exe
0d9c SearchIndexer.exe
0f0c McCSPServiceHost.exe
18bc mfevtps.exe
1344 McAPExe.exe
1034 mfefire.exe
1844 mcshield.exe
0b38 McSvHost.exe
0d14 csrss.exe
1258 winlogon.exe
0bc4 dwm.exe
0884 RAVBg64.exe
0c2c explorer.exe
16a4 taskhostex.exe
1b6c igfxEM.exe
198c igfxHK.exe
1924 opvapp.exe
0e74 RtkNGUI64.exe
1b74 ClientCore.exe
09ec OPBHOBroker.exe
1af8 OPBHOBrokerDsktop.exe
0f04 YouCamService.exe
)\CyberLink\YouCam
0e88 chrome.exe
ata\Local\Google\Chrome\Application
0cd4 chrome.exe
ata\Local\Google\Chrome\Application
142c McUICnt.exe

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
1
1
1
1
1
1
1
1
1
1

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
908
13
13
13
0
20
35
55
55
26

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
720
17
18
13
0
28
10
17
17
46

normal
normal
normal
normal
normal
normal
normal
normal
below normal c:\Program Files (x86

1 141 70 normal

C:\Users\BKPP 26\AppD

1 4

C:\Users\BKPP 26\AppD

11 normal

1 19 36 normal

155c splwow64.exe
1554 chrome.exe
ata\Local\Google\Chrome\Application
06cc WUDFHost.exe
1a00 WINWORD.EXE
)\Microsoft Office\Office14
0ad4 EXCEL.EXE
)\Microsoft Office\Office14
18d0 chrome.exe
ata\Local\Google\Chrome\Application
16c4 taskeng.exe
1af4 Unofficial Ragnarok Online.exe
ments\Andri Game File\uRagnarok

1 9
1 0

3
0

normal
normal

C:\Users\BKPP 26\AppD

0 0 0
1 318 90 normal

C:\Program Files (x86

1 641 182 normal

C:\Program Files (x86

1 0

normal

C:\Users\BKPP 26\AppD

1 9 3 normal
1 109 49 normal

C:\Users\BKPP 26\Docu

hardware:
+ {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
- Fax
- Foxit PhantomPDF Printer
- HP ePrint
- HPA403CD (HP Officejet 7500 E910)
- Microsoft XPS Document Writer
- Root Print Queue
- Send To OneNote 2010
+ {36fc9e60-c465-11cf-8056-444553540000}
- Generic USB Hub
- Generic USB Hub
- Intel(R) 8 Series/C220 Series USB EHCI #1 - 8C26
- Intel(R) 8 Series/C220 Series USB EHCI #2 - 8C2D
- Intel(R) USB 3.0 eXtensible Host Controller - 0100 (Microsoft)
- USB Composite Device
- USB Mass Storage Device
- USB Mass Storage Device
- USB Root Hub
- USB Root Hub
- USB Root Hub (xHCI)
+ {4d36e965-e325-11ce-bfc1-08002be10318}
- hp CDDVDW SH-216DB
+ {4d36e966-e325-11ce-bfc1-08002be10318}
- ACPI x64-based PC
+ {4d36e967-e325-11ce-bfc1-08002be10318}
- Generic- Multiple Reader USB Device
- SanDisk Cruzer Blade USB Device
- ST500DM002-1BD142
+ {4d36e968-e325-11ce-bfc1-08002be10318}
- Intel(R) HD Graphics 4400 (driver 10.18.10.3621)
+ {4d36e96a-e325-11ce-bfc1-08002be10318}
- Standard SATA AHCI Controller
+ {4d36e96b-e325-11ce-bfc1-08002be10318}
- HID Keyboard Device
+ {4d36e96c-e325-11ce-bfc1-08002be10318}
- CyberLink WebCam Virtual Driver (driver 1.0.27893.6128)
- Realtek High Definition Audio (driver 6.0.1.7283)
+ {4d36e96e-e325-11ce-bfc1-08002be10318}
- HP 20wd LED Backlit Monitor (driver 1.0.0.1)
+ {4d36e96f-e325-11ce-bfc1-08002be10318}
- HID-compliant mouse
+ {4d36e972-e325-11ce-bfc1-08002be10318}
- 802.11n USB Wireless LAN Card
- Anchorfree HSS VPN Adapter (driver 32.0.0.2)
- Realtek PCIe GBE Family Controller (driver 8.34.617.2014)

+ {4d36e979-e325-11ce-bfc1-08002be10318}
- HP Officejet 7500 E910 Class Driver (driver 6.3.9600.16384)
+ {4d36e97b-e325-11ce-bfc1-08002be10318}
- Microsoft Storage Spaces Controller
+ {4d36e97d-e325-11ce-bfc1-08002be10318}
- ACPI Fan
- ACPI Fan
- ACPI Fan
- ACPI Fan
- ACPI Fan
- ACPI Fixed Feature Button
- ACPI Power Button
- ACPI Processor Aggregator
- ACPI Sleep Button
- ACPI Thermal Zone
- ACPI Thermal Zone
- Composite Bus Enumerator
- Direct memory access controller
- High Definition Audio Controller
- High precision event timer
- Intel(R) 4th Gen Core processor DRAM Controller - 0C00 (driver 9.4.0.1023)
- Intel(R) 8 Series/C220 Series PCI Express Root Port #1 - 8C10 (driver 9.4.0.
1023)
- Intel(R) 8 Series/C220 Series PCI Express Root Port #4 - 8C16 (driver 9.4.0.
1023)
- Intel(R) 8 Series/C220 Series SMBus Controller - 8C22 (driver 9.4.0.1023)
- Intel(R) 82802 Firmware Hub Device
- Intel(R) H81 LPC Controller - 8C5C (driver 9.4.0.1023)
- Intel(R) Management Engine Interface (driver 9.5.24.1790)
- Intel(R) Xeon(R) processor E3-1200 v3/4th Gen Core processor PCI Express x16
Controller - 0C01 (driver 9.4.0.1023)
- IWD Bus Enumerator (driver 4.5.52.0)
- Microsoft ACPI-Compliant System
- Microsoft Basic Display Driver
- Microsoft Basic Render Driver
- Microsoft System Management BIOS Driver
- Microsoft UEFI-Compliant System
- Microsoft Virtual Drive Enumerator
- Microsoft Windows Management Interface for ACPI
- Motherboard resources
- Motherboard resources
- Motherboard resources
- Motherboard resources
- Motherboard resources
- Motherboard resources
- NDIS Virtual Network Adapter Enumerator
- Numeric data processor
- PCI Express Root Complex
- Plug and Play Software Device Enumerator
- Programmable interrupt controller
- Remote Desktop Device Redirector Bus
- System CMOS/real time clock
- System timer
- UMBus Root Bus Enumerator
- Volume Manager
+ {50127dc3-0f36-415e-a6cc-4cb3be910b65}
- Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
- Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
- Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
- Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz

+ {533c5b84-ec70-11d2-9505-00c04f79deaf}
- Generic volume shadow copy
- Generic volume shadow copy
- Generic volume shadow copy
- Generic volume shadow copy
+ {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
- HPA403CD (HP Officejet 7500 E910)
- Microsoft Device Association Root Enumerator
- Microsoft IPv4 IPv6 Transition Adapter Bus
+ {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
- HID-compliant consumer control device
- HID-compliant system controller
- USB Input Device
- USB Input Device
- USB Input Device
+ {c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}
- HPA403CD (HP Officejet 7500 E910)
+ {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
- Trusted Platform Module 1.2
+ {eec5ad98-8080-425f-922a-dabf3de3f69a}
- G:\
+ {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
- System Firmware
cpu
eax
ebx
ecx
edx
esi
edi
eip
esp
ebp

registers:
= 01e70180
= 01e70180
= 0018f834
= 00000000
= 0051504c
= 0018f82c
= 005140e7
= 0018f7b0
= 00000000

stack dump:
0018f7b0 d2
0018f7c0 c8
0018f7d0 80
0018f7e0 b4
0018f7f0 80
0018f800 03
0018f810 79
0018f820 86
0018f830 00
0018f840 6a
0018f850 08
0018f860 00
0018f870 00
0018f880 6e
0018f890 00
0018f8a0 00
0018f8b0 00
0018f8c0 00
0018f8d0 00
0018f8e0 00

40
2b
01
f9
01
00
00
00
00
01
00
00
00
00
00
00
00
00
00
00

51
00
e7
18
e7
00
00
00
00
00
00
40
00
46
00
00
00
00
00
00

disassembling:
[...]
0040664c
mov

00
e3
01
00
01
00
00
01
86
00
00
00
00
00
00
00
00
00
00
00

80
ff
80
b0
80
4c
b0
03
00
ff
60
00
00
72
00
00
00
00
00
00

01
ff
01
5e
01
f8
03
00
00
01
d4
00
00
00
00
00
00
00
00
00

e7
ff
e7
40
e7
18
00
00
0d
00
40
00
00
6d
00
00
00
00
00
00

01
ff
01
00
01
00
00
00
00
00
00
00
00
00
00
00
00
00
00
00

eax, $62eb1c

e8
1e
80
f8
00
00
01
e8
6b
00
00
03
54
00
00
00
00
00
00
00

67
a5
01
f8
00
00
00
8f
02
00
00
00
00
00
00
00
00
00
00
00

51
da
e7
18
00
00
00
29
00
00
00
01
4d
00
00
00
00
00
00
00

00
74
01
00
00
00
00
00
00
00
00
00
00
00
00
00
00
00
00
00

00
f8
08
ff
60
60
00
d4
ae
00
00
00
61
00
00
00
00
00
00
00

00
f8
30
ff
7b
7b
00
85
00
00
00
00
00
00
00
00
00
00
00
00

00
18
4f
ff
a6
a6
00
ed
00
00
00
00
69
00
00
00
00
00
00
00

00
00
00
ff
00
00
00
01
00
00
00
00
00
00
00
00
00
00
00
00

[email protected].....
.+.........t....
.............0O.
.....^@.........
............`{..
....L.......`{..
y...............
..........).....
........k.......
j...............
....`.@.........
..@.............
........T.M.a.i.
n.F.r.m.........
................
................
................
................
................
................

00406651
00406656
0040665a
0040665c
0040665f
00406661
00406663
00406665
00406667
00406669
0040666b
0040666e
00406670
00406674
00406676
0040667d
0040667f
00406681
00406684
00406689
[...]

call
cmp
jnz
cmp
jz
mov
mov
xor
mov
> call
cmp
jnz
cmp
jnz
cmp
jnz
xor
mov
call
cmp

-$10e ($406548)
; System.ExitDll
byte ptr [ebx+$28], 0
loc_406670
dword ptr [edi], 0
loc_406670
eax, [edi]
esi, eax
eax, eax
[edi], eax
esi
dword ptr [edi], 0
loc_406661
byte ptr [ebx+$28], 2
loc_406684
dword ptr [$619000], 0
loc_406684
eax, eax
[ebx+$c], eax
+$5d3e7 ($463a70)
; madExcept.InterceptFinalizeUnits
byte ptr [ebx+$28], 1

You might also like