tablacus
commented
7 years ago TE64.exe works in my machines. Please tell me your environment.(OS and ...)
Best regards,
Open RayZopf opened 7 years ago
tablacus
commented
7 years ago TE64.exe works in my machines. Please tell me your environment.(OS and ...)
Best regards,
RayZopf
commented
7 years ago what I could imagine is that EMET interferes, but i cannot find any trace of security action taken in Windows event log
tablacus
commented
7 years ago Which Windows operating system are you running?
Best regards,
RayZopf
commented
7 years ago edited starting post :) it is Win 7 64bit latest updates
tablacus
commented
7 years ago Thank you,
tablacus
commented
7 years ago It works without a problem here.
What are you using anti-virus software?
Best regards,
RayZopf
commented
7 years ago MSE is used as AV solution
but I disabled the realtime protection to test - no change, still unable to get run TE64
_TE32 17.8.27 Win 6.1.7601 Wow64 WS 100 IE 11 dede Microsoft Security Essentials mouse,key,addressbar,filterbar,back,forward,up,treeview,toolbar,mainmenu,titlebar,tabs ^^is ok - 64bit does not start up, gives no commandline debug/crash messages, no EMET security event raised, no MSE warning
RayZopf
commented
7 years ago hope this helps
CommandLine: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170827\TE64.exe
************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170827
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*https://msdl.microsoft.com/download/symbols
Symbol search path is: srv*https://msdl.microsoft.com/download/symbols
Executable search path is: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170827
ModLoad: 00000001`3f810000 00000001`3f886000 TE64.exe
ModLoad: 00000000`76eb0000 00000000`7705a000 ntdll.dll
ModLoad: 00000000`76d90000 00000000`76eaf000 C:\Windows\system32\kernel32.dll
ModLoad: 000007fe`fcbc0000 000007fe`fcc2a000 C:\Windows\system32\KERNELBASE.dll
ModLoad: 00000000`76c90000 00000000`76d8a000 C:\Windows\system32\USER32.dll
ModLoad: 000007fe`fe610000 000007fe`fe677000 C:\Windows\system32\GDI32.dll
ModLoad: 000007fe`fed90000 000007fe`fed9e000 C:\Windows\system32\LPK.dll
ModLoad: 000007fe`ff070000 000007fe`ff13b000 C:\Windows\system32\USP10.dll
ModLoad: 000007fe`fd590000 000007fe`fd62f000 C:\Windows\system32\msvcrt.dll
ModLoad: 000007fe`fe570000 000007fe`fe607000 C:\Windows\system32\COMDLG32.dll
ModLoad: 000007fe`fe4f0000 000007fe`fe561000 C:\Windows\system32\SHLWAPI.dll
ModLoad: 000007fe`fb470000 000007fe`fb664000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\COMCTL32.dll
ModLoad: 000007fe`fd630000 000007fe`fe3bb000 C:\Windows\system32\SHELL32.dll
ModLoad: 000007fe`fe9b0000 000007fe`fea8b000 C:\Windows\system32\ADVAPI32.dll
ModLoad: 000007fe`fea90000 000007fe`feaaf000 C:\Windows\SYSTEM32\sechost.dll
ModLoad: 000007fe`fe3c0000 000007fe`fe4ed000 C:\Windows\system32\RPCRT4.dll
ModLoad: 000007fe`fd010000 000007fe`fd20c000 C:\Windows\system32\ole32.dll
ModLoad: 000007fe`fecb0000 000007fe`fed8a000 C:\Windows\system32\OLEAUT32.dll
ModLoad: 000007fe`fd400000 000007fe`fd585000 C:\Windows\system32\urlmon.dll
ModLoad: 000007fe`fcdd0000 000007fe`fcdd4000 C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
ModLoad: 000007fe`fcf50000 000007fe`fcf54000 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
ModLoad: 000007fe`fcdc0000 000007fe`fcdc5000 C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
ModLoad: 000007fe`fcc40000 000007fe`fcc44000 C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
ModLoad: 000007fe`fcf40000 000007fe`fcf44000 C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
ModLoad: 000007fe`fbc80000 000007fe`fbc8c000 C:\Windows\system32\version.DLL
ModLoad: 000007fe`fcc30000 000007fe`fcc33000 C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
ModLoad: 00000000`77080000 00000000`77083000 C:\Windows\system32\normaliz.DLL
ModLoad: 000007fe`feda0000 000007fe`ff06a000 C:\Windows\system32\iertutil.dll
ModLoad: 000007fe`fe680000 000007fe`fe9a1000 C:\Windows\system32\WININET.dll
ModLoad: 000007fe`fce60000 000007fe`fce7e000 C:\Windows\system32\USERENV.dll
ModLoad: 000007fe`fcba0000 000007fe`fcbaf000 C:\Windows\system32\profapi.dll
(4154.259c): Break instruction exception - code 80000003 (first chance)
ntdll!LdrpDoDebuggerBreak+0x30:
00000000`76f57980 cc int 3ntdll!LdrpDoDebuggerBreak+0x30
ntdll!LdrpInitializeProcess+0x1b51
ntdll! ?? ::FNODOBFM::`string'+0x22a30
ntdll!LdrInitializeThunk+0xe0:000> g
ModLoad: 000007fe`fcf80000 000007fe`fcfae000 C:\Windows\system32\IMM32.DLL
ModLoad: 000007fe`feb00000 000007fe`fec09000 C:\Windows\system32\MSCTF.dll
ModLoad: 000007fe`fc9a0000 000007fe`fc9af000 C:\Windows\system32\CRYPTBASE.dll
ModLoad: 000007fe`fb290000 000007fe`fb2e6000 C:\Windows\system32\uxtheme.dll
ModLoad: 000007fe`fd220000 000007fe`fd3f7000 C:\Windows\system32\SETUPAPI.dll
ModLoad: 000007fe`fcde0000 000007fe`fce16000 C:\Windows\system32\CFGMGR32.dll
ModLoad: 000007fe`fce80000 000007fe`fce9a000 C:\Windows\system32\DEVOBJ.dll
ModLoad: 000007fe`fec10000 000007fe`feca9000 C:\Windows\system32\CLBCatQ.DLL
ModLoad: 000007fe`fb2f0000 000007fe`fb41c000 C:\Windows\system32\propsys.dll
ModLoad: 000007fe`fb960000 000007fe`fb98d000 C:\Windows\system32\ntmarta.dll
ModLoad: 000007fe`fcfb0000 000007fe`fd002000 C:\Windows\system32\WLDAP32.dll
ModLoad: 000007fe`fa910000 000007fe`faa71000 C:\Windows\system32\windowscodecs.dll
ModLoad: 000007fe`fac80000 000007fe`fac98000 C:\Windows\system32\dwmapi.dll
ModLoad: 000007fe`d8fc0000 000007fe`d907a000 C:\Windows\system32\uiautomationcore.dll
ModLoad: 00000000`77070000 00000000`77077000 C:\Windows\system32\PSAPI.DLL
ModLoad: 000007fe`fa480000 000007fe`fa4d4000 C:\Windows\system32\OLEACC.dll
ModLoad: 000007fe`fca50000 000007fe`fcaa7000 C:\Windows\system32\apphelp.dll
ModLoad: 00000000`62790000 00000000`627b0000 C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
ModLoad: 000007fe`fa3b0000 000007fe`fa3b3000 C:\Windows\system32\api-ms-win-core-synch-l1-2-0.DLL
ModLoad: 00000000`62750000 00000000`62769000 C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll
ModLoad: 00000000`60fa0000 00000000`6103e000 C:\Program Files\TortoiseGit\bin\TortoiseGit.dll
ModLoad: 000007fe`f8630000 000007fe`f8729000 C:\Program Files\TortoiseGit\bin\libgit2_tgit.dll
ModLoad: 000007fe`fcc50000 000007fe`fcdbd000 C:\Windows\system32\CRYPT32.dll
ModLoad: 000007fe`fcbb0000 000007fe`fcbbf000 C:\Windows\system32\MSASN1.dll
ModLoad: 000007fe`faf90000 000007fe`fb001000 C:\Windows\system32\WINHTTP.dll
ModLoad: 000007fe`faf20000 000007fe`faf85000 C:\Windows\system32\webio.dll
ModLoad: 000007fe`f9e50000 000007fe`f9e6a000 C:\Program Files\TortoiseGit\bin\zlib1_tgit.dll
ModLoad: 000007fe`f9c00000 000007fe`f9c16000 C:\Program Files\TortoiseGit\bin\VCRUNTIME140.dll
ModLoad: 000007fe`f9eb0000 000007fe`f9eb4000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-runtime-l1-1-0.dll
ModLoad: 000007fe`ed670000 000007fe`ed764000 C:\Windows\system32\ucrtbase.DLL
ModLoad: 000007fe`f9dd0000 000007fe`f9dd3000 C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
ModLoad: 000007fe`f9c70000 000007fe`f9c73000 C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
ModLoad: 000007fe`f9bf0000 000007fe`f9bf3000 C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
ModLoad: 000007fe`f9b60000 000007fe`f9b63000 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
ModLoad: 000007fe`f9b50000 000007fe`f9b53000 C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
ModLoad: 000007fe`f9ac0000 000007fe`f9ac4000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-string-l1-1-0.dll
ModLoad: 000007fe`f9ab0000 000007fe`f9ab3000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-heap-l1-1-0.dll
ModLoad: 000007fe`f9aa0000 000007fe`f9aa4000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-stdio-l1-1-0.dll
ModLoad: 000007fe`f9a90000 000007fe`f9a94000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-convert-l1-1-0.dll
ModLoad: 000007fe`feab0000 000007fe`feafd000 C:\Windows\system32\WS2_32.dll
ModLoad: 000007fe`fd210000 000007fe`fd218000 C:\Windows\system32\NSI.dll
ModLoad: 000007fe`f9a80000 000007fe`f9a83000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-utility-l1-1-0.dll
ModLoad: 000007fe`f9a70000 000007fe`f9a73000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-time-l1-1-0.dll
ModLoad: 000007fe`f9860000 000007fe`f9863000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-filesystem-l1-1-0.dll
ModLoad: 000007fe`f9850000 000007fe`f9853000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-environment-l1-1-0.dll
ModLoad: 000007fe`f9660000 000007fe`f9663000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-locale-l1-1-0.dll
ModLoad: 000007fe`d9300000 000007fe`d9441000 C:\Program Files\TortoiseGit\bin\gitdll.dll
ModLoad: 000007fe`f94f0000 000007fe`f94f5000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-math-l1-1-0.dll
ModLoad: 000007fe`ed940000 000007fe`ed9dc000 C:\Program Files\TortoiseGit\bin\MSVCP140.dll
ModLoad: 000007fe`f8ee0000 000007fe`f8ee5000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-multibyte-l1-1-0.dll
ModLoad: 000007fe`fc4e0000 000007fe`fc502000 C:\Windows\system32\bcrypt.dll
ModLoad: 000007fe`fc390000 000007fe`fc3a8000 C:\Windows\system32\CRYPTSP.dll
ModLoad: 000007fe`fc090000 000007fe`fc0d7000 C:\Windows\system32\rsaenh.dll
ModLoad: 000007fe`f8f20000 000007fe`f8f32000 C:\Program Files\TortoiseGit\bin\crshhndl.dll
ModLoad: 000007fe`eb870000 000007fe`eba01000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\FileSyncShell64.dll
ModLoad: 000007fe`e52c0000 000007fe`e5366000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\MSVCP120.dll
ModLoad: 000007fe`d9210000 000007fe`d92ff000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\MSVCR120.dll
ModLoad: 000007fe`ebea0000 000007fe`ebed5000 C:\Windows\system32\EhStorShell.dll
ntdll!NtTerminateProcess+0xa:
00000000`76efbffa c3 ret
*** ERROR: Module load completed but symbols could not be loaded for TE64.exe00 ntdll!NtTerminateProcess+0xa
01 ntdll!RtlExitUserProcess+0x9b
02 TE64+0x38112
03 TE64+0x342ed
04 kernel32!BaseThreadInitThunk+0xd
05 ntdll!RtlUserThreadStart+0x1dLoading Dump File [C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170827\crash.txt]
User Mini Dump File: Only registers, stack and portions of memory are available
************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170827
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*https://msdl.microsoft.com/download/symbols
Symbol search path is: srv*https://msdl.microsoft.com/download/symbols
Executable search path is: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170827
Windows 7 Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: SingleUserTS
Built by: 6.1.7601.18015 (win7sp1_gdr.121129-1432)
Machine Name:
Debug session time: Sun Aug 27 16:11:10.000 2017 (UTC + 2:00)
System Uptime: not available
Process Uptime: 0 days 0:05:29.000
................................................................
........................
ntdll!NtTerminateProcess+0xa:
00000000`76efbffa c3 ret
*** ERROR: Module load completed but symbols could not be loaded for TE64.exehere how it looks for 32bit:
CommandLine: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170827\TE32.exe
************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170827
************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\TablacusExplorer-master\TE
Deferred srv*https://msdl.microsoft.com/download/symbols
Symbol search path is: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\TablacusExplorer-master\TE;srv*https://msdl.microsoft.com/download/symbols
Executable search path is: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170827
ModLoad: 00000000`00c70000 00000000`00cd3000 TE32.exe
ModLoad: 00000000`76eb0000 00000000`7705a000 ntdll.dll
ModLoad: 00000000`77090000 00000000`77210000 ntdll32.dll
ModLoad: 00000000`746c0000 00000000`746ff000 C:\Windows\SYSTEM32\wow64.dll
ModLoad: 00000000`74660000 00000000`746bc000 C:\Windows\SYSTEM32\wow64win.dll
ModLoad: 00000000`74650000 00000000`74658000 C:\Windows\SYSTEM32\wow64cpu.dll
(3eb0.17d0): Break instruction exception - code 80000003 (first chance)
ntdll!LdrpDoDebuggerBreak+0x30:
00000000`76f57980 cc int 3
0:000> g
ModLoad: 00000000`76d90000 00000000`76eaf000 WOW64_IMAGE_SECTION
ModLoad: 00000000`76050000 00000000`76160000 WOW64_IMAGE_SECTION
ModLoad: 00000000`76d90000 00000000`76eaf000 NOT_AN_IMAGE
ModLoad: 00000000`76c90000 00000000`76d8a000 NOT_AN_IMAGE
ModLoad: 00000000`76050000 00000000`76160000 C:\Windows\syswow64\kernel32.dll
ModLoad: 00000000`74990000 00000000`749d7000 C:\Windows\syswow64\KERNELBASE.dll
ModLoad: 00000000`76190000 00000000`76290000 C:\Windows\syswow64\USER32.dll
ModLoad: 00000000`76900000 00000000`76990000 C:\Windows\syswow64\GDI32.dll
ModLoad: 00000000`76170000 00000000`7617a000 C:\Windows\syswow64\LPK.dll
ModLoad: 00000000`75ee0000 00000000`75f7d000 C:\Windows\syswow64\USP10.dll
ModLoad: 00000000`75c60000 00000000`75d0c000 C:\Windows\syswow64\msvcrt.dll
ModLoad: 00000000`75990000 00000000`75a31000 C:\Windows\syswow64\ADVAPI32.dll
ModLoad: 00000000`76030000 00000000`76049000 C:\Windows\SysWOW64\sechost.dll
ModLoad: 00000000`769c0000 00000000`76ab0000 C:\Windows\syswow64\RPCRT4.dll
ModLoad: 00000000`74930000 00000000`74990000 C:\Windows\syswow64\SspiCli.dll
ModLoad: 00000000`74920000 00000000`7492c000 C:\Windows\syswow64\CRYPTBASE.dll
ModLoad: 00000000`76b40000 00000000`76bbb000 C:\Windows\syswow64\COMDLG32.dll
ModLoad: 00000000`75c00000 00000000`75c57000 C:\Windows\syswow64\SHLWAPI.dll
ModLoad: 00000000`74310000 00000000`744ae000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\COMCTL32.dll
ModLoad: 00000000`74ab0000 00000000`756fc000 C:\Windows\syswow64\SHELL32.dll
ModLoad: 00000000`767a0000 00000000`768fd000 C:\Windows\syswow64\ole32.dll
ModLoad: 00000000`749e0000 00000000`74a71000 C:\Windows\syswow64\OLEAUT32.dll
ModLoad: 00000000`75a40000 00000000`75b8b000 C:\Windows\syswow64\urlmon.dll
ModLoad: 00000000`76010000 00000000`76014000 C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
ModLoad: 00000000`76160000 00000000`76164000 C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
ModLoad: 00000000`76730000 00000000`76735000 C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
ModLoad: 00000000`76990000 00000000`76994000 C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
ModLoad: 00000000`77060000 00000000`77064000 C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
ModLoad: 00000000`73eb0000 00000000`73eb9000 C:\Windows\SysWOW64\version.DLL
ModLoad: 00000000`76180000 00000000`76183000 C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
ModLoad: 00000000`76020000 00000000`76023000 C:\Windows\syswow64\normaliz.DLL
ModLoad: 00000000`75710000 00000000`75945000 C:\Windows\syswow64\iertutil.dll
ModLoad: 00000000`76350000 00000000`765fb000 C:\Windows\syswow64\WININET.dll
ModLoad: 00000000`76330000 00000000`76347000 C:\Windows\syswow64\USERENV.dll
ModLoad: 00000000`75700000 00000000`7570b000 C:\Windows\syswow64\profapi.dll
(3eb0.17d0): WOW64 breakpoint - code 4000001f (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
ntdll32!LdrpDoDebuggerBreak+0x2c:
77130ed4 cc int 3
0:000:x86> g
ModLoad: 762d0000 76330000 C:\Windows\SysWOW64\IMM32.DLL
ModLoad: 76bc0000 76c8d000 C:\Windows\syswow64\MSCTF.dll
ModLoad: 67e30000 67eb0000 C:\Windows\SysWOW64\uxtheme.dll
ModLoad: 75f80000 76003000 C:\Windows\syswow64\CLBCatQ.DLL
ModLoad: 00000000`75d10000 00000000`75ead000 C:\Windows\syswow64\SETUPAPI.dll
ModLoad: 00000000`75eb0000 00000000`75ed7000 C:\Windows\syswow64\CFGMGR32.dll
ModLoad: 00000000`769a0000 00000000`769b2000 C:\Windows\syswow64\DEVOBJ.dll
ModLoad: 00000000`73b30000 00000000`73c25000 C:\Windows\SysWOW64\propsys.dll
ModLoad: 00000000`74130000 00000000`74151000 C:\Windows\SysWOW64\ntmarta.dll
ModLoad: 00000000`75ba0000 00000000`75be5000 C:\Windows\syswow64\WLDAP32.dll
ModLoad: 00000000`025e0000 00000000`0322c000 C:\Windows\SysWOW64\shell32.dll
ModLoad: 00000000`67a00000 00000000`67b31000 C:\Windows\SysWOW64\windowscodecs.dll
ModLoad: 00000000`6df20000 00000000`6df33000 C:\Windows\SysWOW64\dwmapi.dll
ModLoad: 00000000`60d80000 00000000`60e0c000 C:\Windows\SysWOW64\uiautomationcore.dll
ModLoad: 00000000`75b90000 00000000`75b95000 C:\Windows\syswow64\PSAPI.DLL
ModLoad: 00000000`6e8e0000 00000000`6e91c000 C:\Windows\SysWOW64\OLEACC.dll
ModLoad: 00000000`6e360000 00000000`6e3ac000 C:\Windows\SysWOW64\apphelp.dll
ModLoad: 00000000`627b0000 00000000`627ca000 C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
ModLoad: 00000000`6b640000 00000000`6b643000 C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.DLL
ModLoad: 00000000`627d0000 00000000`627e6000 C:\Program Files\TortoiseGit\bin\TortoiseGitStub32.dll
ModLoad: 00000000`61880000 00000000`61907000 C:\Program Files\TortoiseGit\bin\TortoiseGit32.dll
ModLoad: 00000000`617c0000 00000000`6187b000 C:\Program Files\TortoiseGit\bin\libgit232_tgit.dll
ModLoad: 00000000`76600000 00000000`76721000 C:\Windows\syswow64\CRYPT32.dll
ModLoad: 00000000`75bf0000 00000000`75bfc000 C:\Windows\syswow64\MSASN1.dll
ModLoad: 00000000`74540000 00000000`74598000 C:\Windows\SysWOW64\WINHTTP.dll
ModLoad: 00000000`744f0000 00000000`74540000 C:\Windows\SysWOW64\webio.dll
ModLoad: 00000000`62770000 00000000`62787000 C:\Program Files\TortoiseGit\bin\zlib132_tgit.dll
ModLoad: 00000000`00a60000 00000000`00a76000 C:\Program Files\TortoiseGit\bin\VCRUNTIME140.dll
ModLoad: 00000000`5e640000 00000000`5e655000 C:\Windows\SysWOW64\VCRUNTIME140.dll
ModLoad: 00000000`00a60000 00000000`00a64000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-runtime-l1-1-0.dll
ModLoad: 00000000`5fe20000 00000000`5fe24000 C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
ModLoad: 00000000`5e1e0000 00000000`5e2c1000 C:\Windows\SysWOW64\ucrtbase.DLL
ModLoad: 00000000`5e630000 00000000`5e633000 C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
ModLoad: 00000000`5e620000 00000000`5e623000 C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
ModLoad: 00000000`5e610000 00000000`5e613000 C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
ModLoad: 00000000`5e600000 00000000`5e603000 C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
ModLoad: 00000000`5e5f0000 00000000`5e5f3000 C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
ModLoad: 00000000`00a60000 00000000`00a64000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-string-l1-1-0.dll
ModLoad: 00000000`5e5e0000 00000000`5e5e4000 C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
ModLoad: 00000000`00a60000 00000000`00a63000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-heap-l1-1-0.dll
ModLoad: 00000000`5e5d0000 00000000`5e5d3000 C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
ModLoad: 00000000`00a60000 00000000`00a64000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-stdio-l1-1-0.dll
ModLoad: 00000000`5e5c0000 00000000`5e5c4000 C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
ModLoad: 00000000`00a60000 00000000`00a64000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-convert-l1-1-0.dll
ModLoad: 00000000`5e5b0000 00000000`5e5b4000 C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
ModLoad: 00000000`76290000 00000000`762c5000 C:\Windows\syswow64\WS2_32.dll
ModLoad: 00000000`75980000 00000000`75986000 C:\Windows\syswow64\NSI.dll
ModLoad: 00000000`00a60000 00000000`00a63000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-utility-l1-1-0.dll
ModLoad: 00000000`5e120000 00000000`5e123000 C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
ModLoad: 00000000`00a60000 00000000`00a63000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-time-l1-1-0.dll
ModLoad: 00000000`5e150000 00000000`5e153000 C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
ModLoad: 00000000`00a60000 00000000`00a63000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-filesystem-l1-1-0.dll
ModLoad: 00000000`5e140000 00000000`5e143000 C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
ModLoad: 00000000`00a60000 00000000`00a63000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-environment-l1-1-0.dll
ModLoad: 00000000`5e130000 00000000`5e133000 C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
ModLoad: 00000000`00a60000 00000000`00a63000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-locale-l1-1-0.dll
ModLoad: 00000000`5e5a0000 00000000`5e5a3000 C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
ModLoad: 00000000`61130000 00000000`6122a000 C:\Program Files\TortoiseGit\bin\gitdll32.dll
ModLoad: 00000000`00a70000 00000000`00a75000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-math-l1-1-0.dll
ModLoad: 00000000`5e590000 00000000`5e595000 C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
ModLoad: 00000000`025e0000 00000000`0267c000 C:\Program Files\TortoiseGit\bin\MSVCP140.dll
ModLoad: 00000000`5ee30000 00000000`5ee9d000 C:\Windows\SysWOW64\MSVCP140.dll
ModLoad: 00000000`00a70000 00000000`00a75000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-multibyte-l1-1-0.dll
ModLoad: 00000000`5e1c0000 00000000`5e1c5000 C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
ModLoad: 00000000`6e770000 00000000`6e787000 C:\Windows\SysWOW64\bcrypt.dll
ModLoad: 00000000`73ce0000 00000000`73cf7000 C:\Windows\SysWOW64\CRYPTSP.dll
ModLoad: 00000000`73ca0000 00000000`73cdb000 C:\Windows\SysWOW64\rsaenh.dll
ModLoad: 00000000`52630000 00000000`527b3000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\FileSyncShell.dll
ModLoad: 00000000`62100000 00000000`62171000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\MSVCP120.dll
ModLoad: 00000000`61040000 00000000`6112e000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\MSVCR120.dll
ModLoad: 00000000`551d0000 00000000`5521c000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\Telemetry.dll
ModLoad: 00000000`52930000 00000000`5294c000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\LoggingPlatform.DLL
ModLoad: 00000000`6cf20000 00000000`6cf27000 C:\Windows\SysWOW64\WSOCK32.dll
ModLoad: 00000000`73d90000 00000000`73da5000 C:\Windows\SysWOW64\Cabinet.dll
ModLoad: 00000000`528b0000 00000000`528e1000 EhStorAPI.DLL
ModLoad: 00000000`528b0000 00000000`528e1000 C:\Windows\SysWOW64\EhStorShell.dll
ModLoad: 00000000`77ba0000 00000000`77ffe000 C:\Windows\SysWow64\jscript9.dll
ModLoad: 00000000`504c0000 00000000`511cd000 C:\Windows\SysWOW64\ieframe.dll
ModLoad: 00000000`5d450000 00000000`5d454000 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
ModLoad: 00000000`6b690000 00000000`6b694000 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
ModLoad: 00000000`6ed30000 00000000`6ed38000 C:\Windows\SysWOW64\Secur32.dll
ModLoad: 00000000`6e880000 00000000`6e884000 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
ModLoad: 00000000`74110000 00000000`7412c000 C:\Windows\SysWOW64\IPHLPAPI.DLL
ModLoad: 00000000`74100000 00000000`74107000 C:\Windows\SysWOW64\WINNSI.DLL
ModLoad: 00000000`74090000 00000000`740cc000 C:\Windows\SysWOW64\mswsock.dll
ModLoad: 00000000`73d00000 00000000`73d06000 C:\Windows\SysWOW64\wship6.dll
ModLoad: 00000000`511d0000 00000000`5262e000 C:\Windows\SysWOW64\mshtml.dll
ModLoad: 00000000`73c80000 00000000`73c8e000 C:\Windows\SysWOW64\RpcRtRemote.dll
ModLoad: 00000000`69200000 00000000`6925f000 C:\Windows\SysWOW64\SXS.DLL
ModLoad: 00000000`5b6a0000 00000000`5b6ab000 C:\Windows\SysWOW64\msimtf.dll
ModLoad: 00000000`60f40000 00000000`60f6a000 C:\Windows\SysWOW64\scrrun.dll
ModLoad: 00000000`60f70000 00000000`60f91000 C:\Windows\SysWOW64\wshom.ocx
ModLoad: 00000000`6d420000 00000000`6d432000 C:\Windows\SysWOW64\MPR.dll
ModLoad: 00000000`03a60000 00000000`03b70000 C:\Windows\SysWOW64\kernel32.dll
ModLoad: 00000000`03a60000 00000000`03b2d000 C:\Windows\SysWOW64\msctf.dll
ModLoad: 00000000`03a60000 00000000`03b2d000 C:\Windows\SysWOW64\msctf.dll
ModLoad: 00000000`04a60000 00000000`04bbd000 C:\Windows\SysWOW64\ole32.dll
ModLoad: 00000000`69310000 00000000`69444000 C:\Windows\SysWOW64\msxml3.dll
ModLoad: 00000000`6e770000 00000000`6e787000 C:\Windows\SysWOW64\bcrypt.dll
ModLoad: 00000000`5e6e0000 00000000`5e7d9000 C:\Program Files (x86)\Common Files\System\ado\msado15.dll
ModLoad: 00000000`620c0000 00000000`620df000 C:\Windows\SysWOW64\MSDART.DLL
ModLoad: 00000000`52800000 00000000`5282e000 C:\Windows\SysWOW64\mlang.dll
ModLoad: 00000000`50170000 00000000`504b7000 C:\Windows\SysWOW64\d2d1.dll
ModLoad: 00000000`61560000 00000000`61696000 C:\Windows\SysWOW64\DWrite.dll
ModLoad: 00000000`5d8b0000 00000000`5d8fc000 C:\Windows\SysWOW64\dxgi.dll
ModLoad: 00000000`75950000 00000000`7597f000 C:\Windows\syswow64\WINTRUST.dll
ModLoad: 00000000`5d900000 00000000`5da75000 C:\Windows\SysWOW64\d3d11.dll
ModLoad: 00000000`62a30000 00000000`62c19000 C:\Windows\SysWOW64\D3D10Warp.dll
ModLoad: 00000000`62a00000 00000000`62a2f000 C:\Windows\SysWOW64\XmlLite.dll
ModLoad: 00000000`62c50000 00000000`62c9e000 C:\Windows\SysWOW64\actxprxy.dll
ModLoad: 00000000`52860000 00000000`528aa000 C:\Program Files (x86)\Internet Explorer\ieproxy.dll
ModLoad: 00000000`621a0000 00000000`621b6000 C:\Windows\SysWOW64\thumbcache.dll
ModLoad: 00000000`5d880000 00000000`5d88a000 C:\Windows\SysWOW64\slc.dll
ModLoad: 00000000`5db80000 00000000`5db89000 C:\Windows\SysWOW64\LINKINFO.dll
ModLoad: 00000000`60e70000 00000000`60e9f000 SHDOCVW.dll
ModLoad: 00000000`60e40000 00000000`60e6f000 C:\Windows\SysWOW64\shdocvw.dll
ModLoad: 00000000`5fd80000 00000000`5fe20000 C:\Windows\SysWOW64\SearchFolder.dll
ModLoad: 00000000`5df80000 00000000`5e096000 C:\Windows\SysWOW64\dfshim.dll
ModLoad: 00000000`73ad0000 00000000`73b1a000 C:\Windows\SysWOW64\mscoree.dll
ModLoad: 00000000`73a50000 00000000`73acd000 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
ModLoad: 00000000`60e70000 00000000`60e98000 C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfdll.dll
ModLoad: 00000000`73360000 00000000`73a41000 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ModLoad: 00000000`73260000 00000000`73355000 C:\Windows\SysWOW64\MSVCR120_CLR0400.dll
ModLoad: 00000000`5bd50000 00000000`5bee8000 NetworkExplorer.dll
ModLoad: 00000000`5a280000 00000000`5a418000 C:\Windows\SysWOW64\NetworkExplorer.dll
ModLoad: 00000000`08820000 00000000`0884e000 image00000000`08820000
ModLoad: 00000000`08820000 00000000`0884e000 image00000000`08820000
[...]
Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
CommandLine: te64.exe
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred SRV*c:\Symbols*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*c:\Symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
ModLoad: 00000001`3f710000 00000001`3f786000 TE64.exe
ModLoad: 00000000`77300000 00000000`774aa000 ntdll.dll
ModLoad: 00000000`771e0000 00000000`772ff000 C:\Windows\system32\kernel32.dll
ModLoad: 000007fe`fd0b0000 000007fe`fd11a000 C:\Windows\system32\KERNELBASE.dll
ModLoad: 00000000`770e0000 00000000`771da000 C:\Windows\system32\USER32.dll
ModLoad: 000007fe`ff4e0000 000007fe`ff547000 C:\Windows\system32\GDI32.dll
ModLoad: 000007fe`fd800000 000007fe`fd80e000 C:\Windows\system32\LPK.dll
ModLoad: 000007fe`ff140000 000007fe`ff20b000 C:\Windows\system32\USP10.dll
ModLoad: 000007fe`ff570000 000007fe`ff60f000 C:\Windows\system32\msvcrt.dll
ModLoad: 000007fe`fef10000 000007fe`fefa7000 C:\Windows\system32\COMDLG32.dll
ModLoad: 000007fe`fde10000 000007fe`fde81000 C:\Windows\system32\SHLWAPI.dll
ModLoad: 000007fe`fb550000 000007fe`fb744000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\COMCTL32.dll
ModLoad: 000007fe`fdea0000 000007fe`fec2b000 C:\Windows\system32\SHELL32.dll
ModLoad: 000007fe`fec30000 000007fe`fed0b000 C:\Windows\system32\ADVAPI32.dll
ModLoad: 000007fe`feef0000 000007fe`fef0f000 C:\Windows\SYSTEM32\sechost.dll
ModLoad: 000007fe`fd430000 000007fe`fd55d000 C:\Windows\system32\RPCRT4.dll
ModLoad: 000007fe`fdb70000 000007fe`fdd6c000 C:\Windows\system32\ole32.dll
ModLoad: 000007fe`fd560000 000007fe`fd63a000 C:\Windows\system32\OLEAUT32.dll
ModLoad: 000007fe`fefb0000 000007fe`ff135000 C:\Windows\system32\urlmon.dll
ModLoad: 000007fe`fd120000 000007fe`fd124000 C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
ModLoad: 000007fe`fd1d0000 000007fe`fd1d4000 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
ModLoad: 000007fe`fd010000 000007fe`fd015000 C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
ModLoad: 000007fe`fd070000 000007fe`fd074000 C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
ModLoad: 000007fe`fd020000 000007fe`fd024000 C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
ModLoad: 000007fe`fc250000 000007fe`fc25c000 C:\Windows\system32\version.DLL
ModLoad: 000007fe`fd080000 000007fe`fd083000 C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
ModLoad: 00000000`774c0000 00000000`774c3000 C:\Windows\system32\normaliz.DLL
ModLoad: 000007fe`ff210000 000007fe`ff4da000 C:\Windows\system32\iertutil.dll
ModLoad: 000007fe`fd840000 000007fe`fdb61000 C:\Windows\system32\WININET.dll
ModLoad: 000007fe`fd390000 000007fe`fd3ae000 C:\Windows\system32\USERENV.dll
ModLoad: 000007fe`fd000000 000007fe`fd00f000 C:\Windows\system32\profapi.dll
(d30.534): Break instruction exception - code 80000003 (first chance)
ntdll!LdrpDoDebuggerBreak+0x30:
00000000`773a7980 cc int 3
0:000> g
ModLoad: 000007fe`fd810000 000007fe`fd83e000 C:\Windows\system32\IMM32.DLL
ModLoad: 000007fe`fd6f0000 000007fe`fd7f9000 C:\Windows\system32\MSCTF.dll
ModLoad: 000007fe`fce50000 000007fe`fce5f000 C:\Windows\system32\CRYPTBASE.dll
ModLoad: 000007fe`fb4a0000 000007fe`fb4f6000 C:\Windows\system32\uxtheme.dll
ModLoad: 000007fe`fdd70000 000007fe`fde09000 C:\Windows\system32\CLBCatQ.DLL
ModLoad: 000007fe`fb7e0000 000007fe`fb90c000 C:\Windows\system32\propsys.dll
ModLoad: 000007fe`fc1e0000 000007fe`fc20d000 C:\Windows\system32\ntmarta.dll
ModLoad: 000007fe`fd640000 000007fe`fd692000 C:\Windows\system32\WLDAP32.dll
ModLoad: 000007fe`fed10000 000007fe`feee7000 C:\Windows\system32\SETUPAPI.dll
ModLoad: 000007fe`fd350000 000007fe`fd386000 C:\Windows\system32\CFGMGR32.dll
ModLoad: 000007fe`fd090000 000007fe`fd0aa000 C:\Windows\system32\DEVOBJ.dll
ModLoad: 000007fe`fae60000 000007fe`fafc1000 C:\Windows\system32\windowscodecs.dll
ModLoad: 000007fe`fb0c0000 000007fe`fb0d8000 C:\Windows\system32\dwmapi.dll
ModLoad: 000007fe`f1400000 000007fe`f14ba000 C:\Windows\system32\uiautomationcore.dll
ModLoad: 00000000`774d0000 00000000`774d7000 C:\Windows\system32\PSAPI.DLL
ModLoad: 000007fe`f8e50000 000007fe`f8ea4000 C:\Windows\system32\OLEACC.dll
ModLoad: 000007fe`fcdf0000 000007fe`fce47000 C:\Windows\system32\apphelp.dll
ModLoad: 000007fe`f7920000 000007fe`f7955000 C:\Windows\system32\EhStorShell.dll
ModLoad: 000007fe`f78a0000 000007fe`f791e000 C:\Windows\System32\cscui.dll
ModLoad: 000007fe`f7890000 000007fe`f789c000 C:\Windows\System32\CSCDLL.dll
ModLoad: 000007fe`f7960000 000007fe`f796f000 C:\Windows\system32\CSCAPI.dll
ModLoad: 000007fe`f7810000 000007fe`f7890000 C:\Windows\system32\ntshrui.dll
ModLoad: 000007fe`fca80000 000007fe`fcaa3000 C:\Windows\system32\srvcli.dll
ModLoad: 000007fe`fab00000 000007fe`fab0b000 C:\Windows\system32\slc.dll
ModLoad: 000007fe`eb5e0000 000007fe`ebb9d000 C:\Windows\System32\jscript9.dll
ModLoad: 000007fe`f44f0000 000007fe`f5383000 C:\Windows\System32\ieframe.dll
ModLoad: 000007fe`f44e0000 000007fe`f44e4000 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
ModLoad: 000007fe`f2f50000 000007fe`f2f54000 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
ModLoad: 000007fe`fcd90000 000007fe`fcd9b000 C:\Windows\system32\Secur32.dll
ModLoad: 000007fe`fcdc0000 000007fe`fcde5000 C:\Windows\system32\SSPICLI.DLL
ModLoad: 000007fe`f7480000 000007fe`f7484000 C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
ModLoad: 000007fe`fd6a0000 000007fe`fd6ed000 C:\Windows\system32\WS2_32.dll
ModLoad: 000007fe`fde90000 000007fe`fde98000 C:\Windows\system32\NSI.dll
ModLoad: 000007fe`f9e10000 000007fe`f9e81000 C:\Windows\system32\winhttp.dll
ModLoad: 000007fe`f9da0000 000007fe`f9e05000 C:\Windows\system32\webio.dll
ModLoad: 000007fe`fc220000 000007fe`fc247000 C:\Windows\system32\IPHLPAPI.DLL
ModLoad: 000007fe`fc210000 000007fe`fc21b000 C:\Windows\system32\WINNSI.DLL
ModLoad: 000007fe`fc780000 000007fe`fc7d5000 C:\Windows\system32\mswsock.dll
ModLoad: 000007fe`fc770000 000007fe`fc777000 C:\Windows\System32\wship6.dll
ModLoad: 000007fe`ed3c0000 000007fe`eec54000 C:\Windows\System32\mshtml.dll
ModLoad: 000007fe`f3fb0000 000007fe`f3feb000 C:\Windows\system32\mlang.dll
ModLoad: 000007fe`fc7e0000 000007fe`fc7f8000 C:\Windows\system32\CRYPTSP.dll
ModLoad: 000007fe`fc4e0000 000007fe`fc527000 C:\Windows\system32\rsaenh.dll
ModLoad: 000007fe`fcf40000 000007fe`fcf54000 C:\Windows\system32\RpcRtRemote.dll
ModLoad: 000007fe`fce60000 000007fe`fcef1000 C:\Windows\system32\SXS.DLL
ModLoad: 000007fe`f87f0000 000007fe`f87fe000 C:\Windows\system32\msimtf.dll
ModLoad: 000007fe`f1810000 000007fe`f1844000 C:\Windows\system32\scrrun.dll
ModLoad: 000007fe`f68e0000 000007fe`f6908000 C:\Windows\system32\wshom.ocx
ModLoad: 000007fe`f8610000 000007fe`f8628000 C:\Windows\system32\MPR.dll
ModLoad: 000007fe`f64f0000 000007fe`f6623000 C:\Windows\system32\ime\imejp10\imjptip.dll
ModLoad: 000007fe`f6400000 000007fe`f64e6000 C:\Windows\system32\imjp10k.dll
ModLoad: 000007fe`f6350000 000007fe`f63f5000 C:\Windows\system32\ime\shared\imetip.dll
ModLoad: 000007fe`f77d0000 000007fe`f77de000 C:\Windows\system32\ime\shared\imecfm.dll
ModLoad: 000007fe`f62c0000 000007fe`f634a000 C:\Windows\system32\ime\imejp10\imjpapi.dll
ModLoad: 000007fe`f6290000 000007fe`f62bd000 C:\Windows\system32\ime\shared\imjkapi.dll
ModLoad: 000007fe`f2560000 000007fe`f2735000 C:\Windows\System32\msxml3.dll
ModLoad: 000007fe`fc930000 000007fe`fc952000 C:\Windows\System32\bcrypt.dll
ModLoad: 000007fe`f05a0000 000007fe`f070f000 C:\Program Files\Common Files\System\ado\msado15.dll
ModLoad: 000007fe`f2b10000 000007fe`f2b38000 C:\Windows\system32\MSDART.DLL
ModLoad: 000007fe`eb210000 000007fe`eb5d4000 C:\Windows\system32\d2d1.dll
ModLoad: 000007fe`ed220000 000007fe`ed3b7000 C:\Windows\system32\DWrite.dll
ModLoad: 000007fe`f7fa0000 000007fe`f7ffd000 C:\Windows\system32\dxgi.dll
ModLoad: 000007fe`fd030000 000007fe`fd06b000 C:\Windows\system32\WINTRUST.dll
ModLoad: 000007fe`fd1e0000 000007fe`fd34d000 C:\Windows\system32\CRYPT32.dll
ModLoad: 000007fe`fcff0000 000007fe`fcfff000 C:\Windows\system32\MSASN1.dll
ModLoad: 000007fe`f7dc0000 000007fe`f7f95000 C:\Windows\system32\d3d11.dll
ModLoad: 000007fe`eaf90000 000007fe`eb209000 C:\Windows\system32\D3D10Warp.dll
ModLoad: 000007fe`fb080000 000007fe`fb0b5000 C:\Windows\system32\XmlLite.dll
ModLoad: 000007fe`f7300000 000007fe`f73ee000 C:\Windows\system32\actxprxy.dll
ModLoad: 000007fe`f2f60000 000007fe`f301a000 C:\Program Files\Internet Explorer\ieproxy.dll
ModLoad: 000007fe`f6880000 000007fe`f689f000 C:\Windows\system32\thumbcache.dll
ModLoad: 00000000`0b1a0000 00000000`0b216000 TE64.exe
ModLoad: 00000000`0b1a0000 00000000`0b203000 TE32.exe
latest 64bit version still does not start up - and I got no idea how to debug further. Also I don't understand what changes were made after te170720 that could have an effect.
Could it be an explorer extension like TortoiseGit that prohibits further loading? Are there settings to let TE write a debug log?
tablacus
commented
6 years ago I will try to adjust variously. Please try this.
http://www.eonet.ne.jp/~gakana/tablacus/dl/te170926.zip
Best regards,
RayZopf
commented
6 years ago sorry, still the same - even debug looks the same
# Call Site
00 ntdll!NtTerminateProcess+0xa
01 ntdll!RtlExitUserProcess+0x9b
02 TE64+0x38962
03 TE64+0x34b3d
04 kernel32!BaseThreadInitThunk+0xd
05 ntdll!RtlUserThreadStart+0x1dCommandLine: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170926\TE64.exe
************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170926
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*https://msdl.microsoft.com/download/symbols
Symbol search path is: srv*https://msdl.microsoft.com/download/symbols
Executable search path is: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170926
Sun Oct 1 14:17:32.145 2017 (UTC + 2:00): ModLoad: 00000001`3fe10000 00000001`3fe86000 TE64.exe
Sun Oct 1 14:17:32.153 2017 (UTC + 2:00): ModLoad: 00000000`773c0000 00000000`7756a000 ntdll.dll
Sun Oct 1 14:17:32.631 2017 (UTC + 2:00): ModLoad: 00000000`772a0000 00000000`773bf000 C:\Windows\system32\kernel32.dll
Sun Oct 1 14:17:32.632 2017 (UTC + 2:00): ModLoad: 000007fe`fd1f0000 000007fe`fd25a000 C:\Windows\system32\KERNELBASE.dll
Sun Oct 1 14:17:32.634 2017 (UTC + 2:00): ModLoad: 00000000`771a0000 00000000`7729a000 C:\Windows\system32\USER32.dll
Sun Oct 1 14:17:32.634 2017 (UTC + 2:00): ModLoad: 000007fe`ff4b0000 000007fe`ff517000 C:\Windows\system32\GDI32.dll
Sun Oct 1 14:17:32.635 2017 (UTC + 2:00): ModLoad: 000007fe`ff520000 000007fe`ff52e000 C:\Windows\system32\LPK.dll
Sun Oct 1 14:17:32.635 2017 (UTC + 2:00): ModLoad: 000007fe`fe2c0000 000007fe`fe38b000 C:\Windows\system32\USP10.dll
[...]
Sun Oct 1 14:17:32.661 2017 (UTC + 2:00): ModLoad: 000007fe`fd2b0000 000007fe`fd2ce000 C:\Windows\system32\USERENV.dll
Sun Oct 1 14:17:32.662 2017 (UTC + 2:00): ModLoad: 000007fe`fd0b0000 000007fe`fd0bf000 C:\Windows\system32\profapi.dll
Sun Oct 1 14:17:32.662 2017 (UTC + 2:00): (1a84.2274): Break instruction exception - code 80000003 (first chance)
ntdll!LdrpDoDebuggerBreak+0x30:
00000000`77467980 cc int 3
0:000> g
Sun Oct 1 14:17:50.554 2017 (UTC + 2:00): ModLoad: 000007fe`febd0000 000007fe`febfe000 C:\Windows\system32\IMM32.DLL
Sun Oct 1 14:17:50.555 2017 (UTC + 2:00): ModLoad: 000007fe`ff5b0000 000007fe`ff6b9000 C:\Windows\system32\MSCTF.dll
Sun Oct 1 14:17:50.565 2017 (UTC + 2:00): ModLoad: 000007fe`fceb0000 000007fe`fcebf000 C:\Windows\system32\CRYPTBASE.dll
[...]
Sun Oct 1 14:17:50.762 2017 (UTC + 2:00): ModLoad: 000007fe`f59c0000 000007fe`f59c5000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-math-l1-1-0.dll
Sun Oct 1 14:17:50.763 2017 (UTC + 2:00): ModLoad: 000007fe`f5920000 000007fe`f59bc000 C:\Program Files\TortoiseGit\bin\MSVCP140.dll
Sun Oct 1 14:17:50.765 2017 (UTC + 2:00): ModLoad: 000007fe`f5910000 000007fe`f5915000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-multibyte-l1-1-0.dll
Sun Oct 1 14:17:50.772 2017 (UTC + 2:00): ModLoad: 000007fe`fc9e0000 000007fe`fca02000 C:\Windows\system32\bcrypt.dll
Sun Oct 1 14:17:50.774 2017 (UTC + 2:00): ModLoad: 000007fe`fc7b0000 000007fe`fc7c8000 C:\Windows\system32\CRYPTSP.dll
Sun Oct 1 14:17:50.784 2017 (UTC + 2:00): ModLoad: 000007fe`fc580000 000007fe`fc5c7000 C:\Windows\system32\rsaenh.dll
Sun Oct 1 14:17:50.795 2017 (UTC + 2:00): ModLoad: 000007fe`f5890000 000007fe`f58a2000 C:\Program Files\TortoiseGit\bin\crshhndl.dll
Sun Oct 1 14:17:50.816 2017 (UTC + 2:00): ModLoad: 000007fe`f56f0000 000007fe`f5881000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\FileSyncShell64.dll
Sun Oct 1 14:17:50.816 2017 (UTC + 2:00): ModLoad: 000007fe`f5640000 000007fe`f56e6000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\MSVCP120.dll
Sun Oct 1 14:17:50.817 2017 (UTC + 2:00): ModLoad: 000007fe`f5550000 000007fe`f563f000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\MSVCR120.dll
Sun Oct 1 14:17:50.828 2017 (UTC + 2:00): ModLoad: 000007fe`f5510000 000007fe`f5545000 C:\Windows\system32\EhStorShell.dll
ntdll!NtTerminateProcess+0xa:
00000000`7740bffa c3 ret
*** ERROR: Module load completed but symbols could not be loaded for TE64.exesame :(
Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
CommandLine: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170819_\TE64.exe
************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170819_
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*https://msdl.microsoft.com/download/symbols
Symbol search path is: srv*https://msdl.microsoft.com/download/symbols
Executable search path is: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te170819_
ModLoad: 00000001`3f970000 00000001`3f9e6000 TE64.exe
ModLoad: 00000000`773c0000 00000000`7756a000 ntdll.dll
ModLoad: 00000000`772a0000 00000000`773bf000 C:\Windows\system32\kernel32.dll
ModLoad: 000007fe`fd1f0000 000007fe`fd25a000 C:\Windows\system32\KERNELBASE.dll
[...]
ModLoad: 000007fe`f5510000 000007fe`f5545000 C:\Windows\system32\EhStorShell.dll
ntdll!NtTerminateProcess+0xa:
00000000`7740bffa c3 ret
*** ERROR: Module load completed but symbols could not be loaded for TE64.exe # Call Site
00 ntdll!NtTerminateProcess+0xa
01 ntdll!RtlExitUserProcess+0x9b
02 TE64+0x380b2
03 TE64+0x3428d
04 kernel32!BaseThreadInitThunk+0xd
05 ntdll!RtlUserThreadStart+0x1dHi,
still stops right after loading EhStorShell.dll could TE64 be started writing logfiles?
tablacus
commented
6 years ago Ok, this version write log files. TE64.log Install to Not Program Files Folder.
http://www.eonet.ne.jp/~gakana/tablacus/dl/te171003_.zip
Thank you,
RayZopf
commented
6 years ago Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
CommandLine: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171003_\TE64.exe
************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171003_
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*https://msdl.microsoft.com/download/symbols
Symbol search path is: srv*https://msdl.microsoft.com/download/symbols
Executable search path is: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171003_
ModLoad: 00000001`3fcf0000 00000001`3fd68000 TE64.exe
ModLoad: 00000000`773c0000 00000000`7756a000 ntdll.dll
ModLoad: 00000000`772a0000 00000000`773bf000 C:\Windows\system32\kernel32.dll
ModLoad: 000007fe`fd1f0000 000007fe`fd25a000 C:\Windows\system32\KERNELBASE.dll
ModLoad: 00000000`771a0000 00000000`7729a000 C:\Windows\system32\USER32.dll
ModLoad: 000007fe`ff4b0000 000007fe`ff517000 C:\Windows\system32\GDI32.dll
ModLoad: 000007fe`ff520000 000007fe`ff52e000 C:\Windows\system32\LPK.dll
ModLoad: 000007fe`fe2c0000 000007fe`fe38b000 C:\Windows\system32\USP10.dll
ModLoad: 000007fe`fe7e0000 000007fe`fe87f000 C:\Windows\system32\msvcrt.dll
ModLoad: 000007fe`fd470000 000007fe`fd507000 C:\Windows\system32\COMDLG32.dll
ModLoad: 000007fe`feb50000 000007fe`febc1000 C:\Windows\system32\SHLWAPI.dll
ModLoad: 000007fe`fb9b0000 000007fe`fbba4000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\COMCTL32.dll
ModLoad: 000007fe`fd510000 000007fe`fe29b000 C:\Windows\system32\SHELL32.dll
ModLoad: 000007fe`fe570000 000007fe`fe64b000 C:\Windows\system32\ADVAPI32.dll
ModLoad: 000007fe`ff590000 000007fe`ff5af000 C:\Windows\SYSTEM32\sechost.dll
ModLoad: 000007fe`ff050000 000007fe`ff17d000 C:\Windows\system32\RPCRT4.dll
ModLoad: 000007fe`fed30000 000007fe`fef2c000 C:\Windows\system32\ole32.dll
ModLoad: 000007fe`fec00000 000007fe`fecda000 C:\Windows\system32\OLEAUT32.dll
ModLoad: 000007fe`fe650000 000007fe`fe7d5000 C:\Windows\system32\urlmon.dll
ModLoad: 000007fe`fd1c0000 000007fe`fd1c4000 C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
ModLoad: 000007fe`fd1b0000 000007fe`fd1b4000 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
ModLoad: 000007fe`fd1e0000 000007fe`fd1e5000 C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
ModLoad: 000007fe`fd2d0000 000007fe`fd2d4000 C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
ModLoad: 000007fe`fd1d0000 000007fe`fd1d4000 C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
ModLoad: 000007fe`fc190000 000007fe`fc19c000 C:\Windows\system32\version.DLL
ModLoad: 000007fe`fd2a0000 000007fe`fd2a3000 C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
ModLoad: 00000000`77590000 00000000`77593000 C:\Windows\system32\normaliz.DLL
ModLoad: 000007fe`fe880000 000007fe`feb4a000 C:\Windows\system32\iertutil.dll
ModLoad: 000007fe`ff180000 000007fe`ff4a1000 C:\Windows\system32\WININET.dll
ModLoad: 000007fe`fd2b0000 000007fe`fd2ce000 C:\Windows\system32\USERENV.dll
ModLoad: 000007fe`fd0b0000 000007fe`fd0bf000 C:\Windows\system32\profapi.dll
(cb0.16f4): Break instruction exception - code 80000003 (first chance)
ntdll!LdrpDoDebuggerBreak+0x30:
00000000`77467980 cc int 3
0:000> g
ModLoad: 000007fe`febd0000 000007fe`febfe000 C:\Windows\system32\IMM32.DLL
ModLoad: 000007fe`ff5b0000 000007fe`ff6b9000 C:\Windows\system32\MSCTF.dll
ModLoad: 000007fe`fceb0000 000007fe`fcebf000 C:\Windows\system32\CRYPTBASE.dll
ModLoad: 000007fe`fb7d0000 000007fe`fb826000 C:\Windows\system32\uxtheme.dll
ModLoad: 000007fe`fefb0000 000007fe`ff049000 C:\Windows\system32\CLBCatQ.DLL
ModLoad: 000007fe`fe390000 000007fe`fe567000 C:\Windows\system32\SETUPAPI.dll
ModLoad: 000007fe`fd260000 000007fe`fd296000 C:\Windows\system32\CFGMGR32.dll
ModLoad: 000007fe`fd2e0000 000007fe`fd2fa000 C:\Windows\system32\DEVOBJ.dll
ModLoad: 000007fe`fb830000 000007fe`fb95c000 C:\Windows\system32\propsys.dll
ModLoad: 000007fe`fb1c0000 000007fe`fb1ed000 C:\Windows\system32\ntmarta.dll
ModLoad: 000007fe`ff530000 000007fe`ff582000 C:\Windows\system32\WLDAP32.dll
ModLoad: 000007fe`fb1f0000 000007fe`fb351000 C:\Windows\system32\windowscodecs.dll
ModLoad: 000007fe`fb3a0000 000007fe`fb3b8000 C:\Windows\system32\dwmapi.dll
ModLoad: 000007fe`ecba0000 000007fe`ecc5a000 C:\Windows\system32\uiautomationcore.dll
ModLoad: 00000000`77580000 00000000`77587000 C:\Windows\system32\PSAPI.DLL
ModLoad: 000007fe`fae80000 000007fe`faed4000 C:\Windows\system32\OLEACC.dll
ModLoad: 000007fe`fcfa0000 000007fe`fcff7000 C:\Windows\system32\apphelp.dll
ModLoad: 00000000`6df20000 00000000`6df40000 C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
ModLoad: 000007fe`fa5e0000 000007fe`fa5e3000 C:\Windows\system32\api-ms-win-core-synch-l1-2-0.DLL
ModLoad: 00000000`6df00000 00000000`6df19000 C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll
ModLoad: 00000000`6de60000 00000000`6defe000 C:\Program Files\TortoiseGit\bin\TortoiseGit.dll
ModLoad: 000007fe`f67e0000 000007fe`f68d9000 C:\Program Files\TortoiseGit\bin\libgit2_tgit.dll
ModLoad: 000007fe`fd300000 000007fe`fd46d000 C:\Windows\system32\CRYPT32.dll
ModLoad: 000007fe`fd0c0000 000007fe`fd0cf000 C:\Windows\system32\MSASN1.dll
ModLoad: 000007fe`facd0000 000007fe`fad41000 C:\Windows\system32\WINHTTP.dll
ModLoad: 000007fe`fac60000 000007fe`facc5000 C:\Windows\system32\webio.dll
ModLoad: 000007fe`f7390000 000007fe`f73aa000 C:\Program Files\TortoiseGit\bin\zlib1_tgit.dll
ModLoad: 000007fe`f7370000 000007fe`f7386000 C:\Program Files\TortoiseGit\bin\VCRUNTIME140.dll
ModLoad: 000007fe`f7360000 000007fe`f7364000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-runtime-l1-1-0.dll
ModLoad: 000007fe`f5b40000 000007fe`f5c34000 C:\Windows\system32\ucrtbase.DLL
ModLoad: 000007fe`f7350000 000007fe`f7353000 C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
ModLoad: 000007fe`f7340000 000007fe`f7343000 C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
ModLoad: 000007fe`f7330000 000007fe`f7333000 C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
ModLoad: 000007fe`f7320000 000007fe`f7323000 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
ModLoad: 000007fe`f7310000 000007fe`f7313000 C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
ModLoad: 000007fe`f7300000 000007fe`f7304000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-string-l1-1-0.dll
ModLoad: 000007fe`f72f0000 000007fe`f72f3000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-heap-l1-1-0.dll
ModLoad: 000007fe`f5f90000 000007fe`f5f94000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-stdio-l1-1-0.dll
ModLoad: 000007fe`f5f80000 000007fe`f5f84000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-convert-l1-1-0.dll
ModLoad: 000007fe`fece0000 000007fe`fed2d000 C:\Windows\system32\WS2_32.dll
ModLoad: 000007fe`ff6c0000 000007fe`ff6c8000 C:\Windows\system32\NSI.dll
ModLoad: 000007fe`f5f70000 000007fe`f5f73000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-utility-l1-1-0.dll
ModLoad: 000007fe`f5f60000 000007fe`f5f63000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-time-l1-1-0.dll
ModLoad: 000007fe`f5f50000 000007fe`f5f53000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-filesystem-l1-1-0.dll
ModLoad: 000007fe`f5b30000 000007fe`f5b33000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-environment-l1-1-0.dll
ModLoad: 000007fe`f5b20000 000007fe`f5b23000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-locale-l1-1-0.dll
ModLoad: 000007fe`f59d0000 000007fe`f5b11000 C:\Program Files\TortoiseGit\bin\gitdll.dll
ModLoad: 000007fe`f59c0000 000007fe`f59c5000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-math-l1-1-0.dll
ModLoad: 000007fe`f5920000 000007fe`f59bc000 C:\Program Files\TortoiseGit\bin\MSVCP140.dll
ModLoad: 000007fe`f5910000 000007fe`f5915000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-multibyte-l1-1-0.dll
ModLoad: 000007fe`fc9e0000 000007fe`fca02000 C:\Windows\system32\bcrypt.dll
ModLoad: 000007fe`fc7b0000 000007fe`fc7c8000 C:\Windows\system32\CRYPTSP.dll
ModLoad: 000007fe`fc580000 000007fe`fc5c7000 C:\Windows\system32\rsaenh.dll
ModLoad: 000007fe`f5890000 000007fe`f58a2000 C:\Program Files\TortoiseGit\bin\crshhndl.dll
ModLoad: 000007fe`f56f0000 000007fe`f5881000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\FileSyncShell64.dll
ModLoad: 000007fe`f5640000 000007fe`f56e6000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\MSVCP120.dll
ModLoad: 000007fe`f5550000 000007fe`f563f000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\MSVCR120.dll
ModLoad: 000007fe`f5510000 000007fe`f5545000 C:\Windows\system32\EhStorShell.dll
ntdll!NtTerminateProcess+0xa:
00000000`7740bffa c3 ret
*** ERROR: Module load completed but symbols could not be loaded for TE64.exe # Child-SP RetAddr Call Site
00 00000000`0022f8e8 00000000`773e28db ntdll!NtTerminateProcess+0xa
01 00000000`0022f8f0 00000001`3fd28f12 ntdll!RtlExitUserProcess+0x9b
02 00000000`0022f920 00000001`3fd250ed TE64+0x38f12
03 00000000`0022f990 00000000`772b59cd TE64+0x350ed
04 00000000`0022fa40 00000000`773ea561 kernel32!BaseThreadInitThunk+0xd
05 00000000`0022fa70 00000000`00000000 ntdll!RtlUserThreadStart+0x1dTablacus Explorer
Eliminates the vulnerable to a DLL pre-loading attack.
OleInitialize
InitCommonControls
CRC
Command Line
CSIDL
Late Binding
Initlize
Initialize FolderView & TreeView settings
Windows Imaging Component
Title & Version
ClipboardFormat
Hook
Create own class
IUIAutomation
JScript
Please also test this. this version write log files. TE64.log
http://www.eonet.ne.jp/~gakana/tablacus/dl/te171003_2.zip
Thank you,
RayZopf
commented
6 years ago 0:000> .restart /f
CommandLine: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171003_2\TE64.exe
************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171003_2
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*https://msdl.microsoft.com/download/symbols
Symbol search path is: srv*https://msdl.microsoft.com/download/symbols
Executable search path is: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171003_2
ModLoad: 00000001`3f500000 00000001`3f577000 TE64.exe
ModLoad: 00000000`773c0000 00000000`7756a000 ntdll.dll
[...]
ModLoad: 000007fe`f5510000 000007fe`f5545000 C:\Windows\system32\EhStorShell.dll
ntdll!NtTerminateProcess+0xa:
00000000`7740bffa c3 ret
*** WARNING: Unable to verify checksum for TE64.exe
*** ERROR: Module load completed but symbols could not be loaded for TE64.exeTablacus Explorer
Eliminates the vulnerable to a DLL pre-loading attack.
OleInitialize
InitCommonControls
CRC
Command Line
CSIDL
Late Binding
Initlize
Initialize FolderView & TreeView settings
Windows Imaging Component
Title & Version
ClipboardFormat
Hook
Create own class
IUIAutomation
JScript
JScript2
JScript3
How about old version 17.7.17?
https://github.com/tablacus/TablacusExplorer/releases/download/17.7.17/te170717.zip
Thank you,
RayZopf
commented
6 years ago How about old version 17.7.17?
https://github.com/tablacus/TablacusExplorer/releases/download/17.7.17/te170717.zip
Thank you,
Works in 32 and 64bit
tablacus
commented
6 years ago Please try this. this version write log files. TE64.log
http://www.eonet.ne.jp/%7Egakana/tablacus/dl/te171005_2.zip
Thank you,
RayZopf
commented
6 years ago works! :+1:
TE64 17.10.5 Win 6.1.7601 WS 100 IE 11 de_de Microsoft Security Essentials
mouse,key,addressbar,filterbar,back,forward,up,treeview,toolbar,mainmenu,titlebar,tabsTablacus Explorer
Chakra OK
IActiveScriptParse
IActiveScriptParse OK
SCRIPTSTATE_CONNECTED
SCRIPTSTATE_CONNECTED Ok
# Child-SP RetAddr Call Site
00 00000000`0021faa8 00000000`773e28db ntdll!NtTerminateProcess+0xa
01 00000000`0021fab0 00000001`3f8f8cc2 ntdll!RtlExitUserProcess+0x9b
02 00000000`0021fae0 00000001`3f8f4e9d TE64+0x38cc2
03 00000000`0021fb50 00000000`772b59cd TE64+0x34e9d
04 00000000`0021fc00 00000000`773ea561 kernel32!BaseThreadInitThunk+0xd
05 00000000`0021fc30 00000000`00000000 ntdll!RtlUserThreadStart+0x1d
Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
CommandLine: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171005_2\TE64.exe
************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171005_2
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*https://msdl.microsoft.com/download/symbols
Symbol search path is: srv*https://msdl.microsoft.com/download/symbols
Executable search path is: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171005_2
ModLoad: 00000001`3f8c0000 00000001`3f936000 TE64.exe
ModLoad: 00000000`773c0000 00000000`7756a000 ntdll.dll
ModLoad: 00000000`772a0000 00000000`773bf000 C:\Windows\system32\kernel32.dll
ModLoad: 000007fe`fd1f0000 000007fe`fd25a000 C:\Windows\system32\KERNELBASE.dll
ModLoad: 00000000`771a0000 00000000`7729a000 C:\Windows\system32\USER32.dll
ModLoad: 000007fe`ff4b0000 000007fe`ff517000 C:\Windows\system32\GDI32.dll
ModLoad: 000007fe`ff520000 000007fe`ff52e000 C:\Windows\system32\LPK.dll
ModLoad: 000007fe`fe2c0000 000007fe`fe38b000 C:\Windows\system32\USP10.dll
ModLoad: 000007fe`fe7e0000 000007fe`fe87f000 C:\Windows\system32\msvcrt.dll
ModLoad: 000007fe`fd470000 000007fe`fd507000 C:\Windows\system32\COMDLG32.dll
ModLoad: 000007fe`feb50000 000007fe`febc1000 C:\Windows\system32\SHLWAPI.dll
ModLoad: 000007fe`fb9b0000 000007fe`fbba4000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\COMCTL32.dll
ModLoad: 000007fe`fd510000 000007fe`fe29b000 C:\Windows\system32\SHELL32.dll
ModLoad: 000007fe`fe570000 000007fe`fe64b000 C:\Windows\system32\ADVAPI32.dll
ModLoad: 000007fe`ff590000 000007fe`ff5af000 C:\Windows\SYSTEM32\sechost.dll
ModLoad: 000007fe`ff050000 000007fe`ff17d000 C:\Windows\system32\RPCRT4.dll
ModLoad: 000007fe`fed30000 000007fe`fef2c000 C:\Windows\system32\ole32.dll
ModLoad: 000007fe`fec00000 000007fe`fecda000 C:\Windows\system32\OLEAUT32.dll
ModLoad: 000007fe`fe650000 000007fe`fe7d5000 C:\Windows\system32\urlmon.dll
ModLoad: 000007fe`fd1c0000 000007fe`fd1c4000 C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
ModLoad: 000007fe`fd1b0000 000007fe`fd1b4000 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
ModLoad: 000007fe`fd1e0000 000007fe`fd1e5000 C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
ModLoad: 000007fe`fd2d0000 000007fe`fd2d4000 C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
ModLoad: 000007fe`fd1d0000 000007fe`fd1d4000 C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
ModLoad: 000007fe`fc190000 000007fe`fc19c000 C:\Windows\system32\version.DLL
ModLoad: 000007fe`fd2a0000 000007fe`fd2a3000 C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
ModLoad: 00000000`77590000 00000000`77593000 C:\Windows\system32\normaliz.DLL
ModLoad: 000007fe`fe880000 000007fe`feb4a000 C:\Windows\system32\iertutil.dll
ModLoad: 000007fe`ff180000 000007fe`ff4a1000 C:\Windows\system32\WININET.dll
ModLoad: 000007fe`fd2b0000 000007fe`fd2ce000 C:\Windows\system32\USERENV.dll
ModLoad: 000007fe`fd0b0000 000007fe`fd0bf000 C:\Windows\system32\profapi.dll
(1ab0.17ec): Break instruction exception - code 80000003 (first chance)
ntdll!LdrpDoDebuggerBreak+0x30:
00000000`77467980 cc int 3
0:000> g
ModLoad: 000007fe`febd0000 000007fe`febfe000 C:\Windows\system32\IMM32.DLL
ModLoad: 000007fe`ff5b0000 000007fe`ff6b9000 C:\Windows\system32\MSCTF.dll
ModLoad: 000007fe`fceb0000 000007fe`fcebf000 C:\Windows\system32\CRYPTBASE.dll
ModLoad: 000007fe`fb7d0000 000007fe`fb826000 C:\Windows\system32\uxtheme.dll
ModLoad: 000007fe`fefb0000 000007fe`ff049000 C:\Windows\system32\CLBCatQ.DLL
ModLoad: 000007fe`fb830000 000007fe`fb95c000 C:\Windows\system32\propsys.dll
ModLoad: 000007fe`fb1c0000 000007fe`fb1ed000 C:\Windows\system32\ntmarta.dll
ModLoad: 000007fe`ff530000 000007fe`ff582000 C:\Windows\system32\WLDAP32.dll
ModLoad: 000007fe`fe390000 000007fe`fe567000 C:\Windows\system32\SETUPAPI.dll
ModLoad: 000007fe`fd260000 000007fe`fd296000 C:\Windows\system32\CFGMGR32.dll
ModLoad: 000007fe`fd2e0000 000007fe`fd2fa000 C:\Windows\system32\DEVOBJ.dll
ModLoad: 000007fe`fb1f0000 000007fe`fb351000 C:\Windows\system32\windowscodecs.dll
ModLoad: 000007fe`fb3a0000 000007fe`fb3b8000 C:\Windows\system32\dwmapi.dll
ModLoad: 000007fe`e7f30000 000007fe`e7fea000 C:\Windows\system32\uiautomationcore.dll
ModLoad: 00000000`77580000 00000000`77587000 C:\Windows\system32\PSAPI.DLL
ModLoad: 000007fe`fae80000 000007fe`faed4000 C:\Windows\system32\OLEACC.dll
ModLoad: 000007fe`fcfa0000 000007fe`fcff7000 C:\Windows\system32\apphelp.dll
ModLoad: 00000000`6df20000 00000000`6df40000 C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
ModLoad: 000007fe`fa5e0000 000007fe`fa5e3000 C:\Windows\system32\api-ms-win-core-synch-l1-2-0.DLL
ModLoad: 00000000`6df00000 00000000`6df19000 C:\Program Files\TortoiseGit\bin\TortoiseGitStub.dll
ModLoad: 00000000`6de60000 00000000`6defe000 C:\Program Files\TortoiseGit\bin\TortoiseGit.dll
ModLoad: 000007fe`f67e0000 000007fe`f68d9000 C:\Program Files\TortoiseGit\bin\libgit2_tgit.dll
ModLoad: 000007fe`fd300000 000007fe`fd46d000 C:\Windows\system32\CRYPT32.dll
ModLoad: 000007fe`fd0c0000 000007fe`fd0cf000 C:\Windows\system32\MSASN1.dll
ModLoad: 000007fe`facd0000 000007fe`fad41000 C:\Windows\system32\WINHTTP.dll
ModLoad: 000007fe`fac60000 000007fe`facc5000 C:\Windows\system32\webio.dll
ModLoad: 000007fe`f7390000 000007fe`f73aa000 C:\Program Files\TortoiseGit\bin\zlib1_tgit.dll
ModLoad: 000007fe`f7370000 000007fe`f7386000 C:\Program Files\TortoiseGit\bin\VCRUNTIME140.dll
ModLoad: 000007fe`f7360000 000007fe`f7364000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-runtime-l1-1-0.dll
ModLoad: 000007fe`f5b40000 000007fe`f5c34000 C:\Windows\system32\ucrtbase.DLL
ModLoad: 000007fe`f7350000 000007fe`f7353000 C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
ModLoad: 000007fe`f7340000 000007fe`f7343000 C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
ModLoad: 000007fe`f7330000 000007fe`f7333000 C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
ModLoad: 000007fe`f7320000 000007fe`f7323000 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
ModLoad: 000007fe`f7310000 000007fe`f7313000 C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
ModLoad: 000007fe`f7300000 000007fe`f7304000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-string-l1-1-0.dll
ModLoad: 000007fe`f72f0000 000007fe`f72f3000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-heap-l1-1-0.dll
ModLoad: 000007fe`f5f90000 000007fe`f5f94000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-stdio-l1-1-0.dll
ModLoad: 000007fe`f5f80000 000007fe`f5f84000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-convert-l1-1-0.dll
ModLoad: 000007fe`fece0000 000007fe`fed2d000 C:\Windows\system32\WS2_32.dll
ModLoad: 000007fe`ff6c0000 000007fe`ff6c8000 C:\Windows\system32\NSI.dll
ModLoad: 000007fe`f5f70000 000007fe`f5f73000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-utility-l1-1-0.dll
ModLoad: 000007fe`f5f60000 000007fe`f5f63000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-time-l1-1-0.dll
ModLoad: 000007fe`f5f50000 000007fe`f5f53000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-filesystem-l1-1-0.dll
ModLoad: 000007fe`f5b30000 000007fe`f5b33000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-environment-l1-1-0.dll
ModLoad: 000007fe`f5b20000 000007fe`f5b23000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-locale-l1-1-0.dll
ModLoad: 000007fe`f59d0000 000007fe`f5b11000 C:\Program Files\TortoiseGit\bin\gitdll.dll
ModLoad: 000007fe`f59c0000 000007fe`f59c5000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-math-l1-1-0.dll
ModLoad: 000007fe`f5920000 000007fe`f59bc000 C:\Program Files\TortoiseGit\bin\MSVCP140.dll
ModLoad: 000007fe`f5910000 000007fe`f5915000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-multibyte-l1-1-0.dll
ModLoad: 000007fe`fc9e0000 000007fe`fca02000 C:\Windows\system32\bcrypt.dll
ModLoad: 000007fe`fc7b0000 000007fe`fc7c8000 C:\Windows\system32\CRYPTSP.dll
ModLoad: 000007fe`fc580000 000007fe`fc5c7000 C:\Windows\system32\rsaenh.dll
ModLoad: 000007fe`f5890000 000007fe`f58a2000 C:\Program Files\TortoiseGit\bin\crshhndl.dll
ModLoad: 000007fe`f56f0000 000007fe`f5881000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\FileSyncShell64.dll
ModLoad: 000007fe`f5640000 000007fe`f56e6000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\MSVCP120.dll
ModLoad: 000007fe`f5550000 000007fe`f563f000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\MSVCR120.dll
ModLoad: 000007fe`f5510000 000007fe`f5545000 C:\Windows\system32\EhStorShell.dll
ModLoad: 000007fe`d84b0000 000007fe`d8a6d000 C:\Windows\system32\jscript9.dll
ModLoad: 000007fe`e2800000 000007fe`e3693000 C:\Windows\System32\ieframe.dll
ModLoad: 000007fe`e5560000 000007fe`e5564000 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
ModLoad: 000007fe`f20b0000 000007fe`f20b4000 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
ModLoad: 000007fe`fccc0000 000007fe`fcccb000 C:\Windows\system32\Secur32.dll
ModLoad: 000007fe`fce80000 000007fe`fcea5000 C:\Windows\system32\SSPICLI.DLL
ModLoad: 000007fe`f73b0000 000007fe`f73b4000 C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
ModLoad: 000007fe`fa5a0000 000007fe`fa5c7000 C:\Windows\system32\IPHLPAPI.DLL
ModLoad: 000007fe`fa590000 000007fe`fa59b000 C:\Windows\system32\WINNSI.DLL
ModLoad: 000007fe`fc830000 000007fe`fc885000 C:\Windows\system32\mswsock.dll
ModLoad: 000007fe`fca10000 000007fe`fca17000 C:\Windows\System32\wship6.dll
ModLoad: 000007fe`d6c10000 000007fe`d84a4000 C:\Windows\System32\mshtml.dll
ModLoad: 000007fe`fd000000 000007fe`fd014000 C:\Windows\system32\RpcRtRemote.dll
ModLoad: 00000001`80000000 00000001`8004a000 C:\Program Files\Acer\Acer ePower Management\SysHook.dll
ModLoad: 000007fe`f6760000 000007fe`f67d1000 C:\Windows\system32\WINSPOOL.DRV
ModLoad: 000007fe`fcec0000 000007fe`fcf51000 C:\Windows\system32\SXS.DLL
ModLoad: 000007fe`f6cb0000 000007fe`f6cbe000 C:\Windows\system32\msimtf.dll
ModLoad: 000007fe`eeed0000 000007fe`eef04000 C:\Windows\system32\scrrun.dll
ModLoad: 000007fe`ede10000 000007fe`ede38000 C:\Windows\system32\wshom.ocx
ModLoad: 000007fe`f72d0000 000007fe`f72e8000 C:\Windows\system32\MPR.dll
ModLoad: 000007fe`e50d0000 000007fe`e52a5000 C:\Windows\System32\msxml3.dll
ModLoad: 000007fe`fc9e0000 000007fe`fca02000 C:\Windows\System32\bcrypt.dll
ModLoad: 000007fe`e3f30000 000007fe`e409f000 C:\Program Files\Common Files\System\ado\msado15.dll
ModLoad: 000007fe`efbc0000 000007fe`efbe8000 C:\Windows\system32\MSDART.DLL
ModLoad: 000007fe`ded30000 000007fe`ded6b000 C:\Windows\system32\mlang.dll
ModLoad: 000007fe`d9300000 000007fe`d96c4000 C:\Windows\system32\d2d1.dll
ModLoad: 000007fe`eb8e0000 000007fe`eba77000 C:\Windows\system32\DWrite.dll
ModLoad: 000007fe`f6ea0000 000007fe`f6efd000 C:\Windows\system32\dxgi.dll
ModLoad: 000007fe`fd170000 000007fe`fd1ab000 C:\Windows\system32\WINTRUST.dll
ModLoad: 000007fe`f6cc0000 000007fe`f6e95000 C:\Windows\system32\d3d11.dll
ModLoad: 000007fe`e2580000 000007fe`e27f9000 C:\Windows\system32\D3D10Warp.dll
ModLoad: 000007fe`fb360000 000007fe`fb395000 C:\Windows\system32\XmlLite.dll
ModLoad: 000007fe`f5380000 000007fe`f546e000 C:\Windows\system32\actxprxy.dll
ModLoad: 000007fe`e36a0000 000007fe`e375a000 C:\Program Files\Internet Explorer\ieproxy.dll
ModLoad: 000007fe`f0210000 000007fe`f022f000 C:\Windows\system32\thumbcache.dll
ModLoad: 000007fe`fa620000 000007fe`fa62b000 C:\Windows\system32\slc.dll
ModLoad: 000007fe`f5330000 000007fe`f533c000 C:\Windows\system32\LINKINFO.dll
ModLoad: 000007fe`f5340000 000007fe`f5374000 C:\Windows\System32\shdocvw.dll
ModLoad: 000007fe`f1fb0000 000007fe`f2087000 C:\Windows\system32\SearchFolder.dll
ModLoad: 000007fe`f1350000 000007fe`f152f000 C:\Windows\system32\dfshim.dll
ModLoad: 000007fe`fafc0000 000007fe`fb02f000 C:\Windows\system32\mscoree.dll
ModLoad: 000007fe`faf20000 000007fe`fafbd000 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
ModLoad: 000007fe`ed5f0000 000007fe`ed620000 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll
ModLoad: 000007fe`f0730000 000007fe`f110f000 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
ModLoad: 000007fe`f0630000 000007fe`f0727000 C:\Windows\system32\MSVCR120_CLR0400.dll
ModLoad: 000007fe`e6cc0000 000007fe`e6e5c000 C:\Windows\system32\NetworkExplorer.dll
ModLoad: 00000000`08cb0000 00000000`093d8000 AnyDesk.exe
ModLoad: 00000000`08170000 00000000`0819e000 image00000000`08170000
ModLoad: 00000000`08170000 00000000`0819e000 image00000000`08170000
[...]
ModLoad: 00000000`081e0000 00000000`0826a000 googleearth_non_consumer.exe
ModLoad: 00000000`08240000 00000000`0837e000 GyazoGIF.exe
ModLoad: 00000000`08240000 00000000`0837e000 GyazoGIF.exe
ModLoad: 00000000`081e0000 00000000`08286000 Gyazowin.exe
ModLoad: 00000000`081e0000 00000000`08286000 Gyazowin.exe
ModLoad: 00000000`081e0000 00000000`08350000 hddguardian.exe
ModLoad: 00000000`081e0000 00000000`08350000 hddguardian.exe
ModLoad: 00000000`081e0000 00000000`08220000 image00000000`081e0000
ModLoad: 00000000`081e0000 00000000`08350000 hddguardian.exe
ModLoad: 00000000`08cb0000 00000000`0994b000 image00000000`08cb0000
ModLoad: 00000000`08cb0000 00000000`0994b000 image00000000`08cb0000
ModLoad: 00000000`08cb0000 00000000`0994b000 image00000000`08cb0000
ModLoad: 00000000`081e0000 00000000`0824d000 image00000000`081e0000
ModLoad: 00000000`081e0000 00000000`0824d000 image00000000`081e0000
ModLoad: 00000000`081e0000 00000000`0824d000 image00000000`081e0000
ModLoad: 000007fe`ed0d0000 000007fe`ed115000 C:\Windows\system32\wbem\wbemdisp.dll
ModLoad: 000007fe`f2d40000 000007fe`f2dc6000 C:\Windows\system32\wbemcomn.dll
ModLoad: 000007fe`f4f00000 000007fe`f4f0f000 C:\Windows\system32\wbem\wbemprox.dll
ModLoad: 000007fe`f2ff0000 000007fe`f3016000 C:\Windows\system32\wbem\wmiutils.dll
ModLoad: 000007fe`f3020000 000007fe`f3034000 C:\Windows\system32\wbem\wbemsvc.dll
ModLoad: 000007fe`f3230000 000007fe`f3312000 C:\Windows\system32\wbem\fastprox.dll
ModLoad: 000007fe`f3200000 000007fe`f3227000 C:\Windows\system32\NTDSAPI.dll
(1ab0.32a0): C++ EH exception - code e06d7363 (first chance)
ntdll!NtTerminateProcess+0xa:
00000000`7740bffa c3 ret
*** ERROR: Module load completed but symbols could not be loaded for TE64.exe
I think this will fail, but please try this and tell me a log. TE64.log
http://www.eonet.ne.jp/%7Egakana/tablacus/dl/te171007_.zip
When Tablacus Explorer executes SetDefaultDllDirectories(LOAD_LIBRARY_SEARCH_SYSTEM32), it seems that fail to get the script engine.
Perhaps there is a problem with your environment, please try to reinstall Internet Explorer.
Prevent DLL Hijacking Burn with Clean Room http://wixtoolset.org/development/wips/5184-burn-clean-room/
Thank you
RayZopf
commented
6 years ago starting 64bit version of _TE32 17.10.7 Win 6.1.7601 Wow64 WS 100 IE 11 dede Microsoft Security Essentials leads to a windows crash sound and following log
Tablacus Explorer
Chakra NO
Script NO
I stronly suspect EMET security features to interfere .i.e. you maybe do loading in a way that falls into one of the categories the pre-configuration blocks as possibly exploitable Enhanced Mitigation Experience Toolkit
<EMET Version="5.52.6156.38091">
<EMET_Apps>
<AppConfig Path="*\Internet Explorer" Executable="iexplore.exe">
<Mitigation Name="DEP" Enabled="true" />
<Mitigation Name="SEHOP" Enabled="true" />
<Mitigation Name="NullPage" Enabled="true" />
<Mitigation Name="HeapSpray" Enabled="true" />
<Mitigation Name="EAF" Enabled="true" />
<Mitigation Name="EAF+" Enabled="true">
<eaf_modules>mshtml.dll;flash*.ocx;jscript*.dll;vbscript.dll;vgx.dll</eaf_modules>
</Mitigation>
<Mitigation Name="MandatoryASLR" Enabled="true" />
<Mitigation Name="BottomUpASLR" Enabled="true" />
<Mitigation Name="LoadLib" Enabled="true" />
<Mitigation Name="MemProt" Enabled="true" />
<Mitigation Name="Caller" Enabled="true" />
<Mitigation Name="SimExecFlow" Enabled="true" />
<Mitigation Name="StackPivot" Enabled="true" />
<Mitigation Name="ASR" Enabled="true">
<asr_modules>npjpi*.dll;jp2iexp.dll;vgx.dll;msxml4*.dll;wshom.ocx;scrrun.dll;vbscript.dll</asr_modules>
<asr_zones>1;2</asr_zones>
</Mitigation>
</AppConfig>
</EMET_Apps>
</EMET>Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
CommandLine: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171007_\TE64.exe
************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171007_
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*https://msdl.microsoft.com/download/symbols
Symbol search path is: srv*https://msdl.microsoft.com/download/symbols
Executable search path is: C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171007_
ModLoad: 00000001`3f820000 00000001`3f896000 TE64.exe
ModLoad: 00000000`773c0000 00000000`7756a000 ntdll.dll
ModLoad: 00000000`772a0000 00000000`773bf000 C:\Windows\system32\kernel32.dll
ModLoad: 000007fe`fd1f0000 000007fe`fd25a000 C:\Windows\system32\KERNELBASE.dll
ModLoad: 00000000`771a0000 00000000`7729a000 C:\Windows\system32\USER32.dll
ModLoad: 000007fe`ff4b0000 000007fe`ff517000 C:\Windows\system32\GDI32.dll
ModLoad: 000007fe`ff520000 000007fe`ff52e000 C:\Windows\system32\LPK.dll
[...]
ModLoad: 000007fe`f5920000 000007fe`f59bc000 C:\Program Files\TortoiseGit\bin\MSVCP140.dll
ModLoad: 000007fe`f5910000 000007fe`f5915000 C:\Program Files\TortoiseGit\bin\api-ms-win-crt-multibyte-l1-1-0.dll
ModLoad: 000007fe`fc9e0000 000007fe`fca02000 C:\Windows\system32\bcrypt.dll
ModLoad: 000007fe`fc7b0000 000007fe`fc7c8000 C:\Windows\system32\CRYPTSP.dll
ModLoad: 000007fe`fc580000 000007fe`fc5c7000 C:\Windows\system32\rsaenh.dll
ModLoad: 000007fe`f5890000 000007fe`f58a2000 C:\Program Files\TortoiseGit\bin\crshhndl.dll
ModLoad: 000007fe`f56f0000 000007fe`f5881000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\FileSyncShell64.dll
ModLoad: 000007fe`f5640000 000007fe`f56e6000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\MSVCP120.dll
ModLoad: 000007fe`f5550000 000007fe`f563f000 C:\Users\Raimund\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\MSVCR120.dll
ModLoad: 000007fe`f5510000 000007fe`f5545000 C:\Windows\system32\EhStorShell.dll
ModLoad: 00000001`80000000 00000001`8004a000 C:\Program Files\Acer\Acer ePower Management\SysHook.dll
ModLoad: 000007fe`f6760000 000007fe`f67d1000 C:\Windows\system32\WINSPOOL.DRV
ntdll!NtTerminateProcess+0xa:
00000000`7740bffa c3 ret
*** ERROR: Module load completed but symbols could not be loaded for TE64.exePlease try Tablacus Explorer 17.10.10.
Thank you,
RayZopf
commented
6 years ago 32bit works as usual, 64bit start up opening an empty window showing:
500 Internal Script Error C:\Users\Public\Downloads\Software\HDD\EXPLORER\TE\te171010\script\index.html
tablacus
commented
6 years ago Ok, please try Tablacus Explorer 17.10.11.
Thank you,
RayZopf
commented
6 years ago same result as before, 500 Internal ... but I will test again tomorrow after reboot
tablacus
commented
6 years ago Please try Tablacus Explorer 17.10.12.
http://www.eonet.ne.jp/%7Egakana/tablacus/dl/te171012_.zip
This use SetDefaultDllDirectories(LOAD_LIBRARY_SEARCH_DEFAULT_DIRS);
Thank you,
dtar2
commented
6 years ago The 64 bit version 17.10.11 is working fine for me in Win 7 x64.
TE64 17.10.11 Win 6.1.7601 WS 100 Admin IE 11 en_us System Center Endpoint Protection
RayZopf
commented
6 years ago @spocko do you use EMET? @tablacus still getting that 500 Internal Script Error with Tablacus Explorer 17.10.12_
why does it seem only I got that problem after TE64 17.7.20? Should I try under an admin account?
dtar2
commented
6 years ago I do not use EMET. I do use an account with admin privileges.
tablacus
commented
6 years ago I install an EMET on Windows 7 x64. TE64 woks here.
I think that there is something wrong with "SetDefaultDllDirectories" in your environment.
tablacus
commented
6 years ago Please try to re-install KB2533623.
http://go.microsoft.com/fwlink/p/?linkid=217865
http://www.microsoft.com/downloads/details.aspx?familyid=146ed6f7-b605-4270-8ec4-b9f0f284bb9e
RayZopf
commented
6 years ago Please try to re-install KB2533623.
http://go.microsoft.com/fwlink/p/?linkid=217865
http://www.microsoft.com/downloads/details.aspx?familyid=146ed6f7-b605-4270-8ec4-b9f0f284bb9ea
I cannot find that patch in the list of installed updates - but I also cannot install it, as the installer tells me the update is not suitable for the computer
I will check TE 64 again after installing monthly updates, reboot, EMET disable and run of sfc
digging a bit: https://sccmentor.com/2013/07/30/kb2533623-superseded-by-kb2758857/ https://support.microsoft.com/en-us/help/2758857/ms12-081-vulnerability-in-windows-file-handling-component-could-allow
This security update is not offered by Windows Update if update 2726535 is already applied on your computer. Additionally, if you try to install the stand-alone package of this security update, you receive a "The update is not applicable to your computer" error message.
To resolve this issue, uninstall update 2726535, and then install this security update. After this security update is applied, reinstall update 2726535.
RayZopf
commented
6 years ago did some maintenance with sfc /scannow, installed KB2758857 (KB2533623 could not be applied at all), ran monthly Windows update, tried admin account - still 500 Internal ...
next is to test with EMET completely disabled (currently at maximum security settings, including beeing forced on iexplore as stated above)
_TE64 17.7.20 Win 6.1.7601 WS 100 IE 11 dede
With every version after te170720 I'm unable to start up TE64.exe TE32.exe runs fine
Any way to debug why 64bit version does not run?
Here the latest version, using 32bit TE32 17.8.19 Win 6.1.7601 Wow64 WS 100 IE 11 de_de 64bit versoin does not even start up