0:005> ~2sDpoFeedb!get_lastknownversion+0xd382:00000000`1002f812 0f8418feffff je DpoFeedb!get_lastknownversion+0xd1a0 (00000000`1002f630) [br=1]0:002> pDpoFeedb!get_lastknownversion+0xd1a0:00000000`1002f630 488b02 mov rax,qword ptr [rdx] ds:00000000`0296dec8=000000000296dec00:002> DpoFeedb!get_lastknownversion+0xd1a3:00000000`1002f633 488b4808 mov rcx,qword ptr [rax+8] ds:00000000`0296dec8=000000000296dec00:002> DpoFeedb!get_lastknownversion+0xd1a7:00000000`1002f637 483b01 cmp rax,qword ptr [rcx] ds:00000000`0296dec0=000000000296dec00:002> DpoFeedb!get_lastknownversion+0xd1aa:00000000`1002f63a 0f85e7000000 jne DpoFeedb!get_lastknownversion+0xd297 (00000000`1002f727) [br=0]0:002> DpoFeedb!get_lastknownversion+0xd1b0:00000000`1002f640 4c8b4910 mov r9,qword ptr [rcx+10h] ds:00000000`0296ded0=000000000296dec00:002> DpoFeedb!get_lastknownversion+0xd1b4:00000000`1002f644 4180794800 cmp byte ptr [r9+48h],0 ds:00000000`0296df08=000:002> DpoFeedb!get_lastknownversion+0xd1b9:00000000`1002f649 7520 jne DpoFeedb!get_lastknownversion+0xd1db (00000000`1002f66b) [br=0]0:002> DpoFeedb!get_lastknownversion+0xd1bb:00000000`1002f64b c6404801 mov byte ptr [rax+48h],1 ds:00000000`0296df08=000:002> DpoFeedb!get_lastknownversion+0xd1bf:00000000`1002f64f 41c6414801 mov byte ptr [r9+48h],1 ds:00000000`0296df08=010:002> DpoFeedb!get_lastknownversion+0xd1c4:00000000`1002f654 488b02 mov rax,qword ptr [rdx] ds:00000000`0296dec8=000000000296dec00:002> DpoFeedb!get_lastknownversion+0xd1c7:00000000`1002f657 488b4808 mov rcx,qword ptr [rax+8] ds:00000000`0296dec8=000000000296dec00:002> DpoFeedb!get_lastknownversion+0xd1cb:00000000`1002f65b c6414800 mov byte ptr [rcx+48h],0 ds:00000000`0296df08=010:002> DpoFeedb!get_lastknownversion+0xd1cf:00000000`1002f65f 488b02 mov rax,qword ptr [rdx] ds:00000000`0296dec8=000000000296dec00:002> DpoFeedb!get_lastknownversion+0xd1d2:00000000`1002f662 4c8b4008 mov r8,qword ptr [rax+8] ds:00000000`0296dec8=000000000296dec00:002> DpoFeedb!get_lastknownversion+0xd1d6:00000000`1002f666 e99c010000 jmp DpoFeedb!get_lastknownversion+0xd377 (00000000`1002f807)0:002> DpoFeedb!get_lastknownversion+0xd377:00000000`1002f807 498d5008 lea rdx,[r8+8]0:002> DpoFeedb!get_lastknownversion+0xd37b:00000000`1002f80b 488b02 mov rax,qword ptr [rdx] ds:00000000`0296dec8=000000000296dec00:002> DpoFeedb!get_lastknownversion+0xd37e:00000000`1002f80e 80784800 cmp byte ptr [rax+48h],0 ds:00000000`0296df08=000:002> DpoFeedb!get_lastknownversion+0xd382:00000000`1002f812 0f8418feffff je DpoFeedb!get_lastknownversion+0xd1a0 (00000000`1002f630) [br=1]0:002> lm vm dpofeedbstart end module name00000000`10000000 00000000`100ad000 DpoFeedb (export symbols) C:\Program Files (x86)\DigitalPersona\Bin\x64\DpoFeedb.dll Loaded symbol image file: C:\Program Files (x86)\DigitalPersona\Bin\x64\DpoFeedb.dll Image path: C:\Program Files (x86)\DigitalPersona\Bin\x64\DpoFeedb.dll Image name: DpoFeedb.dll Timestamp: Wed Mar 12 18:40:33 2008 (47D88611) CheckSum: 000B47D4 ImageSize: 000AD000 File version: 3.0.1.2761 Product version: 3.0.1.2761 File flags: 0 (Mask 3F) File OS: 4 Unknown Win32 File type: 2.0 Dll File date: 00000000.00000000 Translations: 0000.04e4 CompanyName: DigitalPersona, Inc. ProductName: DigitalPersona Personal InternalName: FeedbackHook OriginalFilename: Dpofeedb.dll ProductVersion: 3.0.1.2761 FileVersion: 3.0.1.2761 FileDescription: DigitalPersona OTS Feedback LegalCopyright: Copyright © DigitalPersona, Inc. 1996-2008 LegalTrademarks: DigitalPersona®U.are.U®One Touch®
So I enabled appverifier on mobsync...aaaand now I get a read AV and app crash because of DpoFeedb.dll
00000000`064ef060 00000000`10045753 DpoFeedb!get_lastknownversion+0x32d200000000`064ef090 00000000`100469e7 DpoFeedb!gettraceinfo+0xaf300000000`064ef160 00000000`774a8418 DpoFeedb!gettraceinfo+0x1d8700000000`064ef1b0 00000000`774a1104 USER32!IsCharAlphaW+0x9c