Norman Sandbox AnalyzerStartupSetting Filename and optionsStartCompletedResults
리버스 엔지니어링 2007/09/25 17:09Example Session
Startup
Setting Filename and options
Start
Completed
Results
SandBox Summary
Using profile C:\Program Files\Norman SandBox Analyzer\Profiles\default.ini
E:\mat\Files\regscan.ex_ : OK
====> Sandbox output:
[ DetectionInfo ]
* Sandbox name:
* Signature name: NOT_SCANNED
[ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* File length: 334848 bytes.
* MD5 hash: f3387d5351199ad06173bafbe52165d3.
Files checked : 1
Unpacked file saved to: C:\Program Files\Norman SandBox Analyzer\files\Unpacked\regscan.unp
API Log
Stripped RealMode Disk Operating System (DOS) 2.00
(C) Norman ASA 2001
Starting Windows kernel.
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0004091 accessing page 0x00050001
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0004091 accessing page 0x00050002
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0004091 accessing page 0x00050003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0004091 accessing page 0x00050004
Installing driver : "VMM ", DDB at 0x0xC0005908
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0x00031C00 accessing page 0x000C0006
Installing driver : "IFSMgr ", DDB at 0x0xC0005B66
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0x00031C00 accessing page 0x000C0007
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0x00031C00 accessing page 0x000C0008
Installing driver : "VWIN32 ", DDB at 0x0xC00067C8
Installing driver : "VFAT ", DDB at 0x0xC0008217
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0x00031DF3 accessing page 0x00077BC0
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0x00031DF3 accessing page 0x00077BC1
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0x00031E2E accessing page 0x00077BC2
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0x00031E2E accessing page 0x00077BC3
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0x77BC1C5B accessing page 0x000F0001
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002E37 accessing page 0x000C3005
0x77BC1C84=KERNEL32!WinExec ("C:\WINDOWS\SYSTEM32\KERNEL32.DLL",0x00031E98)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00035AB accessing page 0x00072001
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0008AC2 accessing page 0x00070000
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C800
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C801
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C802
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C803
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C804
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C805
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C806
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C807
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C808
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C809
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C80A
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C80B
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C80C
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C80D
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C80E
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C80F
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C810
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C811
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C812
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C813
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C814
**PAGE FAULT: process 0x00000000 - cs:eip 0x002B:0x7C80F0B9 accessing page 0x00073000
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00035AB accessing page 0x00072002
0x7C8094E8=KERNEL32!LoadLibraryA ("C:\WINDOWS\SYSTEM32\NTDLL.DLL")
0x7C80431E=KERNEL32!GetModuleHandleA ("C:\WINDOWS\SYSTEM32\NTDLL.DLL")
0x7C8043B4=KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\NTDLL.DLL",0x00000000)
0x7C802B3B=KERNEL32!GetFileSize (0x00000020,0x00000000)
0x7C8043BF=KERNEL32!_lclose (0x00000020)
0x7C80292C=KERNEL32!CloseHandle (0x00000020)
0x7C8043CB=KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\NTDLL.DLL",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0008AC2 accessing page 0x00070001
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C900
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C901
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C902
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C903
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C904
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007C905
0x7C8037F2=KERNEL32!LoadLibraryA ("kernel32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("kernel32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"_ExitThread")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"GetCurrentProcessId")
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
0x7C80366B=KERNEL32!GetProcAddress (0x7C900000,"CPlApplet")
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
0x7C8094F2=KERNEL32!LoadLibraryA ("C:\WINDOWS\SYSTEM32\ADVAPI32.DLL")
0x7C80431E=KERNEL32!GetModuleHandleA ("C:\WINDOWS\SYSTEM32\ADVAPI32.DLL")
0x7C8043B4=KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\ADVAPI32.DLL",0x00000000)
0x7C802B3B=KERNEL32!GetFileSize (0x00000020,0x00000000)
0x7C8043BF=KERNEL32!_lclose (0x00000020)
0x7C80292C=KERNEL32!CloseHandle (0x00000020)
0x7C8043CB=KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\ADVAPI32.DLL",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0008AC2 accessing page 0x00070002
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077DC0
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077DC1
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077DC2
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077DC3
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077DC4
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077DC5
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077DC6
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077DC7
0x7C8037F2=KERNEL32!LoadLibraryA ("kernel32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("kernel32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"ExpandEnvironmentStringsA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"lstrcmp")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CreateHandle")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"lstrcpy")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"Sleep")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CreateSystemHandle")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"FetchTrueHandle")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"WinExec")
0x7C8037F2=KERNEL32!LoadLibraryA ("user32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("user32.dll")
0x7C804360=KERNEL32!strcpy (0x04FFFAF6,"C:\WINDOWS\SYSTEM32")
0x7C80436B=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
0x7C804374=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","user32.dll")
0x7C8043B4=KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\user32.dll",0x00000000)
0x7C802B3B=KERNEL32!GetFileSize (0x00000020,0x00000000)
0x7C8043BF=KERNEL32!_lclose (0x00000020)
0x7C80292C=KERNEL32!CloseHandle (0x00000020)
0x7C8043CB=KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\user32.dll",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00035AB accessing page 0x00072003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0008AC2 accessing page 0x00070003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D30
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D31
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D32
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D33
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D34
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D35
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D36
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D37
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D38
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D39
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D3A
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D3B
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077D3C
0x7C8037F2=KERNEL32!LoadLibraryA ("kernel32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("kernel32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"GetModuleHandleA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CreateHandle")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"ExitProcess")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"FindResourceA")
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
0x7C80366B=KERNEL32!GetProcAddress (0x77D30000,"CPlApplet")
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
0x7C803831=KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
0x7C8037F2=KERNEL32!LoadLibraryA ("crypto.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("crypto.dll")
0x7C804360=KERNEL32!strcpy (0x04FFFAF6,"C:\WINDOWS\SYSTEM32")
0x7C80436B=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
0x7C804374=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","crypto.dll")
0x7C8043B4=KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\crypto.dll",0x00000000)
0x7C802B3B=KERNEL32!GetFileSize (0x00000020,0x00000000)
0x7C8043BF=KERNEL32!_lclose (0x00000020)
0x7C80292C=KERNEL32!CloseHandle (0x00000020)
0x7C8043CB=KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\crypto.dll",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0008AC2 accessing page 0x00070004
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0000FFD0
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0000FFD1
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0000FFD2
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0000FFD3
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0000FFD4
0x7C8037F2=KERNEL32!LoadLibraryA ("MSVCRT.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("MSVCRT.dll")
0x7C804360=KERNEL32!strcpy (0x04FFF8A6,"C:\WINDOWS\SYSTEM32")
0x7C80436B=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
0x7C804374=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","MSVCRT.dll")
0x7C8043B4=KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\MSVCRT.dll",0x00000000)
0x7C802B3B=KERNEL32!GetFileSize (0x00000020,0x00000000)
0x7C8043BF=KERNEL32!_lclose (0x00000020)
0x7C80292C=KERNEL32!CloseHandle (0x00000020)
0x7C8043CB=KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\MSVCRT.dll",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0008AC2 accessing page 0x00070005
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077C00
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077C01
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077C02
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077C03
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077C04
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077C05
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077C06
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077C07
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077C08
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077C09
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077C0A
0x7C8037F2=KERNEL32!LoadLibraryA ("kernel32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("kernel32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"WriteFile")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"ReadFile")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CloseHandle")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"HeapAlloc")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"HeapFree")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"lstrcat")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"GetFileSize")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"SetFilePointer")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"GetCommandLineA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"FlushCache")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CreateProcessA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"ExitProcess")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CreateThread")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"FetchTrueHandle")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"DeleteFileA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CopyFileA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"ExitThread")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"GetFileAttributesA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CreateFileA")
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
0x7C80366B=KERNEL32!GetProcAddress (0x77C00000,"CPlApplet")
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
0x7C803831=KERNEL32!GetProcAddress (0x77C00000,"_adjust_fdiv")
0x7C803831=KERNEL32!GetProcAddress (0x77C00000,"malloc")
0x7C803831=KERNEL32!GetProcAddress (0x77C00000,"_initterm")
0x7C803831=KERNEL32!GetProcAddress (0x77C00000,"free")
0x7C8037F2=KERNEL32!LoadLibraryA ("KERNEL32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("KERNEL32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"DisableThreadLibraryCalls")
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
0x0FFD1B94=MSVCRT!malloc (0x00000080)
0x0FFD1BBE=MSVCRT!_initterm (0x0FFD3000,0x0FFD3004)
0x0FFD1CC8=KERNEL32!DisableThreadLibraryCalls (0x0FFD0000)
0x7C80366B=KERNEL32!GetProcAddress (0x0FFD0000,"CPlApplet")
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
0x7C803831=KERNEL32!GetProcAddress (0x0FFD0000,"MD5Final")
0x7C803831=KERNEL32!GetProcAddress (0x0FFD0000,"MD5Update")
0x7C803831=KERNEL32!GetProcAddress (0x0FFD0000,"MD5Init")
0x7C803831=KERNEL32!GetProcAddress (0x0FFD0000,"rc4_crypt")
0x7C803831=KERNEL32!GetProcAddress (0x0FFD0000,"rc4_setup")
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
0x7C80366B=KERNEL32!GetProcAddress (0x77DC0000,"CPlApplet")
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
0x7C8094FC=KERNEL32!LoadLibraryA ("C:\WINDOWS\SYSTEM32\GDI32.DLL")
0x7C80431E=KERNEL32!GetModuleHandleA ("C:\WINDOWS\SYSTEM32\GDI32.DLL")
0x7C8043B4=KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\GDI32.DLL",0x00000000)
0x7C802B3B=KERNEL32!GetFileSize (0x00000020,0x00000000)
0x7C8043BF=KERNEL32!_lclose (0x00000020)
0x7C80292C=KERNEL32!CloseHandle (0x00000020)
0x7C8043CB=KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\GDI32.DLL",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0008AC2 accessing page 0x00070006
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077F10
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077F11
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077F12
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077F13
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00077F14
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
**PAGE FAULT: process 0x00000000 - cs:eip 0x002B:0x7C80F197 accessing page 0x00073001
0x7C80366B=KERNEL32!GetProcAddress (0x77F10000,"CPlApplet")
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
0x7C809506=KERNEL32!LoadLibraryA ("C:\WINDOWS\SYSTEM32\USER32.DLL")
0x7C80431E=KERNEL32!GetModuleHandleA ("C:\WINDOWS\SYSTEM32\USER32.DLL")
0x7C809511=KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
0x7C809545=KERNEL32!SetCurrentDirectory ("C:\WINDOWS")
0x7C809551=KERNEL32!WinExec ("c:\sample.exe",0x00000000)
0x7C8032FE=KERNEL32!InternalExec ("c:\sample.exe",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00035AB accessing page 0x00072004
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0008AC2 accessing page 0x00070007
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00035AB accessing page 0x00072005
0x7C803420=KERNEL32!GetCurrentProcessId ()
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C803780 accessing page 0x000004C5
0x7C8037F2=KERNEL32!LoadLibraryA ("KERNEL32.DLL")
0x7C80431E=KERNEL32!GetModuleHandleA ("KERNEL32.DLL")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"LoadLibraryA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"GetProcAddress")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"ExitProcess")
0x7C8037F2=KERNEL32!LoadLibraryA ("ADVAPI32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("ADVAPI32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x77DC0000,"RegOpenKeyA")
0x7C8037F2=KERNEL32!LoadLibraryA ("ole32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("ole32.dll")
0x7C804360=KERNEL32!strcpy (0x04FFFC12,"C:\WINDOWS\SYSTEM32")
0x7C80436B=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
0x7C804374=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","ole32.dll")
0x7C8043B4=KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\ole32.dll",0x00000000)
0x7C802B3B=KERNEL32!GetFileSize (0x00000020,0x00000000)
0x7C8043BF=KERNEL32!_lclose (0x00000020)
0x7C80292C=KERNEL32!CloseHandle (0x00000020)
0x7C8043CB=KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\ole32.dll",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0008AC2 accessing page 0x00070008
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774D0
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774D1
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774D2
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774D3
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774D4
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774D5
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774D6
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774D7
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774D8
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774D9
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774DA
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774DB
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000774DC
0x7C8037F2=KERNEL32!LoadLibraryA ("kernel32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("kernel32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"WriteFile")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CreateFileA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"SetFilePointer")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"SetEndOfFile")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CloseHandle")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"ReadFile")
0x7C8037F2=KERNEL32!LoadLibraryA ("user32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("user32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
0x7C80366B=KERNEL32!GetProcAddress (0x774D0000,"CPlApplet")
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
0x7C803831=KERNEL32!GetProcAddress (0x774D0000,"CoCreateGuid")
0x7C8037F2=KERNEL32!LoadLibraryA ("OLEAUT32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("OLEAUT32.dll")
0x7C804360=KERNEL32!strcpy (0x04FFFC12,"C:\WINDOWS\SYSTEM32")
0x7C80436B=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
0x7C804374=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","OLEAUT32.dll")
0x7C8043B4=KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\OLEAUT32.dll",0x00000000)
0x7C802B3B=KERNEL32!GetFileSize (0x00000020,0x00000000)
0x7C8043BF=KERNEL32!_lclose (0x00000020)
0x7C80292C=KERNEL32!CloseHandle (0x00000020)
0x7C8043CB=KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\OLEAUT32.dll",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0008AC2 accessing page 0x00070009
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00077110
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00077111
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00077112
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00077113
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00077114
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
0x7C80366B=KERNEL32!GetProcAddress (0x77110000,"CPlApplet")
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
0x7C803831=KERNEL32!GetProcAddress (0x77110000,00006)
0x7C8037F2=KERNEL32!LoadLibraryA ("USER32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("USER32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x77D30000,"wsprintfW")
0x7C8037F2=KERNEL32!LoadLibraryA ("WININET.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("WININET.dll")
0x7C804360=KERNEL32!strcpy (0x04FFFC12,"C:\WINDOWS\SYSTEM32")
0x7C80436B=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
0x7C804374=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","WININET.dll")
0x7C8043B4=KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\WININET.dll",0x00000000)
0x7C802B3B=KERNEL32!GetFileSize (0x00000020,0x00000000)
0x7C8043BF=KERNEL32!_lclose (0x00000020)
0x7C80292C=KERNEL32!CloseHandle (0x00000020)
0x7C8043CB=KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\WININET.dll",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC00035AB accessing page 0x00072006
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0008AC2 accessing page 0x0007000A
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000771A0
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000771A1
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000771A2
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000771A3
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000771A4
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000771A5
0x7C8037F2=KERNEL32!LoadLibraryA ("ipstack.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("ipstack.dll")
0x7C804360=KERNEL32!strcpy (0x04FFF9C2,"C:\WINDOWS\SYSTEM32")
0x7C80436B=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
0x7C804374=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","ipstack.dll")
0x7C8043B4=KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\ipstack.dll",0x00000000)
0x7C802B3B=KERNEL32!GetFileSize (0x00000020,0x00000000)
0x7C8043BF=KERNEL32!_lclose (0x00000020)
0x7C80292C=KERNEL32!CloseHandle (0x00000020)
0x7C8043CB=KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\ipstack.dll",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0008AC2 accessing page 0x0007000B
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00073350
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00073351
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00073352
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00073353
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00073354
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00073355
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00073356
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00073357
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00073358
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x00073359
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x0007335A
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x0007335B
0x7C8037F2=KERNEL32!LoadLibraryA ("kernel32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("kernel32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"WriteFile")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CreateFileA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CloseHandle")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"GetFileAttributesA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"ReadFile")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"HeapAlloc")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"HeapFree")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"EnterCriticalSection")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"LeaveCriticalSection")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"ExitThread")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"GetFileSize")
0x7C8037F2=KERNEL32!LoadLibraryA ("user32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("user32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
0x7C80366B=KERNEL32!GetProcAddress (0x73350000,"CPlApplet")
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_crackurl")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_downloadcontent")
0x7C8037F2=KERNEL32!LoadLibraryA ("user32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("user32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
0x7C8037F2=KERNEL32!LoadLibraryA ("kernel32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("kernel32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CreateHandle")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"FetchTrueHandle")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"ExitThread")
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
0x7C80366B=KERNEL32!GetProcAddress (0x771A0000,"CPlApplet")
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
0x7C803831=KERNEL32!GetProcAddress (0x771A0000,"InternetOpenA")
0x7C8037F2=KERNEL32!LoadLibraryA ("WS2_32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("WS2_32.dll")
0x7C804360=KERNEL32!strcpy (0x04FFFC12,"C:\WINDOWS\SYSTEM32")
0x7C80436B=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
0x7C804374=KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","WS2_32.dll")
0x7C8043B4=KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\WS2_32.dll",0x00000000)
0x7C802B3B=KERNEL32!GetFileSize (0x00000020,0x00000000)
0x7C8043BF=KERNEL32!_lclose (0x00000020)
0x7C80292C=KERNEL32!CloseHandle (0x00000020)
0x7C8043CB=KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\WS2_32.dll",0x00000000,0x00000000)
0x7C80335C=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0008AC2 accessing page 0x0007000C
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000733B0
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000733B1
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000733B2
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000733B3
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000733B4
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000733B5
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000733B6
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003151 accessing page 0x000733B7
0x7C8037F2=KERNEL32!LoadLibraryA ("kernel32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("kernel32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"HeapFree")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CreateFileA")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"Sleep")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"WriteFile")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"CloseHandle")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"HeapAlloc")
0x7C803831=KERNEL32!GetProcAddress (0x7C800000,"ExitThread")
0x7C8037F2=KERNEL32!LoadLibraryA ("user32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("user32.dll")
0x7C803831=KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
0x7C8037F2=KERNEL32!LoadLibraryA ("ipstack.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("ipstack.dll")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_gethostname")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_accept")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_receive_data")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_gethostbyname")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_transfer_data")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_retrieve_socket_data")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_getservbyname")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_connect")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_listen_port")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_bind_port")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_close")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_query_protocol")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_reverse_dns")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_select")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_allocate_socket")
0x7C803831=KERNEL32!GetProcAddress (0x73350000,"ip_release_socket")
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80F197 accessing page 0x00073002
0x7C80366B=KERNEL32!GetProcAddress (0x733B0000,"CPlApplet")
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
0x7C803831=KERNEL32!GetProcAddress (0x733B0000,00009)
0x7C8031E7=KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C803208 accessing page 0x00000400
0x7C803534=KERNEL32!CreateThread (0x00000000,0x00000000,0x004C4040,0x7C8010C5,0x00000000,0x04FFFE12)
0x7C8015F4=KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80154E accessing page 0x000004C4
0x7C80160F=KERNEL32!GetCurrentProcessId ()
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003E08 accessing page 0x0004FFD0
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC00035AB accessing page 0x00072007
0x7C80163F=KERNEL32!LeaveCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4062 accessing page 0x00000473
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C405B accessing page 0x00000401
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000402
0x7C803600=KERNEL32!LeaveCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x00000474
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000403
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000404
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C40B1 accessing page 0x00000475
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000405
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000406
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000407
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C40D0 accessing page 0x00000476
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000408
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000409
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x00000477
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000040A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000040B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x00000478
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000040C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000040D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000040E
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C40A4 accessing page 0x00000479
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000040F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000410
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x0000047A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000411
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000412
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x0000047B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000413
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000414
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x0000047C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000415
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000416
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000417
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x0000047D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000418
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000419
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x0000047E
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000041A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000041B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x0000047F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000041C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000041D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000041E
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000041F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x00000480
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C405B accessing page 0x00000420
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000421
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000422
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x00000481
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000423
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000424
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x00000482
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000425
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000426
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x00000483
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000427
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C40F0 accessing page 0x00000428
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000429
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000042A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4062 accessing page 0x00000484
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C405B accessing page 0x0000042B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000042C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x00000485
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000042D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000042E
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x00000486
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000042F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000430
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000431
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x00000487
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000432
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000433
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4062 accessing page 0x00000488
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000434
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000435
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000436
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x00000489
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000437
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000438
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x0000048A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000439
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000043A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000043B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x0000048B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000043C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000043D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x0000048C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000043E
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000043F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x0000048D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000440
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000441
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000442
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x0000048E
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000443
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000444
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x0000048F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000445
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000446
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000447
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x00000490
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000448
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000449
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x00000491
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000044A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000044B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000044C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C40A4 accessing page 0x00000492
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000044D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000044E
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x00000493
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000044F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000450
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000451
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C40A4 accessing page 0x00000494
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000452
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000453
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C40D0 accessing page 0x00000495
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000454
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000455
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000456
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x00000496
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000457
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000458
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C40C1 accessing page 0x00000497
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000459
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000045A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000045B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x00000498
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000045C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000045D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x00000499
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000045E
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000045F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000460
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C40B1 accessing page 0x0000049A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000461
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000462
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x0000049B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000463
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000464
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000465
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x0000049C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000466
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000467
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x0000049D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000468
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000469
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000046A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4062 accessing page 0x0000049E
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000046B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000046C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x0000049F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000046D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000046E
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x0000046F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x000004A0
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000470
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000471
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x000004A1
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4101 accessing page 0x00000472
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x000004A2
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x000004A3
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x000004A4
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x000004A5
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x000004A6
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x000004A7
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x000004A8
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x000004A9
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x000004AA
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x000004AB
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C40C1 accessing page 0x000004AC
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x000004AD
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x000004AE
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x000004AF
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x000004B0
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x000004B1
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x000004B2
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x000004B3
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x000004B4
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x000004B5
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x000004B6
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x000004B7
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x000004B8
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x000004B9
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4062 accessing page 0x000004BA
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x000004BB
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x000004BC
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4096 accessing page 0x000004BD
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x000004BE
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4074 accessing page 0x000004BF
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x000004C0
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x000004C1
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4083 accessing page 0x000004C2
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004C4058 accessing page 0x000004C3
0x004C4168=KERNEL32!LoadLibraryA ("KERNEL32.DLL")
0x7C80431E=KERNEL32!GetModuleHandleA ("KERNEL32.DLL")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetVersionExA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"lstrcmpiA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"CreateFileA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"ExpandEnvironmentStringsA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"ReadProcessMemory")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"FreeLibrary")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"LeaveCriticalSection")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"EnterCriticalSection")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"DeleteCriticalSection")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"InitializeCriticalSection")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetFileSize")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"SetFilePointer")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"WriteFile")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"lstrlenA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"Sleep")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"SetPriorityClass")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetCurrentProcess")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"SetErrorMode")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetLocaleInfoA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetLastError")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"CreateEventA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetCurrentProcessId")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"ExitProcess")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"CreateProcessA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"WriteProfileStringA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"SetFileTime")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetModuleFileNameA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetModuleHandleA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetFileTime")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetSystemDirectoryA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"DeleteFileA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"CloseHandle")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"WaitForSingleObject")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetTempPathA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetTickCount")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetProcAddress")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"VirtualProtectEx")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"CreatePipe")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"OpenProcess")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"ResumeThread")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"TerminateProcess")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetExitCodeProcess")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetExitCodeThread")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"VirtualQueryEx")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetSystemInfo")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"VirtualAllocEx")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"VirtualFreeEx")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"HeapFree")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"WriteProcessMemory")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"Module32Next")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"Module32First")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"CreateToolhelp32Snapshot")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"MapViewOfFileEx")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"OpenFileMappingA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"UnmapViewOfFile")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"HeapReAlloc")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"GetProcessHeap")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"VirtualAlloc")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"VirtualProtect")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"VirtualFree")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"LoadLibraryA")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"IsBadReadPtr")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"HeapAlloc")
0x004C4186=KERNEL32!GetProcAddress (0x7C800000,"ReadFile")
0x004C4168=KERNEL32!LoadLibraryA ("ADVAPI32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("ADVAPI32.dll")
0x004C4186=KERNEL32!GetProcAddress (0x77DC0000,"RegDeleteValueA")
0x004C4186=KERNEL32!GetProcAddress (0x77DC0000,"RegOpenKeyA")
0x004C4186=KERNEL32!GetProcAddress (0x77DC0000,"CryptReleaseContext")
0x004C4186=KERNEL32!GetProcAddress (0x77DC0000,"CryptGenRandom")
0x004C4186=KERNEL32!GetProcAddress (0x77DC0000,"CryptAcquireContextA")
0x004C4186=KERNEL32!GetProcAddress (0x77DC0000,"RegCloseKey")
0x004C4186=KERNEL32!GetProcAddress (0x77DC0000,"RegOpenKeyExA")
0x004C4186=KERNEL32!GetProcAddress (0x77DC0000,"RegQueryValueExA")
0x004C4186=KERNEL32!GetProcAddress (0x77DC0000,"RegSetValueExA")
0x004C4168=KERNEL32!LoadLibraryA ("ole32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("ole32.dll")
0x004C4186=KERNEL32!GetProcAddress (0x774D0000,"CoInitializeEx")
0x004C4186=KERNEL32!GetProcAddress (0x774D0000,"CoCreateInstance")
0x004C4186=KERNEL32!GetProcAddress (0x774D0000,"CoSetProxyBlanket")
0x004C4186=KERNEL32!GetProcAddress (0x774D0000,"CoUninitialize")
0x004C4186=KERNEL32!GetProcAddress (0x774D0000,"CoCreateGuid")
0x004C4186=KERNEL32!GetProcAddress (0x774D0000,"StringFromGUID2")
0x004C4186=KERNEL32!GetProcAddress (0x774D0000,"CoInitializeSecurity")
0x004C4168=KERNEL32!LoadLibraryA ("OLEAUT32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("OLEAUT32.dll")
0x004C4186=KERNEL32!GetProcAddress (0x77110000,00002)
0x004C4186=KERNEL32!GetProcAddress (0x77110000,00009)
0x004C4186=KERNEL32!GetProcAddress (0x77110000,00008)
0x004C4186=KERNEL32!GetProcAddress (0x77110000,00007)
0x004C4186=KERNEL32!GetProcAddress (0x77110000,00006)
0x004C4168=KERNEL32!LoadLibraryA ("USER32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("USER32.dll")
0x004C4186=KERNEL32!GetProcAddress (0x77D30000,"wsprintfW")
0x004C4186=KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
0x004C4168=KERNEL32!LoadLibraryA ("WININET.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("WININET.dll")
0x004C4186=KERNEL32!GetProcAddress (0x771A0000,"HttpSendRequestA")
0x004C4186=KERNEL32!GetProcAddress (0x771A0000,"InternetConnectA")
0x004C4186=KERNEL32!GetProcAddress (0x771A0000,"InternetOpenA")
0x004C4186=KERNEL32!GetProcAddress (0x771A0000,"InternetReadFile")
0x004C4186=KERNEL32!GetProcAddress (0x771A0000,"InternetCloseHandle")
0x004C4186=KERNEL32!GetProcAddress (0x771A0000,"HttpOpenRequestA")
0x004C4168=KERNEL32!LoadLibraryA ("WS2_32.dll")
0x7C80431E=KERNEL32!GetModuleHandleA ("WS2_32.dll")
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00006)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00005)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00016)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00019)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00018)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00001)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00013)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00022)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00003)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00023)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00115)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00116)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00052)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00002)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00004)
0x004C4186=KERNEL32!GetProcAddress (0x733B0000,00009)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000064)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x004BF58A=KERNEL32!SetErrorMode (0x00008007)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x004BF5E1=KERNEL32!GetCurrentProcess ()
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x004BF5FD=KERNEL32!SetPriorityClass (0xFFFFFFFF,0x00004000)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x004BF5D6=KERNEL32!Sleep (0x00002710)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x004C0BB1=KERNEL32!GetLocaleInfoA (0x00000400,0x00001002,0x4FFD07A4,0x000003E8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x73002600)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x0041ECCF=KERNEL32!GetProcessHeap ()
0x0041ECD6=KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000040)
0x0041ECF5=KERNEL32!GetProcessHeap ()
0x0041ECFC=KERNEL32!HeapFree (0x00000005,0x00000000,0x730025B8)
0x00400000=KERNEL32!_ExitThread ()
0x7C809659=KERNEL32!_lopen ("C:\SAMPLE.DLL",0x00000000)
0x7C809689=KERNEL32!_lopen ("C:\SAMPLE.WMF",0x00000000)
0x7C80920C=KERNEL32!GetModuleHandleA ("ADVAPI32.DLL")
0x7C809225=KERNEL32!GetProcAddress (0x77DC0000,"RegOpenKeyA")
0x7C809235=KERNEL32!GetProcAddress (0x77DC0000,"RegEnumValueA")
0x7C809245=ADVAPI32!RegOpenKeyA (0x80000002,"Software\Microsoft\Windows\CurrentVersion\Run",0x04FFFE2E)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007000D
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007000E
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x0007000F
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00070010
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00070011
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00070012
0x7C80927A=ADVAPI32!RegEnumValueA (0x72001196,0x00000002,0x04FFFD2E,0x04FFFC2A,0x00000000,0x00000000,0x04FFFC2E,0x04FFFC26)
0x7C80920C=KERNEL32!GetModuleHandleA ("ADVAPI32.DLL")
0x7C809225=KERNEL32!GetProcAddress (0x77DC0000,"RegOpenKeyA")
0x7C809235=KERNEL32!GetProcAddress (0x77DC0000,"RegEnumValueA")
0x7C809245=ADVAPI32!RegOpenKeyA (0x80000001,"Software\Microsoft\Windows\CurrentVersion\Run",0x04FFFE2E)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00070013
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00070014
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00070015
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00070016
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00070017
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003151 accessing page 0x00070018
0x7C80927A=ADVAPI32!RegEnumValueA (0x72003431,0x00000002,0x04FFFD2E,0x04FFFC2A,0x00000000,0x00000000,0x04FFFC2E,0x04FFFC26)
0x7C80920C=KERNEL32!GetModuleHandleA ("ADVAPI32.DLL")
0x7C809225=KERNEL32!GetProcAddress (0x77DC0000,"RegOpenKeyA")
0x7C809235=KERNEL32!GetProcAddress (0x77DC0000,"RegEnumValueA")
0x7C809245=ADVAPI32!RegOpenKeyA (0x80000002,"Software\Microsoft\Windows\CurrentVersion\RunServices",0x04FFFE2E)
0x7C80927A=ADVAPI32!RegEnumValueA (0x72003472,0x00000001,0x04FFFD2E,0x04FFFC2A,0x00000000,0x00000000,0x04FFFC2E,0x04FFFC26)
0x7C809118=KERNEL32!FindFirstFileA ("C:\windows\startm~1\programs\*.*",0x04FFFD04)
0x7C80915C=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
0x7C80915C=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
0x7C80915C=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
0x7C809178=KERNEL32!SetCurrentDirectory ("C:\WINDOWS\TEMP\RARSFX0")
0x7C809178=KERNEL32!SetCurrentDirectory ("C:\WINDOWS\SYSTEM32")
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00035AB accessing page 0x00072008
0x7C80918F=KERNEL32!FindFirstFileA ("*.*",0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
0x7C8091DC=KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD00)
Statistics
Dropped Files
No files dropped on SandBox hard drive
IRC Servers
No IRC Connections
URLs
No URL connection attempts
XML Summary
<?xml version="1.0" encoding="UTF-8"?>
<NormanSandbox Copyright="(C) 2004-2006 Norman ASA. All Rights Reserved. The material presented is distributed by Norman ASA as an information source only." >
<DetectionInfo>
<SandboxDetection SandboxName="" />
<SignatureDetection SignatureName="NOT_SCANNED" />
<GeneralInformation>
<SendBackInfo />
<FileLength FileLength="334848" />
<MD5Hash MD5HashValue="f3387d5351199ad06173bafbe52165d3" />
</GeneralInformation>
</DetectionInfo>
</NormanSandbox>
'리버스 엔지니어링' 카테고리의 다른 글
| 인터넷 개인 정보 뒷조사 도구-말티고(Maltego) (0) | 2007/10/24 |
|---|---|
| Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops (0) | 2007/10/22 |
| Basic NTLMSSP Parsing SchemeLMO TypeNTLMSSP Message (0) | 2007/10/11 |
| Yahoo! Webcam ActiveX 취약점에 대한 디스어셈블리 (0) | 2007/09/25 |
| Norman Sandbox AnalyzerStartupSetting Filename and optionsStartCompletedResults (1) | 2007/09/25 |
| MS 06-074에 대한 Diffing Result (0) | 2007/09/25 |
